Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 - als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 02.03.2021, 22:11   #1
Gewin
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Problem: Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff



Hallo zusammen,

bereits die zweite Woche verhält mein PC (Win 10 Pro) sehr seltsam:

Das System fäng an sehr langsam zu arbeiten, alles reagiert plötzlich sehr langsam, mit einer Verzögerung, ich kann den PC sehr schwer steuern, nur neu starten. Nach dem Neustart erscheinen auf dem Desktop- 7 unbekannte .raw Dateinen.

aec_mic.raw, aec_out.raw, aec_spk.raw, aec_synch.raw, nr_mic.raw, nr_out.raw, param

Der Antivirus Emsisoft meldet nichts.

Das ist aber sehr ungewönlich, ich habe probiert die .raw Dateien zu öffnen, ein paar zeigen ein Bild ohne den Inhalt.

Ist das ein Grund zu Sorge?

Die Log Dateien vom System, kann ich später einstellen, falls nötig.

Vielen Dank!

Alt 02.03.2021, 23:16   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff Anleitung / Hilfe



Logdateien erstellen mit FRST64
  • Bitte lade dir Farbar's Recovery Scan Tool (FRST64.exe) auf deinen Desktop
  • Starte anschließend FRST64.exe per Doppelklick.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und die Addition.txt in deinem Thread in CODE-Tags (#-Symbol im Eingabefenster der Webseite anklicken)


Falls der Smartscreenfilter FRST blockiert sollte, kannst du den dort deaktivieren:
Start > Einstellungen > Update und Sicherheit > Windows Sicherheit > App- & Browsersteuerung > Zuverlässigkeitsbasierter Schutz
__________________

__________________

Alt 03.03.2021, 15:54   #3
Gewin
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff Details



Guten Tag!

Die Logdateien anbei

FRST.TXT

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
durchgeführt von Gerazer (Administrator) auf GERAZER (Razer Blade 15 Mid 2019-Base) (03-03-2021 15:33:08)
Gestartet von C:\Users\Gerazer\Desktop
Geladene Profile: Gerazer
Platform: Windows 10 Pro Version 20H2 19042.804 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Users\Gerazer\AppData\Roaming\Adobe\Connect\ConnectDetector.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(AgileBits Inc. -> AgileBits Inc.) C:\Users\Gerazer\AppData\Local\1Password\app\7\1Password.exe <2>
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(CJSC Computing Forces -> ) C:\Program Files (x86)\WebMoney Agent\wmagent.exe
(DeepL  GmbH -> DeepL GmbH) C:\Users\Gerazer\AppData\Local\DeepL\app-2.0.0\DeepL.exe
(DeepL  GmbH -> The CefSharp Authors) C:\Users\Gerazer\AppData\Local\DeepL\app-2.0.0\x64\CefSharp.BrowserSubprocess.exe <3>
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\CommService.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <34>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Huawei Technologies Co.,Ltd. -> ) C:\Program Files (x86)\MobileBrServ\mbbService.exe
(Intel Corporation -> ) C:\Windows\ThunderboltService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7c484f80872e1cd8\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_3e38e338bd327f33\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5ae0ef61f9d83d80\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5ae0ef61f9d83d80\IntelCpHeciSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_778512ee63a728ec\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvrzi.inf_amd64_abf49ca127bc710b\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\FPSRunner32.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\PMRunner32.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\FPSRunner64.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\PMRunner64.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <3>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(Sony Imaging Products & Solutions Inc. -> Sony Imaging Products & Solutions, Inc.) C:\Program Files\Sony\Imaging Edge Webcam\ImagingEdgeWebcamLauncher.exe
(Synology Inc. -> ) C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\Synology Active Backup for Business Service.exe
(Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
(Synology Inc. -> Synology Inc.) C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-connect.exe
(Synology Inc. -> Synology Inc.) C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-daemon.exe
(Synology Inc. -> Synology Inc.) C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe
(TBT_DCH_DRV_PROD -> ) C:\Windows\TbtP2pShortcutService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-02-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [emsisoft anti-malware] => C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [9331776 2021-03-02] (Emsisoft Ltd -> Emsisoft Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-03-02] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [267056 2021-01-14] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [wmagent.exe] => C:\Program Files (x86)\WebMoney Agent\wmagent.exe [210400 2009-10-19] (CJSC Computing Forces -> )
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514920 2021-02-18] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Run: [1Password] => C:\Users\Gerazer\AppData\Local\1Password\app\7\1Password.exe [5230928 2021-03-02] (AgileBits Inc. -> AgileBits Inc.)
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365512 2020-05-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Run: [4AB4DE8B85C59B591E6C4219D4E2CE3944159F23._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Run: [AusweisApp2] => C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe [2802808 2020-08-31] (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Run: [ConnectDetector] => C:\Users\Gerazer\AppData\Roaming\Adobe\Connect\connectdetector.exe [640696 2021-02-24] (Adobe Inc. -> Adobe Systems Incorporated) <==== ACHTUNG
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Run: [DeepL] => C:\Users\Gerazer\AppData\Local\DeepL\app-2.0.0\DeepL.exe [207984 2021-02-16] (DeepL  GmbH -> DeepL GmbH)
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Run: [Opera Browser Assistant] => C:\Users\Gerazer\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3366040 2021-01-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10398376 2021-01-28] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Run: [GoogleChromeAutoLaunch_B266F63467476801CAD10F8E93AE4B4D] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\MountPoints2: {43a9b803-a101-11ea-91f9-7cb27db9cfd9} - "E:\autorun.exe" 
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514920 2021-02-18] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Canon MX340 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA5.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX340 series: C:\Windows\system32\CNMLMA5.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX340 series XPS: C:\Windows\system32\CNMXLMA5.DLL [344064 2009-12-08] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Canon MP FAX Language Monitor MX340 series: C:\Windows\system32\CNCF2Lk.DLL [343552 2009-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Canon Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.72\Installer\chrmstp.exe [2021-03-03] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Imaging Edge Desktop.lnk [2020-08-30]
ShortcutTarget: Imaging Edge Desktop.lnk -> C:\Program Files\Sony\Imaging Edge Desktop\ied.exe (Sony Imaging Products & Solutions Inc. -> Sony)
Startup: C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Drive Client.lnk [2021-03-03]
ShortcutTarget: Synology Drive Client.lnk -> C:\Program Files (x86)\Synology\SynologyDrive\bin\launcher.exe (Synology Inc. -> Synology Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04EBC03D-560E-4311-AD95-F778BAA93FB2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0710A0CB-C59E-4186-8227-00FFCD7B6028} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {10665FE4-60BD-4BD8-83F5-1316793CF45A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {310A35B1-5FAF-4A15-A6F3-C558F7B2A575} - System32\Tasks\Opera scheduled assistant Autoupdate 1611493844 => C:\Users\Gerazer\AppData\Local\Programs\Opera\launcher.exe [1793664 2021-02-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Gerazer\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {31777391-5F39-4389-B003-16DDDF7D98E1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {330AAEEC-B736-4B2E-89A4-87C7D840642C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {547700E4-ADDB-4A8A-84E8-7BC4E1A42BA7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {5D539A31-ACD5-4747-8743-F0DDBD90F770} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5EF74164-0C79-411F-822D-014BF8D7CF49} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6557F15D-C45C-4A5C-A70A-2C8CC2A23C9E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6724E675-5AC0-4C3A-B750-F28E3390559A} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {6BF2629E-352C-442B-B991-5FDC893BDAA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-13] (Google LLC -> Google LLC)
Task: {81C9F33C-1B1E-4946-9F0F-A4372DD856AF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563200 2021-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {84082BE2-4A6B-44B5-A051-FEEB10C95666} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {85079600-3762-4B7D-8650-E134A4D02B3C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87992100-DC2C-413C-9F7F-4922EF51F400} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563200 2021-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {91792EA3-51EE-4BC0-9E0F-31470EF8C577} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A271A21C-FBC5-4D50-83FE-2BCFDCDD64DB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208208 2021-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {B563FEF0-0C3B-40EC-BDDA-1EB4ECF07B11} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208208 2021-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5C6E9B3-AC36-4887-9B6B-261E0E757DEB} - System32\Tasks\Uninstaller_SkipUac_Gerazer => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6671824 2021-01-14] (IObit Information Technology -> IObit)
Task: {B5F6F8FF-29DC-40EF-A0FC-BED9823F0723} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-13] (Google LLC -> Google LLC)
Task: {B7C4F879-951B-42CB-BEF6-6C1B2F7ECE48} - System32\Tasks\Opera scheduled Autoupdate 1611493841 => C:\Users\Gerazer\AppData\Local\Programs\Opera\launcher.exe [1793664 2021-02-26] (Opera Software AS -> Opera Software)
Task: {BD972B00-9B88-4129-AD58-2F180BE83026} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D18F996A-1F91-4FA3-8BB7-9C2BE3834921} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F50694F1-6225-46B9-860E-4293523A72C0} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FFDC9E80-BF11-46D0-89B5-308A83DC6FCC} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{b55749b5-5b85-4e2d-8ca9-242ee7641aca}: [DhcpNameServer] 192.168.231.105
Tcpip\..\Interfaces\{d4444a62-26cf-43ce-b6ed-1c2a0448445d}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
DownloadDir: C:\Users\Gerazer\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-958490055-1889393570-2762725728-1003 -> hxxps://www.yandex.ru/?win=426&clid=2254914
Edge DefaultProfile: Default
Edge Profile: C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-02]
Edge HomePage: Default -> hxxps://www.yandex.ru/?win=426&clid=2254914
Edge Extension: (TransOver) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aggiiclaiamajehmlfpkjmlbadmkledi [2020-09-21]
Edge Extension: (Ein Klick Übersetzen) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\anhjddeakbabimdgmonfbnpbainknbfa [2020-06-19]
Edge Extension: (1Password-Erweiterung (App benötigt)) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2020-06-19]
Edge Extension: (ColorZilla) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2020-06-19]
Edge Extension: (Just Read) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dgmanlpmmkibanfdgjocnabmcaclkmod [2021-02-10]
Edge Extension: (Rememberry - Translate and Memorize) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dipiagiiohfljcicegpgffpbnjmgjcnf [2020-11-13]
Edge Extension: (PerfectPixel by WellDoneCode (pixel perfect)) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkaagdgjmgdmbnecmcefdhjekcoceebi [2021-02-10]
Edge Extension: (Firebug Lite for Google Chrome) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ehemiojjcpldeipjhjkepfdaohajpbdo [2020-06-19]
Edge Extension: (Mobile/Responsive Web Design Tester) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elmekokodcohlommfikpmojheggnbelo [2020-09-09]
Edge Extension: (SEO-анализ сайта от Be1.ru) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hgoppfmeamohhpdlgmbondkfcijhklbo [2021-01-15]
Edge Extension: (Cisco Webex Extension) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2020-06-19]
Edge Extension: (AKColor) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njhgppihgleonhgjanbjojnpgjkfmijo [2020-07-25]
Edge Extension: (Awesome Screenshot & Screen Recorder) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2021-02-27]
Edge Extension: (Grammatik- und Rechtschreibprüfung - LanguageTool) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oldceeleldhonbafppcapldpdifcinji [2021-02-12]
Edge Extension: (vidIQ Vision for YouTube) - C:\Users\Gerazer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2021-02-27]

FireFox:
========
FF DefaultProfile: jk3jjagj.default
FF ProfilePath: C:\Users\Gerazer\AppData\Roaming\Mozilla\Firefox\Profiles\kj8mz2xd.default-release [2021-03-02]
FF Extension: (Download Master) - C:\Users\Gerazer\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\dm@westbyte.com.xpi [2017-10-20]
FF Extension: (Download Master Toolbar) - C:\Users\Gerazer\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\dmbarff@westbyte.com.xpi [2015-12-30] []
FF ProfilePath: C:\Users\Gerazer\AppData\Roaming\Mozilla\Firefox\Profiles\0xwf0add.dev-edition-default [2021-02-20]
FF Homepage: Mozilla\Firefox\Profiles\0xwf0add.dev-edition-default -> hxxps://www.yandex.ru/?win=426&clid=2254914
FF SearchPlugin: C:\Users\Gerazer\AppData\Roaming\Mozilla\Firefox\Profiles\0xwf0add.dev-edition-default\searchplugins\yandex.ru-20202927.xml [2020-02-27]
FF ProfilePath: C:\Users\Gerazer\AppData\Roaming\Mozilla\Firefox\Profiles\jk3jjagj.default [2021-03-02]
FF NetworkProxy: Mozilla\Firefox\Profiles\jk3jjagj.default -> http", "139.99.105.5"
FF Extension: (FoxyProxy Standard) - C:\Users\Gerazer\AppData\Roaming\Mozilla\Firefox\Profiles\jk3jjagj.default\Extensions\foxyproxy@eric.h.jung.xpi [2020-07-31]
FF Extension: (Feedbro) - C:\Users\Gerazer\AppData\Roaming\Mozilla\Firefox\Profiles\jk3jjagj.default\Extensions\{a9c2ad37-e940-4892-8dce-cd73c6cbbc0c}.xpi [2021-02-19]
FF SearchPlugin: C:\Users\Gerazer\AppData\Roaming\Mozilla\Firefox\Profiles\jk3jjagj.default\searchplugins\yandex.ru-20202927.xml [2020-02-27]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2019-05-05] []
FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2019-05-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-03-02] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-03-02] (Adobe Inc. -> Adobe Systems)
StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default [2021-03-03]
CHR Notifications: Default -> hxxps://cp.beget.com; hxxps://serverds.dyvinter.com; hxxps://webmail.all-inkl.com; hxxps://www.aerofly.com; hxxps://www.boersennews.de; hxxps://www.motionvfx.com; hxxps://www.studium.at
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (TransOver) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aggiiclaiamajehmlfpkjmlbadmkledi [2020-09-21]
CHR Extension: (Wordpress Site Manager) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\allgackcccfpminjnninimgkmclmoafe [2020-02-12]
CHR Extension: (Один клик Перевести) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\anhjddeakbabimdgmonfbnpbainknbfa [2020-03-19]
CHR Extension: (Расширение 1Password (требуется приложение)) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2020-04-26]
CHR Extension: (ColorZilla) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2020-02-12]
CHR Extension: (Foxit PDF Creator) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2020-03-07]
CHR Extension: (Clear Cache) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn [2020-02-12]
CHR Extension: (Search by Image (by Google)) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2020-02-12]
CHR Extension: (Just Read) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmanlpmmkibanfdgjocnabmcaclkmod [2021-02-08]
CHR Extension: (Rememberry - Переводите и Запоминайте) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dipiagiiohfljcicegpgffpbnjmgjcnf [2020-11-08]
CHR Extension: (PerfectPixel by WellDoneCode (pixel perfect)) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkaagdgjmgdmbnecmcefdhjekcoceebi [2021-02-09]
CHR Extension: (Chameleon) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmpojjilddefgnhiicjcmhbkjgbbclob [2020-02-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-02]
CHR Extension: (Firebug Lite for Google Chrome) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehemiojjcpldeipjhjkepfdaohajpbdo [2020-02-20]
CHR Extension: (Mobile/Responsive Web Design Tester) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmekokodcohlommfikpmojheggnbelo [2020-09-06]
CHR Extension: (Tails Verification) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaghffbplpialpoeclgjkkbknblfajdl [2020-02-12]
CHR Extension: (SEO-анализ сайта от Be1.ru) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgoppfmeamohhpdlgmbondkfcijhklbo [2021-01-15]
CHR Extension: (Word Count Tool) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibjgdahgcdkpdlbkadidojhfddflblcm [2020-02-12]
CHR Extension: (Emsisoft Browser Security) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfofijpkapingknllefalncmbiienkab [2021-02-27]
CHR Extension: (Cisco Webex Extension) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2020-06-15]
CHR Extension: (Web Developer Joomla!) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kccpfcmcfhpdgkeadjmdkgjbebphnemk [2020-02-12]
CHR Extension: (Яндекс) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldgpjdiadomhinpimgchmeembbgojnjk [2021-02-24]
CHR Extension: (Программа запуска приложений для Диска, разработанная Google) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-24]
CHR Extension: (Скопируйте в виде простого текста - amaz.in/g) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkkcgjeddgdnikkeoinjgbocghokolck [2020-02-12]
CHR Extension: (Translate - Highlight - Remember) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafgndkaacpbmlpddilhagpdhenkcdoa [2020-02-12]
CHR Extension: (AKColor) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgppihgleonhgjanbjojnpgjkfmijo [2020-07-25]
CHR Extension: (Awesome Screenshot & Screen Recorder) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2021-02-28]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Корректор грамматики и орфографии — LanguageTool) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldceeleldhonbafppcapldpdifcinji [2021-02-11]
CHR Extension: (vidIQ Vision for YouTube) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2021-02-27]
CHR Extension: (Viboom for Youtube) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdchblfcinnkfcdoihgjelmoekcdphlg [2020-02-12]
CHR Extension: (Chrome Media Router) - C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-03]
CHR Profile: C:\Users\Gerazer\AppData\Local\Google\Chrome\User Data\System Profile [2020-02-21]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05]
CHR HKU\S-1-5-21-958490055-1889393570-2762725728-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Gerazer\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden>
CHR HKU\S-1-5-21-958490055-1889393570-2762725728-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ldgpjdiadomhinpimgchmeembbgojnjk]
CHR HKU\S-1-5-21-958490055-1889393570-2762725728-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]

Opera: 
=======
OPR Profile: C:\Users\Gerazer\AppData\Roaming\Opera Software\Opera Stable [2021-03-03]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Gerazer\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-16]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9809008 2021-03-02] (Emsisoft Ltd -> Emsisoft Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-03-02] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482688 2021-01-30] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4511176 2020-05-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-02-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 EmsiCommService; C:\Program Files\Emsisoft Anti-Malware\CommService.exe [13318648 2021-03-02] (Emsisoft Ltd -> Emsisoft Ltd)
R2 EppWsc; C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe [1445584 2021-02-20] (Emsisoft Ltd -> Emsisoft Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] (Canon Inc. -> )
R2 ImagingEdgeWebcamLauncher; C:\Program Files\Sony\Imaging Edge Webcam\ImagingEdgeWebcamLauncher.exe [21432 2020-07-31] (Sony Imaging Products & Solutions Inc. -> Sony Imaging Products & Solutions, Inc.)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-10-19] (IObit Information Technology -> IObit)
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] (Huawei Technologies Co.,Ltd. -> )
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1123336 2021-02-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [321544 2021-02-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-12-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294440 2021-02-18] (Razer USA Ltd. -> Razer Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-02-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [291304 2021-01-14] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 Synology Active Backup for Business Service; C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\Synology Active Backup for Business Service.exe [3061720 2020-03-19] (Synology Inc. -> )
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [370136 2019-09-20] (Synology Inc. -> )
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [252264 2021-02-20] (TBT_DCH_DRV_PROD -> )
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> )
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-05-14] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvrzi.inf_amd64_abf49ca127bc710b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvrzi.inf_amd64_abf49ca127bc710b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-05-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-05-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [155112 2021-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37776 2021-02-20] (Emsisoft Ltd -> Emsisoft Ltd)
S0 EppElam; C:\WINDOWS\System32\drivers\EppElam.sys [16808 2021-02-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys [126968 2021-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181824 2021-02-19] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 iaLPSS2_UART2_CNL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_cnl.inf_amd64_df1115697e57a59a\iaLPSS2_UART2_CNL.sys [305928 2021-02-19] (Intel Corporation -> Intel Corporation)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [61696 2019-09-08] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [53656 2020-11-15] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0246; C:\WINDOWS\System32\drivers\RzDev_0246.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 SD11CL64; C:\WINDOWS\system32\DRIVERS\SD11CL64.sys [96512 2011-01-24] (Microsoft Windows Hardware Compatibility Publisher -> SCM Microsystems Inc.)
S3 SDI01164; C:\WINDOWS\system32\DRIVERS\SDI01164.SYS [75904 2011-01-24] (Microsoft Windows Hardware Compatibility Publisher -> SCM Microsystems Inc.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2021-02-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [44184 2012-07-20] (STMicroelectronics -> STMicroelectronics)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247224 2020-05-14] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174016 2020-05-14] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-19] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-03-03 15:33 - 2021-03-03 15:33 - 000051337 _____ C:\Users\Gerazer\Desktop\FRST.txt
2021-03-03 15:33 - 2021-03-03 15:33 - 000000000 ____D C:\FRST
2021-03-03 15:32 - 2021-03-03 15:32 - 002301440 _____ (Farbar) C:\Users\Gerazer\Desktop\FRST64.exe
2021-03-02 20:05 - 2021-03-02 20:52 - 002081280 _____ C:\Users\Gerazer\Desktop\nr_mic.raw
2021-03-02 20:05 - 2021-03-02 20:52 - 002078976 _____ C:\Users\Gerazer\Desktop\nr_out.raw
2021-03-02 20:05 - 2021-03-02 20:52 - 002077440 _____ C:\Users\Gerazer\Desktop\aec_mic.raw
2021-03-02 20:05 - 2021-03-02 20:52 - 002076672 _____ C:\Users\Gerazer\Desktop\aec_out.raw
2021-03-02 20:05 - 2021-03-02 20:52 - 002067840 _____ C:\Users\Gerazer\Desktop\aec_spk.raw
2021-03-02 20:05 - 2021-03-02 20:52 - 000021590 _____ C:\Users\Gerazer\Desktop\aec_synch
2021-03-02 20:05 - 2021-03-02 20:52 - 000002354 _____ C:\Users\Gerazer\Desktop\param
2021-03-01 15:22 - 2021-03-01 15:22 - 000000000 ____D C:\Users\Gerazer\Downloads\SER_Player_Windows_x64_v1.7.2
2021-03-01 15:22 - 2021-03-01 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SER Player
2021-03-01 15:22 - 2021-03-01 15:22 - 000000000 ____D C:\Program Files\SER Player
2021-03-01 15:21 - 2021-03-01 15:22 - 029138686 _____ C:\Users\Gerazer\Downloads\SER_Player_Windows_x64_v1.7.2.zip
2021-03-01 15:04 - 2021-03-01 15:04 - 009933169 _____ C:\Users\Gerazer\Downloads\pipp_install_x64_2.5.9.zip
2021-03-01 15:04 - 2021-03-01 15:04 - 000000519 _____ C:\ProgramData\Desktop\PIPP.lnk
2021-03-01 15:04 - 2021-03-01 15:04 - 000000000 ____D C:\Users\Gerazer\Downloads\pipp_install_x64_2.5.9
2021-03-01 15:04 - 2021-03-01 15:04 - 000000000 ____D C:\Users\Gerazer\AppData\Local\PIPP_Application
2021-03-01 15:04 - 2021-03-01 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIPP
2021-03-01 15:04 - 2021-03-01 15:04 - 000000000 ____D C:\Program Files\PIPP
2021-03-01 13:57 - 2021-03-01 14:17 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\vlc
2021-03-01 13:55 - 2021-03-01 15:08 - 000000000 ____D C:\Users\Gerazer\Downloads\AutoStakkert_3.0.14_x64
2021-03-01 13:55 - 2021-03-01 13:55 - 004356220 _____ C:\Users\Gerazer\Downloads\AutoStakkert_3.0.14_x64.zip
2021-02-28 16:37 - 2021-02-28 16:37 - 000000000 ____D C:\Users\Лилия\AppData\Roaming\IObit
2021-02-28 16:19 - 2021-02-28 16:19 - 000000000 ____D C:\Users\Лилия\Documents\VIISAN OfficeCam
2021-02-28 16:19 - 2021-02-28 16:19 - 000000000 ____D C:\Users\Лилия\AppData\Roaming\NVIDIA
2021-02-28 16:09 - 2021-02-28 16:09 - 000000000 ____D C:\Users\Лилия\AppData\Roaming\Sony Corporation
2021-02-28 16:08 - 2021-02-28 16:08 - 000000020 ___SH C:\Users\Лилия\ntuser.ini
2021-02-27 20:59 - 2021-02-27 20:59 - 000001243 _____ C:\Users\Gerazer\Desktop\Fitswork4 - Verknüpfung.lnk
2021-02-27 20:56 - 2021-02-27 20:56 - 000000000 ____D C:\Users\Gerazer\Downloads\Telegram Desktop
2021-02-27 20:12 - 2021-02-27 20:30 - 000000000 ____D C:\Users\Gerazer\Downloads\Fitswork447
2021-02-27 20:10 - 2021-02-27 20:10 - 001341307 _____ C:\Users\Gerazer\Downloads\Fitswork447.zip
2021-02-26 19:57 - 2021-02-26 19:57 - 000003959 _____ C:\Users\Gerazer\Downloads\bibliofond_62978.zip
2021-02-23 22:18 - 2021-02-23 22:19 - 001803668 _____ C:\WINDOWS\Minidump\022321-11953-01.dmp
2021-02-23 22:18 - 2021-02-23 22:19 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-22 16:31 - 2021-02-22 16:31 - 000000000 ____D C:\Users\Gerazer\Calibre Library
2021-02-22 15:17 - 2020-06-07 16:03 - 000035112 _____ (TeamViewer GmbH) C:\WINDOWS\system32\Drivers\teamviewervpn.sys
2021-02-22 15:04 - 2021-02-22 15:04 - 029352480 _____ (TeamViewer Germany GmbH) C:\Users\Gerazer\Downloads\TeamViewer_Setup.exe
2021-02-22 13:38 - 2021-03-01 15:11 - 000000000 ____D C:\Program Files (x86)\VIISAN OfficeCam
2021-02-22 13:38 - 2021-02-22 13:38 - 000001808 _____ C:\ProgramData\Desktop\VIISAN OfficeCam.lnk
2021-02-22 13:38 - 2021-02-22 13:38 - 000000000 ____D C:\Users\Gerazer\Downloads\VIISAN OfficeCam_V6.9.6.0_20201109
2021-02-22 13:38 - 2021-02-22 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIISAN OfficeCam
2021-02-22 13:05 - 2021-02-22 13:33 - 345002327 _____ C:\Users\Gerazer\Downloads\VIISAN OfficeCam_V6.9.6.0_20201109.zip
2021-02-22 10:42 - 2021-02-22 10:42 - 000000000 ____D C:\Users\Gerazer\Downloads\BicBucStriim-1.5.0
2021-02-22 10:40 - 2021-02-22 10:40 - 001095205 _____ C:\Users\Gerazer\Downloads\BicBucStriim-1.2.0.zip
2021-02-22 10:36 - 2021-02-22 10:36 - 001252354 _____ C:\Users\Gerazer\Downloads\BicBucStriim-1.5.0.zip
2021-02-20 19:20 - 2021-02-20 19:20 - 000252264 _____ C:\WINDOWS\TbtP2pShortcutService.exe
2021-02-20 19:19 - 2021-02-20 19:19 - 003200560 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_h264ve_64.dll
2021-02-20 19:19 - 2021-02-20 19:19 - 002593640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_h264ve_32.dll
2021-02-20 19:19 - 2021-02-20 19:19 - 000071956 _____ C:\WINDOWS\SysWOW64\vp9e_32.vp
2021-02-20 19:19 - 2021-02-20 19:19 - 000070721 _____ C:\WINDOWS\SysWOW64\he_32.vp
2021-02-20 19:19 - 2021-02-20 19:19 - 000057143 _____ C:\WINDOWS\SysWOW64\dev_32.vp
2021-02-20 19:19 - 2021-02-20 19:19 - 000056359 _____ C:\WINDOWS\system32\dev_64.vp
2021-02-20 19:19 - 2021-02-20 19:19 - 000013992 _____ C:\WINDOWS\system32\vp9e_64.vp
2021-02-20 19:19 - 2021-02-20 19:19 - 000013585 _____ C:\WINDOWS\system32\he_64.vp
2021-02-20 19:19 - 2021-02-20 19:19 - 000001125 _____ C:\WINDOWS\SysWOW64\cpa_32.vp
2021-02-20 19:19 - 2021-02-20 19:19 - 000001125 _____ C:\WINDOWS\system32\cpa_64.vp
2021-02-20 19:18 - 2021-02-20 19:19 - 000014145 _____ C:\WINDOWS\system32\h265e_64.vp
2021-02-20 19:18 - 2021-02-20 19:18 - 025056784 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 021088168 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 019989544 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 011902480 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 003221032 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_h265ve_64.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 003213944 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_vp9ve_64.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 003007504 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_mjpgvd_64.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 002995664 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_encrypt_64.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 002607432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_h265ve_32.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 002602248 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_vp9ve_32.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 002437136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_mjpgvd_32.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 002435560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_encrypt_32.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 000212464 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 000184144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2021-02-20 19:18 - 2021-02-20 19:18 - 000072361 _____ C:\WINDOWS\SysWOW64\h265e_32.vp
2021-02-20 19:18 - 2021-02-20 19:18 - 000065805 _____ C:\WINDOWS\SysWOW64\mj_32.vp
2021-02-20 19:18 - 2021-02-20 19:18 - 000013317 _____ C:\WINDOWS\system32\mj_64.vp
2021-02-20 19:15 - 2021-02-20 19:15 - 000168976 _____ C:\WINDOWS\SysWOW64\libGLESv2.dll
2021-02-20 19:15 - 2021-02-20 19:15 - 000141840 _____ C:\WINDOWS\SysWOW64\libGLESv1_CM.dll
2021-02-20 19:15 - 2021-02-20 19:15 - 000136720 _____ C:\WINDOWS\SysWOW64\libEGL.dll
2021-02-20 17:26 - 2021-03-02 21:44 - 002635074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-20 17:25 - 2021-02-20 17:25 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-20 17:23 - 2021-03-02 21:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-20 17:23 - 2021-03-01 10:50 - 000004196 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1611493841
2021-02-20 17:23 - 2021-02-28 16:09 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-958490055-1889393570-2762725728-1004
2021-02-20 17:23 - 2021-02-27 19:50 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-958490055-1889393570-2762725728-1003
2021-02-20 17:23 - 2021-02-20 17:23 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-02-20 17:23 - 2021-02-20 17:23 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-02-20 17:23 - 2021-02-20 17:23 - 000003750 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1611493844
2021-02-20 17:23 - 2021-02-20 17:23 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-20 17:23 - 2021-02-20 17:23 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-20 17:23 - 2021-02-20 17:23 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-20 17:23 - 2021-02-20 17:23 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-20 17:23 - 2021-02-20 17:23 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 17:23 - 2021-02-20 17:23 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-20 17:23 - 2021-02-20 17:23 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 17:23 - 2021-02-20 17:23 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 17:23 - 2021-02-20 17:23 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 17:23 - 2021-02-20 17:23 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 17:23 - 2021-02-20 17:23 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 17:23 - 2021-02-20 17:23 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 17:23 - 2021-02-20 17:23 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 17:23 - 2021-02-20 17:23 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 17:23 - 2021-02-20 17:23 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-958490055-1889393570-2762725728-1005
2021-02-20 17:23 - 2021-02-20 17:23 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-958490055-1889393570-2762725728-500
2021-02-20 17:23 - 2021-02-20 17:23 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 17:23 - 2021-02-20 17:23 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-02-20 17:23 - 2021-02-20 17:23 - 000002588 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-02-20 17:23 - 2021-02-20 17:23 - 000002462 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard
2021-02-20 17:23 - 2021-02-20 17:23 - 000002408 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Gerazer
2021-02-20 17:23 - 2021-02-20 17:23 - 000000020 ___SH C:\Users\Gerazer\ntuser.ini
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\Vorlagen
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\Startmenü
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\Netzwerkumgebung
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\Lokale Einstellungen
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\Eigene Dateien
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\Druckumgebung
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Users\Default\Anwendungsdaten
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Programme
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\ProgramData\Vorlagen
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\ProgramData\Startmenü
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\ProgramData\Dokumente
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Program Files\Gemeinsame Dateien
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 _SHDL C:\Dokumente und Einstellungen
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-20 17:23 - 2021-02-20 17:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Aufgaben der Ereignisanzeige
2021-02-20 17:18 - 2021-02-28 16:09 - 000002381 _____ C:\Users\Лилия\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-20 17:18 - 2021-02-28 16:08 - 000000000 ____D C:\Users\Лилия
2021-02-20 17:18 - 2021-02-27 19:50 - 000002387 _____ C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-20 17:18 - 2021-02-25 21:17 - 000000000 ____D C:\Users\Gerazer
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\Vorlagen
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\Startmenü
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\Netzwerkumgebung
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\Lokale Einstellungen
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\Eigene Dateien
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\Druckumgebung
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\Documents\Eigene Videos
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\Documents\Eigene Musik
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\Documents\Eigene Bilder
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\AppData\Local\Verlauf
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\AppData\Local\Anwendungsdaten
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Лилия\Anwendungsdaten
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\Vorlagen
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\Startmenü
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\Netzwerkumgebung
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\Lokale Einstellungen
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\Eigene Dateien
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\Druckumgebung
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\Documents\Eigene Videos
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\Documents\Eigene Musik
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\Documents\Eigene Bilder
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\AppData\Local\Verlauf
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\AppData\Local\Anwendungsdaten
2021-02-20 17:18 - 2021-02-20 17:18 - 000000000 _SHDL C:\Users\Gerazer\Anwendungsdaten
2021-02-20 17:16 - 2021-03-02 21:37 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-20 17:16 - 2021-03-01 23:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-20 17:16 - 2021-02-23 17:29 - 000461360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-20 17:13 - 2021-02-20 17:16 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-02-20 17:12 - 2021-02-20 17:13 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-02-20 17:12 - 2021-02-20 17:12 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-02-20 17:11 - 2021-02-20 17:11 - 000000000 ____D C:\ProgramData\ssh
2021-02-20 17:09 - 2021-02-20 17:09 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-20 17:09 - 2021-02-20 17:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-20 17:09 - 2021-02-20 17:09 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 001328392 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-20 17:09 - 2021-02-20 17:09 - 001263104 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-02-20 17:09 - 2021-02-20 17:09 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-02-20 17:09 - 2021-02-20 17:09 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-02-20 17:09 - 2021-02-20 17:09 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-02-20 17:09 - 2021-02-20 17:09 - 000512856 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-02-20 17:09 - 2021-02-20 17:09 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-02-20 17:09 - 2021-02-20 17:09 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-02-20 17:09 - 2021-02-20 17:09 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-02-20 17:09 - 2021-02-20 17:09 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-02-20 17:09 - 2021-02-20 17:09 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-02-20 17:09 - 2021-02-20 17:09 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-02-20 17:09 - 2021-02-20 17:09 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-02-20 17:09 - 2021-02-20 17:09 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-02-20 17:09 - 2021-02-20 17:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-02-20 17:09 - 2021-02-20 17:09 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-02-20 17:09 - 2021-02-20 17:09 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-02-20 17:09 - 2021-02-20 17:09 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2021-02-20 17:09 - 2021-02-20 17:09 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-02-20 17:09 - 2021-02-20 17:09 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-20 17:09 - 2021-02-20 17:09 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-02-20 17:09 - 2021-02-20 17:09 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-20 17:09 - 2021-02-20 17:09 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-02-20 17:09 - 2021-02-20 17:09 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-02-20 17:09 - 2021-02-20 17:09 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-20 17:08 - 2021-02-20 17:08 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-02-20 17:08 - 2021-02-20 17:08 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-02-20 17:08 - 2021-02-20 17:08 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-02-20 17:08 - 2021-02-20 17:08 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-02-20 17:08 - 2021-02-20 17:08 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-02-20 17:08 - 2021-02-20 17:08 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-02-20 17:08 - 2021-02-20 17:08 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-02-20 17:08 - 2021-02-20 17:08 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-02-20 17:08 - 2021-02-20 17:08 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-02-20 17:08 - 2021-02-20 17:08 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-02-20 17:08 - 2021-02-20 17:08 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-02-20 17:08 - 2021-02-20 17:08 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-02-20 17:08 - 2021-02-20 17:08 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-02-20 17:08 - 2021-02-20 17:08 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-02-20 17:08 - 2021-02-20 17:08 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-02-20 17:08 - 2021-02-20 17:08 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-02-20 17:08 - 2021-02-20 17:08 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-02-20 17:08 - 2021-02-20 17:08 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-02-20 17:08 - 2021-02-20 17:08 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-02-20 17:08 - 2021-02-20 17:08 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-02-20 17:08 - 2021-02-20 17:08 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-02-20 17:08 - 2021-02-20 17:08 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-02-20 17:01 - 2021-03-02 21:44 - 000774770 _____ C:\WINDOWS\system32\perfh019.dat
2021-02-20 17:01 - 2021-03-02 21:44 - 000152448 _____ C:\WINDOWS\system32\perfc019.dat
2021-02-20 17:01 - 2021-02-20 17:01 - 000340720 _____ C:\WINDOWS\system32\perfi019.dat
2021-02-20 17:01 - 2021-02-20 17:01 - 000041686 _____ C:\WINDOWS\system32\perfd019.dat
2021-02-20 17:01 - 2021-02-20 17:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ru
2021-02-20 17:01 - 2021-02-20 17:01 - 000000000 ____D C:\WINDOWS\system32\ru
2021-02-20 16:57 - 2021-02-20 17:01 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-02-20 16:57 - 2021-02-20 16:57 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-02-20 16:57 - 2021-02-20 16:57 - 000000000 ____D C:\Program Files\MSBuild
2021-02-20 16:57 - 2021-02-20 16:57 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-02-20 16:57 - 2021-02-20 16:57 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-02-20 16:28 - 2021-03-02 19:06 - 000000000 ___DC C:\WINDOWS\Panther
2021-02-20 15:58 - 2021-02-20 17:16 - 000000000 ____D C:\Program Files\Intel
2021-02-20 15:46 - 2021-02-20 15:46 - 005499978 _____ C:\Users\Gerazer\Downloads\intel_chipset_10.1.16.6 (4).zip
2021-02-20 15:46 - 2021-02-20 15:46 - 000000000 ____D C:\Users\Gerazer\Downloads\intel_chipset_10.1.16.6 (4)
2021-02-20 15:44 - 2021-02-20 15:44 - 002181328 _____ C:\Users\Gerazer\Downloads\RazerUpdater_v1.1.1.2_D3-MEv120381430 (1).exe
2021-02-20 15:42 - 2021-02-20 15:42 - 000665160 _____ (DriverFix) C:\Users\Gerazer\Downloads\driverfixwebdl-8205023774.exe
2021-02-20 15:40 - 2021-02-20 15:40 - 006594088 _____ C:\Users\Gerazer\Downloads\RazerUpdater_v1.1.1.2_D3-BIOS0103 (1).exe
2021-02-20 14:56 - 2021-02-20 14:56 - 000000118 _____ C:\WINDOWS\wininit.ini
2021-02-20 14:52 - 2021-02-20 14:56 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL 2
2021-02-20 14:50 - 2021-02-20 14:50 - 000417375 _____ C:\Users\Gerazer\Downloads\ASIO4ALL_2_13_Russian.exe
2021-02-20 12:21 - 2021-02-20 12:20 - 000037776 _____ (Emsisoft Ltd) C:\WINDOWS\system32\Drivers\eppdisk.sys
2021-02-20 12:21 - 2021-02-20 12:20 - 000016808 _____ (Emsisoft Ltd) C:\WINDOWS\system32\Drivers\EppElam.sys
2021-02-20 12:19 - 2021-02-20 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2021-02-20 12:19 - 2021-02-20 12:19 - 000000899 _____ C:\ProgramData\Desktop\Emsisoft Anti-Malware.lnk
2021-02-20 12:18 - 2021-03-03 15:34 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2021-02-20 11:14 - 2021-02-20 11:14 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2021-02-20 10:25 - 2021-02-20 10:35 - 000000140 _____ C:\WINDOWS\restoro.ini
2021-02-20 10:24 - 2021-02-20 10:24 - 000931552 _____ (Restoro) C:\Users\Gerazer\Downloads\Restoro.exe
2021-02-20 10:17 - 2021-02-20 10:17 - 000000000 ____D C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B}
2021-02-20 10:02 - 2021-02-27 10:19 - 000000000 ____D C:\ProgramData\ProductData
2021-02-20 10:02 - 2021-02-20 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2021-02-20 10:02 - 2021-02-20 11:14 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\IObit
2021-02-20 10:02 - 2021-02-20 11:14 - 000000000 ____D C:\Users\Gerazer\AppData\LocalLow\IObit
2021-02-20 10:02 - 2021-02-20 11:14 - 000000000 ____D C:\ProgramData\IObit
2021-02-20 10:02 - 2021-02-20 10:17 - 000000000 ____D C:\Program Files (x86)\IObit
2021-02-20 10:02 - 2021-02-20 10:02 - 000001426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2021-02-20 10:02 - 2021-02-20 10:02 - 000001414 _____ C:\ProgramData\Desktop\IObit Uninstaller.lnk
2021-02-20 10:01 - 2021-02-20 10:01 - 026015560 _____ (IObit ) C:\Users\Gerazer\Downloads\iobit103uninstaller.exe
2021-02-20 00:31 - 2021-02-20 00:31 - 030950888 _____ (Piriform Software Ltd) C:\Users\Gerazer\Downloads\ccsetup577.exe
2021-02-20 00:23 - 2021-03-01 13:51 - 000000000 ____D C:\Users\Gerazer\Documents\VIISAN OfficeCam
2021-02-19 23:20 - 2021-02-19 23:20 - 000000000 ____D C:\Users\Gerazer\AppData\LocalLow\Intel
2021-02-19 23:18 - 2021-02-19 23:18 - 003177056 _____ (Genesys Logic) C:\WINDOWS\SysWOW64\GLCRIcon.dll
2021-02-19 23:18 - 2021-02-19 23:18 - 001147384 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-02-19 23:18 - 2021-02-19 23:18 - 000181824 _____ (Genesys Logic) C:\WINDOWS\system32\Drivers\GeneStor.sys
2021-02-19 23:17 - 2021-02-19 23:17 - 043400990 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-02-19 23:17 - 2021-02-19 23:17 - 008823656 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2021-02-19 23:17 - 2021-02-19 23:17 - 005989992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-02-19 23:17 - 2021-02-19 23:17 - 002673724 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2021-02-19 23:17 - 2021-02-19 23:17 - 001058152 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2021-02-19 23:17 - 2021-02-19 23:17 - 000133944 _____ (Samsung Electronics Co., Ltd) C:\WINDOWS\system32\Drivers\secnvme.sys
2021-02-19 23:17 - 2021-02-19 23:17 - 000063176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-02-19 23:17 - 2021-02-19 23:17 - 000048080 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys
2021-02-19 23:08 - 2021-02-19 23:08 - 000338432 _____ (Intel Corporation) C:\WINDOWS\system32\JHI64.dll
2021-02-19 23:08 - 2021-02-19 23:08 - 000322560 _____ (Intel Corporation) C:\WINDOWS\system32\TEEManagement64.dll
2021-02-19 23:08 - 2021-02-19 23:08 - 000273408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\JHI.dll
2021-02-19 23:08 - 2021-02-19 23:08 - 000260608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\TEEManagement.dll
2021-02-19 23:08 - 2021-02-19 23:08 - 000000000 ____D C:\ProgramData\Dolby
2021-02-19 21:58 - 2021-02-19 21:58 - 000026488 _____ (Intel Corporation) C:\WINDOWS\system32\RstMwEventLogMsg.dll
2021-02-19 21:57 - 2021-02-19 21:57 - 001347448 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAC.sys
2021-02-19 21:54 - 2021-02-20 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2021-02-19 21:54 - 2021-02-19 21:54 - 005195888 _____ (Easeware ) C:\Users\Gerazer\Downloads\DriverEasy_Setup.exe
2021-02-19 21:54 - 2021-02-19 21:54 - 000000974 _____ C:\ProgramData\Desktop\Driver Easy.lnk
2021-02-19 21:54 - 2021-02-19 21:54 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Easeware
2021-02-19 21:54 - 2021-02-19 21:54 - 000000000 ____D C:\Program Files\Easeware
2021-02-19 21:21 - 2021-02-19 21:40 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\CrystalIdea Software
2021-02-19 21:21 - 2021-02-19 21:21 - 004084240 _____ (CrystalIDEA Software ) C:\Users\Gerazer\Downloads\uninstalltool_setup.exe
2021-02-19 18:15 - 2021-02-19 18:15 - 000000000 ____D C:\ProgramData\CanonIJ
2021-02-19 18:14 - 2021-02-25 15:42 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-02-19 18:14 - 2021-02-20 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2021-02-19 18:14 - 2011-01-06 13:07 - 000102400 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC340U.dll
2021-02-19 18:14 - 2009-10-19 16:29 - 000307200 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC340L.dll
2021-02-19 18:14 - 2009-06-23 14:35 - 000014592 _____ C:\WINDOWS\SysWOW64\CNC1741D.TBL
2021-02-19 18:14 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2021-02-19 18:13 - 2021-02-20 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX340 series - регистрация пользователя
2021-02-19 18:13 - 2021-02-20 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2021-02-19 18:13 - 2021-02-19 18:13 - 000002170 _____ C:\ProgramData\Desktop\Canon MP Navigator EX 3.1.lnk
2021-02-19 18:10 - 2021-02-20 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX340 series
2021-02-19 18:10 - 2021-02-19 18:10 - 000000000 ___HD C:\ProgramData\CanonBJ
2021-02-19 18:10 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2021-02-19 18:10 - 2012-06-14 17:18 - 000039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2021-02-19 18:09 - 2021-02-20 17:16 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2021-02-19 18:09 - 2021-02-19 18:09 - 000000000 ___HD C:\Program Files\CanonBJ
2021-02-19 18:09 - 2012-03-14 05:00 - 000385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMA5.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkSE.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkID.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkGR.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkFI.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000002560 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkTR.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000002560 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkTH.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000002560 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkNO.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000002560 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkKR.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000002560 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkDK.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000002560 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkAR.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000002048 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkTW.DLL
2021-02-19 18:09 - 2009-11-25 15:56 - 000002048 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkCN.DLL
2021-02-19 18:09 - 2009-11-25 15:55 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkRU.DLL
2021-02-19 18:09 - 2009-11-25 15:55 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkPT.DLL
2021-02-19 18:09 - 2009-11-25 15:55 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkPL.DLL
2021-02-19 18:09 - 2009-11-25 15:55 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkNL.DLL
2021-02-19 18:09 - 2009-11-25 15:55 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkIT.DLL
2021-02-19 18:09 - 2009-11-25 15:55 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkFR.DLL
2021-02-19 18:09 - 2009-11-25 15:55 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkES.DLL
2021-02-19 18:09 - 2009-11-25 15:55 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkDE.DLL
2021-02-19 18:09 - 2009-11-25 15:55 - 000002560 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkHU.DLL
2021-02-19 18:09 - 2009-11-25 15:55 - 000002560 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkCZ.DLL
2021-02-19 18:09 - 2009-10-22 11:33 - 000343552 _____ (Canon Inc.) C:\WINDOWS\system32\CNCF2Lk.DLL
2021-02-19 18:09 - 2009-10-22 11:30 - 000182272 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFMSk.EXE
2021-02-19 18:09 - 2009-10-22 11:30 - 000003072 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkUS.DLL
2021-02-19 18:09 - 2009-10-22 11:30 - 000002560 _____ (Canon Inc.) C:\WINDOWS\system32\CNCFLkJP.DLL
2021-02-19 18:09 - 2009-09-10 09:00 - 000245760 _____ (CANON INC.) C:\WINDOWS\system32\CNMIUA5.DLL
2021-02-19 15:53 - 2021-02-22 13:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Record
2021-02-19 15:43 - 2021-02-20 11:16 - 000000000 ____D C:\Users\Gerazer\Downloads\Viisan
2021-02-16 16:07 - 2021-02-16 16:07 - 000000000 ____D C:\Users\Gerazer\AppData\Local\calibre-ebook.com
2021-02-16 15:43 - 2021-02-20 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-02-16 15:43 - 2021-02-16 15:43 - 000001031 _____ C:\ProgramData\Desktop\calibre - E-book management.lnk
2021-02-16 15:43 - 2021-02-16 15:43 - 000000000 ____D C:\Program Files (x86)\Calibre2
2021-02-16 14:06 - 2021-02-16 14:08 - 152040913 _____ C:\Users\Gerazer\Downloads\calibre-5.11.0.dmg
2021-02-16 14:06 - 2021-02-16 14:07 - 115412992 _____ C:\Users\Gerazer\Downloads\calibre-5.11.0.msi
2021-02-16 13:58 - 2021-02-16 13:58 - 001479567 _____ C:\Users\Gerazer\Downloads\Calibre-Server@Docker.pdf
2021-02-16 11:47 - 2021-02-16 11:47 - 000201736 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaSDK64.dll
2021-02-16 11:45 - 2021-02-16 11:45 - 000176136 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaSDK.dll
2021-02-14 23:17 - 2021-02-22 13:27 - 000000000 ____D C:\Users\Gerazer\Documents\Bücher_litres
2021-02-13 22:50 - 2021-02-13 22:50 - 000000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2021.lnk
2021-02-13 22:48 - 2021-02-13 22:48 - 000001047 _____ C:\Users\Gerazer\Desktop\Adobe Lightroom Classic.lnk
2021-02-13 22:48 - 2021-02-13 22:48 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2021-02-13 18:48 - 2021-02-13 18:48 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-02-13 18:48 - 2021-02-13 18:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-02-05 08:48 - 2021-02-05 08:48 - 000189000 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaBroadcastAPI64.dll
2021-02-05 08:48 - 2021-02-05 08:48 - 000164944 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaBroadcastManager64.dll
2021-02-05 08:48 - 2021-02-05 08:48 - 000154696 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaBroadcastAPI.dll
2021-02-05 08:48 - 2021-02-05 08:48 - 000134736 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaBroadcastManager.dll

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-03-03 15:31 - 2019-07-03 02:55 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-03 15:29 - 2021-01-01 22:04 - 000000000 ____D C:\ProgramData\ActiveBackupforBusinessAgent
2021-03-03 15:29 - 2020-12-25 20:36 - 000000000 ___RD C:\Users\Gerazer\Desktop\SynologyDrive
2021-03-03 15:29 - 2020-07-04 10:59 - 000000000 ___RD C:\Users\Gerazer\Creative Cloud Files
2021-03-03 15:29 - 2020-03-06 23:08 - 000000000 ____D C:\Users\Gerazer\AppData\Local\SynologyDrive
2021-03-03 15:28 - 2020-02-13 18:52 - 000002295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-03 15:28 - 2020-02-11 17:37 - 000000000 __SHD C:\Users\Gerazer\IntelGraphicsProfiles
2021-03-02 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-02 21:44 - 2019-12-07 15:51 - 000733896 _____ C:\WINDOWS\system32\perfh007.dat
2021-03-02 21:44 - 2019-12-07 15:51 - 000150280 _____ C:\WINDOWS\system32\perfc007.dat
2021-03-02 21:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-02 21:40 - 2020-02-13 20:37 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-03-02 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-02 21:36 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-02 21:35 - 2020-02-14 19:06 - 000000000 ____D C:\Users\Gerazer\AppData\LocalLow\Mozilla
2021-03-02 21:17 - 2020-11-21 15:52 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Breitbandmessung
2021-03-02 20:58 - 2020-02-13 17:26 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\obs-studio
2021-03-02 20:52 - 2021-01-07 17:31 - 000000000 ____D C:\Users\Gerazer\Documents\ConnectAppCache
2021-03-02 19:50 - 2020-02-12 21:40 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-02 19:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-02 18:02 - 2020-02-17 15:26 - 000000879 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-03-02 18:02 - 2020-02-12 21:56 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Notepad++
2021-03-02 17:21 - 2020-07-04 10:58 - 000001384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-03-02 17:21 - 2020-02-13 20:37 - 000000000 ____D C:\Program Files\Adobe
2021-03-02 17:21 - 2020-02-12 21:41 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-03-02 17:21 - 2019-07-03 03:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-03-02 17:20 - 2020-02-11 19:12 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2021-03-02 17:20 - 2020-02-11 18:43 - 000000000 ____D C:\Users\Gerazer\AppData\Local\CrashDumps
2021-03-02 17:20 - 2019-07-03 03:23 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-02 17:19 - 2020-02-13 18:39 - 000001365 _____ C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2021-03-02 17:19 - 2020-02-12 22:18 - 000000000 ____D C:\Users\Gerazer\AppData\Local\1Password
2021-03-01 21:13 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-01 20:57 - 2020-02-11 17:37 - 000000000 ____D C:\Users\Gerazer\AppData\Local\Packages
2021-03-01 17:25 - 2020-02-13 21:06 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-03-01 10:50 - 2021-01-24 14:10 - 000001413 _____ C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-02-28 20:04 - 2020-08-07 17:53 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Stellarium
2021-02-28 16:37 - 2020-02-16 19:21 - 000000000 __SHD C:\Users\Лилия\IntelGraphicsProfiles
2021-02-28 16:34 - 2020-02-16 19:21 - 000000000 ____D C:\Users\Лилия\AppData\Local\Razer
2021-02-28 16:25 - 2020-02-16 19:21 - 000000000 ____D C:\Users\Лилия\AppData\Local\Publishers
2021-02-28 16:25 - 2020-02-16 19:21 - 000000000 ____D C:\Users\Лилия\AppData\Local\Packages
2021-02-28 16:24 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-02-28 16:20 - 2020-02-16 19:22 - 000000000 ____D C:\Users\Лилия\AppData\Local\Adobe
2021-02-28 16:09 - 2020-02-16 19:22 - 000000000 ___RD C:\Users\Лилия\OneDrive
2021-02-28 16:09 - 2020-02-16 19:21 - 000000000 ____D C:\Users\Лилия\AppData\Roaming\Adobe
2021-02-28 16:09 - 2020-02-16 19:21 - 000000000 ____D C:\Users\Лилия\AppData\Local\NVIDIA Corporation
2021-02-28 16:08 - 2020-02-16 21:21 - 000000000 ____D C:\Users\Лилия\AppData\Local\PlaceholderTileLogoFolder
2021-02-28 16:08 - 2020-02-16 19:21 - 000002326 _____ C:\Users\Лилия\Desktop\Google Chrome.lnk
2021-02-28 16:08 - 2020-02-16 19:21 - 000000000 ___RD C:\Users\Лилия\3D Objects
2021-02-28 16:08 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-27 20:54 - 2020-02-17 11:07 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Telegram Desktop
2021-02-27 20:24 - 2020-06-19 17:59 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-27 20:24 - 2020-06-19 17:59 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-27 19:50 - 2020-02-11 17:39 - 000000000 ___RD C:\Users\Gerazer\OneDrive
2021-02-25 21:35 - 2020-04-26 12:00 - 000000000 ____D C:\Users\Gerazer\.TBMX
2021-02-25 20:50 - 2020-02-18 11:17 - 000000000 ____D C:\Users\Gerazer\AppData\Local\babl-0.1
2021-02-25 19:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-25 19:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-24 20:47 - 2020-02-12 21:53 - 000000000 ____D C:\Users\Gerazer\AppData\Local\Adobe
2021-02-24 20:47 - 2020-02-11 17:37 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Adobe
2021-02-22 17:23 - 2020-02-27 16:35 - 000000918 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-02-22 16:36 - 2020-02-17 15:26 - 000000000 ____D C:\Program Files\Notepad++
2021-02-22 14:09 - 2020-02-23 14:52 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\calibre
2021-02-22 13:47 - 2020-02-13 17:03 - 000000000 ____D C:\Users\Gerazer\AppData\Local\PlaceholderTileLogoFolder
2021-02-22 13:46 - 2019-12-07 15:53 - 000000000 ____D C:\WINDOWS\OCR
2021-02-22 13:38 - 2020-02-15 01:11 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-21 15:19 - 2020-02-12 22:10 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\FileZilla
2021-02-21 10:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-02-20 19:20 - 2019-02-27 11:51 - 002872680 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TbtBusDrv.sys
2021-02-20 18:02 - 2020-09-18 14:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-20 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-02-20 17:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-02-20 17:24 - 2019-06-28 15:31 - 000000000 ____D C:\ProgramData\Packages
2021-02-20 17:23 - 2020-02-11 17:37 - 000000000 ___RD C:\Users\Gerazer\3D Objects
2021-02-20 17:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-20 17:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2021-02-20 17:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-20 17:23 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-02-20 17:20 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2021-02-20 17:19 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-20 17:18 - 2021-01-17 15:49 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-02-20 17:18 - 2021-01-01 18:07 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2021-02-20 17:18 - 2020-12-27 13:53 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hdd Speed Test Tool
2021-02-20 17:18 - 2020-12-06 16:02 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH
2021-02-20 17:18 - 2020-07-29 12:17 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlackVue Viewer
2021-02-20 17:18 - 2020-07-19 17:55 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pano2VR6 64bit
2021-02-20 17:18 - 2020-06-19 18:52 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2021-02-20 17:18 - 2020-04-12 14:37 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Сонник TNR Vision 3
2021-02-20 17:18 - 2020-03-06 15:52 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-20 17:18 - 2020-02-17 11:07 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2021-02-20 17:17 - 2020-02-15 20:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-02-20 17:17 - 2019-07-03 03:03 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2021-02-20 17:16 - 2021-01-04 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Средства Microsoft Office
2021-02-20 17:16 - 2020-12-27 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark8
2021-02-20 17:16 - 2020-12-27 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-02-20 17:16 - 2020-12-12 23:45 - 000000000 ____D C:\WINDOWS\system32\Samsung
2021-02-20 17:16 - 2020-10-31 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedtest By Ookla
2021-02-20 17:16 - 2020-10-29 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2021-02-20 17:16 - 2020-10-27 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Image v8 for Photoshop
2021-02-20 17:16 - 2020-10-25 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Image v8 Standalone
2021-02-20 17:16 - 2020-10-18 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-ndi
2021-02-20 17:16 - 2020-10-18 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NDI 4 Runtime
2021-02-20 17:16 - 2020-09-16 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AJA
2021-02-20 17:16 - 2020-09-16 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12
2021-02-20 17:16 - 2020-09-13 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Insta360 Studio 2020
2021-02-20 17:16 - 2020-08-30 15:49 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2021-02-20 17:16 - 2020-08-30 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imaging Edge
2021-02-20 17:16 - 2020-08-30 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imaging Edge Webcam
2021-02-20 17:16 - 2020-08-29 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1und1 MobileWLAN
2021-02-20 17:16 - 2020-08-29 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-02-20 17:16 - 2020-08-13 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CardRecovery
2021-02-20 17:16 - 2020-08-07 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2021-02-20 17:16 - 2020-07-12 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerofly RC 7
2021-02-20 17:16 - 2020-07-04 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PanoramaStudio 3 Pro
2021-02-20 17:16 - 2020-06-07 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMoney
2021-02-20 17:16 - 2020-05-28 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2021-02-20 17:16 - 2020-05-21 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2021-02-20 17:16 - 2020-04-26 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-02-20 17:16 - 2020-03-07 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2021-02-20 17:16 - 2020-03-07 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2021-02-20 17:16 - 2020-03-06 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-20 17:16 - 2020-02-27 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Master
2021-02-20 17:16 - 2020-02-27 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-02-20 17:16 - 2020-02-23 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2021-02-20 17:16 - 2020-02-15 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-02-20 17:16 - 2020-02-14 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2021-02-20 17:16 - 2020-02-13 20:58 - 000000000 ____D C:\WINDOWS\system32\STRING
2021-02-20 17:16 - 2020-02-13 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-02-20 17:16 - 2020-02-13 19:13 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-02-20 17:16 - 2020-02-13 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2021-02-20 17:16 - 2020-02-12 22:46 - 000000000 ____D C:\Program Files\UNP
2021-02-20 17:16 - 2020-02-12 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans
2021-02-20 17:16 - 2020-02-11 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2021-02-20 17:16 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2021-02-20 17:16 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-02-20 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-02-20 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-02-20 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-in
2021-02-20 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-02-20 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-20 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-02-20 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-02-20 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-20 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-02-20 17:16 - 2019-07-03 03:03 - 000000000 ____D C:\WINDOWS\system32\cAVS
2021-02-20 17:16 - 2019-07-03 02:53 - 000000000 ____D C:\WINDOWS\system32\Intel
2021-02-20 17:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-02-20 17:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-02-20 17:14 - 2020-11-10 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems
2021-02-20 17:14 - 2020-10-29 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR
2021-02-20 17:14 - 2020-10-12 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato
2021-02-20 17:14 - 2020-09-16 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2021-02-20 17:14 - 2020-02-17 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCS_Work
2021-02-20 17:14 - 2020-02-14 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-02-20 17:11 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-02-20 17:11 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-02-20 17:11 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-02-20 17:11 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-20 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-02-20 17:10 - 2019-12-07 15:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-20 17:10 - 2019-12-07 15:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-20 17:02 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-02-20 17:02 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-02-20 17:02 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-02-20 17:02 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-02-20 17:02 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-02-20 17:02 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-02-20 17:02 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-02-20 17:02 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-02-20 17:02 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-02-20 17:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-02-20 17:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-02-20 16:07 - 2020-01-13 14:16 - 000000000 ____D C:\Intel
2021-02-20 15:57 - 2020-02-12 21:40 - 000000000 ____D C:\Program Files\HWiNFO64
2021-02-20 12:21 - 2020-02-15 02:09 - 000000000 ____D C:\ProgramData\Emsisoft
2021-02-20 10:23 - 2020-04-26 11:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-20 10:23 - 2020-03-06 15:52 - 000000000 ____D C:\Program Files\WinRAR
2021-02-20 10:23 - 2020-02-14 19:06 - 000000967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-20 10:23 - 2020-02-14 19:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-20 10:04 - 2020-02-12 21:29 - 000000000 ____D C:\Program Files (x86)\EaseUS
2021-02-20 00:34 - 2019-07-02 18:38 - 000000000 ____D C:\temp
2021-02-19 23:19 - 2019-07-03 02:54 - 000000000 ____D C:\ProgramData\Intel
2021-02-19 23:16 - 2020-02-11 17:37 - 000000000 ____D C:\Users\Gerazer\AppData\Local\Publishers
2021-02-19 21:46 - 2020-02-14 23:12 - 000000000 ____D C:\Users\Gerazer\AppData\Local\ElevatedDiagnostics
2021-02-19 18:15 - 2020-04-01 09:33 - 000000000 ___HD C:\ProgramData\CanonIJScan
2021-02-19 18:15 - 2020-04-01 09:33 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Canon
2021-02-19 18:14 - 2020-02-13 20:57 - 000000000 ____D C:\Program Files (x86)\Canon
2021-02-19 16:26 - 2019-07-03 02:47 - 000799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-19 16:26 - 2019-06-28 15:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-16 22:25 - 2020-12-06 16:02 - 000000000 ____D C:\Users\Gerazer\AppData\Local\DeepL_GmbH
2021-02-16 16:21 - 2020-02-23 14:52 - 000000000 ____D C:\Users\Gerazer\Calibre-Bibliothek
2021-02-16 16:07 - 2020-02-23 14:53 - 000000000 ____D C:\Users\Gerazer\AppData\Local\calibre-cache
2021-02-16 15:48 - 2020-12-06 16:02 - 000002171 _____ C:\Users\Gerazer\Desktop\DeepL.lnk
2021-02-16 15:48 - 2020-12-06 16:02 - 000000000 ____D C:\Users\Gerazer\AppData\Local\DeepL
2021-02-16 12:47 - 2020-02-12 22:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-02-16 12:45 - 2020-02-12 22:18 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-13 22:50 - 2020-02-12 21:53 - 000000000 ____D C:\ProgramData\Adobe
2021-02-13 14:10 - 2021-01-13 21:31 - 000001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk
2021-02-13 14:10 - 2020-12-23 16:40 - 000001165 _____ C:\ProgramData\Desktop\Samsung DeX.lnk
2021-02-13 14:10 - 2020-09-16 16:52 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-02-12 22:39 - 2020-05-21 17:19 - 000000000 ____D C:\Users\Gerazer\.VirtualBox
2021-02-12 22:17 - 2020-05-21 17:19 - 000000000 ____D C:\ProgramData\VirtualBox
2021-02-12 21:26 - 2020-10-11 13:09 - 000000000 ____D C:\Users\Gerazer\Downloads\Aeaai
2021-02-12 21:26 - 2020-02-27 20:28 - 000000000 ____D C:\Users\Gerazer\AppData\Roaming\Download Master
2021-02-12 20:44 - 2020-03-06 23:13 - 000000000 ____D C:\Users\Gerazer\Documents\Adobe
2021-02-11 18:33 - 2019-07-03 02:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 18:30 - 2019-07-03 02:52 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-03 19:38 - 2020-02-15 20:45 - 000000000 ____D C:\Users\Gerazer\AppData\Local\NVIDIA
2021-02-02 17:22 - 2020-11-21 15:52 - 000001377 _____ C:\ProgramData\Desktop\Breitbandmessung.lnk
2021-02-02 17:22 - 2020-11-21 15:52 - 000000000 ____D C:\Users\Gerazer\AppData\Local\breitbandmessung-updater
2021-02-02 17:22 - 2020-11-21 15:52 - 000000000 ____D C:\Program Files\Breitbandmessung

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-02-12 22:47 - 2020-05-11 10:56 - 000000033 _____ () C:\Users\Gerazer\AppData\Roaming\AdobeWLCMCache.dat
2020-10-19 12:08 - 2020-12-10 17:27 - 000000016 _____ () C:\Users\Gerazer\AppData\Roaming\obs-virtualcam.txt
2020-02-24 19:17 - 2020-02-24 19:17 - 000000128 _____ () C:\Users\Gerazer\AppData\Roaming\PUTTY.RND
2020-07-25 11:40 - 2021-01-15 23:12 - 000001456 _____ () C:\Users\Gerazer\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2020-02-12 22:45 - 2020-02-12 22:45 - 000000000 _____ () C:\Users\Gerazer\AppData\Local\oobelibMkey.log
2020-02-15 11:57 - 2020-12-18 22:44 - 000000128 _____ () C:\Users\Gerazer\AppData\Local\PUTTY.RND
2020-09-21 18:37 - 2020-09-21 18:37 - 000000843 _____ () C:\Users\Gerazer\AppData\Local\recently-used.xbel
2020-02-16 23:19 - 2020-10-19 14:08 - 000007602 _____ () C:\Users\Gerazer\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
__________________

Alt 03.03.2021, 15:54   #4
Gewin
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Lösung: Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff



Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-02-2021
durchgeführt von Gerazer (03-03-2021 15:34:50)
Gestartet von C:\Users\Gerazer\Desktop
Windows 10 Pro Version 20H2 19042.804 (X64) (2021-02-20 16:23:46)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-958490055-1889393570-2762725728-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-958490055-1889393570-2762725728-503 - Limited - Disabled)
Gast (S-1-5-21-958490055-1889393570-2762725728-501 - Limited - Disabled)
Gerazer (S-1-5-21-958490055-1889393570-2762725728-1003 - Administrator - Enabled) => C:\Users\Gerazer
WDAGUtilityAccount (S-1-5-21-958490055-1889393570-2762725728-504 - Limited - Disabled)
Лилия (S-1-5-21-958490055-1889393570-2762725728-1004 - Administrator - Enabled) => C:\Users\Лилия

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware Home (Enabled - Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1Password (HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\1Password) (Version: 7.6.793 - AgileBits Inc.)
1und1 MobileWLAN (HKLM-x32\...\1und1 MobileWLAN) (Version: 22.001.29.01.659 - Huawei Technologies Co.,Ltd)
4K Capture Utility (HKLM\...\{17A66458-FDD6-435B-B6FF-6D7DAC00ACD5}) (Version: 1.7.2.4692 - Elgato Systems)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_0_1) (Version: 11.0.1 - Adobe Inc.)
Adobe Connect (HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Adobe Connect App) (Version: 2021.2.18.64 - Adobe Systems Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.1.534 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_1_1) (Version: 10.1 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_2_4) (Version: 21.2.4.323 - Adobe Inc.)
aerofly RC 7 Standard (HKLM-x32\...\aerofly RC 7_is1) (Version: 7.5.11 - IPACS)
AJA System Test 2.1.0-x64 (HKLM\...\{58DFA4F7-47C6-4768-9856-FDBE87BAFFF5}) (Version: 2.1.0 - AJA)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AusweisApp2 (HKLM-x32\...\{904259BB-6BDF-4D98-AB2F-FC758F49E244}) (Version: 1.20.2 - Governikus GmbH & Co. KG)
Blackmagic RAW Common Components (HKLM\...\{60461BA6-AFA0-4D54-AFE1-54EC717AA7D9}) (Version: 1.8.2 - Blackmagic Design)
BlackVue Viewer 2.58 (HKLM-x32\...\BlackVue Viewer) (Version: 2.58 - PittaSoft, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Breitbandmessung 1.1.9 (HKLM\...\{14607473-30db-509f-94f0-bb7c085c619e}) (Version: 1.1.9 - zafaco GmbH)
Breitbandmessung 2.0.0 (HKLM\...\14607473-30db-509f-94f0-bb7c085c619e) (Version: 2.0.0 - zafaco GmbH)
calibre (HKLM-x32\...\{65CE98EE-1194-4544-AE41-05EC8B2D93AA}) (Version: 5.11.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{BA2D8ECB-ED80-42BE-AF8A-FEEADBECEE5F}) (Version: 4.11.2 - Kovid Goyal)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX340 series - регистрация пользователя (HKLM-x32\...\Canon MX340 series - регистрация пользователя) (Version:  - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version:  - Canon Inc.)
CardRecovery 6.00 (HKLM-x32\...\{88D68A69-D247-466B-90DD-575F6BE16230}_is1) (Version:  - WinRecovery Software)
CrystalDiskInfo 8.9.0a (HKLM\...\CrystalDiskInfo_is1) (Version: 8.9.0a - Crystal Dew World)
CrystalDiskMark 8.0.0a (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.0a - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1235 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{47B30418-F683-4F19-BEF9-BA5E490154BF}) (Version: 16.2.8005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
DeepL (HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\DeepL) (Version: 2.0.0 - DeepL GmbH)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 4.7 - DiskInternals Research)
DiskInternals Linux Recovery (HKLM-x32\...\DiskInternals Linux Recovery) (Version: 6.8 - DiskInternals Research)
Download Master 6.19.7.1655 (HKLM-x32\...\Download Master_is1) (Version: 6.19.7.1655 - WestByte)
Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.11 - Emsisoft Ltd.)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
Fairlight Studio Utility (HKLM\...\{6C7FC3A1-DA64-4ACE-8F05-301CBECD5BE9}) (Version: 1.2.0.0 - Blackmagic Design)
FileZilla Client 3.52.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.52.0.5 - Tim Kosse)
Firefox Developer Edition 74.0 (x64 en-US) (HKLM\...\Firefox Developer Edition 74.0 (x64 en-US)) (Version: 74.0 - Mozilla)
Foxit PhantomPDF (HKLM-x32\...\{153360B6-9CCF-11E9-B0DE-54BF64A63C26}) (Version: 9.6.0.25114 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.1.29511 - Foxit Software Inc.)
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.72 - Google LLC)
Hdd Speed Test Tool v. 1.0.14 (RC 1) (HKLM-x32\...\Hdd Speed Test Tool_is1) (Version:  - Marko Oette (oette.info))
HWiNFO64 Version 6.30 (HKLM\...\HWiNFO64_is1) (Version: 6.30 - Martin Malik - REALiX)
Imaging Edge (Remote/Viewer/Edit) (HKLM\...\{77FC0D72-6800-4A67-A353-E9691520C492}) (Version: 3.0.00.06250 - Sony Imaging Products & Solutions, Inc.)
Imaging Edge Desktop (HKLM\...\{9AF97938-E455-44AE-8FD2-FB5FFE2F6B54}) (Version: 1.0.00.12110 - Sony Imaging Products & Solutions Inc.)
Imaging Edge Webcam (HKLM\...\{1447C2C4-38BC-4A85-AA5A-0E1C8F7E55AB}) (Version: 1.0.00.07311 - Sony Imaging Products & Solutions, Inc.)
Insta360 Studio 2020 version 3.5.0 (HKLM\...\{78E34D33-E6EF-442B-A808-2351211989E2}}_is1) (Version: 3.5.0 - Arashi Vision .Ltd)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel(R) Corporation)
IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.3.0.13 - IObit)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kartina.TV 2.3.47 (HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\0af1506c-b17d-583a-abe7-196b0987677d) (Version: 2.3.47 - Kartina.Tv GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Volume - de-de) (Version: 16.0.10371.20060 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - ru-ru (HKLM\...\ProPlus2019Volume - ru-ru) (Version: 16.0.10371.20060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-958490055-1889393570-2762725728-1004\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{734fc823-e9c9-42b9-b70c-88391e5d7f45}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM-x32\...\{00e17fce-b99d-493c-a4b1-629282f8e42b}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 12 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)
Mozilla Firefox 52.1.0 ESR (x86 de) (HKLM-x32\...\Mozilla Firefox 52.1.0 ESR (x86 de)) (Version: 52.1.0 - Mozilla)
Mozilla Firefox 68.7.0 ESR (x86 de) (HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Mozilla Firefox 68.7.0 ESR (x86 de)) (Version: 68.7.0 - Mozilla)
Mozilla Firefox 85.0.2 (x64 de) (HKLM\...\Mozilla Firefox 85.0.2 (x64 de)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
NDI 4 Runtime (HKLM\...\{71AFF296-ED43-4166-8301-4649285EE712}_is1) (Version:  - NewTek, inc.)
Neat Image v8.5.2 Pro plug-in for Photoshop (64-bit) (HKLM\...\Neat Image v8 plug-in for Photoshop_is1) (Version:  - Neat Image team, ABSoft)
Neat Image v8.5.2 Pro Standalone (HKLM\...\Neat Image v8 Standalone_is1) (Version:  - Neat Image team, ABSoft)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.3 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
obs-ndi version 4.5.0 (HKLM-x32\...\{69FA0C71-8BEB-4E0D-B5D2-53BFF9192EE2}_is1) (Version: 4.5.0 - Stephane Lepin)
OBS-VirtualCam version 2.0.4 (HKLM-x32\...\{7B7182E6-D22D-4E5A-BCA2-EC985A4BD588}_is1) (Version: 2.0.4 - OBS)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10371.20060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10371.20060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.10371.20060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0419-1000-0000000FF1CE}) (Version: 16.0.10371.20060 - Microsoft Corporation) Hidden
Opera Stable 74.0.3911.160 (HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\Opera 74.0.3911.160) (Version: 74.0.3911.160 - Opera Software)
Oracle VM VirtualBox 6.1.8 (HKLM\...\{33F54ABE-08B9-4177-9F25-054D403212FA}) (Version: 6.1.8 - Oracle Corporation)
Pano2VR - Garden Gnome Software (HKLM-x32\...\Pano2VR) (Version:  - )
PanoramaStudio 3.4 Pro ((deinstallieren)) (HKLM\...\PanoramaStudio3Pro) (Version:  - )
PIPP 2.5.9 (HKLM\...\PIPP) (Version: 2.5.9 - Chris Garry)
ProSAFE Plus Utility (HKLM-x32\...\{B98C06F7-F167-45AF-B612-F89DA39BB22F}) (Version: 2.4.3 - NETGEAR) Hidden
ProSAFE Plus Utility (HKLM-x32\...\InstallShield_{B98C06F7-F167-45AF-B612-F89DA39BB22F}) (Version: 2.4.3 - NETGEAR)
QUIK (HKLM-x32\...\{519A413F-6A45-4A48-AC2E-4A9C94C8F98A}_is1) (Version:  - СМВБ-Информационные технологии)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.13.18.1333 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0228.021813 - Razer Inc.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 4.0.0.12 - Samsung)
Samsung DeX (HKLM-x32\...\{24639BA3-44DD-4648-806D-8046771E6722}) (Version: 2.0.0.20 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{51af111f-4665-4995-8982-55e0e02163e7}) (Version: 2.0.0.20 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
SDI011 dual interface reader (HKLM-x32\...\{D0ED9100-DFFB-482C-8DB6-C626264757BD}) (Version: 1.01 - SCM Microsystems)
SER Player v1.7.2 (64-bit) (HKLM\...\SER Player x64) (Version: v1.7.2 - Chris Garry)
Speedtest by Ookla (HKLM\...\{601756B7-DA6A-4DCD-B0CD-A4C75C2AA895}) (Version: 1.7.132.001 - Ookla)
Stellarium 0.20.2 (HKLM\...\Stellarium_is1) (Version: 0.20.2 - Stellarium team)
Streamlabs OBS 0.24.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.24.1 - General Workings, Inc.)
Synology Active Backup for Business Agent (HKLM-x32\...\{81B35851-2C23-4881-BD2C-EB7BA20D0FDA}) (Version: 2.1.1125 - Synology)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-24922 - Synology)
Synology Drive Client (remove only) (HKLM\...\Synology Drive) (Version: 6.0.1.11061 - Synology, Inc.)
Synology Photo Station Uploader (remove only) (HKLM-x32\...\Photo Station Uploader) (Version: 1.4.5.093 - Synology)
Telegram Desktop version 2.5.8 (HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.5.8 - Telegram FZ-LLC)
TNR Vision 3.7 - электронный сонник (HKLM-x32\...\Vision3) (Version:  - )
Viber (HKLM-x32\...\{EBF90FE1-19E8-44DB-91CD-1BD5D4E373B9}) (Version: 13.2.0.39 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\{197fd93c-1b89-40b0-aaff-37fbe999c0c6}) (Version: 13.2.0.39 - 2010-2020 Viber Media S.a.r.l)
VIISAN OfficeCam (HKLM-x32\...\{8C6D7D0D-55C0-4021-96EA-A3B45551B280}) (Version: 6.9.6.0 - VIISAN)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WebMoney Advisor (HKLM-x32\...\WebMoney Advisor) (Version: 2.2.4 - CJSC Computing Forces)
WebMoney Agent (HKLM-x32\...\WebMoney Agent) (Version: 3.5 - Softomate)
WebMoney Keeper WinPro 3.9.9.21 (HKLM-x32\...\{6D9A7CEE-054A-437D-99EF-DD7C77E001FD}) (Version: 3.9.9.21 - WM Transfer Ltd.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
ИнфоПротектор Плеер (HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\{40A74F7A-C471-4768-8468-A52B4C30AA80}_is1) (Version: 2.2.0 - ООО "Инфо Диарэм")

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated)
Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.48.0_x64__pwbj9vvecjh7j [2021-02-21] (Amazon Development Centre (London) Ltd)
Dolby Atmos -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmos_3.20900.902.0_x64__rz1tebttyb220 [2021-02-19] (Dolby Laboratories)
DWD WarnWetter -> C:\Program Files\WindowsApps\DeutscherWetterdienst.DWDWarnWetter_1.9.2.0_x64__ea15zn9khdvwy [2021-02-21] (Deutscher Wetterdienst)
HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.40204.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Corporation)
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-02-28] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-12] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-28] (Microsoft Studios) [MS Ad]
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-02-28] (NVIDIA Corp.)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.32861.0_x64__8wekyb3d8bbwe [2021-02-21] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-19] (Realtek Semiconductor Corp)
Sony Camera Remote Toolbox -> C:\Program Files\WindowsApps\43930Lawler.SonyCameraRemoteToolbox_1.6.0.0_x64__myddp3zea3sm0 [2021-02-21] (Lawler)
Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.30.0_x64__8j3eq9eme6ctt [2021-01-04] (INTEL CORP)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{07D9805F-9689-41DF-8A5D-8F005AC43B03} -> [Synology Drive - Server-DS] => C:\Users\Gerazer\AppData\Local\SynologyDrive\SystemFolders\5 [2021-01-01 21:39]
CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F553AC0AF45E} -> [Creative Cloud Files] => C:\Users\Gerazer\Creative Cloud Files [2020-07-04 10:59]
CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{a3d7e084-b0df-4d14-8e0a-27a572a6332c}\localserver32 -> C:\Program Files\Sony\Imaging Edge Desktop\ied.exe (Sony Imaging Products & Solutions Inc. -> Sony)
CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-958490055-1889393570-2762725728-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-12-23] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [   02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-12-23] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [   03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-12-23] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [   04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-12-23] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [   05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-12-23] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-23] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-23] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-23] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-23] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-02-14] (Notepad++ -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-05-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-05-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvrzi.inf_amd64_abf49ca127bc710b\nvshext.dll [2021-01-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-23] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-958490055-1889393570-2762725728-1003: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2020-12-23] () [Datei ist nicht signiert]
ContextMenuHandlers6_S-1-5-21-958490055-1889393570-2762725728-1003: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2020-12-23] () [Datei ist nicht signiert]

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Gerazer\Desktop\Поиграй!.lnk -> C:\Program Files (x86)\Download Master\games.url () <==== Cyrillic
Shortcut: C:\Users\Gerazer\Desktop\Сонник TNR Vision 3.lnk -> C:\Program Files (x86)\TNR Vision 3.8\Vision.exe (© Анатолий Григоренко, TNR Programming 2011.) <==== Cyrillic
Shortcut: C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ИнфоПротектор Плеер.lnk -> C:\Users\Gerazer\AppData\Local\InfoProtector Player\ИнфоПротектор Плеер.exe (Info DRM Ltd) <==== Cyrillic
Shortcut: C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Сонник TNR Vision 3\Получить бесплатный ключ.lnk -> C:\WINDOWS\system32\tnrprog.icl (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Сонник TNR Vision 3\Сайт TNR Programming.lnk -> C:\WINDOWS\system32\tnrprog.icl (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Сонник TNR Vision 3\Удалить программу.lnk -> C:\Program Files (x86)\TNR Vision 3.8\Uninstall.exe () <==== Cyrillic
Shortcut: C:\Users\Gerazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Деинсталлировать Telegram.lnk -> C:\Users\Gerazer\AppData\Roaming\Telegram Desktop\unins000.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\QUIK БКС.lnk -> C:\BCS_Work\QUIK_BCS\info.exe (ARQA Technologies) <==== Cyrillic

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2012-09-23 20:43 - 2012-09-23 20:43 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2020-11-23 15:52 - 2020-11-23 15:52 - 000056320 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\bz2.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 001130496 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000117760 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\expat.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000222208 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\fontconfig.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000009728 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\libcharset.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000918016 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\libiconv.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000164864 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\libpng16.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000074752 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000348672 _____ () [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\fct-qt.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 021778660 _____ () [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icudt53.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 003513476 _____ () [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icuin53.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 002230929 _____ () [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icuuc53.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000824935 _____ () [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libcurl-4.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000121524 _____ () [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libgcc_s_dw2-1.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 003320631 _____ () [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libsqlite3-0.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 001547595 _____ () [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libstdc++-6.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000156160 _____ () [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\WinCFWrapper.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000124430 _____ () [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\zlib1.dll
2021-01-13 04:00 - 2021-01-13 04:00 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2021-01-13 04:00 - 2021-01-13 04:00 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2021-01-13 04:00 - 2021-01-13 04:00 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2021-01-13 04:00 - 2021-01-13 04:00 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2021-01-13 04:00 - 2021-01-13 04:00 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2021-01-13 04:00 - 2021-01-13 04:00 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2021-02-19 18:14 - 2009-09-28 17:52 - 000019968 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNSU_RUS.DLL
2021-02-19 18:10 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
2020-11-23 15:52 - 2020-11-23 15:52 - 031859200 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 010266624 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\avfilter-7.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 010868736 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 001006592 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000125440 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\postproc-55.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000316416 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000524800 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
2020-03-19 10:21 - 2020-03-19 10:21 - 000591360 _____ (Hystax) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\vsstracker_x64.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000064647 _____ (MingW-W64 Project. All rights reserved.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libwinpthread-1.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000055808 _____ (Open Source Software community LGPL) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 001420800 _____ (Pizzolato Davide - www.xdp.it) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\cximageu.dll
2021-01-28 18:02 - 2021-01-28 18:02 - 004579840 _____ (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
2021-01-28 18:01 - 2021-01-28 18:01 - 002872320 _____ (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
2021-01-28 18:01 - 2021-01-28 18:01 - 006453248 _____ (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000527872 _____ (The FreeType Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\freetype.dll
2020-03-19 10:21 - 2020-03-19 10:21 - 001787904 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\LIBEAY32.dll
2020-03-19 10:21 - 2020-03-19 10:21 - 000434688 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\SSLEAY32.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 002769297 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\LIBEAY32.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000798897 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\SSLEAY32.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000035328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qgif.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000045568 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qicns.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000035328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qico.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000453632 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qjpeg.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000504320 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qtiff.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 001862656 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\platforms\qwindows.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000030720 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Concurrent.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 006057984 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Core.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 005804032 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Gui.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 001793024 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Network.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 006324224 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Widgets.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 000200704 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\bin\styles\qwindowsvistastyle.dll
2020-12-23 10:31 - 2020-12-23 10:31 - 002822144 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Users\Gerazer\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000110207 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000019008 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll
2020-11-23 15:52 - 2020-11-23 15:52 - 000017472 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:41ADDB8A [131]
AlternateDataStreams: C:\ProgramData\TEMP:A064CECC [139]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-958490055-1889393570-2762725728-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yandex.ru/?win=426&clid=2254914
SearchScopes: HKU\S-1-5-21-958490055-1889393570-2762725728-1003 -> DefaultScope 7516ca9a-5997-11ea-8c36-90203a1c211e URL = hxxps://yandex.ru/search/?win=426&clid=2254915&text={searchTerms}
SearchScopes: HKU\S-1-5-21-958490055-1889393570-2762725728-1003 -> 7516ca9a-5997-11ea-8c36-90203a1c211e URL = hxxps://yandex.ru/search/?win=426&clid=2254915&text={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2017-06-23] (Download Master -> WestByte) [Datei ist nicht signiert]
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2019-06-28] (FOXIT SOFTWARE INC. -> )
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-02-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: WebMoneyAdvisorBHO -> {E7D2CB77-6E2D-4C1F-B485-D50506B9FA6B} -> C:\Program Files (x86)\WebMoney Advisor\2.2.4\wmadvisor.dll [2011-07-20] (CJSC Computing Forces -> CJSC Computing Forces)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2019-06-28] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM-x32 - WebMoney Advisor - {405DFEAE-1D2F-4649-BE08-C92313C3E1CE} - C:\Program Files (x86)\WebMoney Advisor\2.2.4\wmadvisor.dll [2011-07-20] (CJSC Computing Forces -> CJSC Computing Forces)
Toolbar: HKU\S-1-5-21-958490055-1889393570-2762725728-1003 -> Kein Name - {405DFEAE-1D2F-4649-BE08-C92313C3E1CE} -  Keine Datei
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2018-09-15 08:31 - 2020-03-06 23:05 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-08-29 18:48 - 2021-01-07 14:43 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
92.168.137.1 Gerazer.mshome.net # 2025 12 6 20 15 52 25 280

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Calibre2\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files (x86)\Calibre2\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gerazer\Pictures\Saved Pictures\Prism_1920x1080.png
HKU\S-1-5-21-958490055-1889393570-2762725728-1004\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
 ist aktiviert.

Network Binding:
=============
WLAN 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\StartupApproved\Run: => "4AB4DE8B85C59B591E6C4219D4E2CE3944159F23._service_run"
HKU\S-1-5-21-958490055-1889393570-2762725728-1003\...\StartupApproved\Run: => "AusweisApp2"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{86F8781C-2902-458B-A120-32E12BC8AF99}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{3D7239AC-30DE-47B7-BE97-5CEBCE898847}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{0A48A6B1-CA22-4DD7-B33B-7FAE321AEF3B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{C355A309-A4D9-4423-AF8D-42104D6A5315}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{130BE640-E7B0-4951-8269-4A3ED6E3A9F4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{449B7512-3A2F-4C81-A1CE-C8E9F97704E5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EEB734A5-900C-4871-911C-97F2BFAC4FCD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2C5D604-3561-436A-8464-801E7A34A4C9}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => Keine Datei
FirewallRules: [{68465456-0F63-4B56-8F88-70FDF9B44FF0}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{CEA8D408-0163-415C-B120-731FC5B74FE2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => Keine Datei
FirewallRules: [{E8869793-A46D-42E1-B303-7738998C441A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Keine Datei
FirewallRules: [{E86BD562-28A9-4230-9EE4-50238E016A1F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B01D5D80-6B17-4AF6-BB79-B9FBAF414CC9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{471F1070-F52B-4E98-90FB-1B4E1992B3F2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A611091C-8CA6-4C1F-92B4-22D095585828}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{6738AD8D-3F34-4C37-9248-39E545AE1CD1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{3A19383C-975A-4F53-BCF2-87EB80333C82}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{6DADF409-4BD5-4AC1-90D0-C5A97BF5D003}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2922D7A1-8DE3-4BBF-AF5D-BC7966445E05}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{61569939-DC4D-44A7-BE1C-D52082D13F24}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5DD3B50-04F6-4F05-AAFA-68DA0B60EDDD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9087AA97-A724-410A-AB2E-F8511E8752A5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29C87E41-918A-4359-AE25-E3ABE62E0A32}] => (Allow) LPort=24727
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{CCE7E0C8-A8C3-4BDA-9210-0D539EAD0FE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FB38CE8F-E3C9-41DC-845E-33CF5E7DDF46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6AA3D147-EEB1-45F2-BB7A-0C1456669BF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3498A568-9BC1-4436-B7B8-6E0D0C7FD1B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EC7FB954-A75D-481C-A40B-DF6B0DFCBC9C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C7DC3310-8B58-4BA4-B390-B70185DBAC28}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65C9BABA-1C5D-43C9-AE27-511A5D94BAF5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C29338C5-5EFF-47A5-A7E2-E096F21C2514}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6F1F8986-4107-4669-B75B-31CBD4E53A46}] => (Allow) C:\Program Files\Elgato\4KCaptureUtility\4KCaptureUtility.exe (Corsair Memory, Inc. -> Elgato Systems)
FirewallRules: [UDP Query User{CA5993A3-FDC4-4475-95D9-3F5009AC73B9}D:\tv_samsung\root\soft\sammywidgets.exe] => (Allow) D:\tv_samsung\root\soft\sammywidgets.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{AE48B3B5-1FA3-420C-A964-8E7949A46D57}D:\tv_samsung\root\soft\sammywidgets.exe] => (Allow) D:\tv_samsung\root\soft\sammywidgets.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{D8D75565-C92D-4798-9AF6-99672A04B6B2}C:\users\gerazer\desktop\samygopvrdecoder.exe] => (Allow) C:\users\gerazer\desktop\samygopvrdecoder.exe (United Key Crackers) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C9DC559B-B006-4B61-9E1D-406930AFDDB0}C:\users\gerazer\desktop\samygopvrdecoder.exe] => (Allow) C:\users\gerazer\desktop\samygopvrdecoder.exe (United Key Crackers) [Datei ist nicht signiert]
FirewallRules: [{10026E58-05C9-4C53-B39C-E24489899663}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{7B117DB7-41AD-418C-AB0A-2CBEA13A59D7}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{9EA4C3F0-E630-4CAD-BBB1-BD1A0E7AE27E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3798F939-4C63-4BCB-AF47-AF67DE8D51C9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{B559ED4A-7B71-4647-BE8D-FC0C7347306F}C:\users\gerazer\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\gerazer\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [TCP Query User{FB133242-41BA-4B9E-B9BF-338924C1CB2A}C:\users\gerazer\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\gerazer\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [{E1CCB8AB-9082-44CA-B4A6-D7605F5D7A7D}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{343AAE36-89AC-40BC-AB4D-A3983C9DE69D}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{711734BD-AAAF-4F8A-9EEB-427CCB96AF56}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CC718C2-1D2C-4854-B441-63C918250D3A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B38F2A1-1A60-4393-9909-7C12F94E25B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE47FB2E-3B98-402F-B2E7-D17079707DC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{46A36F97-4289-4A59-BCC3-E5BBBB9A99A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F34BBA0-2EC2-4AAF-8AE9-E04A1F5990FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FC5A735D-97E7-4022-ACEF-7F5AB4FCE88B}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [UDP Query User{A9E3118C-463F-4A94-8D61-79CA55F793A5}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [TCP Query User{77A6C0E1-9D48-46DE-AB71-0E666C479291}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{D1191C95-12AA-4C0D-BC3E-B4DAA40AB271}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{E11CBE52-4F2D-4F7C-B6DF-43E5219FD1D2}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{25A65D02-331E-4BAE-97DB-1D9A3BB82645}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{99F7FFDA-2E79-4C12-8ADA-D09DA31454B4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{BA7FA3D8-3D90-4BEF-B8B0-61A2EF877438}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{5C55F2C7-8CBB-46B7-AE68-6C57873B1B22}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{A8B179FB-70F4-4FB1-B0CE-CFEA6C258247}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{1213E7A3-E17E-4D22-96E2-FD8ED271CEAC}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [UDP Query User{57CB4DD6-2CFB-4EB2-9FF0-5E6A5ABEDE3B}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{B3D5F9F4-55FD-49EA-A213-AD5CAB9AE84B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (03/02/2021 09:36:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (03/02/2021 09:36:44 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (03/02/2021 09:22:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (03/02/2021 09:22:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (03/02/2021 09:22:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (03/02/2021 09:22:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (03/02/2021 09:17:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (03/02/2021 09:17:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]


Systemfehler:
=============
Error: (03/03/2021 03:30:32 PM) (Source: DCOM) (EventID: 10010) (User: GERAZER)
Description: Der Server "Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/03/2021 03:28:41 PM) (Source: DCOM) (EventID: 10010) (User: GERAZER)
Description: Der Server "Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/02/2021 10:23:07 PM) (Source: DCOM) (EventID: 10010) (User: GERAZER)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/02/2021 10:23:07 PM) (Source: DCOM) (EventID: 10010) (User: GERAZER)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/02/2021 10:23:07 PM) (Source: DCOM) (EventID: 10010) (User: GERAZER)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/02/2021 10:23:07 PM) (Source: DCOM) (EventID: 10010) (User: GERAZER)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/02/2021 10:23:07 PM) (Source: DCOM) (EventID: 10010) (User: GERAZER)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/02/2021 10:23:07 PM) (Source: DCOM) (EventID: 10010) (User: GERAZER)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===============
Date: 2021-03-02 17:18:55
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: Razer 1.03 06/06/2019
Hauptplatine: Razer DA530
Prozessor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 32662.61 MB
Verfügbarer physikalischer RAM: 23723.84 MB
Summe virtueller Speicher: 37526.61 MB
Verfügbarer virtueller Speicher: 26042.87 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:237.19 GB) (Free:19.19 GB) NTFS
Drive d: (gerazer_HDD) (Fixed) (Total:931.51 GB) (Free:437.79 GB) NTFS
Drive g: (gerazer_SSD) (Fixed) (Total:693.04 GB) (Free:128.54 GB) NTFS

\\?\Volume{08863fa0-8c4b-01d6-d01f-43842546eb00}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{000b86ad-e830-ca98-4cbc-ff1d5a0d1700}\ () (Fixed) (Total:0.62 GB) (Free:0.07 GB) NTFS
\\?\Volume{0000041d-cf30-08fc-4b9c-de013a080000}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: CBC679EB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 20113B58)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

Alt 03.03.2021, 16:03   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Wie Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff



Zitat:
C:\users\gerazer\desktop\samygopvrdecoder.exe] => (Allow) C:\users\gerazer\desktop\samygopvrdecoder.exe (United Key Crackers)
Das soll bitte was sein?

__________________
Logs bitte immer in CODE-Tags posten

Alt 03.03.2021, 16:07   #6
felix1
/// Helfer-Team
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Wo Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff Lösung!



Das Gerät scheint mir gewerblich genutzt zu werden:
Code:
ATTFilter
 (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe 

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2> 

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2> 

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe 

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe 

(Adobe Inc. -> Adobe Systems Incorporated) C:\Users\Gerazer\AppData\Roaming\Adobe\Connect\ConnectDetector.exe
         
Weiterhin ist hier etwas von IObit installiert.
__________________
--> Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff

Alt 03.03.2021, 16:10   #7
webwatcher
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff



Zitat:
Zitat von cosinus Beitrag anzeigen
Zitat:
C:\users\gerazer\desktop\samygopvrdecoder.exe] => (Allow) C:\users\gerazer\desktop\samygopvrdecoder.exe (United Key Crackers)
Das soll bitte was sein?
Ein Uraltentschlüsselungstool Malware scan of SamyGOPVRDecoder.exe (SamyGO PVR-Decoder by LordByte in 2014) 161d6472808148e9208ed0471d4c8903e76e5f33 - herdProtect
__________________
Glaub ja nicht, was du denkst, wer ich bin

Alt 03.03.2021, 16:38   #8
Gewin
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff



Das ist ein Video -Decoder für Samsung TV (Entschlüsselungstool), ist aber nichts illegales, mit Keygen oder sowas enliches und über ein Jahr installiert, damit waren keine Probleme, meine Ansicht nach

Zitat:
Zitat von felix1 Beitrag anzeigen
Das Gerät scheint mir gewerblich genutzt zu werden:
Code:
ATTFilter
 (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe 

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2> 

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe 

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2> 

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe 

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe 

(Adobe Inc. -> Adobe Systems Incorporated) C:\Users\Gerazer\AppData\Roaming\Adobe\Connect\ConnectDetector.exe
         
Weiterhin ist hier etwas von IObit installiert.
nein, rein Privat, ich nütze Adobe Photoshop mit Lightroom für 11€ im Monat

ich habe einen Scanner von Viisan gekauft. Die Software konnte den Scanner nicht erkennen, habe dann Support von Viisan kontaktiert.

Sie haben mir einen Fernzugriff via TeamView angeboten, um das Problem zu lösen. Innerhalb von 5 Minuten hat der Support Mitarbeiter den Fehler gefunden (die Camera war ausgeschalten und das war der Grund).

Der Support Mitarbeiter hat 2 Dateien hochgeladen um zu Überprüfen, wo der Fehler lag. Diese habe ich danach gelöscht aber! Im Chatverlauf habe ich gesehen, das er 3 Dateinen hochgeladen hat, welche dritte Datei konnte ich nicht sehen, deswegen der Verdacht.

TeamView habe ich als Basis und da kein Monitoring möglich.

Vielleicht nur ein wenig paranoid

Zitat:
Zitat von cosinus Beitrag anzeigen
Das soll bitte was sein?
der Name des Herstellers ist blöd, aber das Programm ist kein Cracker!


IObit habe ich im Zuge dessen installiert, um Programme gründlich zu enfernen

Geändert von Gewin (03.03.2021 um 16:47 Uhr)

Alt 03.03.2021, 18:26   #9
schlawack
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff



Mann, geh doch her, mach eine Datensicherung dir wichtiger Dateien und dann eine saubere Windows 10 Neuinstallation, dann sind die komischen eingangs erwähnten Dateien weg und auch die Reste von IObit.
__________________
Windows 10 64 Pro 21H1

Alt 03.03.2021, 19:51   #10
Gewin
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff [gelöst]



Zitat:
Zitat von schlawack Beitrag anzeigen
Mann, geh doch her, mach eine Datensicherung dir wichtiger Dateien und dann eine saubere Windows 10 Neuinstallation, dann sind die komischen eingangs erwähnten Dateien weg und auch die Reste von IObit.
werde ich machen, ist meistens am Besten, Danke.

Alt 03.03.2021, 20:05   #11
felix1
/// Helfer-Team
 
Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Standard

Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff [gelöst]



Zitat:
Zitat von Gewin Beitrag anzeigen
werde ich machen, ist meistens am Besten, Danke.
Gute Entscheidung. Zumal dort auch noch Verbindungen zu russischen Quellen vorhanden sind. Da klingeln bei mir schon mal die Alarmglocken. In der Vergangenheit gab es da oftmals Probleme. Muss nicht sein, da auf dem Rechner auch ein kyrillischer Account vorhanden ist.
__________________
LG

Der Felix

Keine Hilfe per PN und E-Mail

Antwort

Themen zu Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff
antivirus, arbeiten, bild, datei, dateien, hallo zusammen, langsam, log, melde, meldet, neu, neustart, plötzlich, reagiert, schwer, seltsam, system, unbekannte, verdacht, win, windows, woche, zugriff, zusammen, öffnen



Ähnliche Themen: Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff


  1. Windows 10: Verdacht auf Schadsoftware
    Diskussionsforum - 07.02.2021 (6)
  2. Fremden wurde kurzfristig Fernzugriff gestattet
    Log-Analyse und Auswertung - 22.12.2019 (10)
  3. WhatsApp für Android: Lücke erlaubte Fernzugriff über manipulierte Bilddateien
    Nachrichten - 07.10.2019 (0)
  4. Updates verfügbar: Internetradios von Telestar erlaubten Fernzugriff
    Nachrichten - 11.09.2019 (0)
  5. Amazon Account geknackt, soll wohl kein Fernzugriff laut Amazon sein ?
    Diskussionsforum - 12.04.2019 (3)
  6. Samsung Note 3: unerwünschter Fernzugriff
    Smartphone, Tablet & Handy Security - 05.10.2015 (2)
  7. Windows 8.1 - Verdacht auf Trojaner
    Plagegeister aller Art und deren Bekämpfung - 30.04.2015 (28)
  8. 2x | Windows 7, Verdacht auf Virus
    Mülltonne - 06.04.2015 (1)
  9. Windows 7: Virus verdacht
    Plagegeister aller Art und deren Bekämpfung - 08.01.2015 (12)
  10. Windows 7 - ZeroAccess Verdacht
    Plagegeister aller Art und deren Bekämpfung - 16.11.2014 (15)
  11. Windows 7 Verdacht auf Rootkit
    Log-Analyse und Auswertung - 22.09.2014 (3)
  12. Windows 7: Verdacht auf Keylogger
    Log-Analyse und Auswertung - 22.06.2014 (16)
  13. iPhone-"Entführung" per Fernzugriff: Apple betont, dass iCloud sicher ist
    Nachrichten - 28.05.2014 (0)
  14. Fernzugriff oder Bildübertragung
    Log-Analyse und Auswertung - 08.12.2013 (10)
  15. Ist der Versuch möglich/sinnvoll ein infiziertes System per Fernzugriff reparieren zu wollen?
    Alles rund um Windows - 13.12.2011 (7)
  16. Webcam Fernzugriff
    Überwachung, Datenschutz und Spam - 23.09.2011 (12)
  17. Fernzugriff
    Überwachung, Datenschutz und Spam - 22.05.2010 (6)

Zum Thema Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff - Hallo zusammen, bereits die zweite Woche verhält mein PC (Win 10 Pro) sehr seltsam: Das System fäng an sehr langsam zu arbeiten, alles reagiert plötzlich sehr langsam, mit einer Verzögerung, - Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff...
Archiv
Du betrachtest: Windows 10 Pro- Verdacht auf unzulässigen Fernzugriff auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.