Hört sich ja wirklich nicht gut an. Code:
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-10-2021
durchgeführt von kaibe (03-10-2021 11:45:42) Run:2
Gestartet von C:\Users\kaibe\Desktop
Geladene Profile: kaibe
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
C:\WINDOWS\system32\*.tmp
S2 AppServicea; C:\WINDOWS\system32\37V80O0246.tmp [6144 2021-10-02] (Microsoft Corporation) [Datei ist nicht signiert] <==== ACHTUNG
S2 AppServiceb; C:\WINDOWS\system32\37V80O0246.tmp [6144 2021-10-02] (Microsoft Corporation) [Datei ist nicht signiert] <==== ACHTUNG
S2 AppServiced; C:\WINDOWS\system32\37V80O0246.tmp [6144 2021-10-02] (Microsoft Corporation) [Datei ist nicht signiert] <==== ACHTUNG
S2 AppServicee; C:\WINDOWS\system32\37V80O0246.tmp [6144 2021-10-02] (Microsoft Corporation) [Datei ist nicht signiert] <==== ACHTUNG
S2 AppServicef; C:\WINDOWS\system32\37V80O0246.tmp [6144 2021-10-02] (Microsoft Corporation) [Datei ist nicht signiert] <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
S2 CsrBtOBEX-Dienst; "C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe" [X]
S3 MpKsl53574dfb; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{064CD002-2582-4E0D-A6E7-CDDDB1253DF5}\MpKslDrv.sys [X]
C:\WINDOWS\system32\OV8865_REAR.aiqd
CreateDummy: C:\WINDOWS\system32\OV8865_REAR.aiqd
C:\WINDOWS\system32\OV5693_FRONT.aiqd
CreateDummy: C:\WINDOWS\system32\OV5693_FRONT.aiqd
StartBatch:
ipconfig /flushdns
netsh winsock reset catalog
netsh advfirewall reset
netsh advfirewall set allprofiles state ON
Bitsadmin /Reset /Allusers
sfc /scannow
dism /online /cleanup-image /restorehealth
sfc /scannow
EndBatch:
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
=========== "C:\WINDOWS\system32\*.tmp" ==========
nicht gefunden
========= Ende -> "C:\WINDOWS\system32\*.tmp" ========
AppServicea => Dienst nicht gefunden.
AppServiceb => Dienst nicht gefunden.
AppServiced => Dienst nicht gefunden.
AppServicee => Dienst nicht gefunden.
AppServicef => Dienst nicht gefunden.
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
HKLM\System\CurrentControlSet\Services\CsrBtOBEX-Dienst => erfolgreich entfernt
CsrBtOBEX-Dienst => Dienst erfolgreich entfernt
MpKsl53574dfb => Dienst nicht gefunden.
C:\WINDOWS\system32\OV8865_REAR.aiqd => erfolgreich verschoben
C:\WINDOWS\system32\OV8865_REAR.aiqd => dummy created successfully.
C:\WINDOWS\system32\OV5693_FRONT.aiqd => erfolgreich verschoben
C:\WINDOWS\system32\OV5693_FRONT.aiqd => dummy created successfully.
========= Batch: =========
========= Ende von Batch: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15818751 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 9414307 B
Edge => 0 B
Chrome => 406508936 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 361 B
LocalService => 361 B
NetworkService => 3905 B
kaibe => 51279390 B
RecycleBin => 8332778297 B
EmptyTemp: => 8.2 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 11:46:08 ==== Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-10-2021
durchgeführt von kaibe (03-10-2021 11:53:04)
Gestartet von C:\Users\kaibe\Desktop
Windows 10 Pro Version 20H2 19042.1237 (X64) (2021-01-22 12:17:36)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3593820219-2832368027-3012111108-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3593820219-2832368027-3012111108-503 - Limited - Disabled)
Gast (S-1-5-21-3593820219-2832368027-3012111108-501 - Limited - Disabled)
kaibe (S-1-5-21-3593820219-2832368027-3012111108-1001 - Administrator - Enabled) => C:\Users\kaibe
WDAGUtilityAccount (S-1-5-21-3593820219-2832368027-3012111108-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AAX Audio Converter 1.17.1 (HKLM\...\AAX Audio Converter_is1) (Version: 1.17.1 - audiamus)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_7) (Version: 17.7 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.5.0.617 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Lightroom (HKLM-x32\...\LRCC_4_1) (Version: 4.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_9) (Version: 14.9 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_2) (Version: 22.2.0.183 - Adobe Inc.)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_9) (Version: 14.9 - Adobe Inc.)
Anki (HKLM-x32\...\Anki) (Version: 2.1.42 - )
Apple Application Support (32-Bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2504ACC6-F5B6-4F18-B4A9-2AAF48D89D85}) (Version: 14.0.0.29 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
AutoHotkey 1.1.33.02 (HKLM\...\AutoHotkey) (Version: 1.1.33.02 - Lexikos)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BorisFX Sapphire AE (HKLM\...\GenArts Sapphire AE_is1) (Version: 13.20 - Boris FX, Inc. & Team V.R)
Breitbandmessung 2.0.3 (HKLM\...\14607473-30db-509f-94f0-bb7c085c619e) (Version: 2.0.3 - zafaco GmbH)
Championify (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Championify) (Version: 2.1.5 - Dustin Blackman)
Cisco Webex Meetings (HKLM-x32\...\{E6DA38F7-BA12-F157-2773-835D3D043C6A}) (Version: 40.9.6.11 - Cisco Webex LLC)
Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.10.0.0 - Swiss Academic Software)
Discord (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Everything 1.4.1.969 (x64) (HKLM\...\Everything) (Version: 1.4.1.969 - David Carpenter)
Figma (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Figma) (Version: 102.9.0 - Figma, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.61 - Google LLC)
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{5C519C69-AC39-40D0-9FF3-1F3FEE4640B2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
iTunes (HKLM\...\{153A88D8-E890-4F36-A10F-2C87071F70AD}) (Version: 12.10.9.3 - Apple Inc.)
Java 8 Update 301 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Java(TM) SE Development Kit 11.0.9 (64-bit) (HKLM\...\{AE945515-AAE4-56A9-91AA-9300C0D3DC87}) (Version: 11.0.9.0 - Oracle Corporation)
KeePass Password Safe 2.46 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.46 - Dominik Reichl)
Kyocera Printer Extension (HKLM\...\Kyocera Printer Extension) (Version: 5.0.1325 - KYOCERA Document Solutions Inc.)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 6.0.1308 - KYOCERA Document Solutions Inc.)
League of Legends (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
League of Legends PBE (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc)
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
LX Zeus Simulator 4.0.1. version 4.0.1. (HKLM-x32\...\{D9CAABCD-9D82-4CCB-1234-ABCDABAF2ED}_is1) (Version: 4.0.1. - LX Navigation d.o.o.)
MediaHuman YouTube to MP3 Converter 3.9.9.60 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.60 - MediaHuman)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.14430.20234 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Surface Dock WMI Instance Provider (x64) 20.072.32423.0 (HKLM\...\{A7B4F7D4-7923-4E69-B08C-119575210F56}) (Version: 20.072.32423.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.15 (x64) (HKLM-x32\...\{da7296c7-a45d-4214-8543-8bea9015e852}) (Version: 3.1.15.30014 - Microsoft Corporation)
Mp3tag v3.02 (HKLM-x32\...\Mp3tag) (Version: 3.02 - Florian Heidenreich)
Nextcloud (HKLM\...\{E4F354C3-4074-484E-9158-A74D9588652F}) (Version: 3.2.3.20210624 - Nextcloud GmbH)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
OpenAudible 3.1.2 (HKLM\...\7008-5171-7013-3819) (Version: 3.1.2 - openaudible.org)
OpenVPN 2.4.6 (HKLM\...\OpenVPN) (Version: 2.4.6 - OpenIT Integrated Business Solutions)
Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.)
PDF24 Creator 9.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.0 - PDF24.org)
PIE Free v7.47 (HKLM-x32\...\PIE_is1) (Version: - Picmeta Systems)
PowerToys (Preview) (HKLM\...\{C3F0E458-1DEF-4118-89B6-B80E5A46DFE0}) (Version: 0.41.4 - Microsoft Corporation)
Python 3.7.7 (32-bit) (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\{15704766-d415-4f94-8843-2b4faa800f8d}) (Version: 3.7.7150.0 - Python Software Foundation)
Python 3.7.7 Add to Path (32-bit) (HKLM-x32\...\{4580B2AB-0469-4EEB-A0AB-671EC0693063}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Core Interpreter (32-bit) (HKLM-x32\...\{45938478-AC26-4B7F-97BC-D01ED342625F}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Development Libraries (32-bit) (HKLM-x32\...\{5318FA7A-8D08-442B-9CDF-68C54FE12C19}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Executables (32-bit) (HKLM-x32\...\{07B5BF44-A7DE-43D3-AB4D-44CE5DEDD446}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 pip Bootstrap (32-bit) (HKLM-x32\...\{C712BAC8-7889-4E2A-848D-87C68E181373}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Standard Library (32-bit) (HKLM-x32\...\{7C3561A9-23A6-478C-B7CE-7031F382FDEA}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Utility Scripts (32-bit) (HKLM-x32\...\{3FC7DB93-9503-4382-BA57-4AB490A9F6BC}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.9.0 (64-bit) (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\{a2a37ca0-8ebd-4d7e-b4b8-e6b1740c2ce0}) (Version: 3.9.150.0 - Python Software Foundation)
Python 3.9.0 Core Interpreter (64-bit) (HKLM\...\{92F322B1-D69A-43D1-82B4-24ADEBE5C650}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Development Libraries (64-bit) (HKLM\...\{E73FE192-7766-49FA-B28A-32F700D98A15}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Documentation (64-bit) (HKLM\...\{35E94198-B9F1-4D1E-A869-636AD5E6BCA8}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Executables (64-bit) (HKLM\...\{A9F718BA-8B5F-4AE7-ADDA-EFFF431948DB}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 pip Bootstrap (64-bit) (HKLM\...\{27FF09D8-6DE6-4F63-A3DD-8758D615D543}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Standard Library (64-bit) (HKLM\...\{42480EE5-670F-4AF3-A619-2E761A398340}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Tcl/Tk Support (64-bit) (HKLM\...\{4460A893-EFF6-4B33-BF21-BAA2159F57E6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Test Suite (64-bit) (HKLM\...\{9141E990-BD45-4F42-BB32-B3012969355D}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Utility Scripts (64-bit) (HKLM\...\{35DC2DFB-0AEA-4DC2-AFA5-4EA2D2612B51}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.4 beta r3500 - Rainmeter)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.34 - Razer Inc.)
Spotify (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Spotify) (Version: 1.1.43.700.g20acee0f - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surface Dock FW Update 1.53.139 ARM64 (32 bit) (HKLM-x32\...\{79026FC3-F614-4918-B1BD-419794958006}) (Version: 20.075.44225.0 - Microsoft)
Telegram Desktop version 3.0.1 (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.0.1 - Telegram FZ-LLC)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 113.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\WhatsApp) (Version: 2.2134.10 - WhatsApp)
WinRAR 5.91 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wox Full Installer 1.4.1196 (HKLM-x32\...\{94d6e0ed-4ab2-43c5-9d81-764586327109}) (Version: 1.4.1196 - Wox) Hidden
XMind 11.0.2 (HKLM\...\fbd30ee5-8150-549e-9aed-fd9d444364fb) (Version: 11.0.2 - XMind Ltd.)
Zoom (HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)
ZXPInstaller (HKLM-x32\...\ZXPInstaller) (Version: - )
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-08-01] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-06-28] (Adobe Systems Incorporated)
Audible - Hörbuch und Hörspiel App -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2 [2021-09-19] (Audible Inc)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-08-04] (Canon Inc.)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.8.0_x86__1sdd7yawvg6ne [2021-09-20] (File-New-Project) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_131.1.242.0_x64__v10z8vjag6ke6 [2021-09-26] (HP Inc.)
Inkodo -> C:\Program Files\WindowsApps\8338Giuapps.Inkodo_2.15.26.0_x64__pzan5b7zgydq2 [2021-04-01] (Giuapps)
KYOCERA Print Center -> C:\Program Files\WindowsApps\A97ECD55.KYOCERAPrintCenter_3.0.10719.0_x64__kqmhh0ktdt7dg [2021-09-19] (KYOCERA Document Solutions Inc)
Lively Wallpaper -> C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.73.0_x86__97hta09mmv6hy [2021-10-02] (rocksdanister) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-30] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-22] (Microsoft Corporation) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.53.42632.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10913.5785.0_x64__8wekyb3d8bbwe [2021-09-22] (Microsoft Corporation)
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-25] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-09-13] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-29] (NVIDIA Corp.)
Office Lens -> C:\Program Files\WindowsApps\Microsoft.OfficeLens_16.0.32001.0_x86__8wekyb3d8bbwe [2021-09-19] (Microsoft Corporation)
PDF Reader - View, Edit, Annotate -> C:\Program Files\WindowsApps\5E8FC25E.XODODOCS_5.0.15.0_x64__3v3sf0k6w2rec [2021-09-20] (Xodo Technologies Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2020-10-31] (Realtek Semiconductor Corp)
Super Productivity -> C:\Program Files\WindowsApps\53707johannesjo.SuperProductivity_7.6.0.0_x64__ch45amy23cdv6 [2021-09-26] (johannesjo)
Surface -> C:\Program Files\WindowsApps\Microsoft.SurfaceHub_49.632.139.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3593820219-2832368027-3012111108-1001_Classes\CLSID\{04271989-C4D2-2BD1-D56D-67225097E14A} -> [OneDrive - stud.hs-heilbronn.de] => H:\OneDrive - stud.hs-heilbronn.de [2020-03-19 10:02]
CustomCLSID: HKU\S-1-5-21-3593820219-2832368027-3012111108-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-3DFC30B366CD} -> [Creative Cloud Files] => C:\Users\kaibe\Creative Cloud Files [2020-08-30 11:40]
CustomCLSID: HKU\S-1-5-21-3593820219-2832368027-3012111108-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\kaibe\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3593820219-2832368027-3012111108-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3593820219-2832368027-3012111108-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\kaibe\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3593820219-2832368027-3012111108-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3593820219-2832368027-3012111108-1001_Classes\CLSID\{fc2e8a9d-0f37-4ea8-9f77-7019d6261304} -> [Nextcloud] => H:\Nextcloud [2021-07-07 13:52]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-06-24] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-06-24] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-06-24] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-06-24] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-06-24] (Nextcloud GmbH -> Nextcloud GmbH)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\shellext\NCContextMenu.dll [2021-06-24] (Nextcloud GmbH -> Nextcloud GmbH)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerRenameExt.dll [2021-07-01] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmsoi.inf_amd64_c28930fcde990595\nvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-09-15 23:31 - 2020-09-15 23:31 - 000355840 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PowerToys\modules\launcher\Mono.Cecil.dll
2020-11-26 07:51 - 2020-11-26 07:51 - 001570816 _____ (Andreas Gullberg Larsen) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PowerToys\modules\launcher\UnitsNet.dll
2021-03-23 17:33 - 2021-03-23 17:33 - 000914944 _____ (ModernWpf) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PowerToys\modules\ColorPicker\ModernWpf.dll
2021-03-23 17:33 - 2021-03-23 17:33 - 000914944 _____ (ModernWpf) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PowerToys\modules\launcher\ModernWpf.dll
2021-03-24 22:05 - 2021-03-24 22:05 - 000820736 _____ (NLog) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PowerToys\modules\Awake\NLog.dll
2020-08-22 10:31 - 2020-08-22 10:31 - 000817152 _____ (NLog) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PowerToys\modules\launcher\NLog.dll
2020-08-27 20:03 - 2020-08-27 20:03 - 000046080 _____ (NLog) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PowerToys\modules\launcher\NLog.Extensions.Logging.dll
2020-10-12 22:38 - 2020-10-12 22:38 - 000052224 _____ (Tatham Oddie & friends) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PowerToys\modules\Awake\System.IO.Abstractions.dll
2020-10-12 22:38 - 2020-10-12 22:38 - 000052224 _____ (Tatham Oddie & friends) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PowerToys\modules\ColorPicker\System.IO.Abstractions.dll
2020-10-12 22:38 - 2020-10-12 22:38 - 000052224 _____ (Tatham Oddie & friends) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PowerToys\modules\launcher\System.IO.Abstractions.dll
2020-08-29 18:05 - 2020-08-29 18:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-08-29 18:05 - 2020-08-29 18:05 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2020-08-29 18:05 - 2020-08-29 18:05 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-07-08 21:40 - 2020-08-29 18:05 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-07-08 21:40 - 2020-08-29 18:05 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-07-08 21:40 - 2020-08-29 18:05 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-07-08 21:40 - 2020-08-29 18:05 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-07-08 21:40 - 2020-08-29 18:05 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-07-08 21:40 - 2020-08-29 18:05 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\x64\SwissAcademic.Citavi.IEPicker.DLL [2021-07-09] (Swiss Academic Software -> Swiss Academic Software)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-07-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-07-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\SwissAcademic.Citavi.IEPicker.DLL [2021-07-09] (Swiss Academic Software -> Swiss Academic Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-07-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-07-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-07-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-07-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\sharepoint.com -> hxxps://studhsheilbronnde-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2018-09-15 09:31 - 2021-10-02 23:41 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\youtube-dl;C:\Program Files\dotnet\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "openvpn-gui"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\StartupApproved\Run: => "HP ENVY 4500 series (NET)"
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\StartupApproved\Run: => "Nextcloud"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{7B0A4E13-7EAF-4908-9121-4E442A112648}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{5FF0057D-9ADA-406F-9F83-753311E42EA7}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{243FB885-68BE-4DFF-B801-DC7BD203A706}C:\users\kaibe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kaibe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{EC0BDF26-0961-409D-BE47-19B7FCE5DEED}C:\users\kaibe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kaibe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B8EAD6E2-101F-48D8-A3B9-C0B180B9E6A6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D09A8C54-39E1-4785-81CF-880240604FA9}C:\users\kaibe\appdata\roaming\zoom\bin\zoom.exe] => (Block) C:\users\kaibe\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{CC9F2934-F3B3-453C-A105-63F418DE7F99}C:\users\kaibe\appdata\roaming\zoom\bin\zoom.exe] => (Block) C:\users\kaibe\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{88D33646-6DB8-4E5B-9EBE-3B35F28DB633}C:\program files\hp\hp envy 4500 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 4500 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [UDP Query User{F5770634-99EB-4C98-B207-0E8C1AFEE7F1}C:\program files\hp\hp envy 4500 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 4500 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{D719D6B9-7FF0-41A0-BBB3-F85755E98B6E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{2CB9C5F5-4F0C-4972-B21C-8BB4F3B08CB6}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{73BDD2C5-4DC1-4DCF-BEB9-ADA2B374B1AC}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{4D68E7EF-0AE2-4998-84F5-92B3FB08C3E5}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{05B6027A-C930-45B5-BD97-1AEB946A075B}C:\program files (x86)\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\program files (x86)\wargaming.net\gamecenter\wgc.exe => Keine Datei
FirewallRules: [UDP Query User{552F3214-B0A0-41A2-BBEE-C70D754CFFB6}C:\program files (x86)\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\program files (x86)\wargaming.net\gamecenter\wgc.exe => Keine Datei
FirewallRules: [{007BF32E-D019-4873-BF66-152E5034FFEA}] => (Allow) LPort=9422
FirewallRules: [{0D9C22B3-6EF4-41F8-9D62-958668360EB1}] => (Allow) LPort=9245
FirewallRules: [{5DBEA118-9F02-45DD-8343-DB39BA38E55F}] => (Allow) LPort=9246
FirewallRules: [{BB040427-ADCA-486E-BD41-0631A0B45B43}] => (Allow) LPort=9247
FirewallRules: [{95F33D0E-2367-4988-BAEC-14C0BDEAA3AE}] => (Allow) LPort=3702
FirewallRules: [{70473B6D-F4BF-4982-8314-F626ADD3600F}] => (Allow) LPort=9244
FirewallRules: [{D71689C5-7391-4062-B7A6-9C625078FDFB}] => (Allow) LPort=9444
FirewallRules: [{F8649EBA-F593-432A-AC03-A467C5472BFB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C1E5348-286F-46D1-8386-F00CB2AB409D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{588C8A76-D56D-4E7E-A1BD-9C2D5DC97A1F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2C622A07-6255-4BE6-A874-9A908ED9D0AF}C:\users\kaibe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kaibe\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{990129E3-040A-4486-A688-1AE66F12D2E8}C:\users\kaibe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kaibe\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B84788BC-69DA-4EF7-90D8-6BDBE966D30E}] => (Block) C:\users\kaibe\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{56517D83-5066-4201-AC46-6408CA49FDA1}] => (Block) C:\users\kaibe\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AEA4E678-01F5-400A-BC6E-FDBAB7DCA5B7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{947E064A-43B7-4D71-AF1B-72ECD7613F35}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E700E2D7-7D90-4A0C-90BD-D5F0B17CEE87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5CB35042-D1D2-48CF-B592-F66FD75C26FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6E38C24A-54C1-4985-8CAB-A7433D127BDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E583F6C3-ED82-4AA2-9401-CE4075B8AF3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B3A1F01-8CA6-42FD-A621-42AD899756F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A96C577-B739-44CF-8C37-A111A1482374}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74497F19-ED6D-4EB5-9A77-D1D906C63590}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17C6F857-3D81-4F96-A31F-0972FFA41A67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D7274B3-1C7B-4674-9F0A-05B4E0004486}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2B54179-D66F-4CA5-A97F-091A9B7B143B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F73531B3-1BC9-49DE-ADC0-DD1C648E5355}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{48170000-732E-4BA0-9F38-6A1D0EAF3A1F}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ECC5EFF7-0596-41EA-93F1-6E31DAA376D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{29CDDA1D-F207-4050-9B02-3D0428540C03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{1501C271-C925-43D8-B985-9523CAF12629}C:\program files (x86)\steam\steamapps\common\r.u.s.e\ruse.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\r.u.s.e\ruse.exe (Eugen Systems) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{5F6832CB-4E1B-4140-9843-DA3E48501558}C:\program files (x86)\steam\steamapps\common\r.u.s.e\ruse.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\r.u.s.e\ruse.exe (Eugen Systems) [Datei ist nicht signiert]
FirewallRules: [{5A141C96-1CCA-485D-AB99-77011911DBAB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4F68706E-1114-43DA-877B-926E094E3B5E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B471E4DE-9C25-466A-BBE3-AA5870225A68}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
24-09-2021 14:18:53 Geplanter Prüfpunkt
28-09-2021 17:11:40 Removed Teams Machine-Wide Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (10/03/2021 11:46:19 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (10/03/2021 11:46:19 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (10/03/2021 12:15:36 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (10/03/2021 12:15:36 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (10/03/2021 12:15:36 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (10/03/2021 12:15:36 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (10/02/2021 11:41:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/02/2021 11:40:21 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {70b86845-e155-46df-8eb0-6621433db910}
Systemfehler:
=============
Error: (10/03/2021 11:46:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "luafv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (10/03/2021 11:46:12 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_164c821 erreicht.
Error: (10/03/2021 11:46:11 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FAM83KL)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/03/2021 11:45:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/03/2021 11:45:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Surface USB Hub Firmware Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/03/2021 11:45:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Surface Integration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/03/2021 11:45:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Surface DTX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/03/2021 11:45:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Surface Display Color Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
BIOS: Microsoft Corporation 390.3732.768 04.20.2021
Hauptplatine: Microsoft Corporation Surface Book 2
Prozessor: Intel(R) Core(TM) i7-8650U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 16301.01 MB
Verfügbarer physikalischer RAM: 9831.62 MB
Summe virtueller Speicher: 18733.01 MB
Verfügbarer virtueller Speicher: 10963.23 MB
==================== Laufwerke ================================
Drive c: (Local Disk) (Fixed) (Total:474.63 GB) (Free:190.68 GB) (Protected) NTFS
Drive h: (HDD) (Fixed) (Total:931.48 GB) (Free:402.4 GB) NTFS
\\?\Volume{6e5958e8-6235-4864-b62a-76ecc9c30bc2}\ (Windows RE tools) (Fixed) (Total:1.93 GB) (Free:1.3 GB) NTFS
\\?\Volume{556c838d-127d-4493-a30c-02e72c7bfe4a}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 31C2D83A)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==================== Ende von Addition.txt ======================= Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2021
durchgeführt von kaibe (Administrator) auf DESKTOP-FAM83KL (Microsoft Corporation Surface Book 2) (03-10-2021 11:50:13)
Gestartet von C:\Users\kaibe\Desktop
Geladene Profile: kaibe
Platform: Windows 10 Pro Version 20H2 19042.1237 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.8.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <23>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\64jp8682.inf_amd64_ea97e317d6be70ec\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\64jp8682.inf_amd64_ea97e317d6be70ec\IntelCpHeciSvc.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\TPMProvisioningService.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> ColorPickerUI) C:\Program Files\PowerToys\modules\ColorPicker\ColorPickerUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\kaibe\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> PowerToys.Awake) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmsoi.inf_amd64_c28930fcde990595\Display.NvContainer\NVDisplay.Container.exe <2>
(Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm.inf_amd64_7d200f2580ecd8a5\RtkAudUService64.exe <2>
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe
(Wox) [Datei ist nicht signiert] C:\Users\kaibe\AppData\Local\Wox\app-1.4.1196\Wox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SurfaceDTX.exe] => C:\WINDOWS\System32\SurfaceDTX.exe [808976 2019-08-07] (Microsoft Corporation -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [openvpn-gui] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [684160 2018-04-26] () [Datei ist nicht signiert]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-09-09] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\hdxsstm.inf_amd64_7d200f2580ecd8a5\RtkAudUService64.exe [835680 2020-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2237256 2020-03-13] (voidtools -> voidtools)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [483976 2020-08-13] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-10] (Adobe Inc. -> )
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3091136 2020-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2020-05-13] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5267168 2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\kaibe\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Spotify] => C:\Users\kaibe\AppData\Roaming\Spotify\Spotify.exe [23360232 2020-10-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Discord] => C:\Users\kaibe\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\kaibe\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5397216 2021-09-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\kaibe\AppData\Local\WebEx\CiscoWebExStart.exe [4693832 2021-09-18] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [2683200 2021-06-24] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Wox] => C:\Users\kaibe\AppData\Local\Wox\app-1.4.1196\Wox.exe [218112 2021-07-19] (Wox) [Datei ist nicht signiert]
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\MountPoints2: {69dd3440-08ad-11ec-970f-70bc1080f115} - "F:\OnePlus_setup.exe" /s
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
HKLM\...\Windows x64\Print Processors\Canon MX470 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDC2.DLL [30208 2013-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: AdobePDF.dll
HKLM\...\Print\Monitors\Appmon: AppMon.dll
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX470 series: CNCALC2.DLL
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX470 series: CNMLMC2.DLL
HKLM\...\Print\Monitors\HP C511 Status Monitor: hpinkstsC511LM.dll
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4500 series): HPDiscoPMC511.dll
HKLM\...\Print\Monitors\KM Language Monitor: KMPJL64.DLL
HKLM\...\Print\Monitors\KX Language Monitor: KXPLM64.DLL
HKLM\...\Print\Monitors\Local Port: localspl.dll
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: FXSMON.DLL
HKLM\...\Print\Monitors\Standard TCP/IP Port: tcpmon.dll
HKLM\...\Print\Monitors\USB Monitor: usbmon.dll
HKLM\...\Print\Monitors\WSD Port: APMon.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-24] (Google LLC -> Google LLC)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{169EBF44-942F-4C43-87CE-13C93996EBBE}] -> C:\Windows\SysWOW64\AppManagementConfiguration.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{2BFCC077-22D2-48DE-BDE1-2F618D9B476D}] -> C:\Windows\SysWOW64\AppManagementConfiguration.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\Windows\SysWOW64\dmenrollengine.dll [2021-09-17] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> hvsigpext.dll
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\Windows\SysWOW64\appmgmts.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{F312195E-3D9D-447A-A3F5-08DFFA24735E}] -> dggpext.dll
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FC491EF1-C4AA-4CE1-B329-414B101DB823}] -> dggpext.dll
InternetURL: C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\https---calendar.google.com-.url -> URL: hxxps://calendar.google.com/
Startup: C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2021-07-18]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05756A54-F141-4A9F-8E5F-723C7F042040} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0AB99643-DD42-4E3D-A53E-08B806B588DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {17EB68A1-2C4D-4A8B-9ACB-D031BBFC6908} - System32\Tasks\PowerToys\Autorun for kaibe => C:\Program Files\PowerToys\PowerToys.exe [1205128 2021-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DE49DBF-23D2-490C-A07D-E66DFF572B99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22E5C5E4-C049-4750-9DCD-6C29E435F26F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729200 2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {244F9FAA-E85D-4DD7-80E7-6F5985A42757} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B2C06E6-254F-40CC-93B8-3D8778179C3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {316CCD8B-7797-4C3B-91A1-F2B6C5C17D4D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B65C273-19C3-4454-8DA8-9376ECC05359} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-22] (Google LLC -> Google LLC)
Task: {497DF4BA-C37C-4B60-BB4C-919CB5889D5D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {51D3F887-0632-4C4E-81B0-158DD46B60A8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5431C7C2-129F-454F-AFD2-A592FE01FDD6} - System32\Tasks\update-S-1-5-21-3593820219-2832368027-3012111108-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5B16A634-30A3-411A-AEC0-CA6853AE05C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61DD2E7F-F210-4856-A6E6-B48AEFF634E6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {66A29F20-8F97-4A4B-A670-5C37045E3DA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66BDEEEF-2195-484A-8356-B32E6787D1DA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D0CAB02-6349-4E00-8685-DD5DFCF1FAA4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7D1FF4A6-AB65-46A7-A81B-F72C7111B063} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {960D8C39-3FB4-4AB5-B43C-0638D87AEAF3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9A301767-3CCA-43DB-9D10-B49202A5BF3A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A297DF0C-E4C5-42A3-B461-C29293F77C64} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A685C74B-6C70-4EBC-9BF7-49F57B21EB4D} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {AB05B368-13F7-468A-9B30-E553C06B5449} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [38400 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {B9FCD788-913E-42F6-B32F-1BA096E42426} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {BE030DC3-A9FC-485F-A753-E17382563F0F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C5DC1B07-79AA-4046-B8E2-4DD1F1747FCD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C969EDE4-61D4-4745-B0FA-9E2719B05E09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-22] (Google LLC -> Google LLC)
Task: {CC386DC4-CE86-48D1-95F7-5F4A90C197D8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCCB6388-B3FF-4D8F-92E5-8BD22D790358} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729200 2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D090A5A5-A025-4804-A633-B9C6D147DBCB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {E62BFA1F-2BF6-4272-A64E-629CBE61050B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3593820219-2832368027-3012111108-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{93e5c563-c65c-4a7a-ac62-5ac593d5ee40}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c8b1b754-1c31-4189-93da-e1eb5ad1c5f8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{ed358a37-58f7-42c8-8c10-a89e0bac9f4d}: [DhcpNameServer] 141.7.2.1 141.7.2.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\kaibe\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-02]
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Cisco Webex Extension) - C:\Users\kaibe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmihkeafcknlomclapaddfljaeegfbdl [2020-09-28]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\kaibe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-09-10]
Edge Extension: (Amazon Order History Reporter) - C:\Users\kaibe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mgkilgclilajckgnedgjgnfdokkgnibi [2021-06-15]
Edge Extension: (Citavi Picker) - C:\Users\kaibe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mielbhbkcliienpdicphhecpodcaeefg [2021-09-10]
Edge HKLM-x32\...\Edge\Extension: [cmihkeafcknlomclapaddfljaeegfbdl]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-09-18] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-07-05] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default [2021-10-03]
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Präsentationen) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-22]
CHR Extension: (Docs) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-22]
CHR Extension: (Google Drive) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Get cookies.txt) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgaddhkoddajcdgocldbbfleckgcbcid [2021-01-22]
CHR Extension: (YouTube) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-22]
CHR Extension: (Honey) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-09-27]
CHR Extension: (Avira Safe Shopping) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-08-20]
CHR Extension: (OneTab) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2021-07-21]
CHR Extension: (Tabellen) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-22]
CHR Extension: (Google Docs Offline) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-24]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-09-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Citavi Picker) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-07-27]
CHR Extension: (Google Mail) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [jlhmfgmfgeifomenelglieieghnjghma]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-07-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-09] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250696 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 OpenVpnService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [483976 2020-08-13] (Geek Software GmbH -> Geek Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146240 2020-09-18] (Cisco WebEx LLC -> Cisco WebEx LLC)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmsoi.inf_amd64_c28930fcde990595\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmsoi.inf_amd64_c28930fcde990595\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
R3 MaximPowerMeter; C:\WINDOWS\System32\drivers\MaximPowerMeter.sys [40728 2018-10-04] (WDKTestCert satertza,130571941058270086 -> Maxim Integrated)
S3 msump64x64; C:\WINDOWS\System32\DriverStore\FileRepository\msump64x64sta.inf_amd64_89698266d72b169e\msump64x64.sys [937472 2021-03-19] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 msux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\msux64w10.inf_amd64_440fd3d3d9361452\msux64w10.sys [702304 2020-02-20] (Microsoft Corporation -> Microsoft)
R3 OemShZDigitizerIntegration; C:\WINDOWS\System32\drivers\Surface1832DigitizerIntegration.sys [35856 2018-10-04] (Microsoft Corporation -> Microsoft Corporation)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-10-26] (Razer Inc. -> Razer Inc)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-10-03 11:45 - 2021-10-03 11:45 - 000000000 ____D C:\WINDOWS\system32\OV8865_REAR.aiqd
2021-10-03 11:45 - 2021-10-03 11:45 - 000000000 ____D C:\WINDOWS\system32\OV5693_FRONT.aiqd
2021-10-03 00:04 - 2021-10-03 11:51 - 000036824 _____ C:\Users\kaibe\Desktop\FRST.txt
2021-10-02 23:07 - 2021-10-02 23:07 - 000000000 ____D C:\WINDOWS\pss
2021-10-02 22:58 - 2021-10-02 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2021-10-02 22:58 - 2021-10-02 22:58 - 000000000 ____D C:\ProgramData\GridinSoft
2021-10-02 22:13 - 2021-10-02 22:14 - 000000000 ____D C:\AdwCleaner
2021-10-02 21:11 - 2021-10-02 21:11 - 000000000 ____D C:\Users\Public\Logi
2021-10-02 21:00 - 2021-10-03 11:51 - 000000000 ____D C:\FRST
2021-10-02 21:00 - 2021-10-02 21:00 - 002304512 _____ (Farbar) C:\Users\kaibe\Desktop\FRST64.exe
2021-10-02 09:44 - 2021-10-02 09:44 - 000001866 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind.lnk
2021-10-02 09:44 - 2021-10-02 09:44 - 000001854 _____ C:\Users\Public\Desktop\XMind.lnk
2021-09-29 08:17 - 2021-09-29 08:17 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\figma-desktop
2021-09-28 14:35 - 2021-09-28 15:43 - 000000000 ____D C:\Users\kaibe\AppData\Local\Skitch
2021-09-24 20:38 - 2021-09-24 20:38 - 000001974 _____ C:\Users\Public\Desktop\OpenAudible.lnk
2021-09-24 20:38 - 2021-09-24 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenAudible
2021-09-23 09:16 - 2021-10-02 14:08 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Breitbandmessung
2021-09-23 09:15 - 2021-09-23 09:15 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breitbandmessung.lnk
2021-09-23 09:15 - 2021-09-23 09:15 - 000002352 _____ C:\Users\Public\Desktop\Breitbandmessung.lnk
2021-09-23 09:15 - 2021-09-23 09:15 - 000000000 ____D C:\Users\kaibe\AppData\Local\breitbandmessung-updater
2021-09-23 09:15 - 2021-09-23 09:15 - 000000000 ____D C:\Program Files\Breitbandmessung
2021-09-19 19:41 - 2021-09-19 19:42 - 000000000 ____D C:\Users\kaibe\Documents\Image-Line
2021-09-19 19:41 - 2021-09-19 19:41 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2021-09-19 19:41 - 2021-09-19 19:41 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2021-09-19 19:40 - 2021-09-24 19:36 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-09-19 19:40 - 2021-09-19 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-09-19 19:40 - 2021-09-19 19:40 - 000000000 ____D C:\Program Files\Common Files\VST2
2021-09-19 19:40 - 2021-09-19 19:40 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2021-09-19 19:38 - 2021-09-19 19:41 - 000000000 ____D C:\Program Files\Image-Line
2021-09-17 13:50 - 2021-09-17 13:50 - 000000000 ___RD C:\Users\kaibe\OneDrive
2021-09-17 13:45 - 2021-09-29 22:12 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3593820219-2832368027-3012111108-1001
2021-09-17 13:45 - 2021-09-29 22:12 - 000002409 _____ C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-17 09:57 - 2021-09-17 09:57 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-17 09:57 - 2021-09-17 09:57 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-17 09:57 - 2021-09-17 09:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 001328376 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 001324032 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-17 09:57 - 2021-09-17 09:57 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 09:57 - 2021-09-17 09:57 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-17 09:57 - 2021-09-17 09:57 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-17 09:57 - 2021-09-17 09:57 - 000512864 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-17 09:57 - 2021-09-17 09:57 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-17 09:57 - 2021-09-17 09:57 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 09:57 - 2021-09-17 09:57 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 09:57 - 2021-09-17 09:57 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-17 09:57 - 2021-09-17 09:57 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 09:57 - 2021-09-17 09:57 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-17 09:57 - 2021-09-17 09:57 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-17 09:57 - 2021-09-17 09:57 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-17 09:51 - 2021-09-17 09:51 - 000000000 ___HD C:\$WinREAgent
2021-09-11 21:41 - 2021-10-02 23:59 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Figma
2021-09-11 21:41 - 2021-09-11 21:41 - 000002151 _____ C:\Users\kaibe\Desktop\Figma.lnk
2021-09-11 21:41 - 2021-09-11 21:41 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Figma, Inc
2021-09-11 21:40 - 2021-09-29 08:16 - 000000000 ____D C:\Users\kaibe\AppData\Local\Figma
2021-09-03 10:06 - 2021-09-03 10:06 - 000001407 _____ C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-10-03 11:48 - 2020-08-23 16:18 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-03 11:48 - 2020-06-22 06:16 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-03 11:47 - 2021-07-16 14:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2021-10-03 11:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-03 11:46 - 2021-01-22 14:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-03 11:46 - 2021-01-22 14:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-03 11:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-03 11:46 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-03 11:42 - 2021-07-19 08:41 - 000000000 ____D C:\Users\kaibe\AppData\Local\Everything
2021-10-03 11:42 - 2021-07-19 08:37 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Everything
2021-10-03 11:41 - 2021-04-20 08:16 - 000000000 ____D C:\Users\kaibe\Documents\Outlook-Dateien
2021-10-03 10:20 - 2021-07-27 09:27 - 000000000 ____D C:\Users\kaibe\Documents\Citavi 6
2021-10-03 10:19 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-03 10:17 - 2021-01-22 14:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-03 01:12 - 2020-11-03 15:37 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\KeePass
2021-10-03 00:24 - 2021-01-22 14:21 - 001590252 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-03 00:24 - 2019-12-07 16:51 - 000687476 _____ C:\WINDOWS\system32\perfh007.dat
2021-10-03 00:24 - 2019-12-07 16:51 - 000141882 _____ C:\WINDOWS\system32\perfc007.dat
2021-10-03 00:24 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-02 23:43 - 2020-10-03 13:35 - 000000000 ____D C:\Users\kaibe\AppData\LocalLow\Temp
2021-10-02 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-10-02 23:40 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-10-02 23:34 - 2020-08-22 11:47 - 000000000 ____D C:\Users\kaibe\AppData\Local\NVIDIA Corporation
2021-10-02 23:26 - 2021-05-04 18:15 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Anki2
2021-10-02 23:26 - 2020-11-26 14:12 - 000000000 ____D C:\Users\kaibe\Desktop\#junk#
2021-10-02 22:40 - 2020-08-23 19:13 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\WhatsApp
2021-10-02 22:10 - 2020-08-29 20:28 - 000000000 ____D C:\Users\kaibe\AppData\Local\CrashDumps
2021-10-02 21:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-02 21:09 - 2020-08-23 16:29 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-02 21:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-02 21:09 - 2019-03-13 00:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-02 13:58 - 2020-10-02 09:46 - 000000000 ____D C:\Users\kaibe\AppData\Local\Webex
2021-10-02 13:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-02 09:44 - 2021-05-15 12:49 - 000000000 ____D C:\Program Files\XMind
2021-10-02 09:43 - 2020-10-02 09:45 - 000000000 ____D C:\Users\kaibe\AppData\LocalLow\WebEx
2021-10-02 08:45 - 2020-08-30 11:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-10-02 08:04 - 2020-08-29 18:06 - 000000000 ____D C:\Users\kaibe\AppData\Local\D3DSCache
2021-10-01 08:30 - 2021-08-01 23:16 - 000002124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-10-01 08:30 - 2021-08-01 23:16 - 000002113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-10-01 08:10 - 2021-01-22 14:17 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 08:10 - 2021-01-22 14:17 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-29 20:11 - 2020-08-22 11:45 - 000000000 ____D C:\Users\kaibe\AppData\Local\Packages
2021-09-29 19:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-09-27 12:17 - 2020-09-29 09:16 - 000073288 _____ C:\WINDOWS\system32\Drivers\SurfaceTconPrediction.bin
2021-09-26 23:35 - 2020-10-06 15:46 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\vlc
2021-09-26 22:12 - 2020-09-05 10:18 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-26 22:12 - 2020-09-05 10:18 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-26 17:41 - 2021-07-07 13:49 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Nextcloud
2021-09-24 21:43 - 2020-12-13 01:10 - 000000000 ____D C:\Users\kaibe\OpenAudible
2021-09-24 20:38 - 2020-12-13 01:10 - 000000000 ____D C:\Program Files\OpenAudible
2021-09-24 20:30 - 2020-12-13 01:18 - 000001120 _____ C:\Users\Public\Desktop\AAX Audio Converter.lnk
2021-09-24 20:30 - 2020-12-13 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\audiamus
2021-09-24 10:00 - 2020-10-22 14:43 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-24 10:00 - 2020-10-22 14:43 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-23 13:27 - 2020-10-21 21:52 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Mp3tag
2021-09-22 20:48 - 2020-10-09 11:47 - 000000000 ____D C:\Users\kaibe\AppData\Local\ElevatedDiagnostics
2021-09-22 20:29 - 2020-12-24 12:10 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\audacity
2021-09-21 19:52 - 2020-08-29 18:06 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Telegram Desktop
2021-09-19 19:50 - 2019-03-13 00:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-19 19:40 - 2020-08-22 11:49 - 000803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-09-17 13:50 - 2021-01-22 14:12 - 000000000 ____D C:\Users\kaibe
2021-09-17 10:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 10:28 - 2021-01-22 14:09 - 000454536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-17 10:27 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 10:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-17 09:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-17 09:50 - 2020-08-23 16:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-17 09:47 - 2020-08-23 16:28 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 09:27 - 2021-04-08 11:03 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-11 21:41 - 2020-08-23 19:13 - 000000000 ____D C:\Users\kaibe\AppData\Local\SquirrelTemp
2021-09-11 14:47 - 2020-08-29 18:05 - 000000000 ____D C:\Users\kaibe\AppData\Local\Ubisoft Game Launcher
2021-09-05 18:25 - 2020-11-03 11:39 - 000000000 ____D C:\Users\kaibe\AppData\Local\WhatsApp
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-09-03 16:10 - 2020-09-03 16:10 - 000000000 _____ () C:\Users\kaibe\AppData\Local\oobelibMkey.log
2021-01-22 16:36 - 2021-01-22 16:36 - 000000752 _____ () C:\Users\kaibe\AppData\Local\recently-used.xbel
2021-08-29 20:31 - 2021-08-29 20:31 - 000007605 _____ () C:\Users\kaibe\AppData\Local\Resmon.ResmonCfg
2021-01-04 15:20 - 2021-01-04 15:20 - 000000003 _____ () C:\Users\kaibe\AppData\Local\updater.log
2021-01-04 15:20 - 2021-01-04 15:20 - 000000424 _____ () C:\Users\kaibe\AppData\Local\UserProducts.xml
==================== FLock ==============================
2021-10-03 11:45 C:\WINDOWS\system32\OV5693_FRONT.aiqd
2021-10-03 11:45 C:\WINDOWS\system32\OV8865_REAR.aiqd
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== |