Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2020
durchgeführt von Juergen Hamann (Administrator) auf DESKTOP-8TFKQJN (ASUSTeK COMPUTER INC. G752VY) (29-01-2020 10:14:17)
Gestartet von C:\Users\Juergen Hamann\Desktop
Geladene Profile: Juergen Hamann (Verfügbare Profile: Juergen Hamann)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe
() [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe
() [Datei ist nicht signiert] C:\Program Files\Syncovery\SyncoveryVSS.exe
(ACD Systems International Inc. -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\11.0\ACDSeeCommanderUltimate11.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Avanquest UK Ltd -> Avanquest Software) C:\Program Files (x86)\eXpert PDF 12 Manager\eXpert PDF 12\eXpert Manager.exe
(Avanquest UK Ltd -> Avanquest Software) C:\Program Files\eXpert PDF 11\creator-ws.exe
(Avanquest UK Ltd -> Avanquest Software) C:\Program Files\eXpert PDF 12\creator\common\creator-ws.exe
(A-Volute -> ) C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
(Buhl Data Service GmbH -> Buhl Data Service GmbH) C:\Program Files (x86)\Buhl\WISO Mein Geld 365\Buhl.MeinGeld.UpdateService.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Fieldston Software) [Datei ist nicht signiert] C:\Program Files\Fieldston Software\gSyncit\gsyncit.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Users\Juergen Hamann\AppData\Roaming\Steganos\OnlineShield\Proxy\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Portrait Displays, Inc. -> ) C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
(Portrait Displays, Inc. -> ) C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Portrait Displays, Inc. -> Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATISDE.EXE
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATISDE.EXE
(Steganos Software GmbH -> Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 20\Notifier.exe
(Steganos Software GmbH -> Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 20\passwordmanagercom.exe
(Steganos Software GmbH -> Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 20\SteganosBrowserMonitor.exe
(Steganos Software GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Steganos Privacy Suite 20\fredirstarter.exe
(Steganos Software GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Steganos Privacy Suite 20\SteganosHotKeyService.exe
(Super Flexible Software Ltd. & Co. KG -> ) C:\Program Files\Syncovery\SyncoveryGuardian.exe
(Super Flexible Software Ltd. & Co. KG -> Super Flexible Software) C:\Program Files\Syncovery\SyncoveryFileSystemMonitor.exe
(Synology Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [2480520 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [SS2UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [1153504 2015-12-15] (A-Volute -> )
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [752168 2019-03-25] (Acronis International GmbH -> )
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1067024 2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2240288 2019-02-04] (voidtools -> voidtools)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4971688 2019-03-25] (Acronis International GmbH -> )
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] (Portrait Displays, Inc. -> )
HKLM-x32\...\Run: [DT HPC] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2014-06-27] (Portrait Displays, Inc. -> Portrait Displays, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2017-12-18] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3315280 2019-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2019-03-25] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 20\SteganosHotKeyService.exe [154112 2019-04-03] (Steganos Software GmbH) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SSS20 Chrome Autofill Relay] => C:\Program Files (x86)\Steganos Privacy Suite 20\passwordmanagercom.exe [1457184 2019-04-12] (Steganos Software GmbH -> Steganos Software GmbH)
HKLM-x32\...\Run: [SSS20 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 20\SteganosBrowserMonitor.exe [1165352 2019-04-12] (Steganos Software GmbH -> Steganos Software GmbH)
HKLM-x32\...\Run: [SSS20 Notifier] => C:\Program Files (x86)\Steganos Privacy Suite 20\Notifier.exe [4233720 2019-04-12] (Steganos Software GmbH -> Steganos Software GmbH)
HKLM-x32\...\Run: [SSS20 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 20\fredirstarter.exe [23040 2019-04-03] (Steganos Software GmbH) [Datei ist nicht signiert]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [665568 2018-10-05] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [870368 2018-10-05] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation) [Datei ist nicht signiert]
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4253964506-1320168302-2910709501-1001\...\Run: [ACDSeeCommanderUltimate11] => C:\Program Files\ACD Systems\ACDSee Ultimate\11.0\ACDSeeCommanderUltimate11.exe [6414824 2018-04-06] (ACD Systems International Inc. -> )
HKU\S-1-5-21-4253964506-1320168302-2910709501-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1104288 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-4253964506-1320168302-2910709501-1001\...\Run: [gSyncit] => C:\Program Files\Fieldston Software\gSyncit\gsyncit.exe [229376 2019-12-15] (Fieldston Software) [Datei ist nicht signiert]
HKU\S-1-5-21-4253964506-1320168302-2910709501-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATISDE.EXE [418000 2016-07-14] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4253964506-1320168302-2910709501-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATISDE.EXE [418000 2016-07-14] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4253964506-1320168302-2910709501-1001\...\Run: [SSS20_Proxy] => C:\Program Files (x86)\Steganos Privacy Suite 20\Suite.exe [4682752 2019-04-12] (Steganos Software GmbH -> Steganos Software GmbH)
HKU\S-1-5-21-4253964506-1320168302-2910709501-1001\...\MountPoints2: {2d2c9c0f-1c1d-11ea-8a79-d017c21ff115} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4253964506-1320168302-2910709501-1001\...\MountPoints2: {b5ef6897-c721-11e8-90b4-806e6f6e6963} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL B:\index.html
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-24] (Google LLC -> Google LLC)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\Windows\SysWOW64\dmenrollengine.dll [2019-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CardMinder Viewer.lnk [2018-10-07]
ShortcutTarget: CardMinder Viewer.lnk -> C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe (PFU LIMITED) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\In PDF-Datei mit ScanSnap Organizer konvertieren.lnk [2020-01-09]
ShortcutTarget: In PDF-Datei mit ScanSnap Organizer konvertieren.lnk -> C:\Program Files (x86)\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe (PFU LIMITED) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnk [2020-01-06]
ShortcutTarget: ScanSnap Manager.lnk -> C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe (PFU LIMITED) [Datei ist nicht signiert]
GroupPolicy: Beschränkung ? <==== ACHTUNG
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {000141A3-5FF0-43F6-83AF-03C801C8B305} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {114CFB1E-5967-40C6-A143-F09D9579FED7} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [363160 2015-11-04] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {122D7738-E887-4D5A-AED0-3F00EDB359C4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-08-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1B0C0498-944F-4BAA-A51E-1D4376253762} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [37888 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {23F98C74-9D47-45BB-9B8B-CDB257B3997D} - System32\Tasks\SS2svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe [275456 2015-12-15] () [Datei ist nicht signiert]
Task: {26CA2964-6237-46B0-A8BE-8159532CD488} - System32\Tasks\SS2UILauncherRun => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [1153504 2015-12-15] (A-Volute -> )
Task: {313D8A07-F501-4DE8-929A-C51B640E614D} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-08-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {31FA0E67-5558-4444-9424-B1187CC11495} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {448B4234-3D6B-4723-9488-DEDC9703846D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {460F2CA8-F7A7-4B22-98FA-7F79536E8D2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-13] (Google Inc -> Google Inc.)
Task: {46E71A32-6FFC-469A-849E-C1B61823B64D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Task: {487B20FA-02DC-4674-9546-74209761967E} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {4CF59E26-E2A4-4A5C-BCCB-851E47EB5945} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {55B21F3C-A965-4A81-9874-2C706BB6328A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Task: {5BE1E15B-F971-4168-9D11-404C6807316B} - System32\Tasks\EPSON ET-4750 Series Update {F8ADD274-58C9-4C57-90FE-387445E4B1CA} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSDE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {5C473998-E2C0-4741-8D96-6AA165D55C5F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
Task: {5D433C9F-6416-4521-BD1B-58CCEB80CB6C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-13] (Google Inc -> Google Inc.)
Task: {64EF325B-8C2C-4282-9C2E-BE7EC67CC532} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {667E1387-C405-4064-A0ED-C044B17AFFC0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Task: {6A8DCF7C-F12D-41B3-A0A1-CD714768154A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
Task: {6AE40091-253A-4245-8D92-B0587556B1B5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [1831064 2015-11-04] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {6B9B60B4-990A-4BE2-B714-B65ED9B7191A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050456 2020-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {70D7DD5C-496A-4856-97BD-5F843221EB7A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [363160 2015-11-04] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {7233AE2A-C6C8-4CEB-9A7D-1F52E3AD0CCD} - System32\Tasks\SS2svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe [2578432 2015-12-15] () [Datei ist nicht signiert]
Task: {77356725-DD1A-4169-9C40-EE9B4350828C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7748AEDF-105E-4163-9207-13F7F57DE701} - System32\Tasks\Opera scheduled Autoupdate 1547506892 => C:\Users\Juergen Hamann\AppData\Local\Programs\Opera\launcher.exe [1493592 2019-06-14] (Opera Software AS -> Opera Software)
Task: {80C0BD34-FB9C-4E16-8D28-A01AE7F49290} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
Task: {86A72E25-6D0A-4A2C-9537-AEAAC37ABEB0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {894CD5CB-63D1-4980-9547-334FB151ECD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {8996582E-BFE1-4284-9A8B-804E6A931852} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {89D78CDA-EFB8-4A68-97ED-45708AE3940D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C9CAC9E-AB2C-4B5F-AE88-FE3565456CAF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task: {9B28ED59-027B-4549-9553-3074A3994353} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050456 2020-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4612AEB-483C-494E-A195-BA3EA093AE76} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {A6629262-D26E-47AC-B788-19675FF7E03B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB178408-9198-4CD9-ADFF-A2C56D35A8C1} - System32\Tasks\EPSON ET-4750 Series Update {765A7FE6-EAA8-4989-811B-3F1B76A36785} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSDE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {BD979DF3-C7F7-4506-83CD-175EEF37E304} - System32\Tasks\Abelssoft\FileFusion_97 => C:\ProgramData\Abelssoft\FileFusion\Program\FileFusion.exe [3459464 2019-07-03] (Ascora GmbH -> )
Task: {C6657D6F-CAD5-4ECA-A0E2-87B8F0BDA3B7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {D209998E-DD26-4D73-8AC6-DBA9C1A903B3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task: {D74FFBA6-01F9-48EF-A522-22578CA712E5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON ET-4750 Series Update {765A7FE6-EAA8-4989-811B-3F1B76A36785}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSDE.EXE:/EXE:{765A7FE6-EAA8-4989-811B-3F1B76A36785} /F:UpdateWORKGROUP\DESKTOP-8TFKQJN$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON ET-4750 Series Update {F8ADD274-58C9-4C57-90FE-387445E4B1CA}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSDE.EXE:/EXE:{F8ADD274-58C9-4C57-90FE-387445E4B1CA} /F:UpdateWORKGROUP\DESKTOP-8TFKQJN$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 127.0.0.1 opencandy.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3ee895fb-d21f-493e-8283-39a6e37f1039}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e5d5cca8-8335-4c38-a1f7-485f86141402}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4253964506-1320168302-2910709501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4253964506-1320168302-2910709501-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-4253964506-1320168302-2910709501-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4253964506-1320168302-2910709501-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: eXpert PDF 12 Helper -> {02784781-5D19-4A81-9B55-7447317FA618} -> C:\Program Files\eXpert PDF 12\creator\plugins\IEAddin\creator-ie-helper.dll [2018-09-28] (Avanquest UK Ltd -> Avanquest Software)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - eXpert PDF 12 Toolbar - {9B5080F8-91BD-420C-BF1A-6EF26F66845C} - C:\Program Files\eXpert PDF 12\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-09-28] (Avanquest UK Ltd -> Avanquest Software)
Toolbar: HKLM - Steganos Password Manager Toolbar - {F8C516FE-BF12-4C4A-A70A-6BCB164875A4} - C:\Program Files (x86)\Steganos Privacy Suite 20\SPMIEToolbar64.dll [2018-09-27] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: rwmrh5xo.default-1554803580642
FF ProfilePath: C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642 [2020-01-29]
FF Homepage: Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642 -> www.google.de
FF Extension: (Lesezeichenduplikate) - C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642\Extensions\bookmarkdupes@martin-vaeth.org.xpi [2019-12-23]
FF Extension: (Bookmarks Organizer) - C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642\Extensions\bookmarksorganizer@agenedia.com.xpi [2019-04-13]
FF Extension: (Default Bookmark Folder) - C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642\Extensions\default-bookmark-folder@gustiaux.com.xpi [2019-12-18]
FF Extension: (Ghostery – datenschutzorientierter Werbeblocker) - C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642\Extensions\firefox@ghostery.com.xpi [2020-01-13]
FF Extension: (Kee - Password Manager) - C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642\Extensions\keefox@chris.tomlinson.xpi [2019-10-27]
FF Extension: (LastPass: Free Password Manager) - C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642\Extensions\support@lastpass.com.xpi [2020-01-29]
FF Extension: (Avast Online Security) - C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642\Extensions\wrc@avast.com.xpi [2020-01-29] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Steganos Passwort-Manager) - C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642\Extensions\{00D0643E-B367-4779-B45D-7046EBA37A89}.xpi [2019-10-27]
FF Extension: (Video DownloadHelper) - C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-10-27]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Juergen Hamann\AppData\Roaming\Mozilla\Firefox\Profiles\rwmrh5xo.default-1554803580642\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-27]
FF HKLM\...\Firefox\Extensions: [expert_pdf_12_conv@expert-pdf.com] - C:\Program Files\eXpert PDF 12\creator\plugins\FirefoxAddin\expert_pdf_12_conv@expert-pdf.com.xpi
FF Extension: (eXpert PDF 12 Creator) - C:\Program Files\eXpert PDF 12\creator\plugins\FirefoxAddin\expert_pdf_12_conv@expert-pdf.com.xpi [2018-09-28]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 20\spmplugin3 => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2018-11-22] [] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [expert_pdf_12_conv@expert-pdf.com] - C:\Program Files\eXpert PDF 12\creator\plugins\FirefoxAddin\expert_pdf_12_conv@expert-pdf.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2019-08-03] [] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-23] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Datei ist nicht signiert]
FF Plugin: eXpert PDF 11 -> C:\Program Files\eXpert PDF 11\np-previewer.dll [2017-03-10] (Avanquest UK Ltd -> Avanquest Software)
FF Plugin: eXpert PDF 12 -> C:\Program Files\eXpert PDF 12\np-previewer.dll [2018-09-28] (Avanquest UK Ltd -> Avanquest Software)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Datei ist nicht signiert]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-23] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Datei ist nicht signiert]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Datei ist nicht signiert]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4383760 2019-03-25] (Acronis International GmbH -> Acronis International GmbH)
R2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [122520 2015-12-17] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2014-06-27] (Portrait Displays, Inc. -> Portrait Displays, Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2018-04-09] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1883104 2019-01-05] (Intel Corporation -> Intel Corporation)
S3 eXpert PDF 11; C:\Program Files\eXpert PDF 11\ws.exe [1879904 2017-03-10] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 11 CrashHandler; C:\Program Files\eXpert PDF 11\crash-handler-ws.exe [931680 2017-03-10] (Avanquest UK Ltd -> Avanquest Software)
R2 eXpert PDF 11 Creator; C:\Program Files\eXpert PDF 11\creator-ws.exe [739680 2017-03-10] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 12; C:\Program Files\eXpert PDF 12\ws.exe [2006264 2018-09-28] (Avanquest UK Ltd -> Avanquest Software)
R2 eXpert PDF 12 Creator; C:\Program Files\eXpert PDF 12\creator\common\creator-ws.exe [756984 2018-09-28] (Avanquest UK Ltd -> Avanquest Software)
R2 eXpert PDF 12 Manager; C:\Program Files (x86)\eXpert PDF 12 Manager\eXpert PDF 12\eXpert Manager.exe [1253736 2018-06-27] (Avanquest UK Ltd -> Avanquest Software)
R2 GuardianService; C:\Program Files\Syncovery\SyncoveryGuardian.exe [2342184 2016-09-02] (Super Flexible Software Ltd. & Co. KG -> )
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [530208 2019-12-09] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-18] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-14] (Malwarebytes Inc -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2018-06-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1774784 2019-03-25] (Acronis International GmbH -> )
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation -> Microsoft Corporation)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-12-02] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234824 2018-11-22] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
R2 SyncoveryFileSystemMonitorService; C:\Program Files\Syncovery\SyncoveryFileSystemMonitor.exe [1479976 2018-08-12] (Super Flexible Software Ltd. & Co. KG -> Super Flexible Software)
R2 SyncoveryVSSService; C:\Program Files\Syncovery\SyncoveryVSS.exe [2793472 2018-05-14] () [Datei ist nicht signiert]
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1831064 2015-11-04] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7099408 2019-03-25] (Acronis International GmbH -> Acronis International GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2018-05-11] (Synology Inc. -> ) [Datei ist nicht signiert]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WISOMeinGeld365ProfessionalUpdatedienst; C:\Program Files (x86)\Buhl\WISO Mein Geld 365\Buhl.MeinGeld.UpdateService.exe [121848 2019-09-30] (Buhl Data Service GmbH -> Buhl Data Service GmbH)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology Corp. -> Wacom Technology, Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2015-12-02] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [88984 2017-04-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [118088 2019-08-07] (Alcorlink Corp. -> )
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [139208 2018-03-06] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 cbfsfilter2017; C:\WINDOWS\system32\drivers\cbfsfilter2017.sys [347736 2018-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [78832 2018-12-14] (Intel Corporation -> Intel Corporation)
S3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [75248 2018-12-14] (Intel Corporation -> Intel Corporation)
S3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [403440 2018-12-14] (Intel Corporation -> Intel Corporation)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [667144 2019-04-05] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2019-04-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 GigasetGenericUSB_x64; C:\WINDOWS\System32\drivers\GigasetGenericUSB_x64.sys [54272 2017-03-07] (Siemens AG -> Siemens Home and Office Communication Devices GmbH & Co. KG)
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [14016 2019-08-07] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R0 hswultpep; C:\WINDOWS\System32\drivers\hswultpep.sys [62968 2013-02-08] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [95632 2020-01-06] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [734496 2019-12-09] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [218288 2020-01-29] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-01-29] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-08-07] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2018-05-09] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8832288 2019-12-09] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 nhi; C:\WINDOWS\System32\drivers\tbt81x.sys [126464 2015-11-13] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_bcc48657f0b659f1\nvlddmkm.sys [22744688 2020-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; kein ImagePath
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1156392 2020-01-06] (Realtek Semiconductor Corp. -> Realtek )
S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [210752 2017-03-15] (WDKTestCert charles-yeh,131069736795923936 -> Prolific Technology Inc.)
S3 slabbus; C:\WINDOWS\System32\drivers\slabbus.sys [79872 2008-05-27] (Microsoft Windows Hardware Compatibility Publisher -> MCCI Corporation)
S3 slabser; C:\WINDOWS\System32\drivers\slabser.sys [103936 2008-05-27] (Microsoft Windows Hardware Compatibility Publisher -> MCCI Corporation)
R1 SLEE_19_DRIVER; C:\WINDOWS\Sleen1964.sys [117848 2018-02-16] (Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus) -> Softwareentwicklung Remus - ArchiCrypt - )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [56336 2018-08-07] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56840 2018-08-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2019-08-07] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [885880 2019-04-05] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171976 2019-04-05] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2019-04-05] (Acronis International GmbH -> Acronis International GmbH)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [828776 2018-10-29] (IDRIX -> IDRIX)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2019-04-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2019-04-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2020-01-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2020-01-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-29] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54512 2018-10-09] (Intel Corporation -> Intel Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-01-29 10:14 - 2020-01-29 10:15 - 000058855 _____ C:\Users\Juergen Hamann\Desktop\FRST.txt
2020-01-29 10:13 - 2020-01-29 10:13 - 000000000 ____D C:\Users\Juergen Hamann\Desktop\FRST-OlderVersion
2020-01-29 10:05 - 2020-01-29 10:05 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-29 10:05 - 2020-01-29 10:05 - 000218288 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-29 00:29 - 2020-01-29 00:29 - 008237744 _____ (Malwarebytes) C:\Users\Juergen Hamann\Desktop\adwcleaner_8.0.1.exe
2020-01-29 00:18 - 2020-01-29 00:35 - 000000000 ____D C:\AdwCleaner
2020-01-28 09:10 - 2020-01-28 09:11 - 003935684 _____ C:\WINDOWS\Minidump\012820-35500-01.dmp
2020-01-27 19:17 - 2020-01-27 19:18 - 000078222 _____ C:\Users\Juergen Hamann\Desktop\Addition_01.txt
2020-01-27 19:14 - 2020-01-27 19:18 - 000099680 _____ C:\Users\Juergen Hamann\Desktop\FRST_01.txt
2020-01-27 19:13 - 2020-01-27 19:13 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\OneDrive
2020-01-27 18:22 - 2020-01-27 18:22 - 002007844 _____ C:\Users\Juergen Hamann\Downloads\processexplorer.zip
2020-01-27 18:22 - 2020-01-27 18:22 - 000000000 ____D C:\Users\Juergen Hamann\Downloads\processexplorer
2020-01-27 18:03 - 2020-01-27 18:03 - 000000000 ____D C:\Users\Juergen Hamann\Downloads\autoruns
2020-01-27 18:02 - 2020-01-27 18:02 - 001728127 _____ C:\Users\Juergen Hamann\Downloads\autoruns.zip
2020-01-27 15:17 - 2020-01-27 15:22 - 000000942 _____ C:\Users\Juergen Hamann\Desktop\Start Tor Browser.lnk
2020-01-27 15:13 - 2020-01-27 15:13 - 000000000 ____D C:\Users\Juergen Hamann\Desktop\Tor Browser
2020-01-25 22:02 - 2020-01-25 22:02 - 000036192 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2020-01-24 14:01 - 2020-01-24 14:01 - 000002297 _____ C:\Users\Public\Desktop\tax 2019.lnk
2020-01-24 14:01 - 2020-01-24 14:01 - 000002297 _____ C:\ProgramData\Desktop\tax 2019.lnk
2020-01-24 14:01 - 2020-01-24 14:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tax 2019 Professional
2020-01-24 13:59 - 2020-01-24 13:59 - 000002297 _____ C:\Users\Public\Desktop\tax 2017.lnk
2020-01-24 13:59 - 2020-01-24 13:59 - 000002297 _____ C:\ProgramData\Desktop\tax 2017.lnk
2020-01-24 13:59 - 2020-01-24 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tax 2017 Professional
2020-01-22 19:57 - 2020-01-23 13:58 - 000079108 _____ C:\Users\Juergen Hamann\Desktop\Addition_00.txt
2020-01-22 19:55 - 2020-01-23 13:58 - 000099761 _____ C:\Users\Juergen Hamann\Desktop\FRST_00.txt
2020-01-22 19:54 - 2020-01-29 10:14 - 000000000 ____D C:\FRST
2020-01-22 19:53 - 2020-01-26 20:01 - 000000000 ____D C:\Users\Juergen Hamann\Downloads\Trojanerboard-de
2020-01-22 19:48 - 2020-01-29 10:13 - 002581504 _____ (Farbar) C:\Users\Juergen Hamann\Desktop\FRST64.exe
2020-01-21 19:44 - 2020-01-21 19:44 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\Marcin_Szeniak
2020-01-19 20:09 - 2020-01-24 14:07 - 000000000 ____D C:\Users\Juergen Hamann\Documents\tax
2020-01-19 11:44 - 2020-01-19 11:44 - 001468868 ____N C:\WINDOWS\Minidump\011920-38984-01.dmp
2020-01-16 20:42 - 2020-01-16 20:42 - 000000000 ____D C:\Acronis Active Protection Storage
2020-01-16 20:31 - 2020-01-16 20:31 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2020-01-16 20:31 - 2020-01-16 20:31 - 000000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2020-01-16 20:20 - 2020-01-16 20:22 - 000000306 __RSH C:\ProgramData\ntuser.pol
2020-01-16 09:40 - 2020-01-16 09:40 - 000026222 _____ C:\Users\Juergen Hamann\Documents\Eset_onlinescanner_Ergebnis.txt
2020-01-15 21:46 - 2020-01-15 21:46 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 21:46 - 2020-01-15 21:46 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 21:45 - 2020-01-15 21:46 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 21:45 - 2020-01-15 21:45 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 21:45 - 2020-01-15 21:45 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 21:45 - 2020-01-15 21:45 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 21:45 - 2020-01-15 21:45 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 21:45 - 2020-01-15 21:45 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 21:45 - 2020-01-15 21:45 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 21:45 - 2020-01-15 21:45 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-01-15 21:45 - 2020-01-15 21:45 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys
2020-01-15 21:45 - 2020-01-15 21:45 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 21:45 - 2020-01-15 21:45 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 21:39 - 2020-01-15 21:39 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 21:39 - 2020-01-15 21:39 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 09:22 - 2020-01-28 09:10 - 000000000 ____D C:\WINDOWS\Minidump
2020-01-14 20:51 - 2020-01-14 20:51 - 000000000 ____D C:\Program Files (x86)\ESET
2020-01-14 19:58 - 2020-01-14 19:58 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-01-14 19:58 - 2020-01-14 19:58 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-01-14 19:58 - 2020-01-14 19:58 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-14 19:58 - 2020-01-14 19:58 - 000002027 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-01-14 19:58 - 2020-01-14 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-14 19:58 - 2020-01-14 19:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-14 19:58 - 2020-01-14 19:58 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-14 19:25 - 2020-01-14 19:25 - 000000000 ___HD C:\Users\Juergen Hamann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2020-01-14 10:38 - 2020-01-14 10:38 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\JAM Software
2020-01-11 21:11 - 2020-01-11 21:11 - 000000000 ____D C:\WINDOWS\Panther
2020-01-11 13:18 - 2020-01-11 13:18 - 000000000 ____D C:\Sicherungen
2020-01-09 15:03 - 2020-01-09 15:03 - 000002228 _____ C:\Users\Public\Desktop\ScanSnap Organizer.lnk
2020-01-09 15:03 - 2020-01-09 15:03 - 000002228 _____ C:\ProgramData\Desktop\ScanSnap Organizer.lnk
2020-01-09 15:03 - 2020-01-09 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSnap Organizer
2020-01-08 13:35 - 2020-01-08 13:35 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\Buhl_Data_Service_GmbH
2020-01-06 19:48 - 2020-01-06 19:48 - 040511064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 035380336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 017458840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 015027776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 011843184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 010167432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 005380736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 004716176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 002074712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 001733264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444141.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 001567688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 001491568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444141.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 001482376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 001370256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 001144920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 001073872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 001073872 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 001064408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-06 19:48 - 2020-01-06 19:48 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-06 19:48 - 2020-01-06 19:48 - 000825928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000813656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-06 19:48 - 2020-01-06 19:48 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-06 19:48 - 2020-01-06 19:48 - 000685800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000676824 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000659088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000556672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000544728 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000450976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-06 19:48 - 2020-01-06 19:48 - 000352512 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-06 12:48 - 2020-01-06 12:48 - 000000000 ____D C:\WINDOWS\SSDriver
2020-01-06 12:48 - 2020-01-06 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSnap Manager
2020-01-06 12:48 - 2004-06-18 10:14 - 000000161 _____ C:\WINDOWS\DISPARAM.INI
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-01-29 10:12 - 2019-06-10 15:18 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\gSyncit
2020-01-29 10:12 - 2018-10-05 09:29 - 000000000 ____D C:\Users\Juergen Hamann\AppData\LocalLow\Mozilla
2020-01-29 10:08 - 2019-11-08 22:42 - 000003214 _____ C:\WINDOWS\system32\Tasks\SS2UILauncherRun
2020-01-29 10:08 - 2019-11-08 22:42 - 000003202 _____ C:\WINDOWS\system32\Tasks\SS2svc64Run
2020-01-29 10:08 - 2019-11-08 22:42 - 000003194 _____ C:\WINDOWS\system32\Tasks\SS2svc32Run
2020-01-29 10:07 - 2019-11-08 22:43 - 001723292 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-29 10:07 - 2019-03-19 13:16 - 000745142 _____ C:\WINDOWS\system32\perfh007.dat
2020-01-29 10:07 - 2019-03-19 13:16 - 000150430 _____ C:\WINDOWS\system32\perfc007.dat
2020-01-29 10:07 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-29 10:06 - 2019-02-11 21:05 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\CrashDumps
2020-01-29 00:49 - 2018-10-05 23:00 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\Everything
2020-01-29 00:49 - 2018-10-05 09:56 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\Everything
2020-01-29 00:49 - 2018-10-03 19:04 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-29 00:37 - 2019-11-08 22:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-29 00:37 - 2019-11-08 22:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-29 00:35 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-29 00:34 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-29 00:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-29 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-29 00:27 - 2019-02-02 09:28 - 000000000 ____D C:\Program Files\BCUninstaller
2020-01-29 00:26 - 2018-10-03 19:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-29 00:11 - 2019-11-08 22:32 - 000544400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-29 00:06 - 2019-08-07 08:29 - 000000000 ____D C:\ProgramData\ProductData
2020-01-29 00:06 - 2019-08-07 08:29 - 000000000 ____D C:\Program Files (x86)\IObit
2020-01-29 00:06 - 2019-08-07 08:28 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\IObit
2020-01-29 00:06 - 2019-08-07 08:28 - 000000000 ____D C:\ProgramData\IObit
2020-01-29 00:04 - 2018-10-03 23:48 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\Adobe
2020-01-29 00:02 - 2019-08-09 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2020-01-29 00:02 - 2019-08-09 18:08 - 000000000 ____D C:\Program Files\Ashampoo
2020-01-29 00:00 - 2018-10-08 09:49 - 000000000 ____D C:\ProgramData\Syncovery
2020-01-28 23:57 - 2018-10-19 11:32 - 000000000 ____D C:\ProgramData\GlarySoft
2020-01-28 23:57 - 2018-10-19 11:28 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\GlarySoft
2020-01-28 23:33 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-28 23:31 - 2019-12-09 20:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-28 23:31 - 2018-10-07 22:52 - 000000000 ____D C:\Program Files\Common Files\AV
2020-01-28 23:24 - 2019-10-30 12:19 - 000012288 _____ C:\WINDOWS\SysWOW64\antimalware.unwanted_products.product_registry.kvdb
2020-01-28 23:24 - 2019-10-30 12:19 - 000012288 _____ C:\WINDOWS\SysWOW64\antimalware.patch_management.product_registry.kvdb
2020-01-27 15:17 - 2019-08-28 17:46 - 000000990 _____ C:\Users\Juergen Hamann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-01-25 21:56 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-25 21:55 - 2016-05-05 21:23 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-25 21:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-24 14:27 - 2018-10-07 12:10 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH
2020-01-24 14:01 - 2018-10-07 12:16 - 000000000 ____D C:\Program Files (x86)\Buhl finance
2020-01-24 14:01 - 2016-05-05 21:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-01-24 13:35 - 2019-01-14 20:08 - 000013030 _____ C:\Users\Public\PDOXUSRS.NET
2020-01-24 13:16 - 2018-10-04 00:14 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-23 13:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-23 13:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-22 18:52 - 2018-10-08 14:59 - 000000000 ____D C:\ProgramData\firebird
2020-01-22 18:51 - 2018-10-07 18:05 - 000000000 ____D C:\Users\Juergen Hamann\Documents\ScanSnap
2020-01-22 10:35 - 2019-02-04 17:10 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\KeePass
2020-01-21 20:25 - 2018-10-07 17:48 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-01-21 20:23 - 2018-10-21 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2020-01-21 19:44 - 2019-11-08 22:35 - 000000000 ____D C:\Users\Juergen Hamann
2020-01-20 19:46 - 2019-10-12 23:47 - 000000000 ____D C:\ProgramData\tmp
2020-01-19 19:47 - 2018-10-07 15:48 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\vlc
2020-01-19 19:11 - 2018-10-11 10:42 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\ACD Systems
2020-01-19 17:06 - 2019-11-08 22:42 - 000003398 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4253964506-1320168302-2910709501-1001
2020-01-19 17:06 - 2019-11-08 22:35 - 000002463 _____ C:\Users\Juergen Hamann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 17:06 - 2018-10-03 16:20 - 000000000 ___RD C:\Users\Juergen Hamann\OneDrive
2020-01-17 00:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-16 20:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-01-16 20:20 - 2018-10-03 19:54 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-01-16 18:06 - 2019-11-08 10:56 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-01-16 13:48 - 2018-10-12 20:21 - 000000000 ____D C:\Program Files\7-Zip
2020-01-16 11:11 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 11:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 11:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 11:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 21:54 - 2018-10-05 09:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 21:48 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 21:48 - 2018-10-05 09:27 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 19:59 - 2019-03-28 13:46 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\cache
2020-01-14 19:58 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-14 10:30 - 2019-11-09 18:58 - 000000000 ____D C:\Users\Juergen Hamann\Documents\Registry
2020-01-13 13:04 - 2019-03-30 21:13 - 000000053 ____H C:\Users\Public\netkonli.dat
2020-01-13 10:40 - 2018-10-03 23:48 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\Packages
2020-01-12 20:15 - 2018-10-04 00:14 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\Google
2020-01-12 15:53 - 2019-04-07 19:44 - 000007638 _____ C:\Users\Juergen Hamann\AppData\Local\Resmon.ResmonCfg
2020-01-12 15:37 - 2018-10-07 19:10 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\D3DSCache
2020-01-11 13:19 - 2018-10-03 23:48 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Local\VirtualStore
2020-01-10 13:30 - 2018-10-05 09:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-10 10:25 - 2018-10-05 09:29 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-09 17:42 - 2018-12-20 17:50 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\MyPhoneExplorer
2020-01-09 15:03 - 2018-10-07 18:01 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\PFU
2020-01-09 14:40 - 2018-10-07 15:24 - 000000000 ____D C:\Users\Juergen Hamann\Documents\Benutzerdefinierte Office-Vorlagen
2020-01-09 12:44 - 2016-05-05 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-01-08 19:31 - 2018-10-07 16:41 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\Steganos
2020-01-08 19:20 - 2019-01-03 15:40 - 000000000 ____D C:\ProgramData\Steganos
2020-01-08 17:07 - 2019-01-17 20:44 - 000000000 ____D C:\rsahnen.win
2020-01-08 12:40 - 2019-05-15 09:22 - 000000000 ____D C:\Users\Juergen Hamann\Documents\Office
2020-01-08 12:37 - 2019-01-14 20:24 - 000000000 ____D C:\Users\Juergen Hamann\Documents\exportfürspeedadress
2020-01-06 20:32 - 2019-08-03 16:48 - 000000000 ____D C:\Users\Juergen Hamann\Documents\Epson Scanner
2020-01-06 20:30 - 2018-12-06 13:37 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\Notepad++
2020-01-06 19:48 - 2019-11-09 17:43 - 004937584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-01-06 19:48 - 2019-11-09 17:43 - 004205568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-01-06 19:48 - 2019-08-12 13:57 - 000056258 _____ C:\WINDOWS\system32\nvinfo.pb
2020-01-06 19:47 - 2019-08-07 14:50 - 000185232 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2_I2C.sys
2020-01-06 19:47 - 2019-08-07 14:50 - 000095632 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2_GPIO2.sys
2020-01-06 19:47 - 2019-08-07 08:55 - 001156392 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2020-01-06 19:22 - 2019-12-19 19:35 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\SuperSpamKiller Pro
2020-01-06 00:19 - 2019-01-03 13:32 - 000000000 ____D C:\Program Files (x86)\Steganos Privacy Suite 20
2020-01-06 00:19 - 2018-10-18 13:29 - 000000000 ____D C:\Program Files\eXpert PDF 11
2020-01-06 00:19 - 2018-10-07 17:59 - 000000000 ____D C:\Program Files (x86)\ABBYY FineReader for ScanSnap
2020-01-06 00:18 - 2019-05-20 17:40 - 000000000 ____D C:\Program Files\Tablet
2020-01-06 00:18 - 2018-11-05 19:25 - 000000000 ____D C:\Program Files\AutoHotkey
2020-01-06 00:18 - 2018-10-08 09:49 - 000000000 ____D C:\Program Files\Syncovery
2020-01-06 00:17 - 2019-08-23 01:19 - 000000000 ____D C:\Program Files (x86)\Microsoft WebMatrix
2020-01-06 00:17 - 2018-11-24 23:58 - 000000000 ____D C:\Program Files\eXpert PDF 12
2020-01-06 00:17 - 2018-10-24 18:51 - 000000000 ____D C:\Program Files (x86)\ThumbsPlus 7x deutsch
2020-01-06 00:17 - 2018-10-15 22:40 - 000000000 ____D C:\Program Files (x86)\FreeCommander XE
2020-01-06 00:15 - 2019-11-09 19:10 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-06 00:15 - 2019-08-23 01:19 - 000000000 ____D C:\Program Files (x86)\IIS Express
2020-01-06 00:15 - 2019-01-14 20:07 - 000000000 ____D C:\Users\Juergen Hamann\AppData\Roaming\Konso
2020-01-06 00:14 - 2018-10-08 10:39 - 000000000 ____D C:\Program Files (x86)\ELOoffice
2020-01-06 00:13 - 2018-12-06 13:37 - 000000000 ____D C:\Program Files\Notepad++
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2019-03-30 21:13 - 2020-01-13 13:04 - 000000053 ____H () C:\Users\Public\netkonli.dat
2019-01-14 20:21 - 2019-05-23 16:36 - 000038518 _____ () C:\Users\Juergen Hamann\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2019-05-23 23:02 - 2019-05-23 23:02 - 000001027 _____ () C:\Users\Juergen Hamann\AppData\Roaming\kontakte_speedadresspro.db.lnk
2019-10-14 15:31 - 2019-10-14 15:31 - 000000268 ___RH () C:\Users\Juergen Hamann\AppData\Roaming\Mail
2019-10-14 15:31 - 2019-10-14 15:31 - 000000268 ___RH () C:\Users\Juergen Hamann\AppData\Roaming\MIDI Patch Names
2019-02-11 19:41 - 2019-08-23 00:21 - 000000600 _____ () C:\Users\Juergen Hamann\AppData\Local\PUTTY.RND
2019-10-14 16:45 - 2019-10-14 16:45 - 000004286 _____ () C:\Users\Juergen Hamann\AppData\Local\recently-used.xbel
2019-04-07 19:44 - 2020-01-12 15:53 - 000007638 _____ () C:\Users\Juergen Hamann\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
Lesestoff: