Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Zip-Datei Word in E-Mail geöffnet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Thema geschlossen
Alt 11.05.2021, 09:19   #1
alex_esp
 
Zip-Datei Word in E-Mail geöffnet - Standard

Zip-Datei Word in E-Mail geöffnet



Guten Tag,

leider habe ich in einer stressigen Situation einen unverzeilichen Fehler gemacht und einen Mailanhang .zip geöffnet, obwohl sie auch noch Passwort geschützt war. Das Passwort stand in der Mail. Diese zip hat eine Word-Datei vermutlich mit Makros geöffnet. Es war eine Antwort E-Mail von einem Unternehmen, dass ich um ein Angebot gebeten hatte.
Dieses ist schon ein paar Tage her und ich habe bislang keine Fehlermeldung oder Warnung meines Virenprogramms Bitdefender Free bekommen.

Dennoch möchte ich jetzt gerne sicher gehen, dass ich mir kein Trojaner emotet oder ähnliches eingefangen habe.

Ich bin gerade dabei mit einem Freund ein kleines Unternehmen zu gründen. Bislang haben wir jedoch keine nennenswerten Umsätze und es ist nicht klar, ob es überhaupt weitergeht mit unserer Idee. Den Rechner nutze ich privat und auch dafür. Ich hoffe, dass ich damit bei euch unter die Ausnahme von "Geschäftsleuten" falle.

Vielen Dank bereits vorab.

Jetzt die Logfiles.

FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-05-2021
durchgeführt von Alexander (Administrator) auf WINDELL-788D1Q2 (Dell Inc. XPS 13 9360) (11-05-2021 09:51:32)
Gestartet von C:\Users\Alexander\Downloads
Geladene Profile: Alexander
Platform: Windows 10 Home Version 2004 19041.928 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Alexander\AppData\Local\WebEx\ciscowebexstart.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Alexander\AppData\Local\WebEx\WebEx\Meetings\atmgr.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Alexander\AppData\Local\WebEx\WebEx\Meetings_01\atmgr.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\121.4.4267\QtWebEngineProcess.exe <3>
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3f902faa7a5da85d\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.2101.28.0_x64__8wekyb3d8bbwe\Time.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\76.0.4017.107\opera.exe <87>
(Opera Software AS -> Opera Software) C:\Program Files\Opera\76.0.4017.107\opera_crashreporter.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_WAVES_SKYLAKE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-05] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680728 2021-05-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [Discord] => C:\Users\Alexander\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30885360 2020-03-04] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [PTOneClick] => C:\Users\Alexander\AppData\Local\Webex\Webex\Applications\ptoneclk.exe [7184192 2020-04-12] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-21] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Alexander\AppData\Local\WebEx\ciscowebexstart.exe [3711704 2021-04-30] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2763952 2021-05-07] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\21.062.0328.0001"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Policies\Explorer: [] 
HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-23] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC)
Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2019-02-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0C93F72A-6F8E-4DC7-A2A9-7CC09D822904} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {16545A9C-9BBF-4739-90C3-D52AD3C1B751} - System32\Tasks\AdobeAAMUpdater-1.0-WINDELL-788D1Q2-Alexander => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {19141BCC-9300-466C-9758-1BE5F37DBFE9} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4071016 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {27ED81A3-E23C-4C1D-B463-F7FF65E4FFA6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {33A96379-28BA-479C-A2AA-D467D9A00697} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {36525BF1-C22C-43F8-A6F6-BBEBCD222162} - System32\Tasks\Opera scheduled assistant Autoupdate 1576835173 => C:\Program Files\Opera\launcher.exe [2199704 2021-05-06] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {3880284A-3737-4115-8B6F-0C4168D3F71D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {389BB786-6712-4F94-B108-AF90218D0FB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E2F6869-CD9F-471D-82C9-B512C28F3F97} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {432DA82D-2E8F-4458-A102-BEFBCCB90C52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-13] (Google Inc -> Google Inc.)
Task: {4BBC94E0-A0FB-4F40-BA05-F593065E1E78} - System32\Tasks\Opera scheduled Autoupdate 1509559017 => C:\Program Files\Opera\launcher.exe [2199704 2021-05-06] (Opera Software AS -> Opera Software)
Task: {551A3672-B22C-4D83-9A59-45916EBB6540} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1120696 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {603C9FB2-6B0B-4052-A084-D42F91AEFCB1} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {66E53798-F95C-43C0-9B72-59E6BF3C2BD5} - System32\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {72686D95-A891-483A-BBE5-A610D06F474A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {8C5B4ACF-CD23-4F0D-B5F7-31FE68C66242} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B78D7F5-C5C2-454F-BC6C-8F46150FDD01} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {A1BB7DE0-DDD7-4857-95D7-70DE9CE09139} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender)
Task: {AC221FF3-5AA7-4B8C-8D9E-01382A0E0A2C} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PIconStartup.exe [231400 2019-08-05] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PrivacyIconClient.exe" 60
Task: {B14BC9B8-C9A1-400C-9D91-ECADA2EEFDB5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B9D624D1-2F4B-426E-9A68-BF743D83E344} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {BB06A88E-8A91-44EE-BDFC-91F595D86915} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C711D884-722A-4478-8749-923B42852DB8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CFB28C91-0A06-474B-BA10-1CB262C24C1F} - System32\Tasks\DropboxUpdateTaskMachineUA1d558491a577788 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D3B225DB-F019-45E5-BCBE-680C8314FB87} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5CD3D1D-A4B7-41E3-B1EC-92459A9B4566} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E6E24F68-D2C2-4B80-8B3A-1D141680A236} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-03-04] (Garmin International, Inc. -> )
Task: {EBB517B3-14A4-4CB2-ACD9-DF5465BD94D6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.)
Task: {EC731A2E-2804-4084-B770-AC2EDECC6A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-13] (Google Inc -> Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d558491a577788.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0e4f6f48-c261-4dd0-8db2-59bf5a91dfdb}: [DhcpNameServer] 10.106.8.30
Tcpip\..\Interfaces\{19c08f36-edb5-412e-9336-4049871475d5}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1
Tcpip\..\Interfaces\{3f99e3f5-94c9-4ead-8977-2086e6de0d6b}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ca90329d-3cf3-42e6-a062-13ddf94891df}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1

Edge: 
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Alexander\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-13]

FireFox:
========
FF DefaultProfile: ftt3x0f4.default
FF DefaultProfile: 2y091unm.default
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Zotero\Zotero\Profiles\ftt3x0f4.default [2021-04-23]
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default [2021-04-20]
FF Extension: (Hoxx VPN Proxy) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\@hoxx-vpn.xpi [2021-04-14]
FF Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\hotspot-shield@anchorfree.com.xpi [2020-12-15]
FF Extension: (Touch VPN – Kostenloses VPN und kostenloser Proxy) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\touch-vpn@anchorfree.com.xpi [2021-01-16]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-07] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-07-21] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-07-21] <==== ACHTUNG

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-15]
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-04-15]
CHR Notifications: Profile 1 -> hxxps://app.houseparty.com
CHR Extension: (Präsentationen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-12]
CHR Extension: (Docs) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-12]
CHR Extension: (Redirect Path) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aomidfkchockcldhbkggjokdkkebmdll [2021-02-25]
CHR Extension: (Google Drive) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-23]
CHR Extension: (YouTube) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-18]
CHR Extension: (Tabellen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-12]
CHR Extension: (Google Docs Offline) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-18]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18]
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-12]
CHR HKU\S-1-5-21-648673255-3041033212-2045848966-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
OPR Profile: C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable [2021-05-11]
OPR Notifications: Opera Stable -> hxxps://app.houseparty.com; hxxps://book.lufthansa.com; hxxps://business.facebook.com; hxxps://jungesrl.zulipchat.com; hxxps://portal.imice.de; hxxps://web.telegram.org; hxxps://www.facebook.com; hxxps://www.kaufda.de; hxxps://www.laptopmag.com; hxxps://www.wetteronline.de
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Ecosia - Die Suchmaschine, die Bäume pflanzt) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\cjkjohdegdpmepjcgmiafjaanigkkelo [2017-11-01]
OPR Extension: (Zotero Connector) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2021-05-05]
OPR Extension: (Rich Hints Agent) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-04-20]
OPR Extension: (Limit - Set Limits for Distracting Sites) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhmmjbmojepanopjakcclphcadaclmk [2020-11-02]
OPR Extension: (Install Chrome Extensions) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-12-23]
OPR Extension: (Desktop Messenger for Telegram™) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\lamkfhpkhbgfdglofogcdipebpibjbkg [2019-12-16]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-07] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AtcHost; C:\Program Files\Bitdefender Antivirus Free\atchost.exe [1475272 2020-10-02] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2461792 2021-04-11] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-17] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2020-08-19] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{CDBCEBD6-3610-40F0-A782-B593722A86D0} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73928 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1775840 2020-04-16] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2663128 2020-04-16] (Rivet Networks LLC -> Rivet Networks)
S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73928 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [236128 2021-04-11] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [559200 2021-04-11] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [240352 2021-04-11] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-10-16] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2718744 2021-02-26] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-08] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender)
S3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-03-05] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [488592 2021-02-26] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [187848 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641728 2021-03-10] (Bitdefender SRL -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [386800 2020-12-08] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2099-07-04 05:39 - 2117-07-04 05:39 - 000000000 _____ C:\WINDOWS\SysWOW64\wsmand.log.lock
2021-05-11 10:00 - 2021-05-11 10:00 - 000002744 _____ C:\Users\Alexander\Desktop\mail.txt
2021-05-11 09:51 - 2021-05-11 09:57 - 000040791 _____ C:\Users\Alexander\Downloads\FRST.txt
2021-05-11 09:49 - 2021-05-11 09:56 - 000000000 ____D C:\FRST
2021-05-11 09:47 - 2021-05-11 09:47 - 002298880 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2021-05-10 21:18 - 2021-05-10 21:18 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002) (2).pdf
2021-05-10 21:17 - 2021-05-10 21:17 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002).pdf
2021-05-10 21:17 - 2021-05-10 21:17 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002) (1).pdf
2021-05-10 21:03 - 2021-05-10 21:03 - 000144035 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-05 at 09.30.39.jpeg
2021-05-10 21:02 - 2021-05-10 21:02 - 000156353 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-10 at 21.01.51.jpeg
2021-05-10 21:02 - 2021-05-10 21:02 - 000156353 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-10 at 21.01.51 (1).jpeg
2021-05-10 16:45 - 2021-05-10 16:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-05-10 16:45 - 2021-05-10 16:45 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-10 16:11 - 2021-05-10 16:11 - 000003980 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1509559017
2021-05-10 16:11 - 2021-05-10 16:11 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-05-10 09:27 - 2021-05-10 09:27 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-648673255-3041033212-2045848966-1001
2021-05-10 09:27 - 2021-05-10 09:27 - 000002398 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-07 09:17 - 2021-05-07 09:17 - 000001407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-05-02 11:13 - 2021-05-02 11:13 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2021-04-30 08:48 - 2021-04-30 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-04-28 23:17 - 2021-04-28 23:17 - 000234959 _____ C:\Users\Alexander\Downloads\Berechnung-Hauskauf_Aktuell.xlsm
2021-04-24 16:07 - 2021-04-24 16:07 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-04-24 16:07 - 2021-04-24 16:07 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-04-23 14:24 - 2021-04-23 14:24 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-22 13:52 - 2021-04-22 13:52 - 000372051 _____ C:\Users\Alexander\Downloads\Satzung_158.PDF
2021-04-21 10:17 - 2021-04-21 10:17 - 001427677 _____ C:\Users\Alexander\Downloads\Kurzbericht_Welt_Erbe_Haus_zur_Barrierefreiheit.PDF
2021-04-20 15:56 - 2021-05-07 09:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-04-19 20:03 - 2021-04-19 20:03 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-19 20:03 - 2021-04-19 20:03 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-19 20:03 - 2021-04-19 20:03 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-18 13:55 - 2021-04-18 13:55 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk
2021-04-18 13:51 - 2021-04-18 13:51 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2021.lnk
2021-04-18 13:46 - 2021-04-18 13:46 - 000001134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk
2021-04-18 13:35 - 2021-04-18 13:35 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-04-16 15:58 - 2021-04-16 15:58 - 000048902 _____ C:\Users\Alexander\Downloads\DINPro Bold.zip
2021-04-16 15:56 - 2021-04-16 15:56 - 000017216 _____ C:\Users\Alexander\Downloads\DIN Bold.zip
2021-04-16 15:56 - 2021-04-16 15:56 - 000017216 _____ C:\Users\Alexander\Downloads\DIN Bold (1).zip
2021-04-16 15:55 - 2021-04-16 15:55 - 000000000 ____D C:\Users\Alexander\Downloads\flyer Ordner-20210416T135406Z-001
2021-04-16 15:54 - 2021-04-16 15:54 - 031156564 _____ C:\Users\Alexander\Downloads\flyer Ordner-20210416T135406Z-001.zip
2021-04-16 14:59 - 2021-04-16 14:59 - 000125168 _____ (Zoom Video Communications, Inc.) C:\Users\Alexander\Downloads\Zoom_cm_fo42anktZ9vvrZo4_m47SkS27WCcn4PA0hcQmB23L3OTsAxpSFvcY8@OH9ASUeSMemokc+I_k22b9e1cf54b5db69_.exe
2021-04-14 12:21 - 2021-04-14 12:21 - 000116552 _____ C:\Users\Alexander\Desktop\Snippet_316875325.idms
2021-04-14 10:11 - 2021-04-14 10:11 - 000708273 _____ C:\Users\Alexander\Downloads\HydroTower_Bestellformular und QA_2021.04.14 (1).pdf
2021-04-13 17:35 - 2021-04-13 17:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-13 12:06 - 2021-04-13 12:06 - 000612441 _____ C:\Users\Alexander\Downloads\t200605073 (1).pdf
2021-04-13 12:03 - 2021-04-13 12:03 - 000612441 _____ C:\Users\Alexander\Downloads\t200605073.pdf
2021-04-13 10:27 - 2021-04-13 10:27 - 002523013 _____ C:\Users\Alexander\Downloads\37_CleanTube_.pdf
2021-04-13 10:27 - 2021-04-13 10:27 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Forwarding_Tube.pdf
2021-04-13 10:26 - 2021-04-13 10:26 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Sleeve_Tube.pdf
2021-04-13 10:26 - 2021-04-13 10:26 - 000663032 _____ C:\Users\Alexander\Downloads\06_RP_PVC_Collar.pdf
2021-04-12 20:18 - 2021-04-12 20:18 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecsTier2
2021-04-12 18:18 - 2021-04-12 18:18 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Fahrrohr (1).pdf
2021-04-12 18:18 - 2021-04-12 18:18 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Muffenrohr (1).pdf
2021-04-12 18:17 - 2021-04-12 18:17 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Fahrrohr.pdf
2021-04-12 18:17 - 2021-04-12 18:17 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Muffenrohr.pdf
2021-04-12 18:17 - 2021-04-12 18:17 - 000663032 _____ C:\Users\Alexander\Downloads\06_RP_PVC_Muffen.pdf
2021-04-11 12:17 - 2021-04-11 12:17 - 000022976 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-05-11 10:05 - 2019-01-02 13:41 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2021-05-11 09:59 - 2017-10-25 14:39 - 000000000 ___RD C:\Users\Alexander\OneDrive
2021-05-11 09:52 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-11 09:41 - 2020-04-16 18:48 - 000000000 ____D C:\Users\Alexander\AppData\Local\WebEx
2021-05-11 09:31 - 2020-10-08 14:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-11 08:34 - 2019-10-03 22:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-10 21:08 - 2020-11-14 13:35 - 000000000 ____D C:\Users\Alexander\AppData\Local\CrashDumps
2021-05-10 16:11 - 2017-11-01 19:56 - 000000000 ____D C:\Program Files\Opera
2021-05-10 16:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-10 10:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-10 10:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-10 09:29 - 2020-07-07 11:34 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-10 09:29 - 2020-07-07 11:34 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-10 09:29 - 2020-07-07 11:34 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-07 09:18 - 2019-12-16 23:09 - 000000000 ___RD C:\Users\Alexander\Creative Cloud Files
2021-05-07 09:17 - 2017-11-08 19:58 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-05-07 09:17 - 2017-11-08 19:57 - 000000000 ____D C:\Program Files\Adobe
2021-05-07 09:17 - 2017-10-25 17:21 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-05-07 09:14 - 2021-02-14 01:42 - 000000000 ___RD C:\Users\Alexander\iCloudDrive
2021-05-07 09:14 - 2018-02-12 19:38 - 000000000 ____D C:\Users\Alexander\AppData\LocalLow\Mozilla
2021-05-07 09:13 - 2019-02-05 15:55 - 000000000 ___RD C:\Users\Alexander\Google Drive
2021-05-07 09:12 - 2017-10-25 14:36 - 000000000 __SHD C:\Users\Alexander\IntelGraphicsProfiles
2021-05-06 00:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-05-05 21:57 - 2018-03-01 19:54 - 000000000 ____D C:\Users\Alexander\AppData\Local\PlaceholderTileLogoFolder
2021-05-05 21:56 - 2020-10-08 15:13 - 000004344 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA1d558491a577788
2021-05-05 21:56 - 2020-10-08 15:13 - 000004112 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18
2021-05-05 21:56 - 2019-08-21 19:51 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d558491a577788.job
2021-05-05 21:56 - 2019-08-21 19:51 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18.job
2021-05-05 09:40 - 2020-04-16 18:48 - 000000000 ____D C:\Users\Alexander\AppData\LocalLow\WebEx
2021-05-05 08:25 - 2020-10-08 15:08 - 001723002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-05 08:25 - 2019-12-07 16:50 - 000746440 _____ C:\WINDOWS\system32\perfh007.dat
2021-05-05 08:25 - 2019-12-07 16:50 - 000150810 _____ C:\WINDOWS\system32\perfc007.dat
2021-05-05 08:01 - 2020-12-08 16:58 - 000000000 ___HD C:\adobeTemp
2021-05-04 01:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-04 00:40 - 2021-02-05 12:34 - 000000000 ____D C:\Users\Alexander\Documents\VW Backup
2021-05-03 23:50 - 2017-10-25 17:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-30 08:48 - 2018-06-28 21:34 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-04-28 23:19 - 2017-11-20 13:33 - 000000000 ____D C:\Users\Alexander\AppData\Local\Packages
2021-04-27 09:06 - 2018-02-12 19:37 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-25 15:59 - 2020-10-08 23:12 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d69d73ac60587a
2021-04-25 15:59 - 2020-10-08 15:13 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-23 03:17 - 2021-02-27 05:18 - 000000000 ____D C:\Users\Alexander\Zotero
2021-04-22 06:04 - 2018-06-28 21:37 - 000000000 ____D C:\Users\Alexander\Dropbox
2021-04-21 17:06 - 2020-09-30 21:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-21 10:48 - 2018-05-12 19:04 - 000001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-04-21 10:48 - 2018-02-12 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-20 21:14 - 2020-10-08 15:13 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 21:14 - 2020-10-08 15:13 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-20 12:18 - 2017-10-25 14:36 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\Adobe
2021-04-20 10:23 - 2019-02-20 22:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-20 10:18 - 2021-03-29 11:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-20 10:03 - 2021-03-03 11:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-20 10:03 - 2020-10-08 15:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-20 10:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-20 10:03 - 2017-10-03 08:03 - 000000000 ____D C:\Intel
2021-04-20 03:46 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-04-20 03:45 - 2021-03-03 11:13 - 000671504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-20 03:45 - 2021-02-27 05:16 - 000000000 ____D C:\Program Files (x86)\Zotero
2021-04-20 03:45 - 2019-12-07 11:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-19 20:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-19 20:03 - 2020-10-08 14:58 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-19 19:57 - 2017-10-30 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-19 19:55 - 2017-10-30 15:39 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-16 18:47 - 2019-12-08 14:42 - 000000000 ____D C:\Users\Alexander\Documents\SRL
2021-04-16 15:55 - 2020-09-18 17:22 - 000000000 ____D C:\Users\Alexander\Documents\HydroTower
2021-04-16 00:38 - 2018-12-25 17:13 - 000000000 ____D C:\Program Files (x86)\Steam
2021-04-15 23:24 - 2020-03-15 21:41 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\discord
2021-04-13 17:35 - 2018-02-12 19:37 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-13 17:04 - 2017-11-19 19:24 - 000000000 ____D C:\Users\Alexander\Documents\Textures
2021-04-13 16:54 - 2017-10-25 14:52 - 000000000 ____D C:\Users\Alexander\AppData\Local\Comms
2021-04-13 01:33 - 2020-10-08 15:00 - 000000000 ____D C:\Users\Alexander
2021-04-13 00:50 - 2020-11-25 17:08 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\Apple Computer
2021-04-12 20:15 - 2018-05-31 21:40 - 000000000 ____D C:\Users\Alexander\AppData\Local\D3DSCache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-01-09 18:45 - 2020-01-09 18:45 - 000000033 _____ () C:\Users\Alexander\AppData\Roaming\AdobeWLCMCache.dat
2018-06-24 13:49 - 2020-10-16 13:37 - 000000028 _____ () C:\Users\Alexander\AppData\Roaming\kulerdata.json
2020-10-05 13:18 - 2021-02-14 20:20 - 000001456 _____ () C:\Users\Alexander\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2018-10-02 08:25 - 2018-10-02 08:25 - 000000000 _____ () C:\Users\Alexander\AppData\Local\oobelibMkey.log
2017-11-01 20:40 - 2020-08-24 13:02 - 000007604 _____ () C:\Users\Alexander\AppData\Local\Resmon.ResmonCfg
2017-12-05 16:00 - 2021-02-03 16:26 - 000000287 _____ () C:\Users\Alexander\AppData\Local\VersionChecker_23.xml

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         

Alt 11.05.2021, 09:21   #2
alex_esp
 
Zip-Datei Word in E-Mail geöffnet - Standard

Weitere Logs Addition und Shortcut



Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-05-2021
durchgeführt von Alexander (11-05-2021 10:06:35)
Gestartet von C:\Users\Alexander\Downloads
Windows 10 Home Version 2004 19041.928 (X64) (2020-10-08 13:14:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-648673255-3041033212-2045848966-500 - Administrator - Disabled)
Alexander (S-1-5-21-648673255-3041033212-2045848966-1001 - Administrator - Enabled) => C:\Users\Alexander
DefaultAccount (S-1-5-21-648673255-3041033212-2045848966-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-648673255-3041033212-2045848966-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-648673255-3041033212-2045848966-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-648673255-3041033212-2045848966-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Animate 2021 (HKLM-x32\...\FLPR_21_0_5) (Version: 21.0.5 - Adobe Inc.)
Adobe Character Animator 2020 (HKLM-x32\...\CHAR_3_5) (Version: 3.5 - Adobe Inc.)
Adobe Character Animator 2021 (HKLM-x32\...\CHAR_4_0) (Version: 4.0 - Adobe Inc.)
Adobe Connect (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_2_3) (Version: 25.2.3 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_1) (Version: 16.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_2) (Version: 10.2 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_9) (Version: 14.9 - Adobe Inc.)
Adobe Media Encoder 2021 (HKLM-x32\...\AME_15_1) (Version: 15.1 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_3_1) (Version: 22.3.1.122 - Adobe Inc.)
Adobe Premiere Rush (HKLM-x32\...\RUSH_1_5_58) (Version: 1.5.58 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{9A9FF300-3725-4934-A0D7-86F109A88ACF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology)
AutoCAD 2018 - Deutsch (German) (HKLM\...\{28B89EEF-1001-0407-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - Deutsch (German) (HKLM\...\AutoCAD 2018 - Deutsch (German)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.)
Backuptrans Android WhatsApp to iPhone Transfer (x64) 3.2.148 (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Backuptrans Android WhatsApp to iPhone Transfer (x64)) (Version: 3.2.148 - Backuptrans)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.14.74 - Bitdefender)
Cisco Webex Meetings (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\ActiveTouchMeetingClient) (Version: 41.5.3 - Cisco Webex LLC)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{C5A70974-2F89-4BE0-90F7-749E62468C4D}) (Version: 3.8.1.23 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{6B991B44-B938-4902-BDF3-186CBDC62AD3}) (Version: 5.1.4.11989 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{34685541-a19e-4537-97c9-082238790346}) (Version: 5.1.4.11989 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.1.0 - Dell Inc.)
Discord (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 121.4.4267 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{9427DAC2-91FD-418E-87D4-8914B437CC06}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{0934EADA-3DAF-4A21-829D-1BB3C315DCB4}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{d3b4366e-9163-44f4-a381-d431031c2841}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
iCloud Outlook (HKLM\...\{BF2241BF-20CC-490B-B7BE-761B80E20114}) (Version: 11.6.0.32 - Apple Inc.)
Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{D011AAF9-F756-43AB-8E91-47ADF0D86394}) (Version: 4.0.0.29 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.372 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 2.2.1.31 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.13929.20296 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox 87.0 (x64 de) (HKLM\...\Mozilla Firefox 87.0 (x64 de)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 87.0.0.7747 - Mozilla)
Mozilla Thunderbird 78.10.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.10.0 (x86 de)) (Version: 78.10.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Opera Stable 76.0.4017.107 (HKLM-x32\...\Opera 76.0.4017.107) (Version: 76.0.4017.107 - Opera Software)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.825 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.21313 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.250 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.39.518.2020 - Realtek)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.)
SketchUp 2017 (HKLM\...\{C711666A-E8CC-4E2A-802F-BAA35E76045F}) (Version: 17.2.2555 - Trimble Navigation Limited)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20013.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20013.2 - Samsung Electronics Co., Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{09578E80-CE8C-47E6-A055-8C49C616541F}) (Version: 18.05.1 - Wolters Kluwer Deutschland GmbH)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Updater (HKLM-x32\...\Updater) (Version: 1.0 - Updater) <==== ACHTUNG
Vectorworks 2018 (HKLM\...\Vectorworks 2018 SP1 23.0.0) (Version: 23.0.0 - Vectorworks, Inc.)
Vectorworks 2021 (HKLM\...\Vectorworks 2021 26.0.2) (Version: 26.0.2 - Vectorworks, Inc.)
Verfügbare Autodesk-Apps 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Zoom (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 5.0.96 (x86 en-US)) (Version: 5.0.96 - Corporation for Digital Scholarship)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-10] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-11] (Adobe Systems Incorporated)
Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_39.0.12.12_x64__adky2gkssdxte [2021-04-18] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-06] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.8.10.0_x64__htrsf667h5kn2 [2021-02-14] (Dell Inc)
Dropbox für S Modus -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.4.0_x64__xbfy0k16fey96 [2021-03-19] (Dropbox Inc.)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-10] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa [2021-05-07] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-24] (Apple Inc.) [Startup Task]
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3267.0_x64__rh07ty8m5nkag [2021-01-07] (Rivet Networks LLC) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-10-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.43.41241.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-12-18] (Adobe Systems Incorporated)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0 [2021-05-04] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.8.0_x86__xpfg3f7e9an52 [2021-03-19] (New Work SE)
ZDFmediathek -> C:\Program Files\WindowsApps\ZDFGemeinntzigeAnstaltdes.ZDFmediathek_4.0.0.0_neutral__h3zwtz978ayka [2020-04-11] (ZDF Gemeinnützige Anstalt des öffentlichen Rechts)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-417AC85DF7F7} -> [Creative Cloud Files] => C:\Users\Alexander\Creative Cloud Files [2019-12-16 23:09]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Alexander\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{14097043-DE9D-461F-BC24-E07F11A17748} -> [iCloud Drive] => C:\Users\Alexander\iCloudDrive [2021-02-14 01:42]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{A6589972-5623-4F20-B23A-ACA747BCE141} -> [iCloud-Fotos] => C:\Users\Alexander\Pictures\iCloud Photos\Photos [2021-02-14 01:42]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\de-DE\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Alexander\Dropbox [2018-06-28 21:37]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Open Source Developer, Brice Lambson -> Brice Lambson)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\igfxDTCM.dll [2020-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2015-03-17 02:34 - 2015-03-17 02:34 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2021-05-07 09:13 - 2021-05-07 09:13 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_ctypes.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_elementtree.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_hashlib.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_multiprocessing.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_psutil_windows.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_socket.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 002824704 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_ssl.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_yappi.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\bz2.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\common.time34.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\hashobjs_ext.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\PIL._imaging.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\pyexpat.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\pysqlite2._sqlite.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\pythoncom27.dll
2021-05-07 09:13 - 2021-05-07 09:13 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\pywintypes27.dll
2021-05-07 09:13 - 2021-05-07 09:13 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\select.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\thumbnails_ext.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\unicodedata.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\usb_ext.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32api.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32com.shell.shell.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32crypt.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32event.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32file.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32gui.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32inet.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32pdh.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32pipe.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32process.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32profile.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32security.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32ts.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\windows.conditional.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\windows.connectivity.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\windows.device_monitor.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\windows.volumes.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\windows.winwrap.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._controls_.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._core_.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._gdi_.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._html2.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._misc_.pyd
2021-05-07 09:13 - 2021-05-07 09:13 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._windows_.pyd
2021-02-02 07:49 - 2021-02-02 07:49 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2021-04-12 15:21 - 2021-04-12 15:21 - 000032256 _____ (Dell Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ComponentService\a2519dda3fd763a05a99da465a73aeca\ComponentService.ni.dll
2021-04-12 15:21 - 2021-04-12 15:21 - 000571904 _____ (Dell Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SmbLib\aeca345b8d11f78ad75223b49e0d2127\SmbLib.ni.dll
2021-04-12 15:21 - 2021-04-12 15:21 - 000160768 _____ (Dell Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Utilities\3054ac91e7b446e732a844c998f21f85\Utilities.ni.dll
2019-07-15 11:20 - 2019-07-15 11:20 - 000126976 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2021-05-07 09:13 - 2021-05-07 09:13 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\python27.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2021-05-07 09:13 - 2021-05-07 09:13 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxbase30u_net_vc90_x64.dll
2021-05-07 09:13 - 2021-05-07 09:13 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxbase30u_vc90_x64.dll
2021-05-07 09:13 - 2021-05-07 09:13 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxmsw30u_adv_vc90_x64.dll
2021-05-07 09:13 - 2021-05-07 09:13 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxmsw30u_core_vc90_x64.dll
2021-05-07 09:13 - 2021-05-07 09:13 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxmsw30u_html_vc90_x64.dll
2021-05-07 09:13 - 2021-05-07 09:13 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\sharepoint.com -> hxxps://ittuberlin-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2018-01-29 18:40 - 2019-05-15 11:58 - 000000583 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 WINDELL-788D1Q2.mshome.net # 2023 1 6 28 19 50 14 310

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;%INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-648673255-3041033212-2045848966-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexander\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\WP_20161123_001.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\Services: AdAppMgrSvc => 2
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "PTOneClick"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E754BBBD-97EA-4E07-9FB1-AAD2BBDA387B}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{80B9C1B4-A921-41FB-8EF0-B94A648EC0DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{E087B767-2069-4582-8C83-A1B0EF12A2BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{AFF85466-C59C-494D-83E9-7D2C997CF3B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F0D8AC4-7174-4370-8F55-C4551ACFAECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A236464-FD3E-46CB-87F4-72894242EE4A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{35CCB881-813F-4540-AF0F-875762A7FF95}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{48006030-7A54-48DD-B058-CC3C3C4F3947}C:\program files\vectorworks 2018\vectorworks2018e.exe] => (Allow) C:\program files\vectorworks 2018\vectorworks2018e.exe (Vectorworks, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DD68D86A-7150-47DB-A2EF-5557347A05A9}C:\program files\vectorworks 2018\vectorworks2018e.exe] => (Allow) C:\program files\vectorworks 2018\vectorworks2018e.exe (Vectorworks, Inc.) [Datei ist nicht signiert]
FirewallRules: [{F6B0E415-F85F-437A-82FD-AB5D5004A6B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EA77759E-B2D3-43B8-93CE-5207C7272500}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{483E5BFB-6D4D-4247-A80A-FBCBCFC31DF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{6690DE8A-F57A-4C1E-883A-93D7D7627001}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{CFE88206-3FCB-49A0-8756-5EBF8A74C424}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{F52E2221-4A06-48BD-9282-7330219466DC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C25F53E3-4342-48B3-A8F3-6B2CE00396A1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2D271FB1-5269-4B66-BADD-0B67C4F1FCCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{72AA914A-6EB9-4B07-A461-8DBC44F3AD79}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3E5D7440-F1E5-4319-9100-99C5F566AF1F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7DF98843-DE51-462F-94E1-0178AFEFA45F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1F9AEAF3-976A-4A5B-92B0-CEE354FA968F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AAB4249F-1C71-47D6-9005-7B299A1AB100}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{222F66A3-40C3-4DBD-8CC3-CD016EEAD05A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F241C3C-4B22-4C66-84C7-D50DD98C6C29}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{82B5D8AD-60A7-4C1B-BA0D-606A97A2FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{934D76D1-06D9-4A10-ACDD-9591906EAC38}C:\program files\vectorworks 2021\vectorworks2021.exe] => (Allow) C:\program files\vectorworks 2021\vectorworks2021.exe (Vectorworks, Inc. -> Vectorworks, Inc.)
FirewallRules: [UDP Query User{F1C0FB4F-15D5-4060-B752-52EE18DED36F}C:\program files\vectorworks 2021\vectorworks2021.exe] => (Allow) C:\program files\vectorworks 2021\vectorworks2021.exe (Vectorworks, Inc. -> Vectorworks, Inc.)
FirewallRules: [{EA7B77BC-A7F2-4C7A-B292-8B36E7BBA7D0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C404C255-0D04-4380-8EE6-7EE337F0435E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AA3C7658-CB53-435E-85D8-E2E7E2D885A2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1ED9B27-2E6F-44A6-A721-EDB8F1A2E289}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4853D7C9-3DF9-42B3-893E-8C0A6ABD402E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E26472D1-F4B4-4AD2-BF4A-FFB62A4F8044}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD3BD8CA-5099-4F48-A09E-B9B269333FB8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{416ACCDB-4F04-4F56-8F0A-FAB5EF81A9E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9C91020-C778-40FF-9C05-5F289F28C466}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{912EA4AD-C128-4B7E-B1D7-580376052815}] => (Allow) C:\Program Files\Opera\75.0.3969.243\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AE733746-39CC-4EC2-9AD9-6BB4D7C4FE8F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{9A687CCB-9BBC-4D02-8385-6915C4AFB146}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C843FD68-E427-4151-B334-05CF758AF34B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6ADC3378-9FBC-4853-B137-5A36CA3AE6D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F2CDDFD-68DF-4DCF-8563-A309C7DBD164}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FEDCD465-310A-4E37-80B2-491E66E8A578}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9251C962-E2A1-43F8-A124-1FF45B9D72A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB2B392C-7B41-498D-B7BB-D5DADA110316}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2435453-B77D-4FE9-B490-F8D1AF02015A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{685F4A03-C602-4664-8B8F-41ADB4DB7028}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D84C1348-BCCE-4D64-8315-5F622B978D7D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{629965F4-B3DB-4BF1-9EDC-A90239351E03}] => (Allow) C:\Program Files\Opera\76.0.4017.107\opera.exe (Opera Software AS -> Opera Software)

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:475.47 GB) (Free:66.08 GB) (14%)

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (05/11/2021 09:59:44 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000

Error: (05/11/2021 09:32:23 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000

Error: (05/10/2021 09:08:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 2020.20120.4004.0, Zeitstempel: 0x5fcaab3d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.906, Zeitstempel: 0x2f2f77bf
Ausnahmecode: 0x80131623
Fehleroffset: 0x000000000010b2dc
ID des fehlerhaften Prozesses: 0x72e0
Startzeit der fehlerhaften Anwendung: 0x01d7457281e4cab6
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: b07e1f55-5c36-424e-b1f6-0b9b611c26b2
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (05/10/2021 09:08:27 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000

Error: (05/10/2021 07:00:03 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (05/10/2021 09:28:59 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (05/10/2021 09:27:34 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/10/2021 09:27:14 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).


Systemfehler:
=============
Error: (05/11/2021 09:59:24 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {2ceb0a22-26c8-4b4d-8045-cd7e34e52689}" ist das Ereignis "74" aufgetreten.

Error: (05/11/2021 09:33:24 AM) (Source: DCOM) (EventID: 10010) (User: WINDELL-788D1Q2)
Description: Der Server "Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/11/2021 09:31:51 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {2ceb0a22-26c8-4b4d-8045-cd7e34e52689}" ist das Ereignis "74" aufgetreten.

Error: (05/10/2021 09:08:18 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {2ceb0a22-26c8-4b4d-8045-cd7e34e52689}" ist das Ereignis "74" aufgetreten.

Error: (05/10/2021 09:26:20 AM) (Source: DCOM) (EventID: 10010) (User: WINDELL-788D1Q2)
Description: Der Server "microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/10/2021 09:25:58 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {2ceb0a22-26c8-4b4d-8045-cd7e34e52689}" ist das Ereignis "74" aufgetreten.

Error: (05/07/2021 09:14:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Mozilla Maintenance Service" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (05/07/2021 09:12:29 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {2ceb0a22-26c8-4b4d-8045-cd7e34e52689}" ist das Ereignis "74" aufgetreten.


CodeIntegrity:
===============
Date: 2021-05-11 09:32:44
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider64.dll that did not meet the Windows signing level requirements.

Date: 2021-05-11 08:34:25
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider32.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-10 22:29:29
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider32.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: Dell Inc. 2.13.0 11/14/2019
Hauptplatine: Dell Inc. 0D4J15
Prozessor: Intel(R) Core(TM) i7-7560U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 16108.16 MB
Verfügbarer physikalischer RAM: 6078.87 MB
Summe virtueller Speicher: 28200.2 MB
Verfügbarer virtueller Speicher: 10796.55 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:475.47 GB) (Free:66.08 GB) NTFS

\\?\Volume{c09336f2-25d2-4235-a503-e804e80b5728}\ (WinRE) (Fixed) (Total:0.39 GB) (Free:0.38 GB) NTFS
\\?\Volume{7d4aa265-23a7-40a9-a30c-986b920e2ba9}\ () (Fixed) (Total:0.85 GB) (Free:0.3 GB) NTFS
\\?\Volume{03b7b388-dc7a-4570-8cb9-5725c646b0a6}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
__________________


Alt 11.05.2021, 09:22   #3
alex_esp
 
Zip-Datei Word in E-Mail geöffnet - Standard

Logfile Shortcut



Shortcut:
Code:
ATTFilter
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 09-05-2021
durchgeführt von Alexander (11-05-2021 10:09:34)
Gestartet von C:\Users\Alexander\Downloads
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\Public\Desktop\OSGeo4W\OSGeo4W Shell.lnk -> C:\OSGeo4W64\OSGeo4W.bat ()


Shortcut: C:\Users\Alexander\Links\Desktop.lnk -> C:\Users\Alexander\Desktop ()
Shortcut: C:\Users\Alexander\Links\Downloads.lnk -> C:\Users\Alexander\Downloads ()
Shortcut: C:\Users\Alexander\Links\Google Drive.lnk -> C:\Users\Alexander\Google Drive ()
Shortcut: C:\Users\Alexander\Dropbox\Vasaloppet 2020\OneDrive - Verknüpfung.lnk -> C:\Users\Alexander\OneDrive ()
Shortcut: C:\Users\Alexander\Documents\cK\cK\2019_03_Kempten im Allgäu\2019_03_Kempten im Allgäu.lnk -> P:\01 Kommunalberatung\K-08-008 Bundestransferstelle Staedtebaulicher Denkmalschutz\Expertengruppe\2019_03_Kempten im Allgäu (Keine Datei)
Shortcut: C:\Users\Alexander\Desktop\Adobe Lightroom Classic.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc.)
Shortcut: C:\Users\Alexander\Desktop\Masterthesis - Verknüpfung.lnk -> C:\Users\Alexander\Documents\Studium TU Berlin\WS_1920\Masterthesis ()
Shortcut: C:\Users\Alexander\Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe ()
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Connect.lnk -> C:\Users\Alexander\AppData\Roaming\Adobe\Connect\connect.exe (Adobe Systems, Inc.)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk -> C:\Program Files\Bitdefender Antivirus Free\bdagent.exe (Bitdefender)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\brain_flower.lnk -> C:\Users\Alexander\Downloads\brain_flower.zip (Keine Datei)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Masterthesis.lnk -> C:\Users\Alexander\Documents\Studium TU Berlin\WS_1920\Masterthesis ()
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk -> C:\Windows\System32\fodhelper.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QGIS3.lnk -> C:\OSGeo4W64\bin\qgis-bin.exe ()
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schnellzugriff.lnk -> [LFg @U@1SPSU(Ly9K-e)::{679F85CB-0220-4080-B29B-5540CC05AAB6}]
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cisco Webex Meetings Desktop-App\Cisco Webex Meetings.lnk -> C:\Users\Alexander\AppData\Local\WebEx\WebEx\Applications\ptoneclk.exe (Cisco Webex LLC)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Backuptrans Android WhatsApp to iPhone Transfer (x64).lnk -> C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\androidWhatsAppToiPhoneTransfer.exe (Backuptrans Studio)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Uninstall.lnk -> C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\uninst.exe (Backuptrans Studio)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Website.lnk -> C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Backuptrans Android WhatsApp to iPhone Transfer (x64).url ()
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Opera-Browser.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera-Browser.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Alexander\AppData\Roaming\Autodesk\AutoCAD 2018\R22.0\deu\Plotters\Plot Styles\Assistent zum Hinzufügen einer Plotstiltabelle.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\styshwiz.exe (Autodesk, Inc.)
Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Alexander\alexander.*******@campus.tu-berlin.de Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe (Adobe Systems Incorporated.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2021.lnk -> C:\Program Files\Adobe\Adobe Animate 2021\Animate.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator 2020.lnk -> C:\Program Files\Adobe\Adobe Character Animator 2020\Support Files\Character Animator.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator 2021.lnk -> C:\Program Files\Adobe\Adobe Character Animator 2021\Support Files\Character Animator.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk -> C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2021.lnk -> C:\Program Files\Adobe\Adobe InDesign 2021\InDesign.exe (Adobe Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2020.lnk -> C:\Program Files\Adobe\Adobe Media Encoder 2020\Adobe Media Encoder.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk -> C:\Program Files\Adobe\Adobe Media Encoder 2021\Adobe Media Encoder.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk -> C:\Program Files\Adobe\Adobe Photoshop 2021\Photoshop.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk -> C:\Program Files\Adobe\Adobe Premiere Rush\Adobe Premiere Rush.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zotero.lnk -> C:\Program Files (x86)\Zotero\zotero.exe (Corporation for Digital Scholarship)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks 2021\Vectorworks 2021 deinstallieren.lnk -> C:\Program Files\Vectorworks 2021\Uninstall Vectorworks 2021.exe (Vectorworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks 2021\Vectorworks 2021.lnk -> C:\Program Files\Vectorworks 2021\Vectorworks2021.exe (Vectorworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks 2018 SP1\Uninstall Vectorworks 2018.lnk -> C:\Program Files\Vectorworks 2018\Uninstall Vectorworks 2018.exe (Vectorworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks 2018 SP1\Vectorworks 2018.lnk -> C:\Program Files\Vectorworks 2018\Vectorworks2018E.exe (Vectorworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Updater\Auf Update prüfen.lnk -> C:\ProgramData\Updater\check-update.exe (Aller Media e.K.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Updater\Software deinstallieren.lnk -> C:\ProgramData\Updater\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software\Thunderbolt™ Software.lnk -> C:\Program Files (x86)\Intel\Thunderbolt Software\Thunderbolt.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2017-2018\Handbuch.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\Steuer-Ratgeber 2018\hilfe.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017\LayOut.lnk -> C:\Program Files\SketchUp\SketchUp 2017\LayOut\LayOut.exe (Trimble, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017\SketchUp.lnk -> C:\Program Files\SketchUp\SketchUp 2017\SketchUp.exe (Trimble, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017\Style Builder.lnk -> C:\Program Files\SketchUp\SketchUp 2017\Style Builder\Style Builder.exe (Trimble, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\QGIS Desktop 3.14.16 with GRASS 7.8.3.lnk -> C:\OSGeo4W64\bin\qgis-bin-g7.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\QGIS Desktop 3.14.16.lnk -> C:\OSGeo4W64\bin\qgis-bin.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Language Preferences.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation\Intel Processor Diagnostic Tool 64bit\IntelProcessor Diagnostic Tool 64bit.lnk -> C:\Program Files\Intel Corporation\Intel Processor Diagnostic Tool 64bit\Win-IPDT64.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Management Engine Components\Intel(R) Management and Security Status.lnk -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Digital Delivery.lnk -> C:\Program Files (x86)\Dell Digital Delivery\DeliveryTray.exe (Dell Products, LP)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Update\Dell Update.lnk -> C:\Program Files (x86)\Dell\Update\DellUpdate.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free\Bitdefender Antivirus Free.lnk -> C:\Program Files\Bitdefender Antivirus Free\bdagent.exe (Bitdefender)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Backup and Sync from Google.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Uninstall Tool.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\Uninstall Tool\R1\UninstallTool.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Desktop-App\Autodesk Desktop-App.lnk -> C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Digitale Signaturen zuordnen.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AcSignApply.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Referenzmanager.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AdRefMan.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Stapelweise Standardsprüfung.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\DwgCheckStandards.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files (x86)\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files (x86)\7-Zip\7-zip.chm ()
Shortcut: C:\ProgramData\Dell\SARemediation\SystemRepair\Snapshots\Backup\9D5326EAE61DA3A6D71599291AED37A127960123.lnk -> C:\Program Files (x86)\Dell Digital Delivery\DeliveryTray.exe (Dell Products, LP)
Shortcut: C:\ProgramData\Dell\SARemediation\SystemRepair\Snapshots\Backup\B77E2F6294A2622B397F91E697BC6D1AA2753897.lnk -> C:\Program Files (x86)\Dell\Update\DellUpdate.exe ()
Shortcut: C:\Users\Default\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\defaultuser0\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Keine Datei)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google)
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Opera-Browser.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Public\Desktop\Vectorworks 2021.lnk -> C:\Program Files\Vectorworks 2021\Vectorworks2021.exe (Vectorworks, Inc.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\Setup.lnk -> C:\OSGeo4W64\bin\nircmd.exe (NirSoft) -> exec hide "C:\OSGeo4W64\bin\setup.bat"


ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Word\Microsoft%20Word-Dokument%20(neu)308832740201842190\Microsoft%20Word-Dokument%20(neu).docx.lnk -> C:\Users\Alexander\Desktop\Microsoft Word-Dokument (neu).docx () -> 0
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Alexander\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\Alexander\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk® AutoCAD® 2018 jetzt installieren.lnk -> C:\Autodesk\AutoCAD_2018_German_Win_32_64bit_wi_de-DE\Setup.exe (Autodesk, Inc.) -> /URL "hxxps://edutrial.autodesk.com/NET18SWDLD/2018/ACD/E2D388C2-9E3B-4D52-959D-A1E04692126B/WI/AutoCAD_2018_German_Win_32_64bit_wi_de-DE_Setup.exe?dummy=0" /skipPI /SN 900-96078915 /PK 001J1 /Trial /akamai
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Autodesk\AutoCAD 2018\R22.0\deu\Plotters\Assistent zum Hinzufügen eines Plotters.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\addplwiz.exe (Autodesk, Inc.) -> /LANGUAGE de-DE
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Backuptrans Android WhatsApp to iPhone Transfer (x64) -Legacy ADB.lnk -> C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\androidWhatsAppToiPhoneTransfer.exe (Backuptrans Studio) -> adb=adb-legacy/adb
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2017-2018\Deinstallation des Steuer-Ratgebers.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {09578E80-CE8C-47E6-A055-8C49C616541F}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2017-2018\Steuer-Ratgeber.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\Steuer-Ratgeber 2018\starter\StartCenterCL.exe () -> -start
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\GRASS GIS 7.8.4.lnk -> C:\OSGeo4W64\bin\grass78.bat () -> --gui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\OSGeo4W Shell.lnk -> C:\OSGeo4W64\OSGeo4W.bat () ->  
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\Qt Designer with QGIS 3.14.16 custom widgets.lnk -> C:\OSGeo4W64\bin\nircmd.exe (NirSoft) -> exec hide C:\OSGeo4W64\bin\qgis-designer.bat
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\SAGA GIS (2.3.2).lnk -> C:\OSGeo4W64\bin\nircmd.exe (NirSoft) -> exec hide "C:\OSGeo4W64\bin\saga-ltr_gui.bat"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation\Intel Processor Diagnostic Tool 64bit\Uninstall Intel Processor Diagnostic Tool 64bit.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {D011AAF9-F756-43AB-8E91-47ADF0D86394}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Google Docs.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe () -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Google Sheets.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe () -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Google Slides.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe () -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\AutoCAD 2018 - Deutsch (German).lnk -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.) ->  /product ACAD /language "de-DE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Dienstprogramm für Lizenzübertragung - AutoCAD 2018.lnk -> C:\Program Files\Common Files\Autodesk Shared\AdLM\R14\LTU.exe (Autodesk, Inc.) -> 001J1 2018.0.0.F -d SA -l de-DE
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Einstellungen auf Vorgabe zurücksetzen.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AdMigrator.exe (Autodesk, Inc.) -> /reset /product ACAD /language "de-DE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Benutzerdefinierte Einstellungen migrieren\AutoCAD 2018-Einstellungen exportieren.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AdMigrator.exe (Autodesk, Inc.) -> /e /product ACAD /language "de-DE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Benutzerdefinierte Einstellungen migrieren\AutoCAD 2018-Einstellungen importieren.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AdMigrator.exe (Autodesk, Inc.) -> /i /product ACAD /language "de-DE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Benutzerdefinierte Einstellungen migrieren\Von früherem Release migrieren.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AdMigrator.exe (Autodesk, Inc.) -> /product ACAD /language "de-DE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\Users\Alexander\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Alexander\Desktop\OneDriveSave\Dokumente\Notizbuch von alexander.********@live.com.url -> URL: hxxps://onedrive.live.com/redir.aspx?cid=2d6775446bc89fb8&resid=2D6775446BC89FB8!159&type=3
InternetURL: C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Backuptrans Android WhatsApp to iPhone Transfer (x64).url -> URL: hxxp://www.backuptrans.com/android-whatsapp-to-iphone-transfer.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 

==================== Ende vom Shortcut.txt =============================
         
__________________

Alt 11.05.2021, 10:41   #4
M-K-D-B
/// TB-Ausbilder
 
Zip-Datei Word in E-Mail geöffnet - Standard

Zip-Datei Word in E-Mail geöffnet







Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen.



Ich analysiere gerade dein System und melde mich in Kürze mit weiteren Anweisungen.

Alt 11.05.2021, 10:53   #5
M-K-D-B
/// TB-Ausbilder
 
Zip-Datei Word in E-Mail geöffnet - Standard

Zip-Datei Word in E-Mail geöffnet



Zitat:
leider habe ich in einer stressigen Situation einen unverzeilichen Fehler gemacht und einen Mailanhang .zip geöffnet, obwohl sie auch noch Passwort geschützt war. Das Passwort stand in der Mail. Diese zip hat eine Word-Datei vermutlich mit Makros geöffnet. Es war eine Antwort E-Mail von einem Unternehmen, dass ich um ein Angebot gebeten hatte.
Diese .zip Datei hast du bereits gelöscht, oder?
Falls du sie noch hast, bitte hochladen:
  • Besuche die Seite Submit a Malware Sample auf BleepingComputer.
  • Klicke auf Durchsuchen.
  • Wähle das .zip Archiv aus und klicke auf Öffnen.
  • Schreibe in das untere, leere Textfeld for M-K-D-B hinein und klicke auf den darunter liegenden Button Daten absenden.
  • Vielen Dank für deine Mitarbeit. Die hochgeladenen Dateien dienen zur Verbesserung der verwendeten Programme.



Zitat:
Dennoch möchte ich jetzt gerne sicher gehen, dass ich mir kein Trojaner emotet oder ähnliches eingefangen habe.
Dass Emotet quasi tot ist, hast du wohl nicht bekommen, oder?
Nachzulesen hier:
Emotet botnet disrupted after global takedown operation
Emotet malware nukes itself today from all infected computers worldwide





Schritt 1
Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.





Schritt 2
Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.





Schritt 3
  • Starte FRST erneut und klicke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Bitte poste mit deiner nächsten Antwort:
  • die Logdatei von MBAM
  • die Logdatei von AdwCleaner
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt)


Geändert von M-K-D-B (11.05.2021 um 10:59 Uhr)

Alt 11.05.2021, 16:37   #6
alex_esp
 
Zip-Datei Word in E-Mail geöffnet - Standard

Zip-Datei Word in E-Mail geöffnet



Hallo Matthias, danke für deine ausführliche Antwort.

Da habe ich/wir Europol wohl etwas zu verdanken.

Die zip. Datei habe ich auf BleepingComputer hochgeladen.

Ich habe alle Logs durchgeführt. Vielen Dank für deine Hilfe.

MBAM:
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 11.05.21
Scan-Zeit: 16:55
Protokolldatei: e43d31e0-b268-11eb-9875-9cb6d0e08ba8.json

-Softwaredaten-
Version: 4.3.3.116
Komponentenversion: 1.0.1292
Version des Aktualisierungspakets: 1.0.40330
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19041.928)
CPU: x64
Dateisystem: NTFS
Benutzer: WINDELL-788D1Q2\Alexander

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 357091
Erkannte Bedrohungen: 6
In die Quarantäne verschobene Bedrohungen: 6
Abgelaufene Zeit: 6 Min., 48 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 2
Adware.KeenValue, HKLM\SOFTWARE\WOW6432NODE\Updater, In Quarantäne, 7033, 212959, 1.0.40330, , ame, , , 
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Updater, In Quarantäne, 502, 541219, , , , , , 

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER, In Quarantäne, 502, 541219, 1.0.40330, , ame, , , 

Datei: 3
PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER\CHECK-UPDATE.EXE, In Quarantäne, 502, 541219, 1.0.40330, , ame, , 6DAE4EBB66DC2A5B1F9D14B4AA8787BA, BFC9F2E5D39F869702F7A080BE369699264CB82A65FF6C39C1F6951D294A8687
PUP.Optional.StartFenster, C:\ProgramData\Updater\setup.ico, In Quarantäne, 502, 541219, , , , , A60B9AFB2DBC13DBFCFE4172325D1712, B2199B7933227655475B64C50AFE09E1DB10D511A248283DDD8EE88EF794A680
PUP.Optional.StartFenster, C:\ProgramData\Updater\uninstall.exe, In Quarantäne, 502, 541219, , , , , 370E7109FBCCE328A0D926A6BD6E55D9, 569F5E05CED3AF9FA24483176878694C9C2E404433A199D4B88C2FF2CA818B30

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         
AdwCleaner
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build:    03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-11-2021
# Duration: 00:00:03
# OS:       Windows 10 Home
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\vlc.de
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.vlc.de
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\vlc.de
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.vlc.de

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5160 octets] - [11/05/2021 17:11:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
         
Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-05-2021
durchgeführt von Alexander (11-05-2021 17:22:11)
Gestartet von C:\Users\Alexander\Downloads
Windows 10 Home Version 2004 19041.928 (X64) (2020-10-08 13:14:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-648673255-3041033212-2045848966-500 - Administrator - Disabled)
Alexander (S-1-5-21-648673255-3041033212-2045848966-1001 - Administrator - Enabled) => C:\Users\Alexander
DefaultAccount (S-1-5-21-648673255-3041033212-2045848966-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-648673255-3041033212-2045848966-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-648673255-3041033212-2045848966-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-648673255-3041033212-2045848966-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Animate 2021 (HKLM-x32\...\FLPR_21_0_5) (Version: 21.0.5 - Adobe Inc.)
Adobe Character Animator 2020 (HKLM-x32\...\CHAR_3_5) (Version: 3.5 - Adobe Inc.)
Adobe Character Animator 2021 (HKLM-x32\...\CHAR_4_0) (Version: 4.0 - Adobe Inc.)
Adobe Connect (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_2_3) (Version: 25.2.3 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_1) (Version: 16.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_2) (Version: 10.2 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_9) (Version: 14.9 - Adobe Inc.)
Adobe Media Encoder 2021 (HKLM-x32\...\AME_15_1) (Version: 15.1 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_3_1) (Version: 22.3.1.122 - Adobe Inc.)
Adobe Premiere Rush (HKLM-x32\...\RUSH_1_5_58) (Version: 1.5.58 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{9A9FF300-3725-4934-A0D7-86F109A88ACF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology)
AutoCAD 2018 - Deutsch (German) (HKLM\...\{28B89EEF-1001-0407-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - Deutsch (German) (HKLM\...\AutoCAD 2018 - Deutsch (German)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.)
Backuptrans Android WhatsApp to iPhone Transfer (x64) 3.2.148 (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Backuptrans Android WhatsApp to iPhone Transfer (x64)) (Version: 3.2.148 - Backuptrans)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.14.74 - Bitdefender)
Cisco Webex Meetings (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\ActiveTouchMeetingClient) (Version: 41.5.3 - Cisco Webex LLC)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{C5A70974-2F89-4BE0-90F7-749E62468C4D}) (Version: 3.8.1.23 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{6B991B44-B938-4902-BDF3-186CBDC62AD3}) (Version: 5.1.4.11989 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{34685541-a19e-4537-97c9-082238790346}) (Version: 5.1.4.11989 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.1.0 - Dell Inc.)
Discord (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 121.4.4267 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{9427DAC2-91FD-418E-87D4-8914B437CC06}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{0934EADA-3DAF-4A21-829D-1BB3C315DCB4}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{d3b4366e-9163-44f4-a381-d431031c2841}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
iCloud Outlook (HKLM\...\{BF2241BF-20CC-490B-B7BE-761B80E20114}) (Version: 11.6.0.32 - Apple Inc.)
Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{D011AAF9-F756-43AB-8E91-47ADF0D86394}) (Version: 4.0.0.29 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.372 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 2.2.1.31 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
Malwarebytes version 4.3.3.116 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.3.116 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.13929.20296 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox 87.0 (x64 de) (HKLM\...\Mozilla Firefox 87.0 (x64 de)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 87.0.0.7747 - Mozilla)
Mozilla Thunderbird 78.10.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.10.0 (x86 de)) (Version: 78.10.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Opera Stable 76.0.4017.107 (HKLM-x32\...\Opera 76.0.4017.107) (Version: 76.0.4017.107 - Opera Software)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.825 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.21313 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.250 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.39.518.2020 - Realtek)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.)
SketchUp 2017 (HKLM\...\{C711666A-E8CC-4E2A-802F-BAA35E76045F}) (Version: 17.2.2555 - Trimble Navigation Limited)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20013.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20013.2 - Samsung Electronics Co., Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{09578E80-CE8C-47E6-A055-8C49C616541F}) (Version: 18.05.1 - Wolters Kluwer Deutschland GmbH)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vectorworks 2018 (HKLM\...\Vectorworks 2018 SP1 23.0.0) (Version: 23.0.0 - Vectorworks, Inc.)
Vectorworks 2021 (HKLM\...\Vectorworks 2021 26.0.2) (Version: 26.0.2 - Vectorworks, Inc.)
Verfügbare Autodesk-Apps 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Zoom (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 5.0.96 (x86 en-US)) (Version: 5.0.96 - Corporation for Digital Scholarship)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-10] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-11] (Adobe Systems Incorporated)
Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_39.0.12.12_x64__adky2gkssdxte [2021-04-18] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-06] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.8.10.0_x64__htrsf667h5kn2 [2021-02-14] (Dell Inc)
Dropbox für S Modus -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.4.0_x64__xbfy0k16fey96 [2021-03-19] (Dropbox Inc.)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-10] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa [2021-05-07] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-24] (Apple Inc.) [Startup Task]
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3267.0_x64__rh07ty8m5nkag [2021-01-07] (Rivet Networks LLC) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-10-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.43.41241.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-12-18] (Adobe Systems Incorporated)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0 [2021-05-04] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.8.0_x86__xpfg3f7e9an52 [2021-03-19] (New Work SE)
ZDFmediathek -> C:\Program Files\WindowsApps\ZDFGemeinntzigeAnstaltdes.ZDFmediathek_4.0.0.0_neutral__h3zwtz978ayka [2020-04-11] (ZDF Gemeinnützige Anstalt des öffentlichen Rechts)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-417AC85DF7F7} -> [Creative Cloud Files] => C:\Users\Alexander\Creative Cloud Files [2019-12-16 23:09]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Alexander\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{14097043-DE9D-461F-BC24-E07F11A17748} -> [iCloud Drive] => C:\Users\Alexander\iCloudDrive [2021-02-14 01:42]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{A6589972-5623-4F20-B23A-ACA747BCE141} -> [iCloud-Fotos] => C:\Users\Alexander\Pictures\iCloud Photos\Photos [2021-02-14 01:42]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\de-DE\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Alexander\Dropbox [2018-06-28 21:37]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Open Source Developer, Brice Lambson -> Brice Lambson)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\igfxDTCM.dll [2020-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-11] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-02-02 07:49 - 2021-02-02 07:49 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2019-07-15 11:20 - 2019-07-15 11:20 - 000126976 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\sharepoint.com -> hxxps://ittuberlin-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2018-01-29 18:40 - 2019-05-15 11:58 - 000000583 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 WINDELL-788D1Q2.mshome.net # 2023 1 6 28 19 50 14 310

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;%INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-648673255-3041033212-2045848966-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexander\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\WP_20161123_001.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\Services: AdAppMgrSvc => 2
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "PTOneClick"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E754BBBD-97EA-4E07-9FB1-AAD2BBDA387B}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{80B9C1B4-A921-41FB-8EF0-B94A648EC0DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{E087B767-2069-4582-8C83-A1B0EF12A2BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{AFF85466-C59C-494D-83E9-7D2C997CF3B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F0D8AC4-7174-4370-8F55-C4551ACFAECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A236464-FD3E-46CB-87F4-72894242EE4A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{35CCB881-813F-4540-AF0F-875762A7FF95}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{48006030-7A54-48DD-B058-CC3C3C4F3947}C:\program files\vectorworks 2018\vectorworks2018e.exe] => (Allow) C:\program files\vectorworks 2018\vectorworks2018e.exe (Vectorworks, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DD68D86A-7150-47DB-A2EF-5557347A05A9}C:\program files\vectorworks 2018\vectorworks2018e.exe] => (Allow) C:\program files\vectorworks 2018\vectorworks2018e.exe (Vectorworks, Inc.) [Datei ist nicht signiert]
FirewallRules: [{F6B0E415-F85F-437A-82FD-AB5D5004A6B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EA77759E-B2D3-43B8-93CE-5207C7272500}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{483E5BFB-6D4D-4247-A80A-FBCBCFC31DF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{6690DE8A-F57A-4C1E-883A-93D7D7627001}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{CFE88206-3FCB-49A0-8756-5EBF8A74C424}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{F52E2221-4A06-48BD-9282-7330219466DC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C25F53E3-4342-48B3-A8F3-6B2CE00396A1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2D271FB1-5269-4B66-BADD-0B67C4F1FCCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{72AA914A-6EB9-4B07-A461-8DBC44F3AD79}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3E5D7440-F1E5-4319-9100-99C5F566AF1F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7DF98843-DE51-462F-94E1-0178AFEFA45F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1F9AEAF3-976A-4A5B-92B0-CEE354FA968F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AAB4249F-1C71-47D6-9005-7B299A1AB100}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{222F66A3-40C3-4DBD-8CC3-CD016EEAD05A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F241C3C-4B22-4C66-84C7-D50DD98C6C29}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{82B5D8AD-60A7-4C1B-BA0D-606A97A2FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{934D76D1-06D9-4A10-ACDD-9591906EAC38}C:\program files\vectorworks 2021\vectorworks2021.exe] => (Allow) C:\program files\vectorworks 2021\vectorworks2021.exe (Vectorworks, Inc. -> Vectorworks, Inc.)
FirewallRules: [UDP Query User{F1C0FB4F-15D5-4060-B752-52EE18DED36F}C:\program files\vectorworks 2021\vectorworks2021.exe] => (Allow) C:\program files\vectorworks 2021\vectorworks2021.exe (Vectorworks, Inc. -> Vectorworks, Inc.)
FirewallRules: [{EA7B77BC-A7F2-4C7A-B292-8B36E7BBA7D0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C404C255-0D04-4380-8EE6-7EE337F0435E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AA3C7658-CB53-435E-85D8-E2E7E2D885A2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1ED9B27-2E6F-44A6-A721-EDB8F1A2E289}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4853D7C9-3DF9-42B3-893E-8C0A6ABD402E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E26472D1-F4B4-4AD2-BF4A-FFB62A4F8044}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD3BD8CA-5099-4F48-A09E-B9B269333FB8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{416ACCDB-4F04-4F56-8F0A-FAB5EF81A9E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9C91020-C778-40FF-9C05-5F289F28C466}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{912EA4AD-C128-4B7E-B1D7-580376052815}] => (Allow) C:\Program Files\Opera\75.0.3969.243\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AE733746-39CC-4EC2-9AD9-6BB4D7C4FE8F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{9A687CCB-9BBC-4D02-8385-6915C4AFB146}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C843FD68-E427-4151-B334-05CF758AF34B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6ADC3378-9FBC-4853-B137-5A36CA3AE6D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F2CDDFD-68DF-4DCF-8563-A309C7DBD164}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FEDCD465-310A-4E37-80B2-491E66E8A578}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9251C962-E2A1-43F8-A124-1FF45B9D72A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB2B392C-7B41-498D-B7BB-D5DADA110316}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2435453-B77D-4FE9-B490-F8D1AF02015A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{685F4A03-C602-4664-8B8F-41ADB4DB7028}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D84C1348-BCCE-4D64-8315-5F622B978D7D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{629965F4-B3DB-4BF1-9EDC-A90239351E03}] => (Allow) C:\Program Files\Opera\76.0.4017.107\opera.exe (Opera Software AS -> Opera Software)

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:475.47 GB) (Free:64.28 GB) (14%)

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (05/11/2021 04:30:05 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000

Error: (05/11/2021 04:28:34 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000

Error: (05/11/2021 09:59:44 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000

Error: (05/11/2021 09:32:23 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000

Error: (05/10/2021 09:08:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 2020.20120.4004.0, Zeitstempel: 0x5fcaab3d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.906, Zeitstempel: 0x2f2f77bf
Ausnahmecode: 0x80131623
Fehleroffset: 0x000000000010b2dc
ID des fehlerhaften Prozesses: 0x72e0
Startzeit der fehlerhaften Anwendung: 0x01d7457281e4cab6
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: b07e1f55-5c36-424e-b1f6-0b9b611c26b2
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (05/10/2021 09:08:27 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000

Error: (05/10/2021 07:00:03 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (05/10/2021 09:28:59 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).


Systemfehler:
=============
Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Killer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Killer Analytics Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Print Scan Doctor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dell Data Vault Processor" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell SupportAssist Remediation" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dell Data Vault Collector" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ProductAgentService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===============
Date: 2021-05-11 16:55:14
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider64.dll that did not meet the Windows signing level requirements.

Date: 2021-05-11 16:31:56
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider32.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-11 09:32:44
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: Dell Inc. 2.13.0 11/14/2019
Hauptplatine: Dell Inc. 0D4J15
Prozessor: Intel(R) Core(TM) i7-7560U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 16108.16 MB
Verfügbarer physikalischer RAM: 9587.46 MB
Summe virtueller Speicher: 28062.98 MB
Verfügbarer virtueller Speicher: 17862.78 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:475.47 GB) (Free:64.29 GB) NTFS

\\?\Volume{c09336f2-25d2-4235-a503-e804e80b5728}\ (WinRE) (Fixed) (Total:0.39 GB) (Free:0.38 GB) NTFS
\\?\Volume{7d4aa265-23a7-40a9-a30c-986b920e2ba9}\ () (Fixed) (Total:0.85 GB) (Free:0.3 GB) NTFS
\\?\Volume{03b7b388-dc7a-4570-8cb9-5725c646b0a6}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-05-2021
durchgeführt von Alexander (Administrator) auf WINDELL-788D1Q2 (Dell Inc. XPS 13 9360) (11-05-2021 17:20:17)
Gestartet von C:\Users\Alexander\Downloads
Geladene Profile: defaultuser0 & Alexander
Platform: Windows 10 Home Version 2004 19041.928 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_WAVES_SKYLAKE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-05] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680728 2021-05-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [Discord] => C:\Users\Alexander\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30885360 2020-03-04] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [PTOneClick] => C:\Users\Alexander\AppData\Local\Webex\Webex\Applications\ptoneclk.exe [7184192 2020-04-12] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-21] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Alexander\AppData\Local\WebEx\ciscowebexstart.exe [3711704 2021-04-30] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2763952 2021-05-07] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\21.062.0328.0001"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Policies\Explorer: [] 
HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-23] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC)
Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2019-02-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0C93F72A-6F8E-4DC7-A2A9-7CC09D822904} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {16545A9C-9BBF-4739-90C3-D52AD3C1B751} - System32\Tasks\AdobeAAMUpdater-1.0-WINDELL-788D1Q2-Alexander => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {27ED81A3-E23C-4C1D-B463-F7FF65E4FFA6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {33A96379-28BA-479C-A2AA-D467D9A00697} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {36525BF1-C22C-43F8-A6F6-BBEBCD222162} - System32\Tasks\Opera scheduled assistant Autoupdate 1576835173 => C:\Program Files\Opera\launcher.exe [2199704 2021-05-06] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {3880284A-3737-4115-8B6F-0C4168D3F71D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {389BB786-6712-4F94-B108-AF90218D0FB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E2F6869-CD9F-471D-82C9-B512C28F3F97} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {432DA82D-2E8F-4458-A102-BEFBCCB90C52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-13] (Google Inc -> Google Inc.)
Task: {4BBC94E0-A0FB-4F40-BA05-F593065E1E78} - System32\Tasks\Opera scheduled Autoupdate 1509559017 => C:\Program Files\Opera\launcher.exe [2199704 2021-05-06] (Opera Software AS -> Opera Software)
Task: {551A3672-B22C-4D83-9A59-45916EBB6540} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1120696 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {55FD2A81-E285-4D47-9EDD-BE982271EB6A} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4071016 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {603C9FB2-6B0B-4052-A084-D42F91AEFCB1} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {66E53798-F95C-43C0-9B72-59E6BF3C2BD5} - System32\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {72686D95-A891-483A-BBE5-A610D06F474A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {8C5B4ACF-CD23-4F0D-B5F7-31FE68C66242} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B78D7F5-C5C2-454F-BC6C-8F46150FDD01} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {A1BB7DE0-DDD7-4857-95D7-70DE9CE09139} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender)
Task: {AC221FF3-5AA7-4B8C-8D9E-01382A0E0A2C} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PIconStartup.exe [231400 2019-08-05] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PrivacyIconClient.exe" 60
Task: {B14BC9B8-C9A1-400C-9D91-ECADA2EEFDB5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B9D624D1-2F4B-426E-9A68-BF743D83E344} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {BB06A88E-8A91-44EE-BDFC-91F595D86915} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C711D884-722A-4478-8749-923B42852DB8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CFB28C91-0A06-474B-BA10-1CB262C24C1F} - System32\Tasks\DropboxUpdateTaskMachineUA1d558491a577788 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D3B225DB-F019-45E5-BCBE-680C8314FB87} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5CD3D1D-A4B7-41E3-B1EC-92459A9B4566} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E6E24F68-D2C2-4B80-8B3A-1D141680A236} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-03-04] (Garmin International, Inc. -> )
Task: {EBB517B3-14A4-4CB2-ACD9-DF5465BD94D6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.)
Task: {EC731A2E-2804-4084-B770-AC2EDECC6A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-13] (Google Inc -> Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d558491a577788.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0e4f6f48-c261-4dd0-8db2-59bf5a91dfdb}: [DhcpNameServer] 10.106.8.30
Tcpip\..\Interfaces\{19c08f36-edb5-412e-9336-4049871475d5}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1
Tcpip\..\Interfaces\{3f99e3f5-94c9-4ead-8977-2086e6de0d6b}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ca90329d-3cf3-42e6-a062-13ddf94891df}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1

Edge: 
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Alexander\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-13]

FireFox:
========
FF DefaultProfile: ftt3x0f4.default
FF DefaultProfile: 2y091unm.default
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Zotero\Zotero\Profiles\ftt3x0f4.default [2021-04-23]
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default [2021-04-20]
FF Extension: (Hoxx VPN Proxy) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\@hoxx-vpn.xpi [2021-04-14]
FF Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\hotspot-shield@anchorfree.com.xpi [2020-12-15]
FF Extension: (Touch VPN – Kostenloses VPN und kostenloser Proxy) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\touch-vpn@anchorfree.com.xpi [2021-01-16]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-07] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-07-21] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-07-21] <==== ACHTUNG

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-15]
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-04-15]
CHR Notifications: Profile 1 -> hxxps://app.houseparty.com
CHR Extension: (Präsentationen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-12]
CHR Extension: (Docs) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-12]
CHR Extension: (Redirect Path) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aomidfkchockcldhbkggjokdkkebmdll [2021-02-25]
CHR Extension: (Google Drive) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-23]
CHR Extension: (YouTube) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-18]
CHR Extension: (Tabellen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-12]
CHR Extension: (Google Docs Offline) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-18]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18]
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-12]
CHR HKU\S-1-5-21-648673255-3041033212-2045848966-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
OPR Profile: C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable [2021-05-11]
OPR Notifications: Opera Stable -> hxxps://app.houseparty.com; hxxps://book.lufthansa.com; hxxps://business.facebook.com; hxxps://jungesrl.zulipchat.com; hxxps://portal.imice.de; hxxps://web.telegram.org; hxxps://www.facebook.com; hxxps://www.kaufda.de; hxxps://www.laptopmag.com; hxxps://www.wetteronline.de
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Ecosia - Die Suchmaschine, die Bäume pflanzt) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\cjkjohdegdpmepjcgmiafjaanigkkelo [2017-11-01]
OPR Extension: (Zotero Connector) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2021-05-05]
OPR Extension: (Rich Hints Agent) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-05-11]
OPR Extension: (Limit - Set Limits for Distracting Sites) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhmmjbmojepanopjakcclphcadaclmk [2020-11-02]
OPR Extension: (Install Chrome Extensions) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-12-23]
OPR Extension: (Desktop Messenger for Telegram™) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\lamkfhpkhbgfdglofogcdipebpibjbkg [2019-12-16]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk, Inc -> Autodesk Inc.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-07] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AtcHost; C:\Program Files\Bitdefender Antivirus Free\atchost.exe [1475272 2020-10-02] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2461792 2021-04-11] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-17] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2020-08-19] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{CDBCEBD6-3610-40F0-A782-B593722A86D0} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73928 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
S2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1775840 2020-04-16] (Rivet Networks LLC -> Rivet Networks)
S2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2663128 2020-04-16] (Rivet Networks LLC -> Rivet Networks)
S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73928 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation)
S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender)
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [236128 2021-04-11] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [559200 2021-04-11] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [240352 2021-04-11] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-10-16] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2718744 2021-02-26] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-08] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender)
S3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-03-05] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [488592 2021-02-26] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [187848 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641728 2021-03-10] (Bitdefender SRL -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [386800 2020-12-08] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2099-07-04 05:39 - 2117-07-04 05:39 - 000000000 _____ C:\WINDOWS\SysWOW64\wsmand.log.lock
2021-05-11 17:18 - 2021-05-11 17:18 - 000002378 _____ C:\Users\Alexander\Desktop\AdwCleaner[C00].txt
2021-05-11 17:11 - 2021-05-11 17:18 - 000000000 ____D C:\AdwCleaner
2021-05-11 17:11 - 2021-05-11 17:11 - 008534696 _____ (Malwarebytes) C:\Users\Alexander\Desktop\adwcleaner_8.2.exe
2021-05-11 17:08 - 2021-05-11 17:08 - 000002286 _____ C:\Users\Alexander\Desktop\MBAM.txt
2021-05-11 16:54 - 2021-05-11 16:54 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-05-11 16:54 - 2021-05-11 16:54 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-05-11 16:54 - 2021-05-11 16:54 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-05-11 16:54 - 2021-05-11 16:54 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-05-11 16:54 - 2021-05-11 16:54 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-11 16:54 - 2021-05-11 16:54 - 000002036 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-11 16:54 - 2021-05-11 16:54 - 000002036 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-05-11 16:54 - 2021-05-11 16:54 - 000000000 ____D C:\Users\Alexander\AppData\Local\mbam
2021-05-11 16:53 - 2021-05-11 16:53 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-11 16:53 - 2021-05-11 16:53 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-11 16:53 - 2021-05-11 16:53 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-11 16:53 - 2021-05-11 16:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-11 16:53 - 2021-05-11 16:53 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-11 16:51 - 2021-05-11 16:51 - 002078632 _____ (Malwarebytes) C:\Users\Alexander\Desktop\MBSetup.exe
2021-05-11 10:09 - 2021-05-11 10:10 - 000053350 _____ C:\Users\Alexander\Downloads\Shortcut.txt
2021-05-11 10:06 - 2021-05-11 10:09 - 000067266 _____ C:\Users\Alexander\Downloads\Addition.txt
2021-05-11 09:51 - 2021-05-11 17:21 - 000034797 _____ C:\Users\Alexander\Downloads\FRST.txt
2021-05-11 09:49 - 2021-05-11 17:20 - 000000000 ____D C:\FRST
2021-05-11 09:47 - 2021-05-11 09:47 - 002298880 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2021-05-10 21:18 - 2021-05-10 21:18 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002) (2).pdf
2021-05-10 21:17 - 2021-05-10 21:17 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002).pdf
2021-05-10 21:17 - 2021-05-10 21:17 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002) (1).pdf
2021-05-10 21:03 - 2021-05-10 21:03 - 000144035 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-05 at 09.30.39.jpeg
2021-05-10 21:02 - 2021-05-10 21:02 - 000156353 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-10 at 21.01.51.jpeg
2021-05-10 21:02 - 2021-05-10 21:02 - 000156353 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-10 at 21.01.51 (1).jpeg
2021-05-10 16:45 - 2021-05-10 16:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-05-10 16:45 - 2021-05-10 16:45 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-10 16:11 - 2021-05-10 16:11 - 000003980 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1509559017
2021-05-10 16:11 - 2021-05-10 16:11 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-05-10 09:27 - 2021-05-10 09:27 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-648673255-3041033212-2045848966-1001
2021-05-10 09:27 - 2021-05-10 09:27 - 000002398 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-07 09:17 - 2021-05-07 09:17 - 000001407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-05-02 11:13 - 2021-05-02 11:13 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2021-04-30 08:48 - 2021-04-30 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-04-28 23:17 - 2021-04-28 23:17 - 000234959 _____ C:\Users\Alexander\Downloads\Berechnung-Hauskauf_Aktuell.xlsm
2021-04-24 16:07 - 2021-04-24 16:07 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-04-24 16:07 - 2021-04-24 16:07 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-04-23 14:24 - 2021-04-23 14:24 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-22 13:52 - 2021-04-22 13:52 - 000372051 _____ C:\Users\Alexander\Downloads\Satzung_158.PDF
2021-04-21 10:17 - 2021-04-21 10:17 - 001427677 _____ C:\Users\Alexander\Downloads\Kurzbericht_Welt_Erbe_Haus_zur_Barrierefreiheit.PDF
2021-04-20 15:56 - 2021-05-07 09:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-04-19 20:03 - 2021-04-19 20:03 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-19 20:03 - 2021-04-19 20:03 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-19 20:03 - 2021-04-19 20:03 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-18 13:55 - 2021-04-18 13:55 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk
2021-04-18 13:51 - 2021-04-18 13:51 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2021.lnk
2021-04-18 13:46 - 2021-04-18 13:46 - 000001134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk
2021-04-18 13:35 - 2021-04-18 13:35 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-04-16 15:58 - 2021-04-16 15:58 - 000048902 _____ C:\Users\Alexander\Downloads\DINPro Bold.zip
2021-04-16 15:56 - 2021-04-16 15:56 - 000017216 _____ C:\Users\Alexander\Downloads\DIN Bold.zip
2021-04-16 15:56 - 2021-04-16 15:56 - 000017216 _____ C:\Users\Alexander\Downloads\DIN Bold (1).zip
2021-04-16 15:55 - 2021-04-16 15:55 - 000000000 ____D C:\Users\Alexander\Downloads\flyer Ordner-20210416T135406Z-001
2021-04-16 15:54 - 2021-04-16 15:54 - 031156564 _____ C:\Users\Alexander\Downloads\flyer Ordner-20210416T135406Z-001.zip
2021-04-16 14:59 - 2021-04-16 14:59 - 000125168 _____ (Zoom Video Communications, Inc.) C:\Users\Alexander\Downloads\Zoom_cm_fo42anktZ9vvrZo4_m47SkS27WCcn4PA0hcQmB23L3OTsAxpSFvcY8@OH9ASUeSMemokc+I_k22b9e1cf54b5db69_.exe
2021-04-14 12:21 - 2021-04-14 12:21 - 000116552 _____ C:\Users\Alexander\Desktop\Snippet_316875325.idms
2021-04-14 10:11 - 2021-04-14 10:11 - 000708273 _____ C:\Users\Alexander\Downloads\HydroTower_Bestellformular und QA_2021.04.14 (1).pdf
2021-04-13 17:35 - 2021-04-13 17:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-13 12:06 - 2021-04-13 12:06 - 000612441 _____ C:\Users\Alexander\Downloads\t200605073 (1).pdf
2021-04-13 12:03 - 2021-04-13 12:03 - 000612441 _____ C:\Users\Alexander\Downloads\t200605073.pdf
2021-04-13 10:27 - 2021-04-13 10:27 - 002523013 _____ C:\Users\Alexander\Downloads\37_CleanTube_.pdf
2021-04-13 10:27 - 2021-04-13 10:27 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Forwarding_Tube.pdf
2021-04-13 10:26 - 2021-04-13 10:26 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Sleeve_Tube.pdf
2021-04-13 10:26 - 2021-04-13 10:26 - 000663032 _____ C:\Users\Alexander\Downloads\06_RP_PVC_Collar.pdf
2021-04-12 20:18 - 2021-04-12 20:18 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecsTier2
2021-04-12 18:18 - 2021-04-12 18:18 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Fahrrohr (1).pdf
2021-04-12 18:18 - 2021-04-12 18:18 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Muffenrohr (1).pdf
2021-04-12 18:17 - 2021-04-12 18:17 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Fahrrohr.pdf
2021-04-12 18:17 - 2021-04-12 18:17 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Muffenrohr.pdf
2021-04-12 18:17 - 2021-04-12 18:17 - 000663032 _____ C:\Users\Alexander\Downloads\06_RP_PVC_Muffen.pdf
2021-04-11 12:17 - 2021-04-11 12:17 - 000022976 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-05-11 17:19 - 2019-01-02 13:41 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2021-05-11 17:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-05-11 17:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-11 17:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-11 16:53 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-11 16:52 - 2018-02-12 19:38 - 000000000 ____D C:\Users\Alexander\AppData\LocalLow\Mozilla
2021-05-11 16:31 - 2019-10-03 22:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-11 16:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-11 16:28 - 2017-10-25 14:39 - 000000000 ___RD C:\Users\Alexander\OneDrive
2021-05-11 14:21 - 2020-10-08 14:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-11 09:41 - 2020-04-16 18:48 - 000000000 ____D C:\Users\Alexander\AppData\Local\WebEx
2021-05-10 21:08 - 2020-11-14 13:35 - 000000000 ____D C:\Users\Alexander\AppData\Local\CrashDumps
2021-05-10 16:11 - 2017-11-01 19:56 - 000000000 ____D C:\Program Files\Opera
2021-05-10 10:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-10 09:29 - 2020-07-07 11:34 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-10 09:29 - 2020-07-07 11:34 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-10 09:29 - 2020-07-07 11:34 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-07 09:18 - 2019-12-16 23:09 - 000000000 ___RD C:\Users\Alexander\Creative Cloud Files
2021-05-07 09:17 - 2017-11-08 19:58 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-05-07 09:17 - 2017-11-08 19:57 - 000000000 ____D C:\Program Files\Adobe
2021-05-07 09:17 - 2017-10-25 17:21 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-05-07 09:14 - 2021-02-14 01:42 - 000000000 ___RD C:\Users\Alexander\iCloudDrive
2021-05-07 09:13 - 2019-02-05 15:55 - 000000000 ___RD C:\Users\Alexander\Google Drive
2021-05-07 09:12 - 2017-10-25 14:36 - 000000000 __SHD C:\Users\Alexander\IntelGraphicsProfiles
2021-05-05 21:57 - 2018-03-01 19:54 - 000000000 ____D C:\Users\Alexander\AppData\Local\PlaceholderTileLogoFolder
2021-05-05 21:56 - 2020-10-08 15:13 - 000004344 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA1d558491a577788
2021-05-05 21:56 - 2020-10-08 15:13 - 000004112 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18
2021-05-05 21:56 - 2019-08-21 19:51 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d558491a577788.job
2021-05-05 21:56 - 2019-08-21 19:51 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18.job
2021-05-05 09:40 - 2020-04-16 18:48 - 000000000 ____D C:\Users\Alexander\AppData\LocalLow\WebEx
2021-05-05 08:25 - 2020-10-08 15:08 - 001723002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-05 08:25 - 2019-12-07 16:50 - 000746440 _____ C:\WINDOWS\system32\perfh007.dat
2021-05-05 08:25 - 2019-12-07 16:50 - 000150810 _____ C:\WINDOWS\system32\perfc007.dat
2021-05-05 08:01 - 2020-12-08 16:58 - 000000000 ___HD C:\adobeTemp
2021-05-04 01:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-04 00:40 - 2021-02-05 12:34 - 000000000 ____D C:\Users\Alexander\Documents\VW Backup
2021-05-03 23:50 - 2017-10-25 17:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-30 08:48 - 2018-06-28 21:34 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-04-28 23:19 - 2017-11-20 13:33 - 000000000 ____D C:\Users\Alexander\AppData\Local\Packages
2021-04-27 09:06 - 2018-02-12 19:37 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-25 15:59 - 2020-10-08 23:12 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d69d73ac60587a
2021-04-25 15:59 - 2020-10-08 15:13 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-23 03:17 - 2021-02-27 05:18 - 000000000 ____D C:\Users\Alexander\Zotero
2021-04-22 06:04 - 2018-06-28 21:37 - 000000000 ____D C:\Users\Alexander\Dropbox
2021-04-21 17:06 - 2020-09-30 21:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-21 10:48 - 2018-05-12 19:04 - 000001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-04-21 10:48 - 2018-02-12 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-20 21:14 - 2020-10-08 15:13 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 21:14 - 2020-10-08 15:13 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-20 12:18 - 2017-10-25 14:36 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\Adobe
2021-04-20 10:23 - 2019-02-20 22:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-20 10:18 - 2021-03-29 11:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-20 10:03 - 2021-03-03 11:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-20 10:03 - 2020-10-08 15:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-20 10:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-20 10:03 - 2017-10-03 08:03 - 000000000 ____D C:\Intel
2021-04-20 03:46 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-04-20 03:45 - 2021-03-03 11:13 - 000671504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-20 03:45 - 2021-02-27 05:16 - 000000000 ____D C:\Program Files (x86)\Zotero
2021-04-20 03:45 - 2019-12-07 11:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-19 20:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-19 20:03 - 2020-10-08 14:58 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-19 19:57 - 2017-10-30 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-19 19:55 - 2017-10-30 15:39 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-16 18:47 - 2019-12-08 14:42 - 000000000 ____D C:\Users\Alexander\Documents\SRL
2021-04-16 15:55 - 2020-09-18 17:22 - 000000000 ____D C:\Users\Alexander\Documents\HydroTower
2021-04-16 00:38 - 2018-12-25 17:13 - 000000000 ____D C:\Program Files (x86)\Steam
2021-04-15 23:24 - 2020-03-15 21:41 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\discord
2021-04-13 17:35 - 2018-02-12 19:37 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-13 17:04 - 2017-11-19 19:24 - 000000000 ____D C:\Users\Alexander\Documents\Textures
2021-04-13 16:54 - 2017-10-25 14:52 - 000000000 ____D C:\Users\Alexander\AppData\Local\Comms
2021-04-13 01:33 - 2020-10-08 15:00 - 000000000 ____D C:\Users\Alexander
2021-04-13 00:50 - 2020-11-25 17:08 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\Apple Computer
2021-04-12 20:15 - 2018-05-31 21:40 - 000000000 ____D C:\Users\Alexander\AppData\Local\D3DSCache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-01-09 18:45 - 2020-01-09 18:45 - 000000033 _____ () C:\Users\Alexander\AppData\Roaming\AdobeWLCMCache.dat
2018-06-24 13:49 - 2020-10-16 13:37 - 000000028 _____ () C:\Users\Alexander\AppData\Roaming\kulerdata.json
2020-10-05 13:18 - 2021-02-14 20:20 - 000001456 _____ () C:\Users\Alexander\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2018-10-02 08:25 - 2018-10-02 08:25 - 000000000 _____ () C:\Users\Alexander\AppData\Local\oobelibMkey.log
2017-11-01 20:40 - 2020-08-24 13:02 - 000007604 _____ () C:\Users\Alexander\AppData\Local\Resmon.ResmonCfg
2017-12-05 16:00 - 2021-02-03 16:26 - 000000287 _____ () C:\Users\Alexander\AppData\Local\VersionChecker_23.xml

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         

Alt 11.05.2021, 19:27   #7
M-K-D-B
/// TB-Ausbilder
 
Zip-Datei Word in E-Mail geöffnet - Standard

Zip-Datei Word in E-Mail geöffnet



Schritt 1
  • Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Policies\Explorer: [] 
    Task: {B9D624D1-2F4B-426E-9A68-BF743D83E344} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
    S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
    DeleteQuarantine:
    Unlock: C:\FRST
    RemoveProxy:
    SystemRestore: On 
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke direkt den Reparieren Button.
    Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.





Schritt 2
Auf deinem Computer fehlt das aktuelle Funktionsupdate Version 20H2.
Zitat:
Platform: Windows 10 Home Version 2004
  • Folge dem Pfad Start > Einstellungen > Update und Sicherheit > Windows Update und klicke auf Nach Updates suchen.
  • Wähle das Funktionsupdates aus, downloade und installiere es.
  • Alternativ kannst du auch mit dem Update Assistenten deine Windows-Version auf den neuesten Stand bringen.
    Klicke dazu auf Jetzt aktualisieren, lade dir den Update-Assistenten herunter und führe ihn aus.








Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.


Abschließend bitte noch einen Cleanup mit unserem TBCleanUpTool durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:




Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst...
Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.


Hinweis:
Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Alt 12.05.2021, 11:05   #8
alex_esp
 
Zip-Datei Word in E-Mail geöffnet - Standard

Zip-Datei Word in E-Mail geöffnet



Lieber Matthias,

vielen Dank für deine schnelle und kompetente Hilfe. Ich bin begeistert vom Trojaner-Board und hoffe, dass ihr eure Arbeit noch lange weiterführen könnt und unterstütze dies gerne mit einer Spende.

Anbei mein Fixlog
Code:
ATTFilter
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-05-2021
durchgeführt von Alexander (12-05-2021 11:19:27) Run:1
Gestartet von C:\Users\Alexander\Downloads
Geladene Profile: defaultuser0 & Alexander
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Policies\Explorer: [] 
Task: {B9D624D1-2F4B-426E-9A68-BF743D83E344} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
DeleteQuarantine:
Unlock: C:\FRST
RemoveProxy:
SystemRestore: On 
EmptyTemp:

*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => erfolgreich entfernt
"HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9D624D1-2F4B-426E-9A68-BF743D83E344}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9D624D1-2F4B-426E-9A68-BF743D83E344}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => nicht gefunden
HKLM\System\CurrentControlSet\Services\DBUtilDrv2 => erfolgreich entfernt
DBUtilDrv2 => Dienst erfolgreich entfernt
"C:\FRST\Quarantine" => erfolgreich entfernt
"C:\FRST" => wurde entsperrt

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-648673255-3041033212-2045848966-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-648673255-3041033212-2045848966-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-648673255-3041033212-2045848966-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-648673255-3041033212-2045848966-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt


========= Ende von RemoveProxy: =========

SystemRestore: On => abgeschlossen

=========== EmptyTemp: ==========

BITS transfer queue => 12083200 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1343355148 B
Java, Flash, Steam htmlcache => 184678304 B
Windows/system/drivers => 38030285 B
Edge => 5959733 B
Chrome => 470484060 B
Firefox => 79017927 B
Opera => 622732006 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 20531548 B
systemprofile32 => 20531548 B
LocalService => 20645046 B
NetworkService => 20651328 B
defaultuser0 => 20651328 B
Alexander => 309453712 B

RecycleBin => 2472713349 B
EmptyTemp: => 5.3 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 11:42:21 ====
         
Der Thread kann dann geschlossen und gelöscht werden.

Alt 12.05.2021, 12:54   #9
M-K-D-B
/// TB-Ausbilder
 
Zip-Datei Word in E-Mail geöffnet - Standard

Zip-Datei Word in E-Mail geöffnet



Zitat:
Zitat von alex_esp Beitrag anzeigen
vielen Dank für deine schnelle und kompetente Hilfe. Ich bin begeistert vom Trojaner-Board und hoffe, dass ihr eure Arbeit noch lange weiterführen könnt und unterstütze dies gerne mit einer Spende.
Vielen Dank für die netten Worte und die Spende, sie dient zur Erhaltung des Forums.






Wir sind froh, dass wir helfen konnten

Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.

Thema geschlossen

Themen zu Zip-Datei Word in E-Mail geöffnet
antivirus, canon, computer, desktop, e-mail, fehler, fehlermeldung, firefox, forwarding, google, home, internet, mozilla, proxy, prozesse, realtek, registry, rundll, scan, security, software, suchmaschine, trojaner, usb, warnung, windows



Ähnliche Themen: Zip-Datei Word in E-Mail geöffnet


  1. Word-Datei in Telekom-Fake Email geöffnet
    Plagegeister aller Art und deren Bekämpfung - 16.12.2018 (16)
  2. Windows 10: Word-Datei aus Mail-Link geladen & geöffnet - Virenbefall unklar
    Plagegeister aller Art und deren Bekämpfung - 29.11.2017 (4)
  3. Zip-Datei im Anhang von Phishing-Mail von Mail & Media AG geöffnet
    Plagegeister aller Art und deren Bekämpfung - 10.07.2017 (33)
  4. Word-Doc von unseriöserm E-Mail Empfänger geöffnet. (Handy – Android)
    Smartphone, Tablet & Handy Security - 22.06.2017 (4)
  5. E-Mail angeblich von Büromarkt Böttcher mit "leerer"-Word-Datei, leider von mir geöffnet
    Plagegeister aller Art und deren Bekämpfung - 08.03.2016 (17)
  6. Email geöffnet mit Word anhang. Word Datai mit Namen Rechnung wurde geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 27.02.2016 (4)
  7. Windows 10 64-bit: Word Anhang einer Spam Mail geöffnet
    Log-Analyse und Auswertung - 20.01.2016 (16)
  8. DHL Fake E-Mail und Datei geöffnet
    Log-Analyse und Auswertung - 04.03.2015 (7)
  9. Zip Datei aus Inkasso-Mail am MAC geöffnet
    Alles rund um Mac OSX & Linux - 28.01.2015 (12)
  10. Mail mit .rft-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 02.10.2014 (2)
  11. A1 Rechnung Email RTF Datei Anhang mit Word geöffnet
    Log-Analyse und Auswertung - 20.06.2014 (23)
  12. A1 Email RTF Datei Anhang mit Word geöffnet
    Plagegeister aller Art und deren Bekämpfung - 15.06.2014 (7)
  13. Telekom mail und Zip Datei geöffnet
    Mülltonne - 04.06.2014 (0)
  14. Telekom Mail und Zip Datei geöffnet
    Mülltonne - 04.06.2014 (0)
  15. Telekom Mail und Zip Datei geöffnet
    Log-Analyse und Auswertung - 04.06.2014 (1)
  16. Zip- Datei in Spam-mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 14.10.2013 (23)
  17. Verdächtige E-Mail mit Zip-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 07.03.2013 (10)

Zum Thema Zip-Datei Word in E-Mail geöffnet - Guten Tag, leider habe ich in einer stressigen Situation einen unverzeilichen Fehler gemacht und einen Mailanhang .zip geöffnet, obwohl sie auch noch Passwort geschützt war. Das Passwort stand in der - Zip-Datei Word in E-Mail geöffnet...
Archiv
Du betrachtest: Zip-Datei Word in E-Mail geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.