| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 10 - Laptop - Malware.AI.1792791521Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.01.2021, 12:23
| #1 |
 |  Windows 10 - Laptop - Malware.AI.1792791521 Einen schönen guten Tag , hatte gestern vom Virenscanner eine Warnung bekommen und habe mir mal Malwarebytes geladen und bekomme auch immer eine Warnung. Und erstmal ein Gesundes neues Jahr Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Datum des Schutzereignisses: 01.01.21
Uhrzeit des Schutzereignisses: 12:00
Protokolldatei: 97483870-4c20-11eb-840c-f430b99589b0.json
-Softwaredaten-
Version: 4.3.0.98
Komponentenversion: 1.0.1130
Version des Aktualisierungspakets: 1.0.35117
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19041.685)
CPU: x64
Dateisystem: NTFS
Benutzer: System
-Einzelheiten zu blockierter Schadsoftware-
Datei: 1
Malware.AI.1792791521, C:\Windows\Temp\2d20a644-337c-f0a5-584e-7339ebf4d90e\6374b959-0ede-af4a-6bc0-03ce087dd9c0.exe, In Quarantäne, 1000000, 0, 1.0.35117, 5968C09775D709B36ADBD3E1, dds, 01053233, F1B044E9C52A9E2F60051D39000CC046, B140231893C88C5D7F9697E5451AE17D69A94688D8FDF1CBE00C9D4794F34D17
(end)
FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
durchgeführt von BigRon (Administrator) auf LAPTOP-CC9LIIGT (HP HP Pavilion Notebook) (01-01-2021 12:12:27)
Gestartet von C:\Users\BigRon\Downloads
Geladene Profile: BigRon
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\Hide.me.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(GoPro) [Datei ist nicht signiert] C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-07-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-21] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-12-07] (IDSA Production signing key -> Intel)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [GoogleChromeAutoLaunch_58B349BBFAEC481F630B2FD6BA573F8B] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\sht13cPC: C:\Windows\System32\spool\prtprocs\x64\sht13cpc.dll [82856 2019-07-21] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\sht13c Langmon: C:\windows\system32\sht13clm.dll [61840 2019-07-21] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2019-01-01]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) [Datei ist nicht signiert]
Startup: C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-02-23]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2021-01-01]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited -> eVenture Limited)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00264BD8-BBF1-46C7-87E4-4F030BA17944} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {01AA77C0-0439-4DFD-86AF-51F73055A8AC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {0729062E-894F-4C58-B88A-E36CC3E04F00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C41499A-73C4-408A-8AD6-8C047CC35655} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {1435F30C-EC0B-467F-8458-65C514A74678} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {23207F29-8279-4673-A46D-5C15E776A8CF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {2431B262-2C88-432B-8393-9631FA16FA80} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356008 2016-01-21] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {25EAE824-B66C-483B-BC20-694C2C3199CA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {287B33CB-A2BA-45B6-95BD-5CAD8170354C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A03502B-70AD-4EAA-8C2D-0F1C9B1F9307} - System32\Tasks\Netzwerkverbindungen AvastWscReporter Gemeinsame => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{4B339F5B-64A9-4A54-A9BA-157053721680}\{50945A32-E5F3-4D84-A418-6C1F0891EE0E}" <==== ACHTUNG
Task: {2FFB66B7-4FEE-4FE1-8A67-6EB4B8E56EAF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {37E6AD66-084C-406C-99E7-4F8969F8B523} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {3A782A7E-9995-406A-A9DE-851AB9F16036} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-07-28] (HP Inc. -> )
Task: {40017D34-A2E2-4B1F-9F29-80FB9E94007C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-16] (HP Inc. -> HP Inc.)
Task: {4114DBA2-B1D3-47A4-96D2-A23458BFEF5B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {458F4054-7DE0-4D2C-BFCA-E551B68AAB1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {468B8FA2-649E-47F9-92E6-3C5B8AE293E5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {4CB2EBE4-E22A-43FC-B1ED-B83F7703A5B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {50A12625-9350-4882-8ADF-35FDB3344F5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {5115E9C5-2598-410D-9816-56198131B79F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {52B65523-407D-4FDE-8387-610AE0C83F5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {558FF4D3-00D4-4DFC-913D-7F9EADC0D760} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {612BEE81-1DF7-4E2D-88FC-EC15B49674A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {67AD0761-1ADC-4FC3-9F84-4BD634965A79} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {69CC92A8-0278-44CB-87DB-914B54BABD8F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {6CCF752A-2881-44F6-8A9F-54A1F31EE7AF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7115FBE0-D639-4715-B48D-76755104C08B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {73B75CB8-2044-4397-AA3B-12B507A4B93A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {753A22C2-612D-4D2E-A6C4-404465A1A36D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {7787C742-8C53-40DB-844D-09E6EAE0F729} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {779B939C-E1CB-49AD-9CAF-43789609D620} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {7864D393-C951-4311-AE37-D77AEB27C872} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D8BB82E-E544-4DA7-B773-987EBEFBDC92} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-16] (HP Inc. -> HP Inc.)
Task: {841FCFE0-E8A0-4DE2-B8C9-B7A58A99FA94} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348504 2020-11-06] (HP Inc. -> HP Inc.)
Task: {860F4BD7-128C-4909-9682-7734D4F1C61A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {877CCCDC-5EF4-4E22-96AF-CD6E79E04465} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {8959B0CD-849A-4BDA-95F8-A37D51249455} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89BDCFDD-0329-42BE-89B5-2E889DC820FD} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {9283B477-E63B-493A-BB96-5EA545BF2018} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1657880 2016-10-04] (HP Inc. -> HP Inc.)
Task: {94C5D8F6-964A-406A-A9B2-5F5A0FA2C99D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-10-28] (HP Inc. -> HP Inc.)
Task: {9AB81FE8-99A6-464A-B24C-C5E445D52FAD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9B152B72-A171-41EA-A4A6-77D6BC675D2E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CCDC2F3-E84A-4E99-A619-8C067F0BF1CE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A30F1EEF-F443-45C5-B990-8DC59D11D160} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {A39358D6-9391-44EE-82F9-786520D418F0} - System32\Tasks\Opera scheduled Autoupdate 1520095223 => C:\Users\BigRon\AppData\Local\Programs\Opera\launcher.exe
Task: {A425FEA1-A844-49F7-A78B-6DFA8974AA53} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {A43F0779-45C9-4B14-8586-8A115715A4E2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {A4E8E0E0-22E9-4EBB-913C-AE737582244A} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {AB61560C-BB6D-443D-A20C-4C91B4DDC861} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC30708E-2444-401B-8D58-32F916998E60} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {ACFABAE6-B8CE-4369-8046-5F1B4C144892} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B4E33D04-2EB4-4D71-BC88-E91BB2A99AA7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BA1C8325-3160-479A-97CF-8E0503C63527} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C6EC3238-5EBB-4A30-8085-79138D233B07} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8B70BE6-EFD4-49D6-A04E-D3D8AF37930A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5EC17CC-5631-4D15-9EAC-F0E720E8DDEE} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {D8BD02E0-3D86-477C-9961-A51C00619AD3} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {DB8C33B5-92AC-413F-B201-EE60FCCD528A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {E3141F16-D67A-4320-9350-EB1ECA7516EC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {E9F3C1CC-9E6B-4284-8076-EC32EB152A09} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB1E4D26-96B9-4649-927C-CECC10BCBBEC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-19] (Avast Software s.r.o. -> Avast Software)
Task: {EB804F47-C1BE-45D5-8334-9FAF0969E4B0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {F858EA8C-CF17-4342-9D9B-093167B53158} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
Task: {FFA0C74A-F3B3-422F-8CAC-C34BBD8C5943} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{14a84a1d-8e25-4d2e-9214-a00a725c47d1}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{2a057fcb-1151-4b68-88dd-6b704bc4433c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{38be07b9-740e-4b2c-8244-789d62945e71}: [NameServer] 10.250.196.206,10.250.196.203
Tcpip\..\Interfaces\{72527b60-a5c8-4b39-9efc-da3991095e40}: [NameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{9184be2e-0b22-4337-8317-3530bccf1406}: [NameServer] 8.8.8.8,1.1.1.1
Tcpip\..\Interfaces\{9184be2e-0b22-4337-8317-3530bccf1406}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cc25d147-6e29-444f-8343-5ed035946b6e}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{db7d9d47-d6df-414a-b5e4-e6688efa1e97}: [NameServer] 1.1.1.1 1.0.0.1
Edge:
======
DownloadDir: C:\Users\BigRon\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-25]
Edge DownloadDir: C:\Users\BigRon\Downloads
Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?PC=U523&q={searchTerms}
Edge Extension: (Microsoft Rewards) - C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2020-12-02]
FireFox:
========
FF DefaultProfile: bhi18cb2.default
FF ProfilePath: C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default [2020-12-29]
FF NetworkProxy: Mozilla\Firefox\Profiles\bhi18cb2.default -> backup.ftp", ""
FF Notifications: Mozilla\Firefox\Profiles\bhi18cb2.default -> hxxps://high-way.me
FF Extension: (Feed Preview) - C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default\Extensions\feed-preview@code.guido-berhoerster.org.xpi [2020-11-22]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default [2021-01-01]
CHR Notifications: Default -> hxxps://globalfoundries.service-now.com; hxxps://shop.gopro.com; hxxps://social.i-say.com; hxxps://store.dji.com
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=U523DF&PC=U523&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=U523DF&PC=U523&query={searchTerms}
CHR Extension: (Google Übersetzer) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Docs) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-14]
CHR Extension: (Google Drive) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-14]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (Microsoft Rewards) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbgcedjacmlbgleddnoacbnijgmiolem [2020-12-20]
CHR Extension: (Google Docs Offline) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-17]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2020-12-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Amazon Assistant für Chrome) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-12-24]
CHR Extension: (Google Mail) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-20]
CHR Profile: C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-10]
CHR Profile: C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\System Profile [2020-08-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-10-15] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-21] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-10-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [145456 2020-11-16] (eVenture Limited -> eVenture Limited)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2019-12-19] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-07-28] (HP Inc. -> HP Inc.)
S4 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-02-14] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-30] (Avast Software s.r.o. -> AVAST Software)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-30] (Malwarebytes Corporation -> Malwarebytes)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [79488 2018-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2019-08-10] (SoftEther Corporation -> SoftEther Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [19016 2019-05-31] (HP Inc. -> )
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2018-10-08] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-12-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-30] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-30] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2020-06-05] (WireGuard LLC -> WireGuard LLC)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-01 12:01 - 2021-01-01 12:01 - 000000000 _____ C:\Users\BigRon\Desktop\Neues Textdokument (2).txt
2021-01-01 11:57 - 2021-01-01 11:57 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-01 11:57 - 2021-01-01 11:57 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-01 11:57 - 2021-01-01 11:57 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-01 11:57 - 2021-01-01 11:57 - 000000000 ____D C:\Users\BigRon\AppData\LocalLow\IGDump
2021-01-01 11:54 - 2021-01-01 11:54 - 000091985 _____ C:\Users\BigRon\Downloads\TBCleanUp.bat
2021-01-01 11:37 - 2021-01-01 11:49 - 000079707 _____ C:\Users\BigRon\Downloads\Addition.txt
2021-01-01 11:36 - 2021-01-01 12:13 - 000044778 _____ C:\Users\BigRon\Downloads\FRST.txt
2021-01-01 11:36 - 2021-01-01 12:12 - 000000000 ____D C:\FRST
2021-01-01 11:36 - 2021-01-01 11:36 - 002286592 _____ (Farbar) C:\Users\BigRon\Downloads\FRST64 (1).exe
2021-01-01 11:35 - 2021-01-01 11:35 - 002286592 _____ (Farbar) C:\Users\BigRon\Downloads\FRST64.exe
2021-01-01 09:50 - 2021-01-01 09:50 - 000000039 _____ C:\Users\BigRon\Desktop\Neues Textdokument.txt
2020-12-31 14:39 - 2020-12-31 14:39 - 000104055 _____ C:\Users\BigRon\Downloads\Ertragsgutschrift_Ertragsbelastung_704558805804EUR_2020-12-31_EE2_INCM704558805804_A1JX52_D00185452954_201231_034031776953.pdf
2020-12-31 14:39 - 2020-12-31 14:39 - 000103953 _____ C:\Users\BigRon\Downloads\Ertragsgutschrift_Ertragsbelastung_704558805803EUR_2020-12-31_EE2_INCM704558805803_A1JX52_D00185452953_201231_034031771513.pdf
2020-12-30 15:51 - 2020-12-30 15:52 - 008809562 _____ C:\Users\BigRon\Downloads\elementor-pro-3.0.8-package (1).zip
2020-12-30 15:51 - 2020-12-30 15:51 - 008809562 _____ C:\Users\BigRon\Downloads\elementor-pro-3.0.8-package.zip
2020-12-30 15:35 - 2020-12-30 15:35 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-30 15:35 - 2020-12-30 15:35 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-30 15:35 - 2020-12-30 15:35 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-30 15:35 - 2020-12-30 15:35 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-30 15:35 - 2020-12-30 15:35 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-30 15:35 - 2020-12-30 15:35 - 000000000 ____D C:\Users\BigRon\AppData\Local\mbam
2020-12-30 15:34 - 2020-12-30 15:34 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-30 15:34 - 2020-12-30 15:34 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-30 15:21 - 2020-12-30 15:21 - 000335070 _____ C:\WINDOWS\ntbtlog.txt
2020-12-29 16:19 - 2020-12-29 16:19 - 000005086 _____ C:\WINDOWS\system32\Tasks\Netzwerkverbindungen AvastWscReporter Gemeinsame
2020-12-29 16:19 - 2020-12-29 16:19 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\npm
2020-12-29 16:19 - 2020-12-29 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2020-12-29 16:19 - 2020-12-29 16:19 - 000000000 ____D C:\Program Files (x86)\nodejs
2020-12-29 16:14 - 2020-12-29 16:17 - 000000041 ___SH C:\ProgramData\.zreglib
2020-12-27 15:16 - 2020-12-27 15:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-27 15:04 - 2020-12-27 15:04 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2020-12-26 14:37 - 2020-12-27 18:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-23 14:49 - 2020-12-23 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-12-18 18:12 - 2020-12-18 18:14 - 000002061 _____ C:\Users\Public\Desktop\TAXMAN 2021.lnk
2020-12-18 18:12 - 2020-12-18 18:14 - 000002061 _____ C:\ProgramData\Desktop\TAXMAN 2021.lnk
2020-12-16 19:29 - 2020-12-16 19:29 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-12-16 19:27 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 008261360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 002103024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446089.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446089.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000812784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000672496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000547056 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-16 19:27 - 2020-12-12 15:21 - 006070008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-12-12 12:17 - 2020-12-12 12:17 - 000000000 ___RD C:\Users\BigRon\Documents\Scanned Documents
2020-12-12 12:17 - 2020-12-12 12:17 - 000000000 ____D C:\Users\BigRon\Documents\Fax
2020-12-11 19:33 - 2020-12-11 19:33 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 19:33 - 2020-12-11 19:33 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 19:33 - 2020-12-11 19:33 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-06 15:47 - 2020-12-06 15:55 - 000000365 _____ C:\Users\BigRon\Desktop\Mogli Server.txt
2020-12-02 18:47 - 2020-12-02 18:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-02 18:47 - 2020-12-02 18:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-02 18:47 - 2020-12-02 18:47 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-02 18:47 - 2020-12-02 18:47 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-02 18:47 - 2020-12-02 18:47 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-02 18:46 - 2020-12-02 18:46 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-02 18:46 - 2020-12-02 18:46 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-01 12:08 - 2020-11-17 15:22 - 000000000 ____D C:\Users\BigRon\AppData\Local\A0769869-4508-4EDE-978F-BF0B9DE7D57C.aplzod
2021-01-01 12:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-01 12:05 - 2020-06-19 11:08 - 001866328 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-01 12:05 - 2019-12-07 15:50 - 000788322 _____ C:\WINDOWS\system32\perfh007.dat
2021-01-01 12:05 - 2019-12-07 15:50 - 000168384 _____ C:\WINDOWS\system32\perfc007.dat
2021-01-01 12:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-01 11:59 - 2018-02-14 20:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-01 11:58 - 2018-02-21 18:52 - 000000000 ___RD C:\Users\BigRon\iCloudDrive
2021-01-01 11:58 - 2018-02-18 17:52 - 000000000 ____D C:\Users\BigRon\AppData\Local\CrashDumps
2021-01-01 11:57 - 2020-06-19 11:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-01 11:57 - 2020-06-19 11:03 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-01 11:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-01 11:57 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-01 11:57 - 2018-03-03 17:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-01 11:57 - 2018-02-14 21:09 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-01 11:57 - 2018-02-14 20:48 - 000000000 __SHD C:\Users\BigRon\IntelGraphicsProfiles
2020-12-31 15:49 - 2020-06-19 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-30 15:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-30 15:37 - 2018-05-02 18:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-30 15:35 - 2020-10-15 15:17 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-30 15:35 - 2020-06-19 11:14 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-30 15:35 - 2020-04-21 10:56 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-30 15:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-30 15:35 - 2019-01-15 08:01 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-30 15:35 - 2019-01-08 11:36 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-30 15:35 - 2019-01-08 11:36 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-30 15:35 - 2019-01-08 11:36 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-30 15:35 - 2018-12-12 14:58 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-30 15:35 - 2018-12-12 14:58 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-30 15:35 - 2018-12-12 14:58 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-30 15:35 - 2018-12-12 14:58 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-30 15:35 - 2018-12-12 14:58 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-30 15:35 - 2018-12-12 14:58 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-30 15:35 - 2018-12-12 14:58 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-30 15:35 - 2018-12-12 14:58 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-30 15:27 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-12-30 15:27 - 2018-07-11 18:28 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-12-30 15:21 - 2018-11-09 09:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-12-30 15:10 - 2018-02-18 18:07 - 000000000 ____D C:\Program Files\WinRAR
2020-12-29 16:32 - 2019-01-08 11:30 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:32 - 2019-01-08 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:32 - 2018-06-06 12:57 - 000000000 ____D C:\Users\BigRon\AppData\Local\AVAST Software
2020-12-29 16:31 - 2020-01-09 16:06 - 000002088 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2020-12-29 16:31 - 2020-01-09 16:06 - 000002088 _____ C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk
2020-12-29 16:27 - 2020-06-19 13:57 - 000000000 ____D C:\adbLink
2020-12-29 16:19 - 2018-02-14 20:48 - 000000000 ____D C:\Users\BigRon\AppData\Local\VirtualStore
2020-12-29 16:19 - 2016-11-18 12:17 - 000000000 ____D C:\ProgramData\Package Cache
2020-12-29 16:11 - 2019-01-30 09:42 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-29 16:10 - 2018-02-14 20:59 - 000000000 ____D C:\Users\BigRon\AppData\LocalLow\Mozilla
2020-12-27 18:01 - 2018-02-14 20:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-27 15:16 - 2018-02-14 20:58 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-27 15:04 - 2018-06-09 14:47 - 000001835 _____ C:\Users\BigRon\Desktop\CrystalDiskInfo.lnk
2020-12-27 15:04 - 2018-06-09 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2020-12-26 18:38 - 2018-02-18 19:08 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-23 14:49 - 2018-05-27 15:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-23 14:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-20 09:39 - 2020-06-18 10:15 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-20 09:39 - 2020-06-18 10:15 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-20 09:39 - 2020-06-18 10:15 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-20 09:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-20 09:36 - 2018-02-18 18:57 - 000000000 ____D C:\Users\BigRon\AppData\Local\Packages
2020-12-19 11:53 - 2020-06-19 11:03 - 000630304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-18 18:14 - 2020-01-24 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2020-12-18 18:14 - 2018-02-18 18:06 - 000000000 ____D C:\Users\BigRon\AppData\Local\HL
2020-12-12 15:27 - 2020-03-06 14:58 - 034188528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2020-12-12 15:21 - 2020-03-06 14:58 - 007114256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-12 11:28 - 2018-12-12 15:00 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-12 04:59 - 2020-03-06 14:58 - 000060811 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-12 00:55 - 2018-02-14 20:13 - 009371667 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-12 00:55 - 2018-02-14 20:13 - 005622072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 002636776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000083256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-11 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 19:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-09 19:25 - 2019-10-18 19:15 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-12-09 19:25 - 2018-02-14 20:12 - 000000000 ____D C:\Program Files (x86)\Intel
2020-12-06 16:03 - 2018-08-08 10:08 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-12-04 15:52 - 2020-06-19 11:14 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 15:52 - 2020-06-19 11:14 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-03 15:03 - 2018-02-14 21:00 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2018-08-08 10:08 - 2018-08-08 10:08 - 000000171 _____ () C:\Users\BigRon\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-08-08 10:08 - 2018-08-08 10:08 - 000000304 _____ () C:\Users\BigRon\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2018-08-08 10:08 - 2018-08-08 10:08 - 000000175 _____ () C:\Users\BigRon\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2018-02-18 19:12 - 2018-02-18 19:12 - 000000738 _____ () C:\Users\BigRon\AppData\Local\recently-used.xbel
2018-05-30 10:46 - 2020-06-18 15:17 - 000007661 _____ () C:\Users\BigRon\AppData\Local\Resmon.ResmonCfg
2019-07-08 19:48 - 2019-07-08 19:57 - 000000143 _____ () C:\Users\BigRon\AppData\Local\zenmap.exe.log
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
01.01.2021, 12:24
| #2 |
| | Windows 10 - Laptop - Malware.AI.1792791521 Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-12-2020
durchgeführt von BigRon (01-01-2021 12:13:47)
Gestartet von C:\Users\BigRon\Downloads
Windows 10 Home Version 20H2 19042.685 (X64) (2020-06-19 10:15:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2816629630-362098843-3323099239-500 - Administrator - Disabled)
BigRon (S-1-5-21-2816629630-362098843-3323099239-1001 - Administrator - Enabled) => C:\Users\BigRon
DefaultAccount (S-1-5-21-2816629630-362098843-3323099239-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2816629630-362098843-3323099239-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2816629630-362098843-3323099239-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2816629630-362098843-3323099239-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CrystalDiskInfo 7.6.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
CrystalDiskInfo 8.9.0a (64 Bit) (HKLM\...\CrystalDiskInfo_is1) (Version: 8.9.0a - Crystal Dew World)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3426 - CyberLink Corp.)
Diagnosis Framework 1.5 (HKLM-x32\...\Diagnosis Framework 1.5) (Version: 1.5 - Webasto Thermo & Comfort SE)
Documentation Manager (HKLM\...\{82FBBBC9-616A-4247-BEAD-87B8132D49D2}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 113.3.427 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.50.0 (HKLM-x32\...\FileZilla Client) (Version: 3.50.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
GoPro Studio 2.0.0 (HKLM-x32\...\GoPro Studio) (Version: 2.0.0 - WoodmanLabs Inc. d.b.a. GoPro)
Gtk# for .Net 2.12.38 (HKLM-x32\...\{C7A0CF1E-A936-426A-9694-035636DCD356}) (Version: 2.12.38 - Xamarin, Inc.)
hide.me VPN 3.6.1 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 3.6.1 - eVenture Limited)
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
HP Audio Switch (HKLM-x32\...\{0C5D69BD-B518-46DB-8471-506CD27F9478}) (Version: 1.0.138.0 - HP Inc.)
HP Battery Recall Utility (HKLM-x32\...\{40770191-b457-4e92-9e2e-386a15408136}) (Version: 1.3.0.5 - HP Inc.)
HP Color Laser MFP 178 179 (HKLM-x32\...\HP Color Laser MFP 178 179) (Version: 1.14 (01.11.2019) - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.16.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{1E7D6A6F-E28B-4057-BD4F-9989C1F5353D}) (Version: 1.3.0.423 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{4380D813-39E5-46FD-AC23-FC9A1A8B98AA}) (Version: 1.3.423.0 - HP Inc.)
HP MFP Scan (HKLM-x32\...\HP MFP Scan) (Version: 1.06.67 (18.01.2019) - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8361.5688 - HP Inc.)
HP Scan OCR Software (HKLM-x32\...\HP Scan OCR Software) (Version: 1.01.20 (09.10.2018) - HP Inc.)
HP Support Assistant (HKLM-x32\...\{DFBDDDB3-D753-4454-84E9-2D3D96E89EFF}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{11B7269C-6904-485C-9875-F23AAE32E671}) (Version: 12.18.34.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{ABE95EB9-5EA1-42A3-8009-BA7602127ED6}) (Version: 1.4.25 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel Driver && Support Assistant (HKLM-x32\...\{513BFF20-438E-4C8B-9C41-DE06B47D3148}) (Version: 20.11.50.9 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1003 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1031-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{7972bdc2-99e9-4a54-b071-e7f08bdf056d}) (Version: 20.11.50.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6aa2484c-1a35-428e-a857-8ee0a874d2d1}) (Version: 20.110.0 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}) (Version: 22.0.0.6 - Intel Corporation) Hidden
IsoBuster 4.3 (HKLM-x32\...\IsoBuster_is1) (Version: 4.3 - Smart Projects)
iTunes (HKLM\...\{DE0F48FE-04C1-4646-AA58-2BE7A1A58742}) (Version: 12.11.0.26 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
MKVToolNix 33.1.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 33.1.0 - Moritz Bunkus)
Mozilla Firefox 84.0.1 (x64 de) (HKLM\...\Mozilla Firefox 84.0.1 (x64 de)) (Version: 84.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
SABnzbd 3.1.1 (HKLM-x32\...\SABnzbd) (Version: 3.1.1 - The SABnzbd Team)
Suunto DM5 - 1 (HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\e64facc3e2453542) (Version: 1.3.0.19 - Suunto)
Suunto USB Driver (HKLM\...\SuuntoUSBFTDIVista_is1) (Version: 2.12.06.0 - Suunto Oy)
TAXMAN 2020 (HKLM-x32\...\{1342F8EA-0E9F-4CCB-81E8-74638BC0C757}) (Version: 25.39.90 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2021 (HKLM-x32\...\{E172BAEF-8092-4576-BDAD-41653786283E}) (Version: 26.25.56 - Haufe-Lexware GmbH & Co.KG)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
TP-Link PLC Utility (HKLM-x32\...\{A79B7C66-DC26-417A-8BB5-B48721B45623}) (Version: 2.2.3149.12 - TP-Link) Hidden
TP-Link PLC Utility (HKLM-x32\...\InstallShield_{A79B7C66-DC26-417A-8BB5-B48721B45623}) (Version: 2.2.3149.12 - TP-Link)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-3) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-4) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-5) (Version: 1.0.54.1 - Intel Corporation Inc.)
Webasto Thermo Test 3.0 (HKLM-x32\...\Webasto Thermo Test 3.0) (Version: 3.0 - Webasto Thermo & Comfort SE)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows-Treiberpaket - STMicroelectronics (usbser) Ports (04/25/2010 1.3.1) (HKLM\...\1628ECA16EA833D7F30DD35215E306FAD333DF83) (Version: 04/25/2010 1.3.1 - STMicroelectronics)
Windows-Treiberpaket - Suunto Suunto USB Driver Package (07/10/2015 2.12.06) (HKLM\...\AB6ABB41B5BCD37253F16E19787FDA18B257FDC8) (Version: 07/10/2015 2.12.06 - Suunto)
Windows-Treiberpaket - Suunto Suunto USB Serial Port (07/10/2015 2.12.06) (HKLM\...\E2175BF06F0C07C2570BDDC08FCBDC1D9B5639CB) (Version: 07/10/2015 2.12.06 - Suunto)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-20] (Dolby Laboratories)
DS photo -> C:\Program Files\WindowsApps\999289FE.DSphoto_1.5.61.0_x64__g23c5rrjyxaaj [2018-06-14] (Synology Inc.)
DS video -> C:\Program Files\WindowsApps\999289FE.DSvideo_1.5.69.0_x64__g23c5rrjyxaaj [2018-05-27] (Synology Inc.)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2020-07-15] (Fitbit)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2018-02-14] (Universal Music Mobile)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.7.0_x64__v10z8vjag6ke6 [2020-10-07] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-20] (HP Inc.)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_18.9.500.0_x64__4n2hpmxwrvr6p [2020-10-28] (XBMC Foundation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-12] (Synaptics Incorporated)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm [2020-12-20] (WhatsApp Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\BigRon\Dropbox [2018-06-01 10:53]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxDTCM.dll [2018-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2816629630-362098843-3323099239-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll -> Keine Datei
ContextMenuHandlers6_S-1-5-21-2816629630-362098843-3323099239-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll -> Keine Datei
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\windows\system32\CFHD.dll [1443328 2013-09-05] (CineForm Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.DLL [1474560 2013-09-05] (CineForm Inc.) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\BigRon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-12-07 11:31 - 2020-12-07 11:31 - 000126464 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSASsdInterop.dll
2020-12-09 20:09 - 2020-12-09 20:09 - 000160256 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\164d92830ff069369212faf05086dfd6\BRIDGECommon.ni.dll
2020-12-14 15:20 - 2020-12-14 15:20 - 000120832 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\1326de8d542af365ae756854dd0e3809\BridgeExtension.ni.dll
2020-12-14 15:20 - 2020-12-14 15:20 - 000348160 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\50a1ef30c70b45dbf5a194e07722e764\CleanStartController.ni.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2020-12-14 15:20 - 2020-12-14 15:20 - 000134656 _____ (HP Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\f05462b3a090b8a773f04648fac3f597\CommonPortable.ni.dll
2020-04-17 17:10 - 2020-04-17 17:10 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-17 17:10 - 2020-04-17 17:10 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:E83C309AD0058C63 [50]
AlternateDataStreams: C:\ProgramData\Temp:054203E4 [144]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2816629630-362098843-3323099239-1001 -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2020-10-15 15:11 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-11-12 10:31 - 2018-11-12 10:32 - 000000514 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\CineForm\Tools;C:\Program Files (x86)\GoPro\Tools;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\nodejs\
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BigRon\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{f739afe9-b24c-424c-a537-dd85e608e858}.JPG
DNS Servers: 8.8.8.8 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "GlobalProtect"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\StartupApproved\Run: => "OneDriveSetup"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{7CD05DE8-4E32-444F-BBFA-28E9A1C35C62}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => Keine Datei
FirewallRules: [TCP Query User{302F6F27-36EC-4E42-8685-E32BB7D7F243}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => Keine Datei
FirewallRules: [UDP Query User{F0FE9BE9-7612-4E1F-92E2-65641C774F55}C:\program files (x86)\common files\hp scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\hp scan process machine\imageeng.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DF11D93B-001B-40CD-B730-4E694575124C}C:\program files (x86)\common files\hp scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\hp scan process machine\imageeng.exe () [Datei ist nicht signiert]
FirewallRules: [{B7A5E45A-E29E-46D2-92A9-2D31973A8BD9}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS564C\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{0F34DDEE-8FE6-4AEF-A688-6FBCAC2AA8C4}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS564C\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{71E37F32-2189-4DFE-A45E-181AA3850F98}] => (Allow) C:\Program Files (x86)\HP\MFP Scan\EDC.exe () [Datei ist nicht signiert]
FirewallRules: [{B0A62977-618B-433C-A14C-B0F67337D204}] => (Allow) C:\Program Files (x86)\HP\MFP Scan\EDC.exe () [Datei ist nicht signiert]
FirewallRules: [{56DF7B3D-D5A7-469A-B222-BB37DF5667D2}] => (Allow) C:\Windows\twain_32\HP\HPCLM17X\ScanCDLM\ScanCDLM.exe (HP Inc. -> )
FirewallRules: [{16DA17C6-532A-44BD-B102-59E36BCBB491}] => (Allow) C:\Windows\twain_32\HP\HPCLM17X\ScanCDLM\ScanCDLM.exe (HP Inc. -> )
FirewallRules: [UDP Query User{58F2F32E-3A92-4D86-8AA7-891560743236}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe => Keine Datei
FirewallRules: [TCP Query User{7885FBA4-45FF-4A9F-9576-431C4FDB4152}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe => Keine Datei
FirewallRules: [{6D77D9AA-B75F-4939-9106-749A6187A2EA}] => (Allow) C:\Program Files (x86)\hide.me VPN\SoftEtherVPN\vpnclient_x64.exe => Keine Datei
FirewallRules: [{A1E5FC6B-95BB-480F-BD15-3E1C870A4411}] => (Allow) C:\Program Files (x86)\hide.me VPN\SoftEtherVPN\vpncmd.exe => Keine Datei
FirewallRules: [{62F99C76-AF9A-4EFF-8636-FBE39C267842}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{B720CAA2-AA24-4F5E-8097-3513B82C1AD9}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{A5298CEC-A3AB-45DE-AE1C-977A6D2BEC68}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{70679206-79B5-433B-A2B2-63AF068F26F3}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{7D9FD16F-C01C-4AC1-9A29-669809ACAFCF}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{20B541A2-526D-47A0-B0A0-43EF1EEFC860}] => (Allow) LPort=8777
FirewallRules: [{E1F7EBD4-F5D4-42FB-B546-D2D21165D590}] => (Allow) LPort=8777
FirewallRules: [{D3C5D67B-4260-476B-8778-B7ACB2DA7FFB}] => (Allow) LPort=8777
FirewallRules: [{45DC9B3C-EAE2-44C1-95EA-B49B08F933F1}] => (Allow) LPort=8777
FirewallRules: [{873CF4BF-23A2-40A9-9C2C-4645BF3B0C79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11527C58-DC6C-48D8-BD88-6FFF782BC776}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{56F1CE54-6EC9-41D0-B348-DCA1A6C95AFA}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{26AF17BB-0603-4033-B462-E4F117064E6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E6E64BFD-6AA9-4F33-BED0-759ECA3CAF7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D142BE9D-E085-42FB-9D59-56BEF8284DA7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{975D1C62-1175-4E6B-8833-08F8D45DE525}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{859B7A63-BC93-4AC7-8F2C-E5F89CAF9851}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{CD836A16-6A92-43B3-B536-BF356F2EBBF5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{A262A817-6CD2-41E3-BAFF-5076329F2199}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{0B949CCA-730E-43CD-BCE6-E679D1EE8FF0}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A4FDA0E8-D8F2-4C70-8ABC-42A36266771D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{0CA1403F-D936-4DD3-B4F8-A2CDB175EE06}D:\jdownloader 2.0\jdownloader2.exe] => (Allow) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{8196D7F9-F4ED-4D6F-8425-D9937E993AAA}D:\jdownloader 2.0\jdownloader2.exe] => (Allow) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{845CDF32-F796-462F-AF5F-9B917F68A295}] => (Block) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{269C4016-D939-4851-8035-0B6AB011D742}] => (Block) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{CC5BA09C-269B-48EE-B900-8AEDC9B577A6}] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E1615585-8C40-4F91-95A8-E8AFEF941ACC}] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{7AD73FF4-D0B4-4995-B573-9D51CD2964F4}C:\program files (x86)\cyberlink\powerdvd14\powerdvd.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd14\powerdvd.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [UDP Query User{93082F41-BC9F-4A53-84E2-1E9F9E6B248C}C:\program files (x86)\cyberlink\powerdvd14\powerdvd.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd14\powerdvd.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5E616EC8-CD36-48A2-9300-C815D805FF33}] => (Block) C:\program files (x86)\cyberlink\powerdvd14\powerdvd.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5D00A2A1-26F9-4A95-97E7-2BE9AD81A71B}] => (Block) C:\program files (x86)\cyberlink\powerdvd14\powerdvd.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{FE73926E-41EE-4B63-802C-1569E58DFCBB}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{8EF1FD32-D192-4424-AD34-A8ED42E6452E}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{CD42D3B1-FC8C-4AF5-B4AD-4AABAE85CFCE}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{AA0429CA-33ED-4134-9566-BCDA6CDDD3B8}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{2646B6AB-C3B3-4C5D-82AC-A58EF0C17E99}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [Datei ist nicht signiert]
FirewallRules: [{60A5B075-E817-4AEB-A97B-A6FA49370852}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{590823D2-855C-41C3-8E7A-97DFE8B20E84}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [UDP Query User{EDD030ED-2B02-4D92-88C0-630C181077D7}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [{7A8A8984-983E-4E35-94F1-1BBF7971DE4D}] => (Block) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [{C5C628C5-191C-47F6-A85A-DFBA1B7754EF}] => (Block) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [TCP Query User{5372FF12-A44A-432D-9771-23002D68789D}C:\users\bigron\appdata\local\vavoo\vavoo.exe] => (Allow) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [UDP Query User{296159A4-87F2-4C85-AE1C-A3759ED7F291}C:\users\bigron\appdata\local\vavoo\vavoo.exe] => (Allow) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [{8558F584-40EC-4716-B8C9-4803D42C201C}] => (Block) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [{DD51FA8F-CDAC-4195-8EAD-A065E45FEC39}] => (Block) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [{91BCBC8A-3945-402E-BDC7-766E2618C35C}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{3438E4C3-A6DA-4616-B137-1DB0BE823BFB}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{9E4A999B-D976-40E7-851D-6873CEDC8BB1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{1E52BDF1-4F9B-4AAE-8F12-A4A1D1531AE3}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [TCP Query User{776B157C-4BF3-459D-AD0A-CB699DA6B7F8}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei
FirewallRules: [UDP Query User{5A9C0E73-95F8-4448-AC21-EB1A39AF5659}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei
FirewallRules: [TCP Query User{A0C45185-DAFC-4855-A13B-673D9CB46C1B}C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe => Keine Datei
FirewallRules: [UDP Query User{80CA9E40-5B24-4B23-9A11-0BA3A0B414D4}C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe => Keine Datei
FirewallRules: [{B122B2C5-402B-4CA4-98E6-CA11D917E5D6}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{9EB407D5-C80F-4BFF-9BE2-C5037FD8C549}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{AAFD2D09-CC1C-475E-A69F-F54F180C5358}] => (Block) %ProgramFiles% (x86)\WISO\Steuersoftware 2019\WISO2019.EXE => Keine Datei
FirewallRules: [{B2609461-2ABE-45F2-BAC9-925006D3DB68}] => (Block) %ProgramFiles% (x86)\WISO\Steuersoftware 2019\WISO2019.EXE => Keine Datei
FirewallRules: [{EFE52F91-9F36-41B0-B134-14AB6EF6A399}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{4EFD5B1A-4CBF-4D3D-B8A4-DB97976F3657}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D51550BB-EA75-48B0-8859-8348D3AB34CD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF550CAB-CAC8-4CB3-96A1-5C8DA3B0C540}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF32868A-D43B-4EE6-A31B-63A8F23EE1E5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC1A04D7-DF00-4E21-8502-79F3941B9B76}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{155803AF-0D7C-49A1-9F6D-5DE13954B2B3}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{2231FAEB-AC5B-4630-A7AD-9CCF898E269C}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{C894A33A-4D4A-49DA-BB5E-35B0545FB274}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{C78521BF-DE4C-4129-8BAA-08222F4FF202}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{7FCAE9A7-27C9-4CD0-8DED-E55E690D735D}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{ACB2BC22-4CA5-4433-AB25-ED22952527A2}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{5723AD6E-36F3-4EB2-B7B7-CB0DD0600237}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C702300-CEA6-45CA-B04E-CD26C9F63961}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B370B26C-1549-43DD-B89E-310E2CC26904}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08BCBB39-EEEF-4F46-AE9A-8F7761CA431F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97EBBE4E-3AB7-4CC2-8596-ED1D604F9947}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{083D9DD7-9D8B-407F-B7FA-D48087ED0327}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{A412828E-5147-4981-9D9F-C01C049C5348}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{482843F1-F319-45C2-BA43-0A39EED69F7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CA49297A-2F3B-44B1-AA7E-33A67406DD9E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC8AE1B8-36CD-4782-AA02-AD9DC97916EF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{50F629EA-E50F-4562-A40F-E368319FC263}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS41FA\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{9DBD0BF5-7556-484A-9AB6-5A4E8D66CD92}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS41FA\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{B8C9FA0A-C72D-4FB9-AAA1-531681A89247}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5AF4C72D-ABFE-4516-831E-4FC4586F4550}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9B043ABD-456F-464F-9C81-BF26EEFE6E9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{368FCD74-F2C8-416B-A9DA-FFE39E95990F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: hp DVDRW GUD1N
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/01/2021 11:58:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPAudioSwitch.exe, Version: 1.0.138.0, Zeitstempel: 0x57f4463d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.662, Zeitstempel: 0xe6477cce
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0012a892
ID des fehlerhaften Prozesses: 0x2bbc
Startzeit der fehlerhaften Anwendung: 0x01d6e02d0c5c3fdc
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: f6e2623d-fc9a-421d-b5b9-2825b4cc01b6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2021 11:58:34 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: HPAudioSwitch.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.IOException
bei System.IO.__Error.WinIOError(Int32, System.String)
bei System.IO.File.InternalCopy(System.String, System.String, Boolean, Boolean)
bei System.IO.File.Copy(System.String, System.String)
bei HPAudioApp.ModuleHelper.SetConfig(System.String, System.String)
bei HPAudioApp.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1_0(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei HPAudioApp.App.Main()
Error: (01/01/2021 11:57:07 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (01/01/2021 11:57:07 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (01/01/2021 11:57:07 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (01/01/2021 11:57:07 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (01/01/2021 11:24:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPAudioSwitch.exe, Version: 1.0.138.0, Zeitstempel: 0x57f4463d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.662, Zeitstempel: 0xe6477cce
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0012a892
ID des fehlerhaften Prozesses: 0x43f0
Startzeit der fehlerhaften Anwendung: 0x01d6e02848004e0f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 3a5e147b-9658-4f73-8259-23856b2b8b3c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2021 11:24:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: HPAudioSwitch.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.IOException
bei System.IO.__Error.WinIOError(Int32, System.String)
bei System.IO.File.InternalCopy(System.String, System.String, Boolean, Boolean)
bei System.IO.File.Copy(System.String, System.String)
bei HPAudioApp.ModuleHelper.SetConfig(System.String, System.String)
bei HPAudioApp.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1_0(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei HPAudioApp.App.Main()
Systemfehler:
=============
Error: (01/01/2021 11:57:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/01/2021 11:23:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/01/2021 09:39:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (12/31/2020 05:36:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (12/31/2020 02:37:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (12/30/2020 04:20:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (12/30/2020 03:36:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avast Tools" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/30/2020 03:34:31 PM) (Source: Netwtw04) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)
CodeIntegrity:
===================================
Date: 2021-01-01 12:14:37.1020000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 12:13:36.5190000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 12:13:36.3670000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 12:12:53.1620000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 12:12:20.6950000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 12:12:18.7160000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 12:11:45.5680000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 12:11:09.5930000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Insyde F.55 07/01/2020
Hauptplatine: HP 8219
Prozessor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 16269.22 MB
Verfügbarer physikalischer RAM: 10112.36 MB
Summe virtueller Speicher: 18701.22 MB
Verfügbarer virtueller Speicher: 11701.94 MB
==================== Laufwerke ================================
Drive c: (WINDOWS) (Fixed) (Total:237.24 GB) (Free:154.79 GB) NTFS
Drive d: (DATA) (Fixed) (Total:919.13 GB) (Free:857.39 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:12.38 GB) (Free:1.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
\\?\Volume{8cd78a99-b26c-4122-a1c4-953b325e11bb}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.36 GB) NTFS
\\?\Volume{1dc6e2b4-66e5-4b5a-876b-2e2c31e8a886}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partitionstabelle ====================
==================== Ende von Addition.txt =======================
|
|
01.01.2021, 12:43
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10 - Laptop - Malware.AI.1792791521 Störende, veraltete oder unnötige Programme deinstallieren
__________________Bitte über Programme und Features (appwiz.cpl) deinstallieren: 64 Bit HP CIO Components Installer Adobe Acrobat Reader DC Avast Free Antivirus CrystalDiskInfo 7.6.0 CyberLink Power Media Player 14 CyberLink PowerDirector 14 HP Audio Switch HP Battery Recall Utility HP Connection Optimizer HP CoolSense HP Documentation HP ePrint SW HP JumpStart Bridge HP JumpStart Launch HP MFP Scan HP Registration Service HP Scan OCR Software HP Support Assistant HP Support Solutions Framework HP System Event Utility HP Update QuickPar 0.9 QuickTime 7 Windows 7 USB/DVD Download Tool
__________________ |
|
01.01.2021, 15:18
| #4 |
| | Windows 10 - Laptop - Malware.AI.1792791521 Danke wurde erstmal alles Deinstalliert nur was ich nicht gefunden habe ist 64 Bit HP CIO Components Installer Hier die neusten Meldungen wegen dem Malware.AI.1792791521 es kam wieder nur immer mit einen anderen Namen Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Datum des Schutzereignisses: 01.01.21
Uhrzeit des Schutzereignisses: 15:09
Protokolldatei: f3b41434-4c3a-11eb-ad7e-f430b99589b0.json
-Softwaredaten-
Version: 4.3.0.98
Komponentenversion: 1.0.1130
Version des Aktualisierungspakets: 1.0.35123
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19041.685)
CPU: x64
Dateisystem: NTFS
Benutzer: System
-Einzelheiten zu blockierter Schadsoftware-
Datei: 1
Malware.AI.1792791521, C:\Windows\Temp\3e41b3d6-182a-4479-0f4c-b18bc515d984\008bb397-d165-284e-de43-3773c132af16.exe, In Quarantäne, 1000000, 0, 1.0.35123, 5968C09775D709B36ADBD3E1, dds, 01053360, F1B044E9C52A9E2F60051D39000CC046, B140231893C88C5D7F9697E5451AE17D69A94688D8FDF1CBE00C9D4794F34D17
(end)
FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
durchgeführt von BigRon (Administrator) auf LAPTOP-CC9LIIGT (HP HP Pavilion Notebook) (01-01-2021 15:10:48)
Gestartet von C:\Users\BigRon\Downloads
Geladene Profile: BigRon
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\Hide.me.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(GoPro) [Datei ist nicht signiert] C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-07-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-21] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-12-07] (IDSA Production signing key -> Intel)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [GoogleChromeAutoLaunch_58B349BBFAEC481F630B2FD6BA573F8B] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\sht13cPC: C:\Windows\System32\spool\prtprocs\x64\sht13cpc.dll [82856 2019-07-21] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\sht13c Langmon: C:\windows\system32\sht13clm.dll [61840 2019-07-21] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2019-01-01]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) [Datei ist nicht signiert]
Startup: C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-02-23]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2021-01-01]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited -> eVenture Limited)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01AA77C0-0439-4DFD-86AF-51F73055A8AC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {0729062E-894F-4C58-B88A-E36CC3E04F00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C41499A-73C4-408A-8AD6-8C047CC35655} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {1435F30C-EC0B-467F-8458-65C514A74678} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {23207F29-8279-4673-A46D-5C15E776A8CF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {25EAE824-B66C-483B-BC20-694C2C3199CA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {2A03502B-70AD-4EAA-8C2D-0F1C9B1F9307} - System32\Tasks\Netzwerkverbindungen AvastWscReporter Gemeinsame => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{4B339F5B-64A9-4A54-A9BA-157053721680}\{50945A32-E5F3-4D84-A418-6C1F0891EE0E}" <==== ACHTUNG
Task: {2FFB66B7-4FEE-4FE1-8A67-6EB4B8E56EAF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {37E6AD66-084C-406C-99E7-4F8969F8B523} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {3A782A7E-9995-406A-A9DE-851AB9F16036} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
Task: {4114DBA2-B1D3-47A4-96D2-A23458BFEF5B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {458F4054-7DE0-4D2C-BFCA-E551B68AAB1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {468B8FA2-649E-47F9-92E6-3C5B8AE293E5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {50A12625-9350-4882-8ADF-35FDB3344F5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {5115E9C5-2598-410D-9816-56198131B79F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {558FF4D3-00D4-4DFC-913D-7F9EADC0D760} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {67AD0761-1ADC-4FC3-9F84-4BD634965A79} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {69CC92A8-0278-44CB-87DB-914B54BABD8F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {6CCF752A-2881-44F6-8A9F-54A1F31EE7AF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {73B75CB8-2044-4397-AA3B-12B507A4B93A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {753A22C2-612D-4D2E-A6C4-404465A1A36D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {779B939C-E1CB-49AD-9CAF-43789609D620} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {7864D393-C951-4311-AE37-D77AEB27C872} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {877CCCDC-5EF4-4E22-96AF-CD6E79E04465} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {89BDCFDD-0329-42BE-89B5-2E889DC820FD} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {9B152B72-A171-41EA-A4A6-77D6BC675D2E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CCDC2F3-E84A-4E99-A619-8C067F0BF1CE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A30F1EEF-F443-45C5-B990-8DC59D11D160} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {A39358D6-9391-44EE-82F9-786520D418F0} - System32\Tasks\Opera scheduled Autoupdate 1520095223 => C:\Users\BigRon\AppData\Local\Programs\Opera\launcher.exe
Task: {A43F0779-45C9-4B14-8586-8A115715A4E2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {A4E8E0E0-22E9-4EBB-913C-AE737582244A} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {A7C26653-8D23-43C5-B9E4-257B3D0FFF38} - System32\Tasks\Hewlett-Packard\HPDeviceCheck => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPDeviceCheck.exe
Task: {AB61560C-BB6D-443D-A20C-4C91B4DDC861} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC30708E-2444-401B-8D58-32F916998E60} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {ACFABAE6-B8CE-4369-8046-5F1B4C144892} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B4E33D04-2EB4-4D71-BC88-E91BB2A99AA7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BA1C8325-3160-479A-97CF-8E0503C63527} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BFD06707-CD57-4980-89D8-AF173891BC8C} - System32\Tasks\Hewlett-Packard\HP Web Products Detection => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPWPD.exe
Task: {C6EC3238-5EBB-4A30-8085-79138D233B07} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8B70BE6-EFD4-49D6-A04E-D3D8AF37930A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8BD02E0-3D86-477C-9961-A51C00619AD3} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {E3141F16-D67A-4320-9350-EB1ECA7516EC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {E9F3C1CC-9E6B-4284-8076-EC32EB152A09} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB804F47-C1BE-45D5-8334-9FAF0969E4B0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {FFA0C74A-F3B3-422F-8CAC-C34BBD8C5943} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{14a84a1d-8e25-4d2e-9214-a00a725c47d1}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{2a057fcb-1151-4b68-88dd-6b704bc4433c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{38be07b9-740e-4b2c-8244-789d62945e71}: [NameServer] 10.250.196.206,10.250.196.203
Tcpip\..\Interfaces\{72527b60-a5c8-4b39-9efc-da3991095e40}: [NameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{9184be2e-0b22-4337-8317-3530bccf1406}: [NameServer] 8.8.8.8,1.1.1.1
Tcpip\..\Interfaces\{9184be2e-0b22-4337-8317-3530bccf1406}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cc25d147-6e29-444f-8343-5ed035946b6e}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{db7d9d47-d6df-414a-b5e4-e6688efa1e97}: [NameServer] 1.1.1.1 1.0.0.1
Edge:
======
DownloadDir: C:\Users\BigRon\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-01]
Edge DownloadDir: C:\Users\BigRon\Downloads
Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?PC=U523&q={searchTerms}
Edge Extension: (Microsoft Rewards) - C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2020-12-02]
FireFox:
========
FF DefaultProfile: bhi18cb2.default
FF ProfilePath: C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default [2021-01-01]
FF NetworkProxy: Mozilla\Firefox\Profiles\bhi18cb2.default -> backup.ftp", ""
FF Extension: (Feed Preview) - C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default\Extensions\feed-preview@code.guido-berhoerster.org.xpi [2020-11-22]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default [2021-01-01]
CHR Notifications: Default -> hxxps://globalfoundries.service-now.com; hxxps://shop.gopro.com; hxxps://social.i-say.com; hxxps://store.dji.com
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=U523DF&PC=U523&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=U523DF&PC=U523&query={searchTerms}
CHR Extension: (Google Übersetzer) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Docs) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-14]
CHR Extension: (Google Drive) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-14]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (Microsoft Rewards) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbgcedjacmlbgleddnoacbnijgmiolem [2020-12-20]
CHR Extension: (Google Docs Offline) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Amazon Assistant für Chrome) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-12-24]
CHR Extension: (Google Mail) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-20]
CHR Profile: C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-10]
CHR Profile: C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\System Profile [2020-08-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-10-15] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-21] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-10-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [145456 2020-11-16] (eVenture Limited -> eVenture Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-02-14] (AVAST Software s.r.o. -> The OpenVPN Project)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-30] (Malwarebytes Corporation -> Malwarebytes)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [79488 2018-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2019-08-10] (SoftEther Corporation -> SoftEther Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [19016 2019-05-31] (HP Inc. -> )
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2018-10-08] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-12-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-30] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-30] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2020-06-05] (WireGuard LLC -> WireGuard LLC)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-01 15:06 - 2021-01-01 15:06 - 001388448 _____ C:\Users\Public\ASR.dat
2021-01-01 15:06 - 2021-01-01 15:06 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-01 15:06 - 2021-01-01 15:06 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-01 15:06 - 2021-01-01 15:06 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-01 15:06 - 2021-01-01 15:06 - 000000000 ____D C:\Users\BigRon\AppData\LocalLow\IGDump
2021-01-01 12:01 - 2021-01-01 12:28 - 000000803 _____ C:\Users\BigRon\Desktop\Neues Textdokument (2).txt
2021-01-01 11:36 - 2021-01-01 15:11 - 000034284 _____ C:\Users\BigRon\Downloads\FRST.txt
2021-01-01 11:36 - 2021-01-01 15:11 - 000000000 ____D C:\FRST
2021-01-01 11:35 - 2021-01-01 11:35 - 002286592 _____ (Farbar) C:\Users\BigRon\Downloads\FRST64.exe
2021-01-01 09:50 - 2021-01-01 09:50 - 000000039 _____ C:\Users\BigRon\Desktop\Neues Textdokument.txt
2020-12-30 15:35 - 2020-12-30 15:35 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-30 15:35 - 2020-12-30 15:35 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-30 15:35 - 2020-12-30 15:35 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-30 15:35 - 2020-12-30 15:35 - 000000000 ____D C:\Users\BigRon\AppData\Local\mbam
2020-12-30 15:34 - 2020-12-30 15:34 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-30 15:34 - 2020-12-30 15:34 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-30 15:21 - 2020-12-30 15:21 - 000335070 _____ C:\WINDOWS\ntbtlog.txt
2020-12-29 16:19 - 2020-12-29 16:19 - 000005086 _____ C:\WINDOWS\system32\Tasks\Netzwerkverbindungen AvastWscReporter Gemeinsame
2020-12-29 16:19 - 2020-12-29 16:19 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\npm
2020-12-29 16:19 - 2020-12-29 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2020-12-29 16:19 - 2020-12-29 16:19 - 000000000 ____D C:\Program Files (x86)\nodejs
2020-12-29 16:14 - 2020-12-29 16:17 - 000000041 ___SH C:\ProgramData\.zreglib
2020-12-27 15:16 - 2020-12-27 15:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-27 15:04 - 2020-12-27 15:04 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2020-12-26 14:37 - 2020-12-27 18:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-23 14:49 - 2020-12-23 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-12-18 18:12 - 2020-12-18 18:14 - 000002061 _____ C:\Users\Public\Desktop\TAXMAN 2021.lnk
2020-12-18 18:12 - 2020-12-18 18:14 - 000002061 _____ C:\ProgramData\Desktop\TAXMAN 2021.lnk
2020-12-16 19:29 - 2020-12-16 19:29 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-12-16 19:27 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 008261360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 002103024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446089.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446089.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000812784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000672496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000547056 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-16 19:27 - 2020-12-12 15:21 - 006070008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-12-12 12:17 - 2020-12-12 12:17 - 000000000 ___RD C:\Users\BigRon\Documents\Scanned Documents
2020-12-12 12:17 - 2020-12-12 12:17 - 000000000 ____D C:\Users\BigRon\Documents\Fax
2020-12-11 19:33 - 2020-12-11 19:33 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 19:33 - 2020-12-11 19:33 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 19:33 - 2020-12-11 19:33 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-06 15:47 - 2020-12-06 15:55 - 000000365 _____ C:\Users\BigRon\Desktop\Mogli Server.txt
2020-12-02 18:47 - 2020-12-02 18:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-02 18:47 - 2020-12-02 18:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-02 18:47 - 2020-12-02 18:47 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-02 18:47 - 2020-12-02 18:47 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-02 18:47 - 2020-12-02 18:47 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-02 18:46 - 2020-12-02 18:46 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-02 18:46 - 2020-12-02 18:46 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-01 15:08 - 2018-02-14 20:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-01 15:07 - 2020-11-17 15:22 - 000000000 ____D C:\Users\BigRon\AppData\Local\A0769869-4508-4EDE-978F-BF0B9DE7D57C.aplzod
2021-01-01 15:06 - 2020-06-19 11:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-01 15:06 - 2020-06-19 11:03 - 000630304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-01 15:06 - 2020-06-19 11:03 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-01 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-01 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-01 15:06 - 2018-12-12 14:59 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\AVAST Software
2021-01-01 15:06 - 2018-03-03 17:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-01 15:06 - 2018-02-21 18:52 - 000000000 ___RD C:\Users\BigRon\iCloudDrive
2021-01-01 15:06 - 2018-02-14 21:09 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-01 15:06 - 2018-02-14 20:48 - 000000000 __SHD C:\Users\BigRon\IntelGraphicsProfiles
2021-01-01 15:05 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-01 15:05 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-01 15:05 - 2016-11-18 12:16 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-01 15:05 - 2016-11-18 12:16 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-01-01 15:04 - 2016-11-18 12:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-01-01 15:03 - 2016-11-18 12:17 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-01 15:03 - 2016-11-18 12:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-01 15:02 - 2020-06-19 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-01-01 15:00 - 2016-11-18 20:48 - 000000000 ____D C:\SWSetup
2021-01-01 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-01 14:56 - 2018-04-03 12:41 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-01 14:56 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\Temp
2021-01-01 14:56 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2021-01-01 14:56 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\install_backup
2021-01-01 14:55 - 2018-02-24 12:47 - 000000000 ____D C:\Users\BigRon\Documents\CyberLink
2021-01-01 14:55 - 2018-02-24 12:46 - 000000000 ____D C:\Users\BigRon\AppData\Local\CyberLink
2021-01-01 14:55 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\install_clap
2021-01-01 14:55 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\CyberLink
2021-01-01 14:54 - 2018-06-09 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-01-01 14:53 - 2018-02-14 20:49 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\HP
2021-01-01 14:53 - 2016-11-18 12:16 - 000000000 ____D C:\ProgramData\HP
2021-01-01 14:53 - 2016-11-18 12:16 - 000000000 ____D C:\Program Files (x86)\HP
2021-01-01 14:51 - 2016-11-18 12:16 - 000000000 ____D C:\Program Files\HP
2021-01-01 14:48 - 2018-02-14 21:02 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\hpqLog
2021-01-01 14:48 - 2018-02-14 20:48 - 000000000 ____D C:\Users\BigRon\AppData\Local\Hewlett-Packard
2021-01-01 14:47 - 2018-02-23 09:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-01-01 14:46 - 2018-12-02 11:19 - 000000000 ____D C:\Program Files (x86)\QuickTime
2021-01-01 14:45 - 2020-06-19 11:08 - 001866328 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-01 14:45 - 2019-12-07 15:50 - 000788322 _____ C:\WINDOWS\system32\perfh007.dat
2021-01-01 14:45 - 2019-12-07 15:50 - 000168384 _____ C:\WINDOWS\system32\perfc007.dat
2021-01-01 14:45 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-01 14:39 - 2018-02-18 17:52 - 000000000 ____D C:\Users\BigRon\AppData\Local\CrashDumps
2020-12-31 15:49 - 2020-06-19 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-30 15:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-30 15:37 - 2018-05-02 18:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-30 15:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-30 15:27 - 2018-07-11 18:28 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-12-30 15:21 - 2018-11-09 09:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-12-30 15:10 - 2018-02-18 18:07 - 000000000 ____D C:\Program Files\WinRAR
2020-12-29 16:32 - 2019-01-08 11:30 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:32 - 2019-01-08 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:32 - 2018-06-06 12:57 - 000000000 ____D C:\Users\BigRon\AppData\Local\AVAST Software
2020-12-29 16:31 - 2020-01-09 16:06 - 000002088 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2020-12-29 16:31 - 2020-01-09 16:06 - 000002088 _____ C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk
2020-12-29 16:27 - 2020-06-19 13:57 - 000000000 ____D C:\adbLink
2020-12-29 16:19 - 2018-02-14 20:48 - 000000000 ____D C:\Users\BigRon\AppData\Local\VirtualStore
2020-12-29 16:11 - 2019-01-30 09:42 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-29 16:10 - 2018-02-14 20:59 - 000000000 ____D C:\Users\BigRon\AppData\LocalLow\Mozilla
2020-12-27 18:01 - 2018-02-14 20:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-27 15:16 - 2018-02-14 20:58 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-26 18:38 - 2018-02-18 19:08 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-23 14:49 - 2018-05-27 15:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-20 09:39 - 2020-06-18 10:15 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-20 09:39 - 2020-06-18 10:15 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-20 09:39 - 2020-06-18 10:15 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-20 09:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-20 09:36 - 2018-02-18 18:57 - 000000000 ____D C:\Users\BigRon\AppData\Local\Packages
2020-12-18 18:14 - 2020-01-24 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2020-12-18 18:14 - 2018-02-18 18:06 - 000000000 ____D C:\Users\BigRon\AppData\Local\HL
2020-12-12 15:27 - 2020-03-06 14:58 - 034188528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2020-12-12 15:21 - 2020-03-06 14:58 - 007114256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-12 04:59 - 2020-03-06 14:58 - 000060811 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-12 00:55 - 2018-02-14 20:13 - 009371667 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-12 00:55 - 2018-02-14 20:13 - 005622072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 002636776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000083256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-11 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 19:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-09 19:25 - 2019-10-18 19:15 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-12-09 19:25 - 2018-02-14 20:12 - 000000000 ____D C:\Program Files (x86)\Intel
2020-12-06 16:03 - 2018-08-08 10:08 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-12-04 15:52 - 2020-06-19 11:14 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 15:52 - 2020-06-19 11:14 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-03 15:03 - 2018-02-14 21:00 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-01-01 15:06 - 2021-01-01 15:06 - 001388448 _____ () C:\Users\Public\ASR.dat
2018-08-08 10:08 - 2018-08-08 10:08 - 000000171 _____ () C:\Users\BigRon\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-08-08 10:08 - 2018-08-08 10:08 - 000000304 _____ () C:\Users\BigRon\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2018-08-08 10:08 - 2018-08-08 10:08 - 000000175 _____ () C:\Users\BigRon\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2018-02-18 19:12 - 2018-02-18 19:12 - 000000738 _____ () C:\Users\BigRon\AppData\Local\recently-used.xbel
2018-05-30 10:46 - 2020-06-18 15:17 - 000007661 _____ () C:\Users\BigRon\AppData\Local\Resmon.ResmonCfg
2019-07-08 19:48 - 2019-07-08 19:57 - 000000143 _____ () C:\Users\BigRon\AppData\Local\zenmap.exe.log
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
01.01.2021, 15:19
| #5 |
| | Windows 10 - Laptop - Malware.AI.1792791521Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-12-2020
durchgeführt von BigRon (01-01-2021 15:11:52)
Gestartet von C:\Users\BigRon\Downloads
Windows 10 Home Version 20H2 19042.685 (X64) (2020-06-19 10:15:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2816629630-362098843-3323099239-500 - Administrator - Disabled)
BigRon (S-1-5-21-2816629630-362098843-3323099239-1001 - Administrator - Enabled) => C:\Users\BigRon
DefaultAccount (S-1-5-21-2816629630-362098843-3323099239-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2816629630-362098843-3323099239-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2816629630-362098843-3323099239-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2816629630-362098843-3323099239-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CrystalDiskInfo 8.9.0a (64 Bit) (HKLM\...\CrystalDiskInfo_is1) (Version: 8.9.0a - Crystal Dew World)
Diagnosis Framework 1.5 (HKLM-x32\...\Diagnosis Framework 1.5) (Version: 1.5 - Webasto Thermo & Comfort SE)
Documentation Manager (HKLM\...\{82FBBBC9-616A-4247-BEAD-87B8132D49D2}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 113.3.427 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.50.0 (HKLM-x32\...\FileZilla Client) (Version: 3.50.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
GoPro Studio 2.0.0 (HKLM-x32\...\GoPro Studio) (Version: 2.0.0 - WoodmanLabs Inc. d.b.a. GoPro)
Gtk# for .Net 2.12.38 (HKLM-x32\...\{C7A0CF1E-A936-426A-9694-035636DCD356}) (Version: 2.12.38 - Xamarin, Inc.)
hide.me VPN 3.6.1 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 3.6.1 - eVenture Limited)
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
HP Color Laser MFP 178 179 (HKLM-x32\...\HP Color Laser MFP 178 179) (Version: 1.14 (01.11.2019) - HP Inc.)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel Driver && Support Assistant (HKLM-x32\...\{513BFF20-438E-4C8B-9C41-DE06B47D3148}) (Version: 20.11.50.9 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1003 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1031-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{7972bdc2-99e9-4a54-b071-e7f08bdf056d}) (Version: 20.11.50.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6aa2484c-1a35-428e-a857-8ee0a874d2d1}) (Version: 20.110.0 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}) (Version: 22.0.0.6 - Intel Corporation) Hidden
IsoBuster 4.3 (HKLM-x32\...\IsoBuster_is1) (Version: 4.3 - Smart Projects)
iTunes (HKLM\...\{DE0F48FE-04C1-4646-AA58-2BE7A1A58742}) (Version: 12.11.0.26 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
MKVToolNix 33.1.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 33.1.0 - Moritz Bunkus)
Mozilla Firefox 84.0.1 (x64 de) (HKLM\...\Mozilla Firefox 84.0.1 (x64 de)) (Version: 84.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
SABnzbd 3.1.1 (HKLM-x32\...\SABnzbd) (Version: 3.1.1 - The SABnzbd Team)
Suunto DM5 - 1 (HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\e64facc3e2453542) (Version: 1.3.0.19 - Suunto)
Suunto USB Driver (HKLM\...\SuuntoUSBFTDIVista_is1) (Version: 2.12.06.0 - Suunto Oy)
TAXMAN 2020 (HKLM-x32\...\{1342F8EA-0E9F-4CCB-81E8-74638BC0C757}) (Version: 25.39.90 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2021 (HKLM-x32\...\{E172BAEF-8092-4576-BDAD-41653786283E}) (Version: 26.25.56 - Haufe-Lexware GmbH & Co.KG)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
TP-Link PLC Utility (HKLM-x32\...\{A79B7C66-DC26-417A-8BB5-B48721B45623}) (Version: 2.2.3149.12 - TP-Link) Hidden
TP-Link PLC Utility (HKLM-x32\...\InstallShield_{A79B7C66-DC26-417A-8BB5-B48721B45623}) (Version: 2.2.3149.12 - TP-Link)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-3) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-4) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-5) (Version: 1.0.54.1 - Intel Corporation Inc.)
Webasto Thermo Test 3.0 (HKLM-x32\...\Webasto Thermo Test 3.0) (Version: 3.0 - Webasto Thermo & Comfort SE)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows-Treiberpaket - STMicroelectronics (usbser) Ports (04/25/2010 1.3.1) (HKLM\...\1628ECA16EA833D7F30DD35215E306FAD333DF83) (Version: 04/25/2010 1.3.1 - STMicroelectronics)
Windows-Treiberpaket - Suunto Suunto USB Driver Package (07/10/2015 2.12.06) (HKLM\...\AB6ABB41B5BCD37253F16E19787FDA18B257FDC8) (Version: 07/10/2015 2.12.06 - Suunto)
Windows-Treiberpaket - Suunto Suunto USB Serial Port (07/10/2015 2.12.06) (HKLM\...\E2175BF06F0C07C2570BDDC08FCBDC1D9B5639CB) (Version: 07/10/2015 2.12.06 - Suunto)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-20] (Dolby Laboratories)
DS photo -> C:\Program Files\WindowsApps\999289FE.DSphoto_1.5.61.0_x64__g23c5rrjyxaaj [2018-06-14] (Synology Inc.)
DS video -> C:\Program Files\WindowsApps\999289FE.DSvideo_1.5.69.0_x64__g23c5rrjyxaaj [2018-05-27] (Synology Inc.)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2020-07-15] (Fitbit)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2018-02-14] (Universal Music Mobile)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.7.0_x64__v10z8vjag6ke6 [2020-10-07] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-20] (HP Inc.)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_18.9.500.0_x64__4n2hpmxwrvr6p [2020-10-28] (XBMC Foundation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-12] (Synaptics Incorporated)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm [2020-12-20] (WhatsApp Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\BigRon\Dropbox [2018-06-01 10:53]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxDTCM.dll [2018-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2816629630-362098843-3323099239-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll -> Keine Datei
ContextMenuHandlers6_S-1-5-21-2816629630-362098843-3323099239-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll -> Keine Datei
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\windows\system32\CFHD.dll [1443328 2013-09-05] (CineForm Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.DLL [1474560 2013-09-05] (CineForm Inc.) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\BigRon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-12-07 11:31 - 2020-12-07 11:31 - 000126464 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSASsdInterop.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2020-04-17 17:10 - 2020-04-17 17:10 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-17 17:10 - 2020-04-17 17:10 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:E83C309AD0058C63 [50]
AlternateDataStreams: C:\ProgramData\Temp:054203E4 [144]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2816629630-362098843-3323099239-1001 -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2020-10-15 15:11 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-11-12 10:31 - 2018-11-12 10:32 - 000000514 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\CineForm\Tools;C:\Program Files (x86)\GoPro\Tools;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\nodejs\
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BigRon\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{f739afe9-b24c-424c-a537-dd85e608e858}.JPG
DNS Servers: 8.8.8.8 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "GlobalProtect"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\StartupApproved\Run: => "OneDriveSetup"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{7CD05DE8-4E32-444F-BBFA-28E9A1C35C62}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => Keine Datei
FirewallRules: [TCP Query User{302F6F27-36EC-4E42-8685-E32BB7D7F243}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => Keine Datei
FirewallRules: [UDP Query User{F0FE9BE9-7612-4E1F-92E2-65641C774F55}C:\program files (x86)\common files\hp scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\hp scan process machine\imageeng.exe => Keine Datei
FirewallRules: [TCP Query User{DF11D93B-001B-40CD-B730-4E694575124C}C:\program files (x86)\common files\hp scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\hp scan process machine\imageeng.exe => Keine Datei
FirewallRules: [{B7A5E45A-E29E-46D2-92A9-2D31973A8BD9}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS564C\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{0F34DDEE-8FE6-4AEF-A688-6FBCAC2AA8C4}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS564C\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{56DF7B3D-D5A7-469A-B222-BB37DF5667D2}] => (Allow) C:\Windows\twain_32\HP\HPCLM17X\ScanCDLM\ScanCDLM.exe (HP Inc. -> )
FirewallRules: [{16DA17C6-532A-44BD-B102-59E36BCBB491}] => (Allow) C:\Windows\twain_32\HP\HPCLM17X\ScanCDLM\ScanCDLM.exe (HP Inc. -> )
FirewallRules: [UDP Query User{58F2F32E-3A92-4D86-8AA7-891560743236}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe => Keine Datei
FirewallRules: [TCP Query User{7885FBA4-45FF-4A9F-9576-431C4FDB4152}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe => Keine Datei
FirewallRules: [{6D77D9AA-B75F-4939-9106-749A6187A2EA}] => (Allow) C:\Program Files (x86)\hide.me VPN\SoftEtherVPN\vpnclient_x64.exe => Keine Datei
FirewallRules: [{A1E5FC6B-95BB-480F-BD15-3E1C870A4411}] => (Allow) C:\Program Files (x86)\hide.me VPN\SoftEtherVPN\vpncmd.exe => Keine Datei
FirewallRules: [{62F99C76-AF9A-4EFF-8636-FBE39C267842}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{B720CAA2-AA24-4F5E-8097-3513B82C1AD9}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{A5298CEC-A3AB-45DE-AE1C-977A6D2BEC68}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{70679206-79B5-433B-A2B2-63AF068F26F3}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{7D9FD16F-C01C-4AC1-9A29-669809ACAFCF}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{20B541A2-526D-47A0-B0A0-43EF1EEFC860}] => (Allow) LPort=8777
FirewallRules: [{E1F7EBD4-F5D4-42FB-B546-D2D21165D590}] => (Allow) LPort=8777
FirewallRules: [{D3C5D67B-4260-476B-8778-B7ACB2DA7FFB}] => (Allow) LPort=8777
FirewallRules: [{45DC9B3C-EAE2-44C1-95EA-B49B08F933F1}] => (Allow) LPort=8777
FirewallRules: [{873CF4BF-23A2-40A9-9C2C-4645BF3B0C79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11527C58-DC6C-48D8-BD88-6FFF782BC776}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{56F1CE54-6EC9-41D0-B348-DCA1A6C95AFA}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{26AF17BB-0603-4033-B462-E4F117064E6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E6E64BFD-6AA9-4F33-BED0-759ECA3CAF7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D142BE9D-E085-42FB-9D59-56BEF8284DA7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{975D1C62-1175-4E6B-8833-08F8D45DE525}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{859B7A63-BC93-4AC7-8F2C-E5F89CAF9851}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{CD836A16-6A92-43B3-B536-BF356F2EBBF5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{A262A817-6CD2-41E3-BAFF-5076329F2199}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{0B949CCA-730E-43CD-BCE6-E679D1EE8FF0}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A4FDA0E8-D8F2-4C70-8ABC-42A36266771D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{0CA1403F-D936-4DD3-B4F8-A2CDB175EE06}D:\jdownloader 2.0\jdownloader2.exe] => (Allow) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{8196D7F9-F4ED-4D6F-8425-D9937E993AAA}D:\jdownloader 2.0\jdownloader2.exe] => (Allow) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{845CDF32-F796-462F-AF5F-9B917F68A295}] => (Block) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{269C4016-D939-4851-8035-0B6AB011D742}] => (Block) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{CC5BA09C-269B-48EE-B900-8AEDC9B577A6}] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E1615585-8C40-4F91-95A8-E8AFEF941ACC}] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FE73926E-41EE-4B63-802C-1569E58DFCBB}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{8EF1FD32-D192-4424-AD34-A8ED42E6452E}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{CD42D3B1-FC8C-4AF5-B4AD-4AABAE85CFCE}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{AA0429CA-33ED-4134-9566-BCDA6CDDD3B8}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{2646B6AB-C3B3-4C5D-82AC-A58EF0C17E99}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [Datei ist nicht signiert]
FirewallRules: [{60A5B075-E817-4AEB-A97B-A6FA49370852}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{590823D2-855C-41C3-8E7A-97DFE8B20E84}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [UDP Query User{EDD030ED-2B02-4D92-88C0-630C181077D7}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [{7A8A8984-983E-4E35-94F1-1BBF7971DE4D}] => (Block) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [{C5C628C5-191C-47F6-A85A-DFBA1B7754EF}] => (Block) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [TCP Query User{5372FF12-A44A-432D-9771-23002D68789D}C:\users\bigron\appdata\local\vavoo\vavoo.exe] => (Allow) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [UDP Query User{296159A4-87F2-4C85-AE1C-A3759ED7F291}C:\users\bigron\appdata\local\vavoo\vavoo.exe] => (Allow) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [{8558F584-40EC-4716-B8C9-4803D42C201C}] => (Block) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [{DD51FA8F-CDAC-4195-8EAD-A065E45FEC39}] => (Block) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [{91BCBC8A-3945-402E-BDC7-766E2618C35C}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{3438E4C3-A6DA-4616-B137-1DB0BE823BFB}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{9E4A999B-D976-40E7-851D-6873CEDC8BB1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{1E52BDF1-4F9B-4AAE-8F12-A4A1D1531AE3}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [TCP Query User{776B157C-4BF3-459D-AD0A-CB699DA6B7F8}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei
FirewallRules: [UDP Query User{5A9C0E73-95F8-4448-AC21-EB1A39AF5659}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei
FirewallRules: [TCP Query User{A0C45185-DAFC-4855-A13B-673D9CB46C1B}C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe => Keine Datei
FirewallRules: [UDP Query User{80CA9E40-5B24-4B23-9A11-0BA3A0B414D4}C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe => Keine Datei
FirewallRules: [{B122B2C5-402B-4CA4-98E6-CA11D917E5D6}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{9EB407D5-C80F-4BFF-9BE2-C5037FD8C549}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{AAFD2D09-CC1C-475E-A69F-F54F180C5358}] => (Block) %ProgramFiles% (x86)\WISO\Steuersoftware 2019\WISO2019.EXE => Keine Datei
FirewallRules: [{B2609461-2ABE-45F2-BAC9-925006D3DB68}] => (Block) %ProgramFiles% (x86)\WISO\Steuersoftware 2019\WISO2019.EXE => Keine Datei
FirewallRules: [{EFE52F91-9F36-41B0-B134-14AB6EF6A399}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{4EFD5B1A-4CBF-4D3D-B8A4-DB97976F3657}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D51550BB-EA75-48B0-8859-8348D3AB34CD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF550CAB-CAC8-4CB3-96A1-5C8DA3B0C540}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF32868A-D43B-4EE6-A31B-63A8F23EE1E5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC1A04D7-DF00-4E21-8502-79F3941B9B76}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{155803AF-0D7C-49A1-9F6D-5DE13954B2B3}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{2231FAEB-AC5B-4630-A7AD-9CCF898E269C}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{C894A33A-4D4A-49DA-BB5E-35B0545FB274}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{C78521BF-DE4C-4129-8BAA-08222F4FF202}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{7FCAE9A7-27C9-4CD0-8DED-E55E690D735D}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{ACB2BC22-4CA5-4433-AB25-ED22952527A2}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{5723AD6E-36F3-4EB2-B7B7-CB0DD0600237}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C702300-CEA6-45CA-B04E-CD26C9F63961}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B370B26C-1549-43DD-B89E-310E2CC26904}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08BCBB39-EEEF-4F46-AE9A-8F7761CA431F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97EBBE4E-3AB7-4CC2-8596-ED1D604F9947}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{083D9DD7-9D8B-407F-B7FA-D48087ED0327}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{A412828E-5147-4981-9D9F-C01C049C5348}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{482843F1-F319-45C2-BA43-0A39EED69F7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CA49297A-2F3B-44B1-AA7E-33A67406DD9E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC8AE1B8-36CD-4782-AA02-AD9DC97916EF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{50F629EA-E50F-4562-A40F-E368319FC263}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS41FA\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{9DBD0BF5-7556-484A-9AB6-5A4E8D66CD92}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS41FA\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{B8C9FA0A-C72D-4FB9-AAA1-531681A89247}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5AF4C72D-ABFE-4516-831E-4FC4586F4550}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9B043ABD-456F-464F-9C81-BF26EEFE6E9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{368FCD74-F2C8-416B-A9DA-FFE39E95990F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Wiederherstellungspunkte =========================
01-01-2021 14:45:52 Removed Windows 7 USB/DVD Download Tool
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: hp DVDRW GUD1N
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/01/2021 03:05:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (01/01/2021 03:05:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (01/01/2021 03:05:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (01/01/2021 02:48:05 PM) (Source: MsiInstaller) (EventID: 1013) (User: LAPTOP-CC9LIIGT)
Description: Produkt: HP Support Solutions Framework -- Diese Anwendung kann nicht deinstalliert werden, da sie für HP Support Assistant erforderlich ist.
Error: (01/01/2021 02:39:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPAudioSwitch.exe, Version: 1.0.138.0, Zeitstempel: 0x57f4463d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.662, Zeitstempel: 0xe6477cce
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0012a892
ID des fehlerhaften Prozesses: 0x147c
Startzeit der fehlerhaften Anwendung: 0x01d6e0437d502aa4
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: dfe95182-c308-4be7-a50e-25a73ddd8fd8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2021 02:39:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: HPAudioSwitch.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.IOException
bei System.IO.__Error.WinIOError(Int32, System.String)
bei System.IO.File.InternalCopy(System.String, System.String, Boolean, Boolean)
bei System.IO.File.Copy(System.String, System.String)
bei HPAudioApp.ModuleHelper.SetConfig(System.String, System.String)
bei HPAudioApp.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1_0(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei HPAudioApp.App.Main()
Error: (01/01/2021 02:38:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 25 0.A.6.4.9.0.C.3.9.3.A.C.A.C.5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR LAPTOP-CC9LIIGT-2.local.
Error: (01/01/2021 02:38:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.117:5353 23 0.A.6.4.9.0.C.3.9.3.A.C.A.C.5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR LAPTOP-CC9LIIGT.local.
Systemfehler:
=============
Error: (01/01/2021 03:06:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/01/2021 02:55:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Cyberlink RichVideo64 Service(CRVS)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/01/2021 02:38:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/01/2021 11:57:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/01/2021 11:23:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/01/2021 09:39:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (12/31/2020 05:36:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (12/31/2020 02:37:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
CodeIntegrity:
===================================
Date: 2021-01-01 15:06:17.5190000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 14:57:47.5540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 14:57:05.2510000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 14:55:44.4380000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 14:55:39.4290000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 14:55:33.0530000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 14:55:30.8170000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 14:54:34.5270000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Insyde F.55 07/01/2020
Hauptplatine: HP 8219
Prozessor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 16269.22 MB
Verfügbarer physikalischer RAM: 11281.96 MB
Summe virtueller Speicher: 18701.22 MB
Verfügbarer virtueller Speicher: 12945.21 MB
==================== Laufwerke ================================
Drive c: (WINDOWS) (Fixed) (Total:237.24 GB) (Free:159.25 GB) NTFS
Drive d: (DATA) (Fixed) (Total:919.13 GB) (Free:857.39 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:12.38 GB) (Free:1.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
\\?\Volume{8cd78a99-b26c-4122-a1c4-953b325e11bb}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.36 GB) NTFS
\\?\Volume{1dc6e2b4-66e5-4b5a-876b-2e2c31e8a886}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partitionstabelle ====================
==================== Ende von Addition.txt =======================
|
|
01.01.2021, 17:07
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 - Laptop - Malware.AI.1792791521 adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ --> Windows 10 - Laptop - Malware.AI.1792791521 |
|
01.01.2021, 18:41
| #7 |
| | Windows 10 - Laptop - Malware.AI.1792791521 Hie die beiden Logliles vor der Reinigung und nach der Reinigung. Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-01-2021
# Duration: 00:00:19
# OS: Windows 10 Home
# Scanned: 31930
# Detected: 26
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Chip C:\Users\BigRon\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}
PUP.Optional.DownloadSponsor C:\Users\BigRon\AppData\Local\Temp\DMR
PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.SlimCleanerPlus C:\Users\BigRon\AppData\Local\slimware utilities inc
***** [ Files ] *****
PUP.Optional.Legacy C:\Windows\System32\drivers\swdumon.sys
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.DriverUpdate HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
***** [ Chromium (and derivatives) ] *****
PUP.Optional.AmazonBrowserBar Amazon Assistant für Chrome - pbjikboenpfhbbejgkoklgkhjpfogcam
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.HPCoolSense Folder C:\Users\BigRon\AppData\Local\HEWLETT-PACKARD\HP COOLSENSE
Preinstalled.HPCoolSense Folder C:\Users\defaultuser0\AppData\Local\HEWLETT-PACKARD\HP COOLSENSE
Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A782A7E-9995-406A-A9DE-851AB9F16036}
Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartLaunch
Preinstalled.HPJumpStartLaunch Task C:\Windows\System32\Tasks\HPJUMPSTARTLAUNCH
Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\BigRon\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DFBDDDB3-D753-4454-84E9-2D3D96E89EFF}
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-01-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 26
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\BigRon\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}
Deleted C:\Users\BigRon\AppData\Local\Temp\DMR
Deleted C:\Users\BigRon\AppData\Local\slimware utilities inc
Deleted C:\Users\Public\Documents\Downloaded Installers
***** [ Files ] *****
Deleted C:\Windows\System32\drivers\swdumon.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted HKCU\Software\csastats
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc
***** [ Chromium (and derivatives) ] *****
Deleted Amazon Assistant für Chrome - pbjikboenpfhbbejgkoklgkhjpfogcam
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPCoolSense Folder C:\Users\BigRon\AppData\Local\HEWLETT-PACKARD\HP COOLSENSE
Deleted Preinstalled.HPCoolSense Folder C:\Users\defaultuser0\AppData\Local\HEWLETT-PACKARD\HP COOLSENSE
Deleted Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A782A7E-9995-406A-A9DE-851AB9F16036}
Deleted Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartLaunch
Deleted Preinstalled.HPJumpStartLaunch Task C:\Windows\System32\Tasks\HPJUMPSTARTLAUNCH
Deleted Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\BigRon\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DFBDDDB3-D753-4454-84E9-2D3D96E89EFF}
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4167 octets] - [01/01/2021 16:35:30]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-01-2021
# Duration: 00:00:20
# OS: Windows 10 Home
# Scanned: 31837
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [4167 octets] - [01/01/2021 16:42:30]
AdwCleaner[C00].txt - [4344 octets] - [01/01/2021 16:44:31]
AdwCleaner[S01].txt - [1586 octets] - [01/01/2021 16:47:17]
AdwCleaner[C01].txt - [1756 octets] - [01/01/2021 16:47:26]
AdwCleaner[S02].txt - [1650 octets] - [01/01/2021 16:49:35]
AdwCleaner[S03].txt - [1711 octets] - [01/01/2021 16:50:11]
AdwCleaner[S04].txt - [1772 octets] - [01/01/2021 16:58:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########
|
|
01.01.2021, 19:10
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 - Laptop - Malware.AI.1792791521 Neue FRST Logs bitte.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.01.2021, 19:14
| #9 |
| | Windows 10 - Laptop - Malware.AI.1792791521Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
durchgeführt von BigRon (Administrator) auf LAPTOP-CC9LIIGT (HP HP Pavilion Notebook) (01-01-2021 19:10:59)
Gestartet von C:\Users\BigRon\Downloads
Geladene Profile: BigRon
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\Hide.me.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(GoPro) [Datei ist nicht signiert] C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm\app\WhatsApp.exe <6>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-07-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-21] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-12-07] (IDSA Production signing key -> Intel)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [GoogleChromeAutoLaunch_58B349BBFAEC481F630B2FD6BA573F8B] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\sht13cPC: C:\Windows\System32\spool\prtprocs\x64\sht13cpc.dll [82856 2019-07-21] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\sht13c Langmon: C:\windows\system32\sht13clm.dll [61840 2019-07-21] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2019-01-01]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) [Datei ist nicht signiert]
Startup: C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-02-23]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2021-01-01]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited -> eVenture Limited)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01AA77C0-0439-4DFD-86AF-51F73055A8AC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {0729062E-894F-4C58-B88A-E36CC3E04F00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C41499A-73C4-408A-8AD6-8C047CC35655} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {1435F30C-EC0B-467F-8458-65C514A74678} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {23207F29-8279-4673-A46D-5C15E776A8CF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {2366A0FF-3A5B-42B4-925E-CE0F5C57F41C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\HPDIAGS-24ec91ca-445b-45a6-b18c-0c240af2d0ec => C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.7.0_x64__v10z8vjag6ke6\HpHwDiag.exe [90337424 2020-10-07] (HP Inc. -> )
Task: {25EAE824-B66C-483B-BC20-694C2C3199CA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {2A03502B-70AD-4EAA-8C2D-0F1C9B1F9307} - System32\Tasks\Netzwerkverbindungen AvastWscReporter Gemeinsame => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{4B339F5B-64A9-4A54-A9BA-157053721680}\{50945A32-E5F3-4D84-A418-6C1F0891EE0E}" <==== ACHTUNG
Task: {2FFB66B7-4FEE-4FE1-8A67-6EB4B8E56EAF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {37E6AD66-084C-406C-99E7-4F8969F8B523} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {4114DBA2-B1D3-47A4-96D2-A23458BFEF5B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {458F4054-7DE0-4D2C-BFCA-E551B68AAB1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {468B8FA2-649E-47F9-92E6-3C5B8AE293E5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {50A12625-9350-4882-8ADF-35FDB3344F5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {5115E9C5-2598-410D-9816-56198131B79F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {558FF4D3-00D4-4DFC-913D-7F9EADC0D760} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {67AD0761-1ADC-4FC3-9F84-4BD634965A79} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {69CC92A8-0278-44CB-87DB-914B54BABD8F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {6CCF752A-2881-44F6-8A9F-54A1F31EE7AF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {73B75CB8-2044-4397-AA3B-12B507A4B93A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {753A22C2-612D-4D2E-A6C4-404465A1A36D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {779B939C-E1CB-49AD-9CAF-43789609D620} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {7864D393-C951-4311-AE37-D77AEB27C872} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {877CCCDC-5EF4-4E22-96AF-CD6E79E04465} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {89BDCFDD-0329-42BE-89B5-2E889DC820FD} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {9B152B72-A171-41EA-A4A6-77D6BC675D2E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CCDC2F3-E84A-4E99-A619-8C067F0BF1CE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A30F1EEF-F443-45C5-B990-8DC59D11D160} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {A39358D6-9391-44EE-82F9-786520D418F0} - System32\Tasks\Opera scheduled Autoupdate 1520095223 => C:\Users\BigRon\AppData\Local\Programs\Opera\launcher.exe
Task: {A43F0779-45C9-4B14-8586-8A115715A4E2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {A4E8E0E0-22E9-4EBB-913C-AE737582244A} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {A7C26653-8D23-43C5-B9E4-257B3D0FFF38} - System32\Tasks\Hewlett-Packard\HPDeviceCheck => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPDeviceCheck.exe
Task: {AB61560C-BB6D-443D-A20C-4C91B4DDC861} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC30708E-2444-401B-8D58-32F916998E60} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {ACFABAE6-B8CE-4369-8046-5F1B4C144892} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B4E33D04-2EB4-4D71-BC88-E91BB2A99AA7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BA1C8325-3160-479A-97CF-8E0503C63527} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BFD06707-CD57-4980-89D8-AF173891BC8C} - System32\Tasks\Hewlett-Packard\HP Web Products Detection => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPWPD.exe
Task: {C6EC3238-5EBB-4A30-8085-79138D233B07} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8B70BE6-EFD4-49D6-A04E-D3D8AF37930A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8BD02E0-3D86-477C-9961-A51C00619AD3} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {E3141F16-D67A-4320-9350-EB1ECA7516EC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {E9F3C1CC-9E6B-4284-8076-EC32EB152A09} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB804F47-C1BE-45D5-8334-9FAF0969E4B0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {FFA0C74A-F3B3-422F-8CAC-C34BBD8C5943} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{14a84a1d-8e25-4d2e-9214-a00a725c47d1}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{2a057fcb-1151-4b68-88dd-6b704bc4433c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{38be07b9-740e-4b2c-8244-789d62945e71}: [NameServer] 10.250.196.206,10.250.196.203
Tcpip\..\Interfaces\{72527b60-a5c8-4b39-9efc-da3991095e40}: [NameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{9184be2e-0b22-4337-8317-3530bccf1406}: [NameServer] 8.8.8.8,1.1.1.1
Tcpip\..\Interfaces\{9184be2e-0b22-4337-8317-3530bccf1406}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cc25d147-6e29-444f-8343-5ed035946b6e}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{db7d9d47-d6df-414a-b5e4-e6688efa1e97}: [NameServer] 1.1.1.1 1.0.0.1
Edge:
======
DownloadDir: C:\Users\BigRon\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-01]
Edge DownloadDir: C:\Users\BigRon\Downloads
Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?PC=U523&q={searchTerms}
Edge Extension: (Microsoft Rewards) - C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2020-12-02]
FireFox:
========
FF DefaultProfile: bhi18cb2.default
FF ProfilePath: C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default [2021-01-01]
FF NetworkProxy: Mozilla\Firefox\Profiles\bhi18cb2.default -> backup.ftp", ""
FF Notifications: Mozilla\Firefox\Profiles\bhi18cb2.default -> hxxps://high-way.me
FF Extension: (Feed Preview) - C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default\Extensions\feed-preview@code.guido-berhoerster.org.xpi [2020-11-22]
FF Extension: (High-Way.me) - C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default\Extensions\{8cce0bde-b3b8-42f7-ab6a-31bf2270e736}.xpi [2018-10-19]
FF Extension: (NZBLinker) - C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default\Extensions\{def38e25-28fb-4662-ad6d-bfa415dfd06b}.xpi [2019-04-16]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default [2021-01-01]
CHR Notifications: Default -> hxxps://globalfoundries.service-now.com; hxxps://shop.gopro.com; hxxps://social.i-say.com; hxxps://store.dji.com
CHR Extension: (Google Übersetzer) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Google Drive) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-14]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (High-Way.me) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmdjelijhfkfljghijlofnpcmmiegfg [2018-10-19]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2020-12-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Google Mail) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-20]
CHR Extension: (NZBLinker) - C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Default\Extensions\podpddhcepkggomgplkpkdhehckkllab [2020-12-31]
CHR Profile: C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-10]
CHR Profile: C:\Users\BigRon\AppData\Local\Google\Chrome\User Data\System Profile [2020-08-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-10-15] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-21] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-10-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [145456 2020-11-16] (eVenture Limited -> eVenture Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-02-14] (AVAST Software s.r.o. -> The OpenVPN Project)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-30] (Malwarebytes Corporation -> Malwarebytes)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [79488 2018-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2019-08-10] (SoftEther Corporation -> SoftEther Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [19016 2019-05-31] (HP Inc. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-12-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-30] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-30] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2020-06-05] (WireGuard LLC -> WireGuard LLC)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-01 18:33 - 2021-01-01 18:33 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-01 18:33 - 2021-01-01 18:33 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-01 18:33 - 2021-01-01 18:33 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-01 16:45 - 2021-01-01 16:45 - 000004344 _____ C:\Users\BigRon\Desktop\AdwCleaner[C00].txt
2021-01-01 16:42 - 2021-01-01 16:44 - 000000000 ____D C:\AdwCleaner
2021-01-01 16:17 - 2021-01-01 16:17 - 000000000 ____D C:\WINDOWS\Panther
2021-01-01 16:06 - 2021-01-01 16:06 - 000028395 _____ C:\Users\BigRon\Documents\Chrome-Passwörter.csv
2021-01-01 15:26 - 2021-01-01 15:26 - 000001527 _____ C:\Users\BigRon\Desktop\DiskInfo64 - Verknüpfung.lnk
2021-01-01 15:11 - 2021-01-01 15:12 - 000068444 _____ C:\Users\BigRon\Downloads\Addition.txt
2021-01-01 12:01 - 2021-01-01 12:28 - 000000803 _____ C:\Users\BigRon\Desktop\Neues Textdokument (2).txt
2021-01-01 11:36 - 2021-01-01 19:11 - 000033783 _____ C:\Users\BigRon\Downloads\FRST.txt
2021-01-01 11:36 - 2021-01-01 19:11 - 000000000 ____D C:\FRST
2021-01-01 11:35 - 2021-01-01 11:35 - 002286592 _____ (Farbar) C:\Users\BigRon\Downloads\FRST64.exe
2021-01-01 09:50 - 2021-01-01 09:50 - 000000039 _____ C:\Users\BigRon\Desktop\Neues Textdokument.txt
2020-12-30 15:35 - 2020-12-30 15:35 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-30 15:35 - 2020-12-30 15:35 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-30 15:35 - 2020-12-30 15:35 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-30 15:35 - 2020-12-30 15:35 - 000000000 ____D C:\Users\BigRon\AppData\Local\mbam
2020-12-30 15:34 - 2020-12-30 15:34 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-30 15:34 - 2020-12-30 15:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-30 15:34 - 2020-12-30 15:34 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-30 15:21 - 2020-12-30 15:21 - 000335070 _____ C:\WINDOWS\ntbtlog.txt
2020-12-29 16:19 - 2020-12-29 16:19 - 000005086 _____ C:\WINDOWS\system32\Tasks\Netzwerkverbindungen AvastWscReporter Gemeinsame
2020-12-29 16:19 - 2020-12-29 16:19 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\npm
2020-12-29 16:19 - 2020-12-29 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2020-12-29 16:19 - 2020-12-29 16:19 - 000000000 ____D C:\Program Files (x86)\nodejs
2020-12-29 16:14 - 2020-12-29 16:17 - 000000041 ___SH C:\ProgramData\.zreglib
2020-12-27 15:16 - 2020-12-27 15:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-27 15:04 - 2020-12-27 15:04 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2020-12-26 14:37 - 2020-12-27 18:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-23 14:49 - 2020-12-23 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-12-18 18:12 - 2020-12-18 18:14 - 000002061 _____ C:\Users\Public\Desktop\TAXMAN 2021.lnk
2020-12-18 18:12 - 2020-12-18 18:14 - 000002061 _____ C:\ProgramData\Desktop\TAXMAN 2021.lnk
2020-12-16 19:27 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 008261360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 002103024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446089.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446089.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000812784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000672496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000547056 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-16 19:27 - 2020-12-12 15:21 - 006070008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-12-12 12:17 - 2020-12-12 12:17 - 000000000 ___RD C:\Users\BigRon\Documents\Scanned Documents
2020-12-12 12:17 - 2020-12-12 12:17 - 000000000 ____D C:\Users\BigRon\Documents\Fax
2020-12-11 19:33 - 2020-12-11 19:33 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 19:33 - 2020-12-11 19:33 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 19:33 - 2020-12-11 19:33 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-06 15:47 - 2020-12-06 15:55 - 000000365 _____ C:\Users\BigRon\Desktop\Mogli Server.txt
2020-12-02 18:47 - 2020-12-02 18:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-02 18:47 - 2020-12-02 18:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-02 18:47 - 2020-12-02 18:47 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-02 18:47 - 2020-12-02 18:47 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-02 18:47 - 2020-12-02 18:47 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-02 18:46 - 2020-12-02 18:46 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-02 18:46 - 2020-12-02 18:46 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-01 18:48 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-01 18:40 - 2020-06-19 11:08 - 001866328 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-01 18:40 - 2019-12-07 15:50 - 000788322 _____ C:\WINDOWS\system32\perfh007.dat
2021-01-01 18:40 - 2019-12-07 15:50 - 000168384 _____ C:\WINDOWS\system32\perfc007.dat
2021-01-01 18:40 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-01 18:35 - 2018-02-14 20:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-01 18:33 - 2020-11-17 15:22 - 000000000 ____D C:\Users\BigRon\AppData\Local\A0769869-4508-4EDE-978F-BF0B9DE7D57C.aplzod
2021-01-01 18:33 - 2020-06-19 11:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-01 18:33 - 2020-06-19 11:03 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-01 18:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-01 18:33 - 2018-03-03 17:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-01 18:33 - 2018-02-21 18:52 - 000000000 ___RD C:\Users\BigRon\iCloudDrive
2021-01-01 18:33 - 2018-02-14 20:48 - 000000000 __SHD C:\Users\BigRon\IntelGraphicsProfiles
2021-01-01 16:58 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-01 16:56 - 2018-05-30 10:46 - 000007660 _____ C:\Users\BigRon\AppData\Local\Resmon.ResmonCfg
2021-01-01 16:49 - 2018-02-18 17:52 - 000000000 ____D C:\Users\BigRon\AppData\Local\CrashDumps
2021-01-01 16:44 - 2018-08-25 15:33 - 000000000 ____D C:\Users\BigRon\AppData\Local\Downloaded Installations
2021-01-01 16:44 - 2018-02-14 20:57 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\Hewlett-Packard
2021-01-01 16:44 - 2018-02-14 20:48 - 000000000 ____D C:\Users\BigRon\AppData\Local\Hewlett-Packard
2021-01-01 16:44 - 2018-02-14 20:47 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Hewlett-Packard
2021-01-01 16:44 - 2016-11-19 01:02 - 000000000 ___HD C:\hp
2021-01-01 16:44 - 2016-11-18 12:16 - 000000000 ____D C:\ProgramData\HP
2021-01-01 16:44 - 2016-11-18 12:16 - 000000000 ____D C:\Program Files (x86)\HP
2021-01-01 16:44 - 2016-11-18 12:16 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-01-01 16:37 - 2016-11-18 20:48 - 000000000 ____D C:\SWSetup
2021-01-01 16:17 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-01 16:17 - 2018-05-02 19:02 - 000000000 ____D C:\Users\BigRon\AppData\Local\D3DSCache
2021-01-01 16:16 - 2018-08-28 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2021-01-01 16:16 - 2016-11-18 12:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-01 16:14 - 2018-02-14 20:49 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\HP
2021-01-01 15:06 - 2020-06-19 11:03 - 000630304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-01 15:06 - 2018-12-12 14:59 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\AVAST Software
2021-01-01 15:06 - 2018-02-14 21:09 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-01 15:05 - 2016-11-18 12:16 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-01 15:04 - 2016-11-18 12:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-01-01 15:03 - 2016-11-18 12:17 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-01 15:02 - 2020-06-19 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-01-01 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-01 14:56 - 2018-04-03 12:41 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-01 14:56 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\Temp
2021-01-01 14:56 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2021-01-01 14:56 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\install_backup
2021-01-01 14:55 - 2018-02-24 12:47 - 000000000 ____D C:\Users\BigRon\Documents\CyberLink
2021-01-01 14:55 - 2018-02-24 12:46 - 000000000 ____D C:\Users\BigRon\AppData\Local\CyberLink
2021-01-01 14:55 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\install_clap
2021-01-01 14:55 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\CyberLink
2021-01-01 14:54 - 2018-06-09 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-01-01 14:51 - 2016-11-18 12:16 - 000000000 ____D C:\Program Files\HP
2021-01-01 14:48 - 2018-02-14 21:02 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\hpqLog
2021-01-01 14:47 - 2018-02-23 09:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-01-01 14:46 - 2018-12-02 11:19 - 000000000 ____D C:\Program Files (x86)\QuickTime
2020-12-31 15:49 - 2020-06-19 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-30 15:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-30 15:37 - 2018-05-02 18:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-30 15:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-30 15:27 - 2018-07-11 18:28 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-12-30 15:21 - 2018-11-09 09:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-12-30 15:10 - 2018-02-18 18:07 - 000000000 ____D C:\Program Files\WinRAR
2020-12-29 16:32 - 2019-01-08 11:30 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:32 - 2019-01-08 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:32 - 2018-06-06 12:57 - 000000000 ____D C:\Users\BigRon\AppData\Local\AVAST Software
2020-12-29 16:31 - 2020-01-09 16:06 - 000002088 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2020-12-29 16:31 - 2020-01-09 16:06 - 000002088 _____ C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk
2020-12-29 16:19 - 2018-02-14 20:48 - 000000000 ____D C:\Users\BigRon\AppData\Local\VirtualStore
2020-12-29 16:11 - 2019-01-30 09:42 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-29 16:10 - 2018-02-14 20:59 - 000000000 ____D C:\Users\BigRon\AppData\LocalLow\Mozilla
2020-12-27 18:01 - 2018-02-14 20:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-27 15:16 - 2018-02-14 20:58 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-26 18:38 - 2018-02-18 19:08 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-23 14:49 - 2018-05-27 15:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-20 09:39 - 2020-06-18 10:15 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-20 09:39 - 2020-06-18 10:15 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-20 09:39 - 2020-06-18 10:15 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-20 09:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-20 09:36 - 2018-02-18 18:57 - 000000000 ____D C:\Users\BigRon\AppData\Local\Packages
2020-12-18 18:14 - 2020-01-24 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2020-12-18 18:14 - 2018-02-18 18:06 - 000000000 ____D C:\Users\BigRon\AppData\Local\HL
2020-12-12 15:27 - 2020-03-06 14:58 - 034188528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2020-12-12 15:21 - 2020-03-06 14:58 - 007114256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-12 04:59 - 2020-03-06 14:58 - 000060811 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-12 00:55 - 2018-02-14 20:13 - 009371667 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-12 00:55 - 2018-02-14 20:13 - 005622072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 002636776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000083256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-11 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 19:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-09 19:25 - 2019-10-18 19:15 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-12-09 19:25 - 2018-02-14 20:12 - 000000000 ____D C:\Program Files (x86)\Intel
2020-12-06 16:03 - 2018-08-08 10:08 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-12-04 15:52 - 2020-06-19 11:14 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 15:52 - 2020-06-19 11:14 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-03 15:03 - 2018-02-14 21:00 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2018-08-08 10:08 - 2018-08-08 10:08 - 000000171 _____ () C:\Users\BigRon\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-08-08 10:08 - 2018-08-08 10:08 - 000000304 _____ () C:\Users\BigRon\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2018-08-08 10:08 - 2018-08-08 10:08 - 000000175 _____ () C:\Users\BigRon\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2018-02-18 19:12 - 2018-02-18 19:12 - 000000738 _____ () C:\Users\BigRon\AppData\Local\recently-used.xbel
2018-05-30 10:46 - 2021-01-01 16:56 - 000007660 _____ () C:\Users\BigRon\AppData\Local\Resmon.ResmonCfg
2019-07-08 19:48 - 2019-07-08 19:57 - 000000143 _____ () C:\Users\BigRon\AppData\Local\zenmap.exe.log
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-12-2020
durchgeführt von BigRon (01-01-2021 19:12:05)
Gestartet von C:\Users\BigRon\Downloads
Windows 10 Home Version 20H2 19042.685 (X64) (2020-06-19 10:15:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2816629630-362098843-3323099239-500 - Administrator - Disabled)
BigRon (S-1-5-21-2816629630-362098843-3323099239-1001 - Administrator - Enabled) => C:\Users\BigRon
DefaultAccount (S-1-5-21-2816629630-362098843-3323099239-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2816629630-362098843-3323099239-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2816629630-362098843-3323099239-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2816629630-362098843-3323099239-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CrystalDiskInfo 8.9.0a (64 Bit) (HKLM\...\CrystalDiskInfo_is1) (Version: 8.9.0a - Crystal Dew World)
Diagnosis Framework 1.5 (HKLM-x32\...\Diagnosis Framework 1.5) (Version: 1.5 - Webasto Thermo & Comfort SE)
Documentation Manager (HKLM\...\{82FBBBC9-616A-4247-BEAD-87B8132D49D2}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 113.3.427 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
GoPro Studio 2.0.0 (HKLM-x32\...\GoPro Studio) (Version: 2.0.0 - WoodmanLabs Inc. d.b.a. GoPro)
Gtk# for .Net 2.12.38 (HKLM-x32\...\{C7A0CF1E-A936-426A-9694-035636DCD356}) (Version: 2.12.38 - Xamarin, Inc.)
hide.me VPN 3.6.1 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 3.6.1 - eVenture Limited)
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
HP Color Laser MFP 178 179 (HKLM-x32\...\HP Color Laser MFP 178 179) (Version: 1.14 (01.11.2019) - HP Inc.)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{513BFF20-438E-4C8B-9C41-DE06B47D3148}) (Version: 20.11.50.9 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1003 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1031-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{7972bdc2-99e9-4a54-b071-e7f08bdf056d}) (Version: 20.11.50.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6aa2484c-1a35-428e-a857-8ee0a874d2d1}) (Version: 20.110.0 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}) (Version: 22.0.0.6 - Intel Corporation) Hidden
iTunes (HKLM\...\{DE0F48FE-04C1-4646-AA58-2BE7A1A58742}) (Version: 12.11.0.26 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Mozilla Firefox 84.0.1 (x64 de) (HKLM\...\Mozilla Firefox 84.0.1 (x64 de)) (Version: 84.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
SABnzbd 3.1.1 (HKLM-x32\...\SABnzbd) (Version: 3.1.1 - The SABnzbd Team)
Suunto DM5 - 1 (HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\e64facc3e2453542) (Version: 1.3.0.19 - Suunto)
Suunto USB Driver (HKLM\...\SuuntoUSBFTDIVista_is1) (Version: 2.12.06.0 - Suunto Oy)
TAXMAN 2020 (HKLM-x32\...\{1342F8EA-0E9F-4CCB-81E8-74638BC0C757}) (Version: 25.39.90 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2021 (HKLM-x32\...\{E172BAEF-8092-4576-BDAD-41653786283E}) (Version: 26.25.56 - Haufe-Lexware GmbH & Co.KG)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-3) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-4) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-5) (Version: 1.0.54.1 - Intel Corporation Inc.)
Webasto Thermo Test 3.0 (HKLM-x32\...\Webasto Thermo Test 3.0) (Version: 3.0 - Webasto Thermo & Comfort SE)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows-Treiberpaket - STMicroelectronics (usbser) Ports (04/25/2010 1.3.1) (HKLM\...\1628ECA16EA833D7F30DD35215E306FAD333DF83) (Version: 04/25/2010 1.3.1 - STMicroelectronics)
Windows-Treiberpaket - Suunto Suunto USB Driver Package (07/10/2015 2.12.06) (HKLM\...\AB6ABB41B5BCD37253F16E19787FDA18B257FDC8) (Version: 07/10/2015 2.12.06 - Suunto)
Windows-Treiberpaket - Suunto Suunto USB Serial Port (07/10/2015 2.12.06) (HKLM\...\E2175BF06F0C07C2570BDDC08FCBDC1D9B5639CB) (Version: 07/10/2015 2.12.06 - Suunto)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-20] (Dolby Laboratories)
DS photo -> C:\Program Files\WindowsApps\999289FE.DSphoto_1.5.61.0_x64__g23c5rrjyxaaj [2018-06-14] (Synology Inc.)
DS video -> C:\Program Files\WindowsApps\999289FE.DSvideo_1.5.69.0_x64__g23c5rrjyxaaj [2018-05-27] (Synology Inc.)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2020-07-15] (Fitbit)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2018-02-14] (Universal Music Mobile)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.7.0_x64__v10z8vjag6ke6 [2020-10-07] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-20] (HP Inc.)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_18.9.500.0_x64__4n2hpmxwrvr6p [2020-10-28] (XBMC Foundation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-12] (Synaptics Incorporated)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm [2020-12-20] (WhatsApp Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\BigRon\Dropbox [2018-06-01 10:53]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxDTCM.dll [2018-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2816629630-362098843-3323099239-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll -> Keine Datei
ContextMenuHandlers6_S-1-5-21-2816629630-362098843-3323099239-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll -> Keine Datei
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\windows\system32\CFHD.dll [1443328 2013-09-05] (CineForm Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.DLL [1474560 2013-09-05] (CineForm Inc.) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\BigRon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-12-07 11:31 - 2020-12-07 11:31 - 000126464 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSASsdInterop.dll
2020-12-20 09:37 - 2020-12-20 09:37 - 000543232 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\spellchecker\build\Release\spellchecker.node
2020-12-20 09:37 - 2020-12-20 09:37 - 000150528 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\windows-focus-assist\build\Release\focus-assist.node
2020-12-20 09:37 - 2020-12-20 09:37 - 000097792 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\windows-notification-state\build\Release\notificationstate.node
2020-12-20 09:37 - 2020-12-20 09:37 - 000101376 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\windows-quiet-hours\build\Release\quiethours.node
2020-09-03 18:40 - 2020-09-03 18:40 - 002338304 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm\app\ffmpeg.dll
2020-09-03 18:40 - 2020-09-03 18:40 - 000376320 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm\app\libegl.dll
2020-09-03 18:40 - 2020-09-03 18:40 - 007947776 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm\app\libglesv2.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2020-04-17 17:10 - 2020-04-17 17:10 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-17 17:10 - 2020-04-17 17:10 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:E83C309AD0058C63 [50]
AlternateDataStreams: C:\ProgramData\Temp:054203E4 [144]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2816629630-362098843-3323099239-1001 -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2020-10-15 15:11 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-11-12 10:31 - 2018-11-12 10:32 - 000000514 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\CineForm\Tools;C:\Program Files (x86)\GoPro\Tools;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\nodejs\
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BigRon\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{f739afe9-b24c-424c-a537-dd85e608e858}.JPG
DNS Servers: 8.8.8.8 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "GlobalProtect"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\StartupApproved\Run: => "OneDriveSetup"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{7CD05DE8-4E32-444F-BBFA-28E9A1C35C62}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => Keine Datei
FirewallRules: [TCP Query User{302F6F27-36EC-4E42-8685-E32BB7D7F243}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => Keine Datei
FirewallRules: [UDP Query User{F0FE9BE9-7612-4E1F-92E2-65641C774F55}C:\program files (x86)\common files\hp scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\hp scan process machine\imageeng.exe => Keine Datei
FirewallRules: [TCP Query User{DF11D93B-001B-40CD-B730-4E694575124C}C:\program files (x86)\common files\hp scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\hp scan process machine\imageeng.exe => Keine Datei
FirewallRules: [{B7A5E45A-E29E-46D2-92A9-2D31973A8BD9}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS564C\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{0F34DDEE-8FE6-4AEF-A688-6FBCAC2AA8C4}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS564C\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{56DF7B3D-D5A7-469A-B222-BB37DF5667D2}] => (Allow) C:\Windows\twain_32\HP\HPCLM17X\ScanCDLM\ScanCDLM.exe (HP Inc. -> )
FirewallRules: [{16DA17C6-532A-44BD-B102-59E36BCBB491}] => (Allow) C:\Windows\twain_32\HP\HPCLM17X\ScanCDLM\ScanCDLM.exe (HP Inc. -> )
FirewallRules: [UDP Query User{58F2F32E-3A92-4D86-8AA7-891560743236}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe => Keine Datei
FirewallRules: [TCP Query User{7885FBA4-45FF-4A9F-9576-431C4FDB4152}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe => Keine Datei
FirewallRules: [{6D77D9AA-B75F-4939-9106-749A6187A2EA}] => (Allow) C:\Program Files (x86)\hide.me VPN\SoftEtherVPN\vpnclient_x64.exe => Keine Datei
FirewallRules: [{A1E5FC6B-95BB-480F-BD15-3E1C870A4411}] => (Allow) C:\Program Files (x86)\hide.me VPN\SoftEtherVPN\vpncmd.exe => Keine Datei
FirewallRules: [{62F99C76-AF9A-4EFF-8636-FBE39C267842}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{B720CAA2-AA24-4F5E-8097-3513B82C1AD9}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{A5298CEC-A3AB-45DE-AE1C-977A6D2BEC68}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{70679206-79B5-433B-A2B2-63AF068F26F3}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{7D9FD16F-C01C-4AC1-9A29-669809ACAFCF}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{20B541A2-526D-47A0-B0A0-43EF1EEFC860}] => (Allow) LPort=8777
FirewallRules: [{E1F7EBD4-F5D4-42FB-B546-D2D21165D590}] => (Allow) LPort=8777
FirewallRules: [{D3C5D67B-4260-476B-8778-B7ACB2DA7FFB}] => (Allow) LPort=8777
FirewallRules: [{45DC9B3C-EAE2-44C1-95EA-B49B08F933F1}] => (Allow) LPort=8777
FirewallRules: [{873CF4BF-23A2-40A9-9C2C-4645BF3B0C79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11527C58-DC6C-48D8-BD88-6FFF782BC776}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{56F1CE54-6EC9-41D0-B348-DCA1A6C95AFA}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{26AF17BB-0603-4033-B462-E4F117064E6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E6E64BFD-6AA9-4F33-BED0-759ECA3CAF7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D142BE9D-E085-42FB-9D59-56BEF8284DA7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{975D1C62-1175-4E6B-8833-08F8D45DE525}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{859B7A63-BC93-4AC7-8F2C-E5F89CAF9851}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{CD836A16-6A92-43B3-B536-BF356F2EBBF5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{A262A817-6CD2-41E3-BAFF-5076329F2199}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{0B949CCA-730E-43CD-BCE6-E679D1EE8FF0}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A4FDA0E8-D8F2-4C70-8ABC-42A36266771D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{0CA1403F-D936-4DD3-B4F8-A2CDB175EE06}D:\jdownloader 2.0\jdownloader2.exe] => (Allow) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{8196D7F9-F4ED-4D6F-8425-D9937E993AAA}D:\jdownloader 2.0\jdownloader2.exe] => (Allow) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{845CDF32-F796-462F-AF5F-9B917F68A295}] => (Block) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{269C4016-D939-4851-8035-0B6AB011D742}] => (Block) D:\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{CC5BA09C-269B-48EE-B900-8AEDC9B577A6}] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E1615585-8C40-4F91-95A8-E8AFEF941ACC}] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FE73926E-41EE-4B63-802C-1569E58DFCBB}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{8EF1FD32-D192-4424-AD34-A8ED42E6452E}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe => Keine Datei
FirewallRules: [UDP Query User{CD42D3B1-FC8C-4AF5-B4AD-4AABAE85CFCE}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe => Keine Datei
FirewallRules: [TCP Query User{AA0429CA-33ED-4134-9566-BCDA6CDDD3B8}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe => Keine Datei
FirewallRules: [UDP Query User{2646B6AB-C3B3-4C5D-82AC-A58EF0C17E99}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe => Keine Datei
FirewallRules: [{60A5B075-E817-4AEB-A97B-A6FA49370852}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{590823D2-855C-41C3-8E7A-97DFE8B20E84}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [UDP Query User{EDD030ED-2B02-4D92-88C0-630C181077D7}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [{7A8A8984-983E-4E35-94F1-1BBF7971DE4D}] => (Block) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [{C5C628C5-191C-47F6-A85A-DFBA1B7754EF}] => (Block) C:\program files (x86)\kodi\kodi.exe => Keine Datei
FirewallRules: [TCP Query User{5372FF12-A44A-432D-9771-23002D68789D}C:\users\bigron\appdata\local\vavoo\vavoo.exe] => (Allow) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [UDP Query User{296159A4-87F2-4C85-AE1C-A3759ED7F291}C:\users\bigron\appdata\local\vavoo\vavoo.exe] => (Allow) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [{8558F584-40EC-4716-B8C9-4803D42C201C}] => (Block) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [{DD51FA8F-CDAC-4195-8EAD-A065E45FEC39}] => (Block) C:\users\bigron\appdata\local\vavoo\vavoo.exe => Keine Datei
FirewallRules: [{91BCBC8A-3945-402E-BDC7-766E2618C35C}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{3438E4C3-A6DA-4616-B137-1DB0BE823BFB}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{9E4A999B-D976-40E7-851D-6873CEDC8BB1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{1E52BDF1-4F9B-4AAE-8F12-A4A1D1531AE3}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [TCP Query User{776B157C-4BF3-459D-AD0A-CB699DA6B7F8}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei
FirewallRules: [UDP Query User{5A9C0E73-95F8-4448-AC21-EB1A39AF5659}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei
FirewallRules: [TCP Query User{A0C45185-DAFC-4855-A13B-673D9CB46C1B}C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe => Keine Datei
FirewallRules: [UDP Query User{80CA9E40-5B24-4B23-9A11-0BA3A0B414D4}C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\bigron\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe => Keine Datei
FirewallRules: [{B122B2C5-402B-4CA4-98E6-CA11D917E5D6}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{9EB407D5-C80F-4BFF-9BE2-C5037FD8C549}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{AAFD2D09-CC1C-475E-A69F-F54F180C5358}] => (Block) %ProgramFiles% (x86)\WISO\Steuersoftware 2019\WISO2019.EXE => Keine Datei
FirewallRules: [{B2609461-2ABE-45F2-BAC9-925006D3DB68}] => (Block) %ProgramFiles% (x86)\WISO\Steuersoftware 2019\WISO2019.EXE => Keine Datei
FirewallRules: [{EFE52F91-9F36-41B0-B134-14AB6EF6A399}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{4EFD5B1A-4CBF-4D3D-B8A4-DB97976F3657}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D51550BB-EA75-48B0-8859-8348D3AB34CD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF550CAB-CAC8-4CB3-96A1-5C8DA3B0C540}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF32868A-D43B-4EE6-A31B-63A8F23EE1E5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC1A04D7-DF00-4E21-8502-79F3941B9B76}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{155803AF-0D7C-49A1-9F6D-5DE13954B2B3}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{2231FAEB-AC5B-4630-A7AD-9CCF898E269C}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{C894A33A-4D4A-49DA-BB5E-35B0545FB274}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{C78521BF-DE4C-4129-8BAA-08222F4FF202}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{7FCAE9A7-27C9-4CD0-8DED-E55E690D735D}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{ACB2BC22-4CA5-4433-AB25-ED22952527A2}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{5723AD6E-36F3-4EB2-B7B7-CB0DD0600237}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C702300-CEA6-45CA-B04E-CD26C9F63961}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B370B26C-1549-43DD-B89E-310E2CC26904}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08BCBB39-EEEF-4F46-AE9A-8F7761CA431F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97EBBE4E-3AB7-4CC2-8596-ED1D604F9947}] => (Allow) D:\SABnzbd\SABnzbd.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{083D9DD7-9D8B-407F-B7FA-D48087ED0327}] => (Allow) D:\SABnzbd\SABnzbd-console.exe (The SABnzbd-Team) [Datei ist nicht signiert]
FirewallRules: [{A412828E-5147-4981-9D9F-C01C049C5348}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{482843F1-F319-45C2-BA43-0A39EED69F7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CA49297A-2F3B-44B1-AA7E-33A67406DD9E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC8AE1B8-36CD-4782-AA02-AD9DC97916EF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{50F629EA-E50F-4562-A40F-E368319FC263}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS41FA\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{9DBD0BF5-7556-484A-9AB6-5A4E8D66CD92}] => (Allow) C:\Users\BigRon\AppData\Local\Temp\7zS41FA\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{B8C9FA0A-C72D-4FB9-AAA1-531681A89247}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5AF4C72D-ABFE-4516-831E-4FC4586F4550}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9B043ABD-456F-464F-9C81-BF26EEFE6E9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{368FCD74-F2C8-416B-A9DA-FFE39E95990F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Wiederherstellungspunkte =========================
01-01-2021 14:45:52 Removed Windows 7 USB/DVD Download Tool
01-01-2021 16:44:20 AdwCleaner_BeforeCleaning_01/01/2021_16:44:20
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: hp DVDRW GUD1N
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/01/2021 04:49:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 4.0.0.865, Zeitstempel: 0x5fc55b58
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.14.1.0, Zeitstempel: 0x5f84e8d4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000219dc5
ID des fehlerhaften Prozesses: 0x2cc4
Startzeit der fehlerhaften Anwendung: 0x01d6e0559fb92fd7
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: e23c2a11-470d-4364-a035-3186c45463e4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2021 04:48:33 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (01/01/2021 04:44:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (01/01/2021 04:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (01/01/2021 04:44:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (01/01/2021 04:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (01/01/2021 04:44:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (01/01/2021 04:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Systemfehler:
=============
Error: (01/01/2021 06:33:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/01/2021 04:48:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/01/2021 04:48:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\system32\IntelIHVRouter04.dll
Error: (01/01/2021 04:48:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\system32\IntelIHVRouter04.dll
Error: (01/01/2021 04:48:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\system32\IntelIHVRouter04.dll
Error: (01/01/2021 04:47:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "hide.me VPN Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/01/2021 04:47:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/01/2021 04:47:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GoPro Device Detection Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2021-01-01 18:33:12.1480000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 16:48:54.4560000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 16:45:08.0410000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 16:17:43.0430000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 15:06:17.5190000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 14:57:47.5540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 14:57:05.2510000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-01 14:55:44.4380000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Insyde F.55 07/01/2020
Hauptplatine: HP 8219
Prozessor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 16269.22 MB
Verfügbarer physikalischer RAM: 10024.66 MB
Summe virtueller Speicher: 18701.22 MB
Verfügbarer virtueller Speicher: 11603.19 MB
==================== Laufwerke ================================
Drive c: (WINDOWS) (Fixed) (Total:237.24 GB) (Free:162.43 GB) NTFS
Drive d: (DATA) (Fixed) (Total:919.13 GB) (Free:857.39 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:12.38 GB) (Free:1.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive z: (Ronny) (Network) (Total:7388.62 GB) (Free:3296 GB) NTFS
\\?\Volume{8cd78a99-b26c-4122-a1c4-953b325e11bb}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.36 GB) NTFS
\\?\Volume{1dc6e2b4-66e5-4b5a-876b-2e2c31e8a886}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partitionstabelle ====================
==================== Ende von Addition.txt =======================
|
|
01.01.2021, 19:29
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 - Laptop - Malware.AI.1792791521Zitat:
 Google Chrome durch Firefox ersetzenOffensichtlich nutzt du den Browser Chrome von Google. Von der Verwendung dieses Browsers muss man aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.01.2021, 19:35
| #11 |
| | Windows 10 - Laptop - Malware.AI.1792791521 Okay ist gelöscht. |
|
01.01.2021, 20:04
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 - Laptop - Malware.AI.1792791521 Scripting/Repair mit FRST64
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.01.2021, 20:17
| #13 |
| | Windows 10 - Laptop - Malware.AI.1792791521Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-12-2020
durchgeführt von BigRon (01-01-2021 20:08:48) Run:1
Gestartet von C:\Users\BigRon\Downloads
Geladene Profile: BigRon
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
Task: {2A03502B-70AD-4EAA-8C2D-0F1C9B1F9307} - System32\Tasks\Netzwerkverbindungen AvastWscReporter Gemeinsame => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{4B339F5B-64A9-4A54-A9BA-157053721680}\{50945A32-E5F3-4D84-A418-6C1F0891EE0E}" <==== ACHTUNG
Task: {A43F0779-45C9-4B14-8586-8A115715A4E2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
C:\ProgramData\Package Cache\{4B339F5B-64A9-4A54-A9BA-157053721680}
C:\Program Files (x86)\QuickTime
C:\Program Files (x86)\nodejs
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
DeleteKey: HKLM\SOFTWARE\Node.js
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Node.js
DeleteKey: HKLM\SOFTWARE\Classes\Installer\Products\4D45993E1218CF443A3DFD6652D48B19
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D45993E1218CF443A3DFD6652D48B19
DeleteKey: HKU\.DEFAULT\Software\Node.js
DeleteKey: HKCU\SOFTWARE\Node.js
cmd: netsh advfirewall reset
emptytemp:
*****************
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => konnte nicht entfernt werden, Schlüssel könnte geschützt sein
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
HKLM\SOFTWARE\Policies\Mozilla => erfolgreich entfernt
HKLM\SOFTWARE\Policies\Google => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2A03502B-70AD-4EAA-8C2D-0F1C9B1F9307}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A03502B-70AD-4EAA-8C2D-0F1C9B1F9307}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Netzwerkverbindungen AvastWscReporter Gemeinsame => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Netzwerkverbindungen AvastWscReporter Gemeinsame" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A43F0779-45C9-4B14-8586-8A115715A4E2}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A43F0779-45C9-4B14-8586-8A115715A4E2}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => nicht gefunden
C:\ProgramData\Package Cache\{4B339F5B-64A9-4A54-A9BA-157053721680} => erfolgreich verschoben
C:\Program Files (x86)\QuickTime => erfolgreich verschoben
C:\Program Files (x86)\nodejs => erfolgreich verschoben
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js => erfolgreich verschoben
HKLM\SOFTWARE\Node.js => nicht gefunden
HKLM\SOFTWARE\WOW6432Node\Node.js => erfolgreich entfernt
HKLM\SOFTWARE\Classes\Installer\Products\4D45993E1218CF443A3DFD6652D48B19 => nicht gefunden
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D45993E1218CF443A3DFD6652D48B19 => nicht gefunden
HKU\.DEFAULT\Software\Node.js => nicht gefunden
HKCU\SOFTWARE\Node.js => erfolgreich entfernt
========= netsh advfirewall reset =========
OK.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16439333 B
Java, Flash, Steam htmlcache => 1361 B
Windows/system/drivers => 9964934 B
Edge => 11294320 B
Chrome => 0 B
Firefox => 27967679 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 1794976 B
NetworkService => 1813902 B
defaultuser0 => 1820558 B
BigRon => 677460956 B
RecycleBin => 0 B
EmptyTemp: => 723.9 MB temporäre Dateien entfernt.
================================
|
|
01.01.2021, 20:52
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 - Laptop - Malware.AI.1792791521 Und wieder neue FRST Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.01.2021, 21:08
| #15 |
| | Windows 10 - Laptop - Malware.AI.1792791521Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
durchgeführt von BigRon (Administrator) auf LAPTOP-CC9LIIGT (HP HP Pavilion Notebook) (01-01-2021 21:02:56)
Gestartet von C:\Users\BigRon\Downloads
Geladene Profile: BigRon
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\Hide.me.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(GoPro) [Datei ist nicht signiert] C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-07-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-21] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-12-07] (IDSA Production signing key -> Intel)
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\Run: [MicrosoftEdgeAutoLaunch_4FE0C4C654F0D1E7226590621B347A35] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\sht13cPC: C:\Windows\System32\spool\prtprocs\x64\sht13cpc.dll [82856 2019-07-21] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\sht13c Langmon: C:\windows\system32\sht13clm.dll [61840 2019-07-21] (联想图像(天津)科技有限公司 -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2019-01-01]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) [Datei ist nicht signiert]
Startup: C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-02-23]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2021-01-01]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited -> eVenture Limited)
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01AA77C0-0439-4DFD-86AF-51F73055A8AC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {0729062E-894F-4C58-B88A-E36CC3E04F00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C41499A-73C4-408A-8AD6-8C047CC35655} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {1435F30C-EC0B-467F-8458-65C514A74678} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {23207F29-8279-4673-A46D-5C15E776A8CF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {2366A0FF-3A5B-42B4-925E-CE0F5C57F41C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\HPDIAGS-24ec91ca-445b-45a6-b18c-0c240af2d0ec => C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.7.0_x64__v10z8vjag6ke6\HpHwDiag.exe [90337424 2020-10-07] (HP Inc. -> )
Task: {25EAE824-B66C-483B-BC20-694C2C3199CA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {2FFB66B7-4FEE-4FE1-8A67-6EB4B8E56EAF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {4114DBA2-B1D3-47A4-96D2-A23458BFEF5B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {468B8FA2-649E-47F9-92E6-3C5B8AE293E5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {50A12625-9350-4882-8ADF-35FDB3344F5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {5115E9C5-2598-410D-9816-56198131B79F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {558FF4D3-00D4-4DFC-913D-7F9EADC0D760} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {67AD0761-1ADC-4FC3-9F84-4BD634965A79} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {69CC92A8-0278-44CB-87DB-914B54BABD8F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {6CCF752A-2881-44F6-8A9F-54A1F31EE7AF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {73B75CB8-2044-4397-AA3B-12B507A4B93A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {753A22C2-612D-4D2E-A6C4-404465A1A36D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {779B939C-E1CB-49AD-9CAF-43789609D620} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {7864D393-C951-4311-AE37-D77AEB27C872} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {877CCCDC-5EF4-4E22-96AF-CD6E79E04465} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {89BDCFDD-0329-42BE-89B5-2E889DC820FD} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {9B152B72-A171-41EA-A4A6-77D6BC675D2E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CCDC2F3-E84A-4E99-A619-8C067F0BF1CE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A30F1EEF-F443-45C5-B990-8DC59D11D160} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {A39358D6-9391-44EE-82F9-786520D418F0} - System32\Tasks\Opera scheduled Autoupdate 1520095223 => C:\Users\BigRon\AppData\Local\Programs\Opera\launcher.exe
Task: {A4E8E0E0-22E9-4EBB-913C-AE737582244A} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {A7C26653-8D23-43C5-B9E4-257B3D0FFF38} - System32\Tasks\Hewlett-Packard\HPDeviceCheck => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPDeviceCheck.exe
Task: {AB61560C-BB6D-443D-A20C-4C91B4DDC861} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC30708E-2444-401B-8D58-32F916998E60} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {ACFABAE6-B8CE-4369-8046-5F1B4C144892} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B4E33D04-2EB4-4D71-BC88-E91BB2A99AA7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BA1C8325-3160-479A-97CF-8E0503C63527} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BFD06707-CD57-4980-89D8-AF173891BC8C} - System32\Tasks\Hewlett-Packard\HP Web Products Detection => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPWPD.exe
Task: {C6EC3238-5EBB-4A30-8085-79138D233B07} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8B70BE6-EFD4-49D6-A04E-D3D8AF37930A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8BD02E0-3D86-477C-9961-A51C00619AD3} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {E3141F16-D67A-4320-9350-EB1ECA7516EC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {E9F3C1CC-9E6B-4284-8076-EC32EB152A09} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB804F47-C1BE-45D5-8334-9FAF0969E4B0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {FFA0C74A-F3B3-422F-8CAC-C34BBD8C5943} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{14a84a1d-8e25-4d2e-9214-a00a725c47d1}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{2a057fcb-1151-4b68-88dd-6b704bc4433c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{38be07b9-740e-4b2c-8244-789d62945e71}: [NameServer] 10.250.196.206,10.250.196.203
Tcpip\..\Interfaces\{72527b60-a5c8-4b39-9efc-da3991095e40}: [NameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{9184be2e-0b22-4337-8317-3530bccf1406}: [NameServer] 8.8.8.8,1.1.1.1
Tcpip\..\Interfaces\{9184be2e-0b22-4337-8317-3530bccf1406}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cc25d147-6e29-444f-8343-5ed035946b6e}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{db7d9d47-d6df-414a-b5e4-e6688efa1e97}: [NameServer] 1.1.1.1 1.0.0.1
Edge:
======
DownloadDir: C:\Users\BigRon\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-01]
Edge DownloadDir: C:\Users\BigRon\Downloads
Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?PC=U523&q={searchTerms}
Edge Extension: (Google Übersetzer) - C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-01-01]
Edge Extension: (Microsoft Rewards) - C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2020-12-02]
Edge Extension: (Keepa - Amazon Price Tracker) - C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejefaeioamebhekmfaclajddbpnnobje [2021-01-01]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\BigRon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-01-01]
FireFox:
========
FF DefaultProfile: bhi18cb2.default
FF ProfilePath: C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default [2021-01-01]
FF NetworkProxy: Mozilla\Firefox\Profiles\bhi18cb2.default -> backup.ftp", ""
FF Notifications: Mozilla\Firefox\Profiles\bhi18cb2.default -> hxxps://high-way.me
FF Extension: (Feed Preview) - C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default\Extensions\feed-preview@code.guido-berhoerster.org.xpi [2020-11-22]
FF Extension: (High-Way.me) - C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default\Extensions\{8cce0bde-b3b8-42f7-ab6a-31bf2270e736}.xpi [2018-10-19]
FF Extension: (NZBLinker) - C:\Users\BigRon\AppData\Roaming\Mozilla\Firefox\Profiles\bhi18cb2.default\Extensions\{def38e25-28fb-4662-ad6d-bfa415dfd06b}.xpi [2021-01-01]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-10-15] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-21] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-10-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [145456 2020-11-16] (eVenture Limited -> eVenture Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13684792 2020-12-28] (Adlice -> )
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-02-14] (AVAST Software s.r.o. -> The OpenVPN Project)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-01] (Malwarebytes Corporation -> Malwarebytes)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [79488 2018-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2019-08-10] (SoftEther Corporation -> SoftEther Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [41624 2021-01-01] (Adlice -> )
S2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [19016 2019-05-31] (HP Inc. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-12-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-01-01] (Adlice -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-30] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-30] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2020-06-05] (WireGuard LLC -> WireGuard LLC)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-01 20:56 - 2021-01-01 20:59 - 000050211 _____ C:\Users\BigRon\Downloads\Addition.txt
2021-01-01 20:55 - 2021-01-01 21:03 - 000030897 _____ C:\Users\BigRon\Downloads\FRST.txt
2021-01-01 20:55 - 2021-01-01 21:03 - 000000000 ____D C:\FRST
2021-01-01 20:55 - 2021-01-01 20:55 - 002286592 _____ (Farbar) C:\Users\BigRon\Downloads\FRST64.exe
2021-01-01 20:43 - 2021-01-01 20:43 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-01 20:43 - 2021-01-01 20:43 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-01 20:43 - 2021-01-01 20:43 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-01 20:43 - 2021-01-01 20:43 - 000000000 ____D C:\Users\BigRon\AppData\LocalLow\IGDump
2021-01-01 20:24 - 2021-01-01 20:42 - 000000000 ____D C:\ProgramData\RogueKiller
2021-01-01 20:24 - 2021-01-01 20:24 - 000041624 _____ C:\WINDOWS\system32\Drivers\rkflt.sys
2021-01-01 20:24 - 2021-01-01 20:24 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-01-01 20:24 - 2021-01-01 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-01-01 20:24 - 2021-01-01 20:24 - 000000000 ____D C:\Program Files\RogueKiller
2021-01-01 20:21 - 2021-01-01 20:21 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-01 20:21 - 2021-01-01 20:21 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-01 20:21 - 2021-01-01 20:21 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-01 20:21 - 2021-01-01 20:21 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-01 20:21 - 2021-01-01 20:21 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-01 20:21 - 2021-01-01 20:21 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-01 20:21 - 2021-01-01 20:21 - 000001988 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-01-01 20:20 - 2021-01-01 20:20 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-01 20:16 - 2021-01-01 20:16 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-01-01 19:57 - 2021-01-01 20:43 - 001388448 _____ C:\Users\Public\ASR.dat
2021-01-01 19:34 - 2021-01-01 20:49 - 000000000 ____D C:\Users\BigRon\Desktop\crome backup
2021-01-01 16:17 - 2021-01-01 16:17 - 000000000 ____D C:\WINDOWS\Panther
2021-01-01 16:06 - 2021-01-01 16:06 - 000028395 _____ C:\Users\BigRon\Documents\Chrome-Passwörter.csv
2021-01-01 15:26 - 2021-01-01 15:26 - 000001527 _____ C:\Users\BigRon\Desktop\DiskInfo64 - Verknüpfung.lnk
2021-01-01 09:50 - 2021-01-01 09:50 - 000000039 _____ C:\Users\BigRon\Desktop\Neues Textdokument.txt
2020-12-30 15:35 - 2020-12-30 15:35 - 000000000 ____D C:\Users\BigRon\AppData\Local\mbam
2020-12-30 15:34 - 2020-12-30 15:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-30 15:21 - 2020-12-30 15:21 - 000335070 _____ C:\WINDOWS\ntbtlog.txt
2020-12-29 16:19 - 2020-12-29 16:19 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\npm
2020-12-29 16:14 - 2020-12-29 16:17 - 000000041 ___SH C:\ProgramData\.zreglib
2020-12-27 15:16 - 2020-12-27 15:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-27 15:04 - 2020-12-27 15:04 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2020-12-26 14:37 - 2020-12-27 18:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-23 14:49 - 2020-12-23 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-21 15:07 - 2020-12-21 15:07 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-12-18 18:12 - 2020-12-18 18:14 - 000002061 _____ C:\Users\Public\Desktop\TAXMAN 2021.lnk
2020-12-18 18:12 - 2020-12-18 18:14 - 000002061 _____ C:\ProgramData\Desktop\TAXMAN 2021.lnk
2020-12-16 19:27 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-16 19:27 - 2020-12-12 15:29 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-16 19:27 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 008261360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 002103024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446089.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446089.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000812784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000672496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-16 19:27 - 2020-12-12 15:27 - 000547056 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-16 19:27 - 2020-12-12 15:26 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-16 19:27 - 2020-12-12 15:21 - 006070008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-12-12 12:17 - 2020-12-12 12:17 - 000000000 ___RD C:\Users\BigRon\Documents\Scanned Documents
2020-12-12 12:17 - 2020-12-12 12:17 - 000000000 ____D C:\Users\BigRon\Documents\Fax
2020-12-11 19:33 - 2020-12-11 19:33 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 19:33 - 2020-12-11 19:33 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 19:33 - 2020-12-11 19:33 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-06 15:47 - 2020-12-06 15:55 - 000000365 _____ C:\Users\BigRon\Desktop\Mogli Server.txt
2020-12-02 18:47 - 2020-12-02 18:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-02 18:47 - 2020-12-02 18:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-02 18:47 - 2020-12-02 18:47 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-02 18:47 - 2020-12-02 18:47 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-02 18:47 - 2020-12-02 18:47 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-02 18:46 - 2020-12-02 18:46 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-02 18:46 - 2020-12-02 18:46 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-02 18:46 - 2020-12-02 18:46 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-02 18:46 - 2020-12-02 18:46 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-01 20:51 - 2020-06-19 11:08 - 001866328 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-01 20:51 - 2019-12-07 15:50 - 000788322 _____ C:\WINDOWS\system32\perfh007.dat
2021-01-01 20:51 - 2019-12-07 15:50 - 000168384 _____ C:\WINDOWS\system32\perfc007.dat
2021-01-01 20:51 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-01 20:45 - 2018-02-14 20:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-01 20:44 - 2020-11-17 15:22 - 000000000 ____D C:\Users\BigRon\AppData\Local\A0769869-4508-4EDE-978F-BF0B9DE7D57C.aplzod
2021-01-01 20:43 - 2020-06-19 11:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-01 20:43 - 2020-06-19 11:03 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-01 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-01 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-01 20:43 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-01 20:43 - 2018-03-03 17:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-01 20:43 - 2018-02-21 18:52 - 000000000 ___RD C:\Users\BigRon\iCloudDrive
2021-01-01 20:43 - 2018-02-14 20:48 - 000000000 __SHD C:\Users\BigRon\IntelGraphicsProfiles
2021-01-01 20:21 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-01 20:09 - 2018-04-16 15:13 - 000000000 ____D C:\Users\BigRon\AppData\LocalLow\Temp
2021-01-01 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-01-01 20:08 - 2016-11-18 12:17 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-01 20:08 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-01-01 19:59 - 2019-01-30 09:42 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-01 19:59 - 2018-02-14 20:59 - 000000000 ____D C:\Users\BigRon\AppData\LocalLow\Mozilla
2021-01-01 16:56 - 2018-05-30 10:46 - 000007660 _____ C:\Users\BigRon\AppData\Local\Resmon.ResmonCfg
2021-01-01 16:49 - 2018-02-18 17:52 - 000000000 ____D C:\Users\BigRon\AppData\Local\CrashDumps
2021-01-01 16:44 - 2018-08-25 15:33 - 000000000 ____D C:\Users\BigRon\AppData\Local\Downloaded Installations
2021-01-01 16:44 - 2018-02-14 20:57 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\Hewlett-Packard
2021-01-01 16:44 - 2018-02-14 20:48 - 000000000 ____D C:\Users\BigRon\AppData\Local\Hewlett-Packard
2021-01-01 16:44 - 2018-02-14 20:47 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Hewlett-Packard
2021-01-01 16:44 - 2016-11-19 01:02 - 000000000 ___HD C:\hp
2021-01-01 16:44 - 2016-11-18 12:16 - 000000000 ____D C:\ProgramData\HP
2021-01-01 16:44 - 2016-11-18 12:16 - 000000000 ____D C:\Program Files (x86)\HP
2021-01-01 16:44 - 2016-11-18 12:16 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-01-01 16:37 - 2016-11-18 20:48 - 000000000 ____D C:\SWSetup
2021-01-01 16:17 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-01 16:17 - 2018-05-02 19:02 - 000000000 ____D C:\Users\BigRon\AppData\Local\D3DSCache
2021-01-01 16:16 - 2018-08-28 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2021-01-01 16:16 - 2016-11-18 12:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-01 16:14 - 2018-02-14 20:49 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\HP
2021-01-01 15:06 - 2020-06-19 11:03 - 000630304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-01 15:06 - 2018-12-12 14:59 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\AVAST Software
2021-01-01 15:06 - 2018-02-14 21:09 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-01 15:05 - 2016-11-18 12:16 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-01 15:04 - 2016-11-18 12:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-01-01 15:02 - 2020-06-19 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-01-01 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-01 14:56 - 2018-04-03 12:41 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-01 14:56 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\Temp
2021-01-01 14:56 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2021-01-01 14:56 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\install_backup
2021-01-01 14:55 - 2018-02-24 12:47 - 000000000 ____D C:\Users\BigRon\Documents\CyberLink
2021-01-01 14:55 - 2018-02-24 12:46 - 000000000 ____D C:\Users\BigRon\AppData\Local\CyberLink
2021-01-01 14:55 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\install_clap
2021-01-01 14:55 - 2018-02-14 20:19 - 000000000 ____D C:\ProgramData\CyberLink
2021-01-01 14:54 - 2018-06-09 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-01-01 14:51 - 2016-11-18 12:16 - 000000000 ____D C:\Program Files\HP
2021-01-01 14:48 - 2018-02-14 21:02 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\hpqLog
2021-01-01 14:47 - 2018-02-23 09:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-12-31 15:49 - 2020-06-19 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-30 15:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-30 15:37 - 2018-05-02 18:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-30 15:27 - 2018-07-11 18:28 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-12-30 15:21 - 2018-11-09 09:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-12-30 15:10 - 2018-02-18 18:07 - 000000000 ____D C:\Program Files\WinRAR
2020-12-29 16:32 - 2019-01-08 11:30 - 000000000 ____D C:\Users\BigRon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:32 - 2019-01-08 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:32 - 2018-06-06 12:57 - 000000000 ____D C:\Users\BigRon\AppData\Local\AVAST Software
2020-12-29 16:31 - 2020-01-09 16:06 - 000002088 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2020-12-29 16:31 - 2020-01-09 16:06 - 000002088 _____ C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk
2020-12-29 16:19 - 2018-02-14 20:48 - 000000000 ____D C:\Users\BigRon\AppData\Local\VirtualStore
2020-12-27 18:01 - 2018-02-14 20:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-27 15:16 - 2018-02-14 20:58 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-26 18:38 - 2018-02-18 19:08 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-23 14:49 - 2018-05-27 15:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-20 09:39 - 2020-06-18 10:15 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-20 09:39 - 2020-06-18 10:15 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-20 09:39 - 2020-06-18 10:15 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-20 09:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-20 09:36 - 2018-02-18 18:57 - 000000000 ____D C:\Users\BigRon\AppData\Local\Packages
2020-12-18 18:14 - 2020-01-24 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2020-12-18 18:14 - 2018-02-18 18:06 - 000000000 ____D C:\Users\BigRon\AppData\Local\HL
2020-12-12 15:27 - 2020-03-06 14:58 - 034188528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2020-12-12 15:21 - 2020-03-06 14:58 - 007114256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-12 04:59 - 2020-03-06 14:58 - 000060811 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-12 00:55 - 2018-02-14 20:13 - 009371667 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-12 00:55 - 2018-02-14 20:13 - 005622072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 002636776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-12 00:55 - 2018-02-14 20:13 - 000083256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-11 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 19:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-09 19:25 - 2019-10-18 19:15 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-12-09 19:25 - 2018-02-14 20:12 - 000000000 ____D C:\Program Files (x86)\Intel
2020-12-06 16:03 - 2018-08-08 10:08 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-02 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-01-01 19:57 - 2021-01-01 20:43 - 001388448 _____ () C:\Users\Public\ASR.dat
2018-08-08 10:08 - 2018-08-08 10:08 - 000000171 _____ () C:\Users\BigRon\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-08-08 10:08 - 2018-08-08 10:08 - 000000304 _____ () C:\Users\BigRon\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2018-08-08 10:08 - 2018-08-08 10:08 - 000000175 _____ () C:\Users\BigRon\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2018-02-18 19:12 - 2018-02-18 19:12 - 000000738 _____ () C:\Users\BigRon\AppData\Local\recently-used.xbel
2018-05-30 10:46 - 2021-01-01 16:56 - 000007660 _____ () C:\Users\BigRon\AppData\Local\Resmon.ResmonCfg
2019-07-08 19:48 - 2019-07-08 19:57 - 000000143 _____ () C:\Users\BigRon\AppData\Local\zenmap.exe.log
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-12-2020
durchgeführt von BigRon (01-01-2021 21:04:03)
Gestartet von C:\Users\BigRon\Downloads
Windows 10 Home Version 20H2 19042.685 (X64) (2020-06-19 10:15:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2816629630-362098843-3323099239-500 - Administrator - Disabled)
BigRon (S-1-5-21-2816629630-362098843-3323099239-1001 - Administrator - Enabled) => C:\Users\BigRon
DefaultAccount (S-1-5-21-2816629630-362098843-3323099239-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2816629630-362098843-3323099239-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2816629630-362098843-3323099239-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2816629630-362098843-3323099239-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CrystalDiskInfo 8.9.0a (64 Bit) (HKLM\...\CrystalDiskInfo_is1) (Version: 8.9.0a - Crystal Dew World)
Diagnosis Framework 1.5 (HKLM-x32\...\Diagnosis Framework 1.5) (Version: 1.5 - Webasto Thermo & Comfort SE)
Documentation Manager (HKLM\...\{82FBBBC9-616A-4247-BEAD-87B8132D49D2}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 113.3.427 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
GoPro Studio 2.0.0 (HKLM-x32\...\GoPro Studio) (Version: 2.0.0 - WoodmanLabs Inc. d.b.a. GoPro)
Gtk# for .Net 2.12.38 (HKLM-x32\...\{C7A0CF1E-A936-426A-9694-035636DCD356}) (Version: 2.12.38 - Xamarin, Inc.)
hide.me VPN 3.6.1 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 3.6.1 - eVenture Limited)
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
HP Color Laser MFP 178 179 (HKLM-x32\...\HP Color Laser MFP 178 179) (Version: 1.14 (01.11.2019) - HP Inc.)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{513BFF20-438E-4C8B-9C41-DE06B47D3148}) (Version: 20.11.50.9 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1003 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1031-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{7972bdc2-99e9-4a54-b071-e7f08bdf056d}) (Version: 20.11.50.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6aa2484c-1a35-428e-a857-8ee0a874d2d1}) (Version: 20.110.0 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}) (Version: 22.0.0.6 - Intel Corporation) Hidden
iTunes (HKLM\...\{DE0F48FE-04C1-4646-AA58-2BE7A1A58742}) (Version: 12.11.0.26 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Mozilla Firefox 84.0.1 (x64 de) (HKLM\...\Mozilla Firefox 84.0.1 (x64 de)) (Version: 84.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
SABnzbd 3.1.1 (HKLM-x32\...\SABnzbd) (Version: 3.1.1 - The SABnzbd Team)
Suunto DM5 - 1 (HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\e64facc3e2453542) (Version: 1.3.0.19 - Suunto)
Suunto USB Driver (HKLM\...\SuuntoUSBFTDIVista_is1) (Version: 2.12.06.0 - Suunto Oy)
TAXMAN 2020 (HKLM-x32\...\{1342F8EA-0E9F-4CCB-81E8-74638BC0C757}) (Version: 25.39.90 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2021 (HKLM-x32\...\{E172BAEF-8092-4576-BDAD-41653786283E}) (Version: 26.25.56 - Haufe-Lexware GmbH & Co.KG)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-3) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-4) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-5) (Version: 1.0.54.1 - Intel Corporation Inc.)
Webasto Thermo Test 3.0 (HKLM-x32\...\Webasto Thermo Test 3.0) (Version: 3.0 - Webasto Thermo & Comfort SE)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows-Treiberpaket - STMicroelectronics (usbser) Ports (04/25/2010 1.3.1) (HKLM\...\1628ECA16EA833D7F30DD35215E306FAD333DF83) (Version: 04/25/2010 1.3.1 - STMicroelectronics)
Windows-Treiberpaket - Suunto Suunto USB Driver Package (07/10/2015 2.12.06) (HKLM\...\AB6ABB41B5BCD37253F16E19787FDA18B257FDC8) (Version: 07/10/2015 2.12.06 - Suunto)
Windows-Treiberpaket - Suunto Suunto USB Serial Port (07/10/2015 2.12.06) (HKLM\...\E2175BF06F0C07C2570BDDC08FCBDC1D9B5639CB) (Version: 07/10/2015 2.12.06 - Suunto)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-20] (Dolby Laboratories)
DS photo -> C:\Program Files\WindowsApps\999289FE.DSphoto_1.5.61.0_x64__g23c5rrjyxaaj [2018-06-14] (Synology Inc.)
DS video -> C:\Program Files\WindowsApps\999289FE.DSvideo_1.5.69.0_x64__g23c5rrjyxaaj [2018-05-27] (Synology Inc.)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2020-07-15] (Fitbit)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2018-02-14] (Universal Music Mobile)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.7.0_x64__v10z8vjag6ke6 [2020-10-07] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-20] (HP Inc.)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_18.9.500.0_x64__4n2hpmxwrvr6p [2020-10-28] (XBMC Foundation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-12] (Synaptics Incorporated)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm [2020-12-20] (WhatsApp Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\BigRon\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\iconOverlay.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2816629630-362098843-3323099239-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\BigRon\Dropbox [2018-06-01 10:53]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxDTCM.dll [2018-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2816629630-362098843-3323099239-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll -> Keine Datei
ContextMenuHandlers6_S-1-5-21-2816629630-362098843-3323099239-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\BigRon\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x64\ContextMenu.dll -> Keine Datei
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\windows\system32\CFHD.dll [1443328 2013-09-05] (CineForm Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.DLL [1474560 2013-09-05] (CineForm Inc.) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-12-07 11:31 - 2020-12-07 11:31 - 000126464 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSASsdInterop.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:E83C309AD0058C63 [50]
AlternateDataStreams: C:\ProgramData\Temp:054203E4 [144]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2816629630-362098843-3323099239-1001 -> {AA4CB8F8-92C1-4C17-9DA7-25F3386661D0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2020-10-15 15:11 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-11-12 10:31 - 2018-11-12 10:32 - 000000514 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\CineForm\Tools;C:\Program Files (x86)\GoPro\Tools;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\nodejs\
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BigRon\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{f739afe9-b24c-424c-a537-dd85e608e858}.JPG
DNS Servers: 8.8.8.8 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "GlobalProtect"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2816629630-362098843-3323099239-1001\...\StartupApproved\Run: => "OneDriveSetup"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
01-01-2021 14:45:52 Removed Windows 7 USB/DVD Download Tool
01-01-2021 16:44:20 AdwCleaner_BeforeCleaning_01/01/2021_16:44:20
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: hp DVDRW GUD1N
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/01/2021 08:43:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 25 0.A.6.4.9.0.C.3.9.3.A.C.A.C.5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR LAPTOP-CC9LIIGT-2.local.
Error: (01/01/2021 08:43:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.117:5353 23 0.A.6.4.9.0.C.3.9.3.A.C.A.C.5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR LAPTOP-CC9LIIGT.local.
Error: (01/01/2021 08:43:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 25 117.0.168.192.in-addr.arpa. PTR LAPTOP-CC9LIIGT-2.local.
Error: (01/01/2021 08:43:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.117:5353 23 117.0.168.192.in-addr.arpa. PTR LAPTOP-CC9LIIGT.local.
Error: (01/01/2021 08:43:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-CC9LIIGT.local already in use; will try LAPTOP-CC9LIIGT-2.local instead
Error: (01/01/2021 08:43:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 LAPTOP-CC9LIIGT.local. Addr 192.168.0.117
Error: (01/01/2021 08:43:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.117:5353 16 LAPTOP-CC9LIIGT.local. AAAA 2A0B:84C0:CD01:FF0D:45CA:CA39:3C09:46A0
Error: (01/01/2021 08:43:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 LAPTOP-CC9LIIGT.local. AAAA FE80:0000:0000:0000:45CA:CA39:3C09:46A0
Systemfehler:
=============
Error: (01/01/2021 08:43:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/01/2021 08:42:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RogueKiller RTP" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/01/2021 08:23:46 PM) (Source: Netwtw04) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)
Error: (01/01/2021 08:23:46 PM) (Source: Netwtw04) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)
Error: (01/01/2021 08:16:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/01/2021 08:16:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024001e fehlgeschlagen: Security Intelligence-Update für Microsoft Defender Antivirus - KB2267602 (Version 1.329.1492.0)
Error: (01/01/2021 08:16:02 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/01/2021 07:57:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Windows Defender:
===================================
Date: 2021-01-01 20:16:07.6570000Z
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.329.1492.0
%Vorherige Version der Sicherheitsinformationen: 1.329.1488.0
Update Source: Benutzer
Sicherheitstyp: AntiSpyware
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.17700.4
%Vorherige Modulversion: 1.1.17700.4
Fehlercode: 0x80509004
Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support".
Date: 2021-01-01 20:16:07.6560000Z
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.329.1492.0
%Vorherige Version der Sicherheitsinformationen: 1.329.1488.0
Update Source: Benutzer
Sicherheitstyp: AntiVirus
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.17700.4
%Vorherige Modulversion: 1.1.17700.4
Fehlercode: 0x80509004
Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support".
Date: 2021-01-01 20:16:06.9400000Z
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.329.1488.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17700.4
Fehlercode: 0x80240022
Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
CodeIntegrity:
===================================
Date: 2021-01-01 20:43:35.4440000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 20:16:28.4900000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 19:57:28.2380000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 18:33:12.1480000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 16:48:54.4560000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 16:45:08.0410000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 16:17:43.0430000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-01 15:06:17.5190000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SSPORT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
BIOS: Insyde F.55 07/01/2020
Hauptplatine: HP 8219
Prozessor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 16269.22 MB
Verfügbarer physikalischer RAM: 9568.32 MB
Summe virtueller Speicher: 18701.22 MB
Verfügbarer virtueller Speicher: 11161.71 MB
==================== Laufwerke ================================
Drive c: (WINDOWS) (Fixed) (Total:237.24 GB) (Free:162.59 GB) NTFS
Drive d: (DATA) (Fixed) (Total:919.13 GB) (Free:857.39 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:12.38 GB) (Free:1.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
\\?\Volume{8cd78a99-b26c-4122-a1c4-953b325e11bb}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.36 GB) NTFS
\\?\Volume{1dc6e2b4-66e5-4b5a-876b-2e2c31e8a886}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partitionstabelle ====================
==================== Ende von Addition.txt =======================
|
|
| Themen zu Windows 10 - Laptop - Malware.AI.1792791521 |
| administrator, adobe, antivirus, avast, avg, bonjour, defender, desktop, firefox, geforce, google, home, internet, mozilla, nvcontainer.exe, nvidia, opera, prozesse, realtek, registry, router, rundll, scan, temp, warnung, windows |
Linear-Darstellung
