feivel001 | 22.09.2021 14:22 | FRST
FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021
durchgeführt von me (Administrator) auf DESKTOP-EM71DF2 (HP HP ProBook 640 G4) (22-09-2021 15:14:41)
Gestartet von C:\Users\me\Desktop
Geladene Profile: me
Platform: Windows 10 Pro Version 20H2 19042.1237 (X64) Sprache: Englisch (Vereinigte Staaten) -> Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\Launchy.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Conexant Systems LLC -> Conexant) C:\Windows\System32\MicTray64.exe
(Conexant Systems LLC.) [Datei ist nicht signiert] C:\Windows\CxSvc\CxUtilSvc.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Digital Wave Ltd -> Digital Wave Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\CommService.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6743249544e6fa49\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6743249544e6fa49\HPHotkeyNotification.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6743249544e6fa49\LanWlanWwanSwitchingServiceUWP.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5481f7821d650a44\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5481f7821d650a44\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5481f7821d650a44\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5481f7821d650a44\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Shenzhen Moyea Software -> Leawo Software) C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated) [Datei ist nicht signiert] C:\Windows\System32\SynaMonApp.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Emsisoft Anti-Malware] => C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [9286160 2021-09-01] (Emsisoft Ltd -> Emsisoft Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8091424 2021-09-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [483976 2020-09-07] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-18] (DivX, LLC. -> DivX, LLC)
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-02-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\Run: [com.squirrel.Teams.Teams] => C:\Users\me\AppData\Local\Microsoft\Teams\Update.exe [2452152 2020-09-23] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\Run: [Spotify] => C:\Users\me\AppData\Roaming\Spotify\Spotify.exe [24364680 2021-08-16] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [277688 2021-06-09] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\MountPoints2: {05cba0aa-f2b3-11eb-82b6-b00cd148809e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\MountPoints2: {05cba0bd-f2b3-11eb-82b6-b00cd148809e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\MountPoints2: {acb18445-d43d-11eb-8294-b00cd148809e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\MountPoints2: {acb18452-d43d-11eb-8294-b00cd148809e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\MountPoints2: {dce099ec-3532-11eb-81df-a0a4c5a723c0} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\MountPoints2: {dfa200d2-a0d5-11eb-8261-b00cd148809e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\MountPoints2: {dfa200f1-a0d5-11eb-8261-b00cd148809e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\MountPoints2: {fa229f96-7669-11eb-822a-b00cd148809e} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\MountPoints2: {fa229fa3-7669-11eb-822a-b00cd148809e} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\MountPoints2: {fa229fe1-7669-11eb-822a-b00cd148809e} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [581120 2021-01-17] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk [2020-02-16]
ShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe () [Datei ist nicht signiert]
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03D12165-5B79-4415-95EC-DA91AD289F7A} - System32\Tasks\CCleanerSkipUAC - me => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1621DA92-BAC7-4FB4-B751-15560D3E42D7} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2019-10-04] (Synaptics Incorporated) [Datei ist nicht signiert]
Task: {230CF8D4-4A5E-4931-B555-A6B32624C074} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {2E12FC9E-0AC5-4604-BCE8-2FADA1A917E8} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {3581EEDB-4AA9-4D90-BD7E-222FFC10649A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {3645A910-431F-4C9A-AE60-493057A29B1B} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2938448 2020-07-02] (Conexant Systems LLC -> Conexant)
Task: {44A446FF-F512-4036-8A7E-ECEC43FC5920} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {44AF7ADA-1C0D-43B1-A063-9E7581F7730B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {45EF6D9B-B678-499B-A175-8EF5DEBB6F15} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {64D8EDDF-6455-46D8-B176-E981C48F5529} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1122992 2021-09-08] (HP Inc. -> HP Inc.)
Task: {652BB796-50EC-4BB4-A0BF-4872CE35EC54} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {76536FBF-F4A7-4F3D-AC1F-BB81B4CDF126} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-16] (Dropbox, Inc -> Dropbox, Inc.)
Task: {97ADA0AB-8BEA-4C32-8AC4-31C8626E4129} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {9F94F774-57D1-4060-8936-4CB9F519C2E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-09-08] (HP Inc. -> HP Inc.)
Task: {A7D40F6D-1803-428C-A0A8-E7F43B29D35D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ADDBF624-9427-4911-B1C3-7C11822F4739} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {C0951A9D-2318-49C9-9D99-3D73618EAFC3} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {DA4C45F7-43C0-4078-952D-E5E60FFBBBC0} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3059280 2021-03-06] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {DD5961FF-E0C2-4C6A-87A7-03BA65B616AC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-16] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E02C3A57-5DED-430D-A8B5-2925F4EE4259} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {E6984599-CC8A-4B86-8F28-290A0DE5A865} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {FF4B6D89-AC5A-4A88-8D5D-6649428495EE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\..\Interfaces\{77967caa-71de-49f2-98b8-d93ae300779f}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{807e2b9f-a50e-4c33-8c65-f0d62045b9d2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8e3caf94-8509-4fd2-a51c-a8ee17b42489}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Emsisoft Browser Security) -> EdgeExtension_24598EmsisoftEmsisoftBrowserSecurity_qx27tcjycwb5c => C:\Program Files\WindowsApps\24598Emsisoft.EmsisoftBrowserSecurity_2018.12.10.0_neutral__qx27tcjycwb5c [2020-02-18]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\me\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-22]
Edge Extension: (Emsisoft Browser Security) - C:\Users\me\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlpdpddffjddlfdbllimedpemaodbjgn [2021-07-02]
FireFox:
========
FF DefaultProfile: ji3cfgqh.default
FF ProfilePath: C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default [2021-09-22]
FF Homepage: Mozilla\Firefox\Profiles\ji3cfgqh.default -> hxxps://www.youtube.com/watch?v=l0Ly-dffuNE
FF Extension: (Cookie AutoDelete) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2021-01-20]
FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\firefox@ghostery.com.xpi [2021-06-29]
FF Extension: (Privacy Badger) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-08-18]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-09-05]
FF Extension: (NordVPN #1 VPN Extension: Get VPN for Firefox) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\nordvpnproxy@nordvpn.com.xpi [2021-09-10]
FF Extension: (uBlock Origin) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\uBlock0@raymondhill.net.xpi [2021-07-31]
FF Extension: (NoScript) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-28]
FF Extension: (Emsisoft Browser Security) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\{b21882eb-3211-44dc-964b-e6f35b33061f}.xpi [2021-06-05]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-09-15]
FF Extension: (Video DownloadHelper) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-08-30]
FF Extension: (YouTube Video and Audio Downloader (Dev Edt.)) - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\ji3cfgqh.default\Extensions\{f73df109-8fb4-453e-8373-f59e61ca4da3}.xpi [2021-06-28]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 20\spmplugin3 => nicht gefunden
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [11119744 2021-09-01] (Emsisoft Ltd -> Emsisoft Ltd)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [96152 2020-12-18] (Shenzhen Moyea Software -> Leawo Software)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [95704 2020-08-04] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-10-04] (Conexant Systems LLC.) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-16] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-16] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-09-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-18] (Digital Wave Ltd -> Digital Wave Ltd.) [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-02-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 EmsiCommService; C:\Program Files\Emsisoft Anti-Malware\CommService.exe [14230080 2021-09-01] (Emsisoft Ltd -> Emsisoft Ltd)
R2 EppWsc; C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe [1545368 2021-04-03] (Emsisoft Ltd -> Emsisoft Ltd)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6743249544e6fa49\HotKeyServiceUWP.exe [1526696 2020-12-14] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [734760 2021-07-03] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [733224 2021-07-03] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [733216 2021-07-03] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [733760 2021-07-03] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6743249544e6fa49\LanWlanWwanSwitchingServiceUWP.exe [788904 2020-12-14] (HP Inc. -> HP Inc.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [277688 2021-06-09] (TEFINCOM S.A. -> TEFINCOM S.A.)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [483976 2020-09-07] (Geek Software GmbH -> Geek Software GmbH)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-09-08] (CyberLink Corp. -> CyberLink)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-26] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [202456 2020-12-17] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 button; C:\WINDOWS\System32\drivers\button.sys [30912 2015-07-22] (Microsoft Corporation -> Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [92880 2017-12-06] (DISPLAYLINK -> DisplayLink Corp.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-02-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-02-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 epp; C:\Program Files\Emsisoft Anti-Malware\epp.sys [155112 2020-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37776 2019-06-03] (Emsisoft Ltd -> Emsisoft Ltd)
S0 EppElam; C:\WINDOWS\System32\drivers\EppElam.sys [16808 2020-06-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys [126968 2020-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-02-01] (TEFINCOM S.A. -> )
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-04-07] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-10-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-26] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [37960 2021-09-09] (WireGuard LLC -> WireGuard LLC)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-09-22 15:14 - 2021-09-22 15:16 - 000027772 _____ C:\Users\me\Desktop\FRST.txt
2021-09-22 15:14 - 2021-09-22 15:15 - 000000000 ____D C:\FRST
2021-09-22 15:13 - 2021-09-22 15:13 - 002304512 _____ (Farbar) C:\Users\me\Desktop\FRST64.exe
2021-09-20 10:10 - 2021-09-20 10:10 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-09-15 13:08 - 2021-09-15 13:08 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-15 13:08 - 2021-09-15 13:08 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-15 13:08 - 2021-09-15 13:08 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-15 13:07 - 2021-09-15 13:07 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-15 13:07 - 2021-09-15 13:07 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-15 13:07 - 2021-09-15 13:07 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-15 13:07 - 2021-09-15 13:07 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-15 13:07 - 2021-09-15 13:07 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-15 13:07 - 2021-09-15 13:07 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 13:07 - 2021-09-15 13:07 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-15 13:07 - 2021-09-15 13:07 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-15 13:07 - 2021-09-15 13:07 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-15 13:07 - 2021-09-15 13:07 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-15 13:07 - 2021-09-15 13:07 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-15 13:07 - 2021-09-15 13:07 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-15 13:07 - 2021-09-15 13:07 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-15 13:07 - 2021-09-15 13:07 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-15 13:07 - 2021-09-15 13:07 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-15 13:07 - 2021-09-15 13:07 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-15 13:07 - 2021-09-15 13:07 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-15 13:07 - 2021-09-15 13:07 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-15 12:57 - 2021-09-15 12:57 - 000000000 ___HD C:\$WinREAgent
2021-09-15 11:26 - 2021-09-15 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-09-13 12:58 - 2021-09-13 12:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-09-13 12:58 - 2021-09-13 12:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-09-13 12:58 - 2021-09-13 12:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-09-13 12:58 - 2021-09-13 12:58 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-09-10 12:23 - 2021-09-11 08:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-09-09 14:44 - 2021-09-09 14:44 - 000037960 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\wintun.sys
2021-08-30 17:29 - 2021-08-31 08:50 - 000000000 ____D C:\Users\me\dwhelper
2021-08-30 17:29 - 2021-08-30 17:29 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2021-08-28 18:04 - 2021-08-28 18:04 - 000002892 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - me
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-09-22 15:17 - 2020-02-12 20:33 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2021-09-22 15:11 - 2020-02-12 19:28 - 000000000 ____D C:\Users\me\AppData\LocalLow\Mozilla
2021-09-22 15:10 - 2021-01-01 13:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-22 13:46 - 2020-02-12 19:45 - 000000000 ____D C:\Program Files\CCleaner
2021-09-22 13:29 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-22 13:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-22 13:29 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-22 13:00 - 2020-02-12 19:01 - 000000000 __SHD C:\Users\me\IntelGraphicsProfiles
2021-09-22 08:20 - 2021-07-20 17:36 - 000000000 ____D C:\Users\me\AppData\Roaming\vlc
2021-09-22 08:18 - 2021-01-01 14:02 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-21 03:53 - 2021-01-01 22:38 - 000744280 _____ C:\WINDOWS\system32\perfh007.dat
2021-09-21 03:53 - 2021-01-01 22:38 - 000150478 _____ C:\WINDOWS\system32\perfc007.dat
2021-09-21 03:53 - 2021-01-01 14:03 - 001726860 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-21 03:53 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-21 03:47 - 2021-01-01 14:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-21 03:47 - 2021-01-01 13:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-21 03:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-09-21 03:47 - 2019-02-20 14:39 - 000000000 ____D C:\Intel
2021-09-21 01:00 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-19 13:47 - 2020-06-08 17:33 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 13:53 - 2020-02-21 19:44 - 000000000 ____D C:\Users\me\AppData\Roaming\foobar2000
2021-09-17 08:24 - 2021-07-09 04:51 - 000000000 ____D C:\$tmp
2021-09-17 07:36 - 2021-01-01 13:55 - 000378768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-16 23:52 - 2020-02-12 22:04 - 000000000 ____D C:\Users\me\AppData\Roaming\uTorrent
2021-09-16 22:19 - 2021-07-17 19:27 - 000000000 ____D C:\Users\me\AppData\LocalLow\uTorrent
2021-09-16 11:30 - 2019-02-20 14:32 - 000000000 ____D C:\swsetup
2021-09-16 10:34 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-16 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-16 10:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-15 13:10 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-15 12:56 - 2019-02-20 15:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 12:25 - 2019-02-20 15:39 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 11:26 - 2020-02-16 19:52 - 000000000 ____D C:\Users\me\AppData\Local\Dropbox
2021-09-15 11:26 - 2020-02-16 19:52 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-09-14 09:04 - 2020-08-21 21:15 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-11 20:43 - 2021-01-01 14:02 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1985925336-2223395005-1424171418-1004
2021-09-11 20:43 - 2021-01-01 13:57 - 000002390 _____ C:\Users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-11 08:53 - 2020-02-12 19:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-10 12:26 - 2020-02-12 19:27 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-09-09 15:02 - 2020-02-14 07:50 - 000000000 ____D C:\Users\me\Desktop\progs
2021-09-09 14:43 - 2021-04-07 22:11 - 000000000 ____D C:\Users\me\AppData\Local\NordVPN
2021-09-09 14:43 - 2021-04-07 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2021-09-09 14:43 - 2021-04-07 22:11 - 000000000 ____D C:\Program Files\NordVPN
2021-09-09 14:43 - 2020-07-16 19:50 - 000000000 ____D C:\ProgramData\NordVPN
2021-09-08 00:56 - 2020-02-13 17:27 - 000000000 ____D C:\Users\me\AppData\Local\HP_Inc
2021-09-05 15:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-30 17:29 - 2021-01-01 13:57 - 000000000 ____D C:\Users\me
2021-08-28 18:06 - 2020-02-18 18:04 - 000000000 ____D C:\Users\me\AppData\Local\D3DSCache
2021-08-27 13:32 - 2020-04-16 09:56 - 000000000 ____D C:\Users\me\AppData\Local\Spotify
2021-08-27 11:13 - 2020-04-16 09:56 - 000000000 ____D C:\Users\me\AppData\Roaming\Spotify
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-02-05 18:19 - 2021-02-05 18:19 - 000003584 _____ () C:\Users\me\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== --- --- ---
Addition
FRST Additions Logfile: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2021
durchgeführt von me (22-09-2021 15:18:05)
Gestartet von C:\Users\me\Desktop
Windows 10 Pro Version 20H2 19042.1237 (X64) (2021-01-01 12:02:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1985925336-2223395005-1424171418-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1985925336-2223395005-1424171418-503 - Limited - Disabled)
Guest (S-1-5-21-1985925336-2223395005-1424171418-501 - Limited - Disabled)
me (S-1-5-21-1985925336-2223395005-1424171418-1004 - Administrator - Enabled) => C:\Users\me
WDAGUtilityAccount (S-1-5-21-1985925336-2223395005-1424171418-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Emsisoft Anti-Malware Home (Enabled - Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware Home (Enabled - Up to date) {E4B95E6B-D478-6EDD-5B05-B481486F39D6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\uTorrent) (Version: 3.5.5.45842 - BitTorrent Inc.)
4K Video to MP3 (HKLM\...\{8232A6B7-2815-485A-AAF2-10025111DE36}) (Version: 3.0.0.930 - Open Media LLC)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
BayHubTech Flash Memory Card Windows Driver (HKLM\...\{F21BB3BF-01C8-40B1-9307-BF609F7191BB}) (Version: 1.0.0.09 - BayHub Technology LTD.) Hidden
BayHubTech Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{F21BB3BF-01C8-40B1-9307-BF609F7191BB}) (Version: 1.0.0.09 - BayHub Technology LTD.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
concept/design onlineTV 15 (HKLM-x32\...\{C9F7D843-78C5-4A81-A350-D39F00E80178}_is1) (Version: 15.19.9.21 - concept/design GmbH)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.278.130 - Conexant)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1114 - Disc Soft Ltd)
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.9.0 - DivX, LLC)
Dropbox (HKLM-x32\...\Dropbox) (Version: 131.4.3968 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.503.1 - Dropbox, Inc.) Hidden
Emsisoft Anti-Malware (HKLM\...\{CA975286-D816-410C-B6C9-F7213CA84695}) (Version: 20.2.1.9977 - Emsisoft Ltd.)
foobar2000 v1.6.4 (HKLM-x32\...\foobar2000) (Version: 1.6.4 - Peter Pawlowski)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.73.118 - DVDVideoSoft Ltd.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.)
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
Intel(R) Chipset Device Software (HKLM-x32\...\{f3b1c211-1159-4262-bb97-84150cda9096}) (Version: 10.1.18243.8188 - Intel(R) Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2105.15.0.2157 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1914.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c3964069-17c1-45dd-85a5-949576ceeaa3}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000070-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.70.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{cf961541-ca37-4826-a285-3a9cb22cd5a2}) (Version: 21.40.2 - Intel Corporation)
iTunes (HKLM\...\{DE0F48FE-04C1-4646-AA58-2BE7A1A58742}) (Version: 12.11.0.26 - Apple Inc.)
Kodi (HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\Kodi) (Version: - XBMC Foundation)
Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version: - Code Jelly)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\OneDriveSetup.exe) (Version: 21.160.0808.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\Teams) (Version: 1.3.00.24755 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 92.0 (x64 de)) (Version: 92.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 92.0.0.7916 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.39.6.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
PDF24 Creator (HKLM-x32\...\{A7834B81-6237-479A-8EF3-683FAD67DDE7}) (Version: 9.2.1 - www.pdf24.org)
Personal Backup 6.0.4.0 (64-bit) (HKLM\...\Personal Backup 6_is1) (Version: 6.0.4.0 - Dr. J. Rathlev)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.3.0.330 - Samsung Electronics)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 5.2.1.0 - ASCOMP Software GmbH)
Skype Version 8.73 (HKLM-x32\...\Skype_is1) (Version: 8.73 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\Spotify) (Version: 1.1.65.643.g2d707698 - Spotify AB)
Super Winspy v3.6 (HKLM-x32\...\Super Winspy_is1) (Version: - Acesoft)
SYSmark (HKLM\...\{E15C5652-86CB-4EA1-B4CA-6BD6EF57617A}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
USB/DVD-Downloadtool für Windows 7 (HKLM-x32\...\{7D6DDE45-FE2F-4D11-A7E7-BC2C2910536C}) (Version: 1.0.30 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Windows Driver Testing Framework (WDTF) Runtime Libraries (HKLM\...\{9A2BDF3E-BC71-D1D7-BBD3-F3CF419DDF15}) (Version: 10.0.26639 - Microsoft Corporation)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\ZoomUMX) (Version: 5.2.1 (44052.0816) - Zoom Video Communications, Inc.)
Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.1900.3.0_x64__6bk20wvc8rfx2 [2020-12-18] (Hauke Hasselberg)
Emsisoft Browser Security -> C:\Program Files\WindowsApps\24598Emsisoft.EmsisoftBrowserSecurity_2018.12.10.0_neutral__qx27tcjycwb5c [2020-02-18] (Emsisoft)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.7.0.0_x64__v10z8vjag6ke6 [2021-07-07] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.8.27.0_x64__v10z8vjag6ke6 [2021-09-08] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.19.0_x64__v10z8vjag6ke6 [2021-01-01] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
Synaptics Touchpad Settings Manager – Commercial -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPCommercialDApp_19005.9027.0.0_x64__807d65c4rvak2 [2021-05-30] (Synaptics Incorporated)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1985925336-2223395005-1424171418-1004_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\me\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20240.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1985925336-2223395005-1424171418-1004_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\me\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20240.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1985925336-2223395005-1424171418-1004_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => D:\dropbox\Dropbox [2020-03-06 19:54]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers1: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2020-04-26] (ASCOMP Software GmbH -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-02-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-02-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5481f7821d650a44\igfxDTCM.dll [2021-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2020-04-26] (ASCOMP Software GmbH -> )
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2018-07-03] (proDAD GmbH -> proDAD GmbH)
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-02-16 20:00 - 2009-12-17 02:18 - 000233472 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\imageformats\qmng4.dll
2020-02-16 20:00 - 2010-04-03 23:40 - 000081920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\plugins\calcy.dll
2020-02-16 20:00 - 2010-04-03 15:05 - 000090112 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\plugins\controly.dll
2020-02-16 20:00 - 2010-04-03 15:06 - 000024064 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\plugins\gcalc.dll
2020-02-16 20:00 - 2010-04-03 15:06 - 000094208 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\plugins\runner.dll
2020-02-16 20:00 - 2010-04-03 15:05 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\plugins\verby.dll
2020-02-16 20:00 - 2010-04-03 15:05 - 000122880 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\plugins\weby.dll
2020-02-16 20:00 - 2009-12-16 23:54 - 002236416 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\QtCore4.dll
2020-02-16 20:00 - 2009-12-17 00:13 - 008314880 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\QtGui4.dll
2020-02-16 20:00 - 2009-12-16 23:56 - 000712704 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Launchy\QtNetwork4.dll
2021-08-16 18:07 - 2019-10-04 14:51 - 001370112 _____ (Conexant Systems LLC.) [Datei ist nicht signiert] C:\Program Files\Conexant\SA3\HP-NB-AIO\CxHDAudioAPI.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000044392 _____ (Digital Wave Ltd -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000104296 _____ (Digital Wave Ltd -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000020328 _____ (Digital Wave Ltd -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000253800 _____ (Digital Wave Ltd -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000295272 _____ (Digital Wave Ltd -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000110952 _____ (Digital Wave Ltd -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000282472 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dlmgr.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000125288 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\tier0.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000197480 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\updhelperlib.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000771432 _____ (Digital Wave Ltd -> Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\MSVCR100.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000286056 _____ (Digital Wave Ltd -> The cURL library, hxxp://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libcurl.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 001160552 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\LIBEAY32.dll
2020-07-06 17:59 - 2016-01-18 06:50 - 000272232 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\SSLEAY32.dll
2021-08-16 18:07 - 2021-06-29 14:06 - 001431552 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\CONEXANT\Flow\x64\SQLite.Interop.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-05-11 21:02 - 2021-05-12 19:57 - 000000510 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
Network Binding:
=============
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Steganos HotKeys"
HKLM\...\StartupApproved\Run32: => "SSS20 Browser Monitor"
HKLM\...\StartupApproved\Run32: => "SSS20 Chrome Autofill Relay"
HKLM\...\StartupApproved\Run32: => "SSS20 Notifier"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "Eraser"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\StartupApproved\Run: => "electron.app.NordPass"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1985925336-2223395005-1424171418-1004\...\StartupApproved\Run: => "Spotify"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{27955562-8DE0-4F86-B230-A4F28D6F9C67}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 15\onlineTV.exe (concept/design GmbH -> concept/design GmbH)
FirewallRules: [{99A35F89-C235-4597-AC20-211D23F4654A}] => (Allow) C:\Users\me\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{B79A1413-7F47-4E2E-A7BF-A5867D1AD111}] => (Allow) C:\Users\me\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{3D0687DA-3FB7-459F-ADE3-8292C62446AE}] => (Allow) C:\Users\me\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{9C4A9277-055A-4517-96DE-20314CFF403D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F1B2016B-08D5-4DC0-A83F-315753D57044}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{553D3059-638F-4BEC-9761-CB2234CB75BA}C:\users\me\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\me\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{5A7B2DCA-7AD0-42D8-AF12-32174905B5C9}C:\users\me\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\me\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0A990BD3-6B51-4388-94FC-EB64C76F7CFF}C:\users\me\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\me\appdata\local\programs\nordpass\nordpass.exe => Keine Datei
FirewallRules: [TCP Query User{212A36C2-4A06-4F5F-8E0C-FE2ACB769FC6}C:\users\me\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\me\appdata\local\programs\nordpass\nordpass.exe => Keine Datei
FirewallRules: [{85752F30-572B-4BB9-BDCB-7382F6A30FCB}] => (Block) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleUpdateSetup.exe => Keine Datei
FirewallRules: [{DC0A351A-4F05-48C7-8FC3-28274CE49A66}] => (Block) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe => Keine Datei
FirewallRules: [{0AA955EE-38B8-4552-BBD7-E21B593AD36F}] => (Block) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleUpdate.exe => Keine Datei
FirewallRules: [{E0D0ACAE-D381-4823-98F7-226BA5A77C2F}] => (Block) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleUpdateWebPlugin.exe => Keine Datei
FirewallRules: [{18BF2F3D-A7C3-4335-B9AC-507A555AAF0C}] => (Block) C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\65.0.3325.181\chrome_installer.exe => Keine Datei
FirewallRules: [{FD65AD0A-97AF-4C89-9831-A035C9FE0892}] => (Block) C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\Installer\chrmstp.exe => Keine Datei
FirewallRules: [{D8B1EFC9-127B-48A7-B636-9FC351EE84D3}] => (Block) C:\Program Files (x86)\Google\Chrome\Application\65..0.3325.181\Installer\setup.exe => Keine Datei
FirewallRules: [{A7BA1E4C-30F7-44AA-9B85-F5314DF7A5A0}] => (Block) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe => Keine Datei
FirewallRules: [{7AEA54FB-FD49-4991-A756-19CFE7AB77E3}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe => Keine Datei
FirewallRules: [{50FE8A22-46DD-4E92-953A-EE6420FDAF98}] => (Allow) C:\Program Files\CyberLink\PowerDirector15\PDR10.EXE => Keine Datei
FirewallRules: [{005FE228-782C-4F82-9A11-36A1E322DBE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77A816F3-D524-4D1E-9A39-7A7B338A8E89}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E8071160-EB0E-433A-88F6-40EC08EB5743}] => (Allow) C:\Users\me\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F6CB6BCA-79FC-49C3-829B-EE618E89EA39}] => (Allow) C:\Users\me\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6B9B0817-D6FA-45B9-B6A4-AA8B6C291D4E}] => (Allow) C:\Users\me\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{ED4EDB04-E6F3-49C6-8FAE-DEBE07D3AE8E}] => (Allow) C:\Users\me\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1ED741FE-DE4C-4337-B96F-4C93D8737DC6}] => (Allow) C:\Users\me\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8F87C125-F7DD-4C45-B3C1-D72EB78C528C}] => (Allow) C:\Users\me\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2A67C65F-DFA5-4EE4-97A3-5408D8671D2E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{A33DA1E8-5EF7-4B20-A951-44DE5224EB32}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{A1205E5F-04AD-4F08-95DD-B1ED7AE8AABF}] => (Allow) C:\Users\me\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{90A5C387-CA06-4CB8-820A-1E6CDB11A885}] => (Allow) C:\Users\me\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9DADE13C-8148-4952-AB56-2DA41D0EC266}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4A3697D-F30A-4E98-8173-43F0C0B4CC01}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7E5D465D-8905-4A03-BB75-5082D417320C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BBECE0C2-5514-468F-8177-61F371DD846F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DECD6EE2-ED59-4D71-8BE6-11B65CA87D0B}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{22DAF1B8-9F8D-47AB-A0C6-64CD6B2A3E4E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{FF1DD1B7-277B-46DB-B753-EC37A8082928}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A7C74332-2246-47BB-88FC-1FF44AB73976}] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{95602610-86CB-46C2-A56F-5AFFF109BEB7}] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{64B6DBD2-71D7-4678-A193-DBE4F158884D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C7D73CB5-629E-4BBE-8D13-AA8F99AE0AED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F3C55492-8C8E-4A05-984E-A2FA4086BF8F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F887EE4-6F54-4643-8E18-1F3828A30C56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD40186D-B8A4-4183-B4CB-98CC2A06F993}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B41A6B51-4A43-45E5-A868-07C4455242B9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{951C2A59-9992-493D-9154-37F58DE3904A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
18-09-2021 11:45:07 Scheduled Checkpoint
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (09/22/2021 01:00:34 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-EM71DF2)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (09/22/2021 08:22:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 12.0.6785.5000, Zeitstempel: 0x5a6a1c1f
Name des fehlerhaften Moduls: OUTLOOK.EXE, Version: 12.0.6785.5000, Zeitstempel: 0x5a6a1c1f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00523fa1
ID des fehlerhaften Prozesses: 0x1de8
Startzeit der fehlerhaften Anwendung: 0x01d7af7a28d830d2
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
Berichtskennung: ce214d88-3277-471a-9328-0f0a9fb43cc8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/20/2021 01:46:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-EM71DF2.local already in use; will try DESKTOP-EM71DF2-2.local instead
Error: (09/20/2021 01:46:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-EM71DF2.local. Addr 192.168.178.23
Error: (09/20/2021 01:46:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.23:5353 16 DESKTOP-EM71DF2.local. AAAA 2A02:1748:DD5E:ACC0:756D:B2CB:C49B:B351
Error: (09/20/2021 01:46:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-EM71DF2.local. AAAA FE80:0000:0000:0000:756D:B2CB:C49B:B351
Error: (09/20/2021 01:46:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.23:5353 16 DESKTOP-EM71DF2.local. AAAA 2A02:1748:DD5E:ACC0:756D:B2CB:C49B:B351
Error: (09/20/2021 01:46:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 DESKTOP-EM71DF2.local. Addr 192.168.178.23
Systemfehler:
=============
Error: (09/21/2021 03:47:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "luafv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/19/2021 04:38:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "luafv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/19/2021 02:00:01 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Der Server "{08728914-3F57-4D52-9E31-49DAECA5A80A}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/18/2021 01:53:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EM71DF2)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/18/2021 09:42:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "luafv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/18/2021 12:12:02 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Fehler "1115" in DCOM, als der Dienst "SecurityHealthService" mit den Argumenten "Unavailable" gestartet wurde, um den folgenden Server zu verwenden:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}
Error: (09/17/2021 10:51:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "luafv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/17/2021 07:40:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP LAN/WLAN/WWAN Switching UWP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Restart the service.
CodeIntegrity:
===============
Date: 2021-09-22 15:14:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Windows signing level requirements.
Date: 2021-09-22 15:14:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume6\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: HP Q83 Ver. 01.16.00 04/20/2021
Hauptplatine: HP 83D2
Prozessor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 16227.21 MB
Verfügbarer physikalischer RAM: 9462.05 MB
Summe virtueller Speicher: 18659.21 MB
Verfügbarer virtueller Speicher: 11480.59 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:139.43 GB) (Free:81.16 GB) (Protected) NTFS
Drive d: (Volume) (Fixed) (Total:931.5 GB) (Free:379.2 GB) (Protected) NTFS
Drive e: (Volume) (Fixed) (Total:97.71 GB) (Free:97.62 GB) (Protected) NTFS
\\?\Volume{76b1a1df-ea55-4916-857d-b5b42d15f8fa}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{0bb840a4-5ee4-4b08-a15b-fe40863d6de6}\ () (Fixed) (Total:0.73 GB) (Free:0.08 GB) NTFS
\\?\Volume{2bf9c967-c8d7-4caa-8fd6-aca7dd50b506}\ () (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 1E1F4777)
Partition: GPT.
==================== Ende von Addition.txt ======================= --- --- --- |