Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   OpenOffice Dilemma (https://www.trojaner-board.de/203626-openoffice-dilemma.html)

gigalos 23.02.2022 22:49
OpenOffice Dilemma
 
Hallo zusammen!

habe dummerweise den Fehler gemacht und auf OpenOffice.de statt Openoffice.org zu downloaden. Kaspersky hat direkt angeschlagen und "Desinfiziert". Dennoch hat sich an der Google Suche etwas verändert und ich hatte ein ungutes Gefühl es bei Kaspersky zu belassen.

Habe bereits AdwCleaner laufen gelassen:

Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build:    11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    02-23-2022
# Duration: 00:00:03
# OS:      Windows 10 Home
# Scanned:  32048
# Detected: 4


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Fake.OpenOfficeUpdater C:\Users\Caro\AppData\Roaming\OpenOffice Updater
PUP.Optional.GreatDealz        C:\Users\Caro\AppData\LocalLow\GreatDealz
PUP.Optional.Legacy            C:\Users\Caro\AppData\Local\YSearchUtil

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\OpenOffice Updater

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

das erneute Durchlaufen nachdem die 3 Dateien in die Quarantäne geschoben wurden ergab folgendes:


Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build:    11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    02-23-2022
# Duration: 00:00:03
# OS:      Windows 10 Home
# Scanned:  32048
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1643 octets] - [23/02/2022 22:21:37]
AdwCleaner[C00].txt - [1749 octets] - [23/02/2022 22:22:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Kaspersky hat folgende Dateien VOR AdwCleaner gelöscht:

Name: PDM:Trojan.Win32.Generic
Objektname: Updater.exe
Objektname: readme_de.html
Objektname: vcredist_x64.exe
Objektname: vcredist_x86.exe
Objektname: setup.exe

Zudem wurde ein Rollback durchgeführt:

Ereignis: Das Rollback wurde ausgeführt.
Programm: openoffice-x86-setup.exe
Benutzer: DESKTOP-LJVJBQ2\Caro
Benutzertyp: Aktiver Benutzer
Komponente: Aktivitätsmonitor
Ergebnisbeschreibung: Rollback von Aktionen des Programms
Typ: Trojaner
Name: PDM:Trojan.Win32.Generic
Bedrohungsstufe: Hoch
Objekttyp: Prozess
Objektpfad: c:\users\caro\appdata\local\temp
Objektname: openoffice-x86-setup.exe


Vielen Dank!

cosinus 23.02.2022 22:58
Hinweise für Hilfesuchende gelesen? Da fehlen nämlich Logs.
Kaspersky kannst du schonmal vorher deinstallieren.

gigalos 23.02.2022 23:23
Tatsächlich gelesen, aber zu solch später Stunde die FRST logs vergessen..

anbei:

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01
durchgeführt von Caro (Administrator) auf DESKTOP-LJVJBQ2 (ASUS System Product Name) (23-02-2022 23:15:50)
Gestartet von C:\Users\Caro\Desktop
Geladene Profile: Caro
Plattform: Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ->) (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\142.4.4197\QtWebEngineProcess.exe <2>
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Mattermost, Inc. -> Mattermost, Inc.) C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\Mattermost.exe <4>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe <6>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) D:\Programme\Microsoft Office\Office14\MSOSYNC.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) D:\Programme\Microsoft Office\Office14\ONENOTEM.EXE
(explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\consent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2014-07-30] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819104 2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2022-02-01] (Adobe Inc. -> Adobe Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Spotify] => C:\Users\Caro\AppData\Roaming\Spotify\Spotify.exe [18750392 2021-11-23] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5407968 2021-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2022-01-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33650656 2022-02-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Mattermost] => C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\Mattermost.exe [100306760 2020-04-22] (Mattermost, Inc. -> Mattermost, Inc.)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [OfficeSyncProcess] => D:\Programme\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [MicrosoftEdgeAutoLaunch_288402229142217F72A4B195D34AE808] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\Windows\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2014-08-06] (CANON INC.) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2019-11-12]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2017-10-15]
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2018-02-02]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [Datei ist nicht signiert]
Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2019-05-10]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> D:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0589798C-1928-4775-B81C-9F3C174F97A8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0A17C0F3-E75A-4279-85F5-39D1A642D062} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0B75F6FC-BA0A-4442-AAFC-80904088208C} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Keine Datei)
Task: {0D7D92FD-89B5-4A6F-97CA-C27C675D5A0E} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2179960 2021-09-16] (ASUSTeK Computer Inc. -> ASUS)
Task: {0E7F8CEE-7F8E-4B33-B8F5-97C28CFC7985} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {11C26323-FE36-4B6A-A118-91147930FA0B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {11CC8186-FF3E-4166-B1FF-3978F616F350} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {1BBC9956-5889-4623-B9DF-5AFA10B24437} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44588888 2021-08-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {20832FEB-2B37-47BD-9F0D-36D05208231E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d7bf56fc559d67 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {2615AA9E-E5DA-4842-BCEF-C66CFAD9BBA5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {27B692D4-01EC-4E84-BCC2-7FF381328EF5} - System32\Tasks\ASUS\TriggerCheckLMVersion => C:\Program [Argument = Files (x86)\ASUS\ROG Live Service\CheckLMstatus.exe]
Task: {2AE891F5-8A6E-46BC-BF87-5D90C07FE15A} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [104600 2021-09-16] (ASUSTeK Computer Inc. -> ASUS)
Task: {600609C8-44B9-47EA-A077-643135EF9597} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {631C211E-FAD0-4B72-A30D-FCC78E63056E} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe [764152 2021-06-10] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {6F177B8C-949B-48E5-953A-5A527A0DC4A1} - System32\Tasks\GreatDealzUpdater => C:\ProgramData\greatdealzupdater\tUpdater.exe (Keine Datei)
Task: {8F153D68-C127-4A85-B1CA-C7B3031363FE} - System32\Tasks\ASUS\NoiseCancelingEngine.exe => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241448 2021-06-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {96CB12A3-6C31-49FB-AF2D-DF675694621E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {BBB5DED1-4B7E-4630-BBF8-C718E9120294} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.56\Installer\setup.exe [3196848 2022-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFDCEA5B-6C4E-457B-BC0E-5668BC541487} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {C53B9548-D807-4E37-BA7B-CF01CB65B080} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-03] (Google Inc -> Google Inc.)
Task: {D7C4304A-2233-4EAC-B47A-2A1325C5D8BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-03] (Google Inc -> Google Inc.)
Task: {DE2ADAB3-4FCE-4A0E-B8EB-AA5821BF0685} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {FB40AEE8-C168-4F2B-A9BD-C25B0EF5BDC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GreatDealzUpdater.job => C:\ProgramData\greatdealzupdater\tUpdater.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0e9ed192-41f8-494d-9b56-0cb39d641b94}: [DhcpNameServer] 192.168.142.254
Tcpip\..\Interfaces\{1e92237a-aaab-41d6-bfa3-fee8253df165}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6e92aef6-5e01-4a47-8881-f79c587294f5}: [DhcpNameServer] 192.168.74.1
Tcpip\..\Interfaces\{727a03b2-91bc-49fc-896e-08a5b80af7cb}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c279de3b-b889-41c7-941c-4c582d3eb6e7}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{e36f689a-bdf6-4d7b-82e1-565889d07cb3}: [DhcpNameServer] 192.168.178.1

Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-23]
Edge DownloadDir: Default -> C:\Users\Caro\Desktop
Edge Notifications: Default -> hxxps://www.youtube.com
Edge StartupUrls: Default -> "hxxps://fba.h-da.de/aktuelles/"
Edge Extension: (Proxy SwitchySharp) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2021-12-12]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2021-12-21]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-14]
Edge HKU\S-1-5-21-3671133233-2531484000-2582408703-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-02-01] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-02-01] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default [2022-02-23]
CHR DownloadDir: C:\Users\Caro\Desktop
CHR Notifications: Default -> hxxps://sxce.info; hxxps://web.whatsapp.com; hxxps://www.autodoc.de; hxxps://www.autoscout24.de; hxxps://www.computerbild.de; hxxps://www.frag-mutti.de; hxxps://www.giga.de; hxxps://www.lieferando.de; hxxps://www.pcwelt.de; hxxps://www.pinterest.de; hxxps://www.prosieben.de; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://fba.h-da.de/aktuelles/"
CHR Extension: (Präsentationen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Just Black) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-01]
CHR Extension: (Docs) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-03]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-14]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2021-07-05]
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-05]
CHR Extension: (Tabellen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Google Docs Offline) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-17]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-12-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2022-02-01] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [349928 2021-09-10] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2021-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-08-20] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe [2201416 2021-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [842128 2022-02-23] (ASUSTeK Computer Inc. -> )
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-06-16] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9760664 2018-12-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
S4 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S4 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S4 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
S4 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
S4 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354008 2019-02-08] (Kaspersky Lab -> AO Kaspersky Lab)
S4 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-16] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3565600 2021-08-17] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 Microsoft SharePoint Workspace Audit Service; D:\Programme\Microsoft Office\Office14\GROOVE.EXE [50942144 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
S4 RealtekCU; C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [5941936 2021-10-21] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S4 RunSwUSB; C:\Windows\runSW.exe [36864 2012-09-20] () [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13036464 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43160 2021-08-20] (ASUSTeK Computer Inc. -> )
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [689976 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1507648 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [287904 2022-01-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [319720 2022-01-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115968 2022-01-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [229248 2022-01-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-15] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2016-12-20] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-02-23 23:15 - 2022-02-23 23:16 - 000040314 _____ C:\Users\Caro\Desktop\FRST.txt
2022-02-23 23:15 - 2022-02-23 23:16 - 000000000 ____D C:\FRST
2022-02-23 23:15 - 2022-02-23 23:15 - 002312192 _____ (Farbar) C:\Users\Caro\Desktop\FRST64.exe
2022-02-23 22:21 - 2022-02-23 22:22 - 000000000 ____D C:\AdwCleaner
2022-02-23 22:20 - 2022-02-23 22:20 - 008540344 _____ (Malwarebytes) C:\Users\Caro\Desktop\adwcleaner_8.3.1.exe
2022-02-23 22:18 - 2022-02-23 22:18 - 006125096 _____ (CHIP Digital GmbH) C:\Users\Caro\Desktop\Malwarebytes - Malware Scanner _SkAmZ.exe
2022-02-23 22:04 - 2022-02-23 22:04 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.11
2022-02-23 22:04 - 2022-02-23 22:04 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2022-02-23 21:35 - 2022-02-23 21:35 - 000000000 ____D C:\Users\Caro\AppData\Roaming\OpenOffice
2022-02-23 21:34 - 2022-02-23 22:04 - 000000000 ____D C:\Users\Caro\Desktop\OpenOffice 4.1.11 (de) Installation Files
2022-02-23 21:23 - 2022-02-23 21:34 - 473648684 _____ C:\Users\Caro\Desktop\220215_Griesheim Entwurf_caro.vwxw
2022-02-17 11:52 - 2022-02-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-02-16 11:31 - 2022-02-16 11:31 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2022-02-16 11:28 - 2022-02-16 11:28 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2022-02-16 11:26 - 2022-02-16 11:26 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2022-02-16 11:23 - 2022-02-16 11:23 - 000000000 ____D C:\Users\Caro\AppData\Roaming\NVIDIA
2022-02-14 13:35 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-02-14 13:35 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-02-14 13:34 - 2022-01-28 20:19 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001466000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001207440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001144552 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001144552 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 001528448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 001179584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 000795264 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 000714880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 000638912 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 008610432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 002121360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 001602704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 000985024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 000794552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 000710800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-02-14 13:34 - 2022-01-28 20:15 - 000455808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-02-14 13:34 - 2022-01-28 20:14 - 007715256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-02-14 13:34 - 2022-01-28 20:14 - 005726336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-02-14 13:34 - 2022-01-28 20:14 - 005098112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-02-14 13:34 - 2022-01-28 20:14 - 002932864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-02-14 13:34 - 2022-01-28 20:13 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-02-14 13:34 - 2022-01-28 20:11 - 006459952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-02-14 13:34 - 2022-01-28 12:28 - 000089185 _____ C:\WINDOWS\system32\nvinfo.pb
2022-02-14 13:34 - 2022-01-28 12:28 - 000040920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-02-14 13:33 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-02-14 13:32 - 2022-01-28 20:11 - 007612320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-02-14 13:32 - 2020-10-07 13:34 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2022-02-14 13:32 - 2020-10-07 13:34 - 000555248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2022-02-14 10:06 - 2022-01-07 13:36 - 004955248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2022-02-14 10:06 - 2022-01-07 13:36 - 001622088 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2022-02-14 10:06 - 2022-01-07 13:05 - 045101144 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-02-13 06:44 - 2022-02-13 06:44 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-02-09 13:11 - 2022-02-09 13:11 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-09 13:08 - 2022-02-09 13:08 - 000000000 ___HD C:\$WinREAgent
2022-02-08 22:41 - 2022-02-08 22:41 - 000000000 ____D C:\Users\Caro\AppData\Roaming\com.adobe.dunamis
2022-02-01 20:26 - 2022-02-01 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks 2022
2022-02-01 20:23 - 2022-02-01 20:28 - 000000000 ____D C:\Program Files\Vectorworks 2022
2022-02-01 19:57 - 2022-02-01 19:57 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2022.lnk
2022-02-01 15:05 - 2022-02-01 15:05 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-02-01 10:25 - 2022-02-01 10:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-01 10:24 - 2022-02-01 10:24 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-01 10:24 - 2022-02-01 10:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-01 10:24 - 2022-02-01 10:24 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-02-23 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-23 23:13 - 2020-09-01 09:12 - 000000000 ____D C:\Users\Caro\AppData\Local\Dropbox
2022-02-23 23:13 - 2020-04-27 16:55 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Mattermost
2022-02-23 23:13 - 2018-11-23 23:29 - 000000000 ___RD C:\Users\Caro\Creative Cloud Files
2022-02-23 23:13 - 2017-03-03 17:08 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-23 22:50 - 2017-02-24 16:05 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-23 22:16 - 2020-08-31 17:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-23 21:46 - 2020-08-31 17:26 - 001632230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-23 21:46 - 2019-12-07 15:50 - 000705894 _____ C:\WINDOWS\system32\perfh007.dat
2022-02-23 21:46 - 2019-12-07 15:50 - 000142188 _____ C:\WINDOWS\system32\perfc007.dat
2022-02-23 21:46 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-23 21:39 - 2021-10-12 11:47 - 000880672 _____ C:\WINDOWS\system32\wpbbin.exe
2022-02-23 21:39 - 2021-10-12 11:47 - 000842128 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2022-02-23 21:39 - 2020-11-02 12:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-02-23 21:39 - 2020-08-31 17:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-23 21:39 - 2020-08-31 17:17 - 001097760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-23 21:39 - 2020-08-31 17:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-23 21:39 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-02-23 21:39 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-02-23 21:29 - 2018-03-13 21:50 - 000000000 ____D C:\Users\Caro\Documents\VW Backup
2022-02-23 21:12 - 2021-08-02 11:34 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Enscape
2022-02-23 16:42 - 2021-10-24 18:32 - 000000000 ____D C:\Users\Caro\AppData\Roaming\discord
2022-02-23 16:28 - 2021-10-24 18:32 - 000000000 ____D C:\Users\Caro\AppData\Local\Discord
2022-02-23 11:55 - 2019-10-07 20:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-02-23 10:19 - 2018-11-23 22:51 - 000000000 ____D C:\Users\Caro\AppData\Local\D3DSCache
2022-02-21 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-20 13:55 - 2020-09-01 09:16 - 000000000 ___RD C:\Users\Caro\Dropbox
2022-02-19 10:52 - 2021-11-22 09:05 - 000004782 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-02-19 10:52 - 2020-07-01 17:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-19 10:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-19 10:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-18 11:27 - 2021-02-12 14:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-17 11:52 - 2020-09-01 09:12 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-02-17 11:52 - 2020-08-29 18:19 - 000000000 ___HD C:\adobeTemp
2022-02-17 11:51 - 2017-03-03 17:09 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-16 11:31 - 2018-11-23 23:30 - 000000000 ____D C:\Program Files\Adobe
2022-02-16 11:26 - 2018-07-04 18:39 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-02-16 11:26 - 2017-03-04 17:22 - 000000000 ____D C:\ProgramData\Adobe
2022-02-16 11:19 - 2021-12-11 16:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3671133233-2531484000-2582408703-1002
2022-02-16 11:19 - 2020-08-31 17:24 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3671133233-2531484000-2582408703-1002
2022-02-16 11:19 - 2020-08-31 17:17 - 000002396 _____ C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-14 13:40 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\NVIDIA
2022-02-14 13:35 - 2017-02-24 16:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-02-14 13:34 - 2017-02-24 16:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-02-14 13:31 - 2017-02-24 16:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-02-14 09:15 - 2020-10-21 23:12 - 000088328 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpnpflt.sys
2022-02-14 09:14 - 2021-02-19 20:08 - 000237288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\cm_km.sys
2022-02-14 09:14 - 2021-02-19 20:08 - 000090896 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2022-02-14 09:14 - 2020-10-21 23:11 - 000105280 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupdisk.sys
2022-02-14 09:14 - 2019-04-12 17:18 - 001049864 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2022-02-14 09:14 - 2019-04-12 17:18 - 000522504 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2022-02-14 09:14 - 2019-02-18 17:41 - 000325400 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2022-02-14 09:14 - 2019-02-18 17:41 - 000206600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
2022-02-14 09:14 - 2019-02-18 17:41 - 000119568 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys
2022-02-14 09:14 - 2018-02-24 04:17 - 000294680 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2022-02-14 09:14 - 2018-02-17 01:50 - 000150280 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2022-02-14 09:14 - 2018-01-15 04:13 - 000104728 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klkbdflt.sys
2022-02-14 09:14 - 2017-12-11 10:49 - 000107328 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klmouflt.sys
2022-02-14 09:14 - 2017-05-30 17:51 - 000078088 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2022-02-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-09 15:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-09 13:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-09 13:07 - 2018-11-23 20:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-09 13:06 - 2018-11-23 20:32 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-02 11:00 - 2018-11-27 19:45 - 000000000 ____D C:\Users\Caro\AppData\Local\PlaceholderTileLogoFolder
2022-02-02 10:57 - 2017-06-19 12:08 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Spotify
2022-02-02 10:41 - 2017-06-19 12:10 - 000000000 ____D C:\Users\Caro\AppData\Local\Spotify
2022-02-01 21:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-01 20:30 - 2017-03-03 17:46 - 000000000 ____D C:\Users\Caro\AppData\Roaming\MAXON
2022-02-01 20:29 - 2019-11-20 16:21 - 000000000 ____D C:\Users\Caro\AppData\Roaming\vectorworks-installer
2022-02-01 15:05 - 2017-03-10 20:02 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-01 10:24 - 2020-08-31 17:22 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-01 10:16 - 2018-11-23 22:54 - 000000000 ____D C:\ProgramData\Packages
2022-02-01 10:16 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\Packages
2022-02-01 10:15 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\NVIDIA Corporation
2022-01-28 12:28 - 2021-01-06 15:39 - 000127968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-01-26 12:33 - 2020-08-31 17:24 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-26 12:33 - 2020-08-31 17:24 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-02-09 20:03 - 2021-11-04 20:48 - 000001456 _____ () C:\Users\Caro\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2018-11-23 23:26 - 2021-10-12 11:53 - 000000615 _____ () C:\Users\Caro\AppData\Local\oobelibMkey.log
2018-10-23 16:23 - 2020-11-23 12:11 - 000007602 _____ () C:\Users\Caro\AppData\Local\Resmon.ResmonCfg
2018-02-03 14:08 - 2019-01-15 16:12 - 000000287 _____ () C:\Users\Caro\AppData\Local\VersionChecker_23.xml

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Danke

gigalos 23.02.2022 23:23
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01
durchgeführt von Caro (23-02-2022 23:17:04)
Gestartet von C:\Users\Caro\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) (2020-08-31 16:24:27)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3671133233-2531484000-2582408703-500 - Administrator - Disabled)
Caro (S-1-5-21-3671133233-2531484000-2582408703-1002 - Administrator - Enabled) => C:\Users\Caro
DefaultAccount (S-1-5-21-3671133233-2531484000-2582408703-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3671133233-2531484000-2582408703-1001 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3671133233-2531484000-2582408703-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3671133233-2531484000-2582408703-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_0_3) (Version: 26.0.3 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_3) (Version: 16.3 - Adobe Inc.)
Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_1) (Version: 17.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_5_2) (Version: 5.2 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_11_2) (Version: 11.2 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2) (Version: 23.2.0.277 - Adobe Inc.)
AirDroid 3.7.0.0 (HKLM-x32\...\AirDroid) (Version: 3.7.0.0 - Sand Studio)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 4.2.10 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.36.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{37daa872-b179-48ca-a185-be987f7c63cf}) (Version: 1.1.36.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{9c72488b-eb92-40bd-94a3-de309514c154}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.2.3.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{c347309a-a19c-44af-9d6c-5c60ba1ba83b}) (Version: 1.2.3.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.07 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{8bf47d14-406b-49e8-8759-966757033aa0}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 2.00.13 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.67 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.14 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{c6391bdc-929f-4a9f-98cd-9a3038379379}) (Version: 1.1.14 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.18 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.18 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.18 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{2f406341-f76d-47c9-a781-b6d186b55b00}) (Version: 3.05.18 - ASUSTeK Computer Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)
Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.)
CodeMeter Runtime Kit v6.80 (HKLM\...\{8F3C9680-6728-4AD2-992D-9615C0DA06C0}) (Version: 6.80.3312.500 - WIBU-SYSTEMS AG)
DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.3.2.258 - DIAL GmbH)
DIAL Data Dispatcher (HKLM-x32\...\DIAL Data Dispatcher1.0) (Version: 2.0.24.0 - DIAL GmbH)
Discord (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 142.4.4197 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.37.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{413fe4b8-1352-4234-a775-ff2f04ad9042}) (Version: 1.1.37.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{bf1d7028-d935-477f-b5b2-053062f9b527}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden
Enscape (HKLM\...\{88C5A62D-AE1F-4033-9300-1D72FF1F82B1}) (Version: 3.1.0.51316 - Enscape GmbH)
Epic Games Launcher (HKLM-x32\...\{422FC196-EA1D-448E-A505-BC7DFC21C880}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{26b750af-32e4-4afb-aed3-d4c571b122ad}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Mattermost 4.4.1 (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\0cc73166-b7d0-592b-8d95-6cbe304083a6) (Version: 4.4.1 - Mattermost, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.56 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.56 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\OneDriveSetup.exe) (Version: 22.012.0117.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29910 (HKLM-x32\...\{53f1dc9d-ed94-4650-a079-129785ce7905}) (Version: 14.28.29910.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MTpro64 5.0 (HKLM\...\MTpro64) (Version: 5.0.2.2 - Bosch Rexroth AG)
NVIDIA Grafiktreiber 511.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenOffice 4.1.11 (HKLM-x32\...\{372A5898-9772-4413-9767-06E9F4580830}) (Version: 4.111.9808 - Apache Software Foundation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.4 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{3c403389-0bc5-4298-bebf-09de0c0b745d}) (Version: 1.0.6.4 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 1.00.10 - ASUSTek Computer Inc.)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.2.18.5 - ASUSTek COMPUTER INC.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Sitecom WiFi USB adapter N300 Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0201 - Sitecom Europe BV)
Spotify (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Spotify) (Version: 1.1.72.439.gc253025e - Spotify AB)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.26.4 - TeamViewer)
TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{95EF5DBB-C2DA-48AF-93B4-533333227486}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_0_0) (Version: 1.0.0 - Adobe Inc.)
Vectorworks 2021 (HKLM\...\Vectorworks 2021 26.0.3) (Version: 26.0.3 - Vectorworks, Inc.)
Vectorworks 2022 (HKLM\...\Vectorworks 2022 27.0.2) (Version: 27.0.2 - Vectorworks, Inc.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{589d5178-7c46-4052-8509-a0685184d622}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22866 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-09-13] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-09-13] (Adobe Systems Incorporated)
Architectural Structures PREMIUM -> C:\Program Files\WindowsApps\Microsoft.ArchitecturalStructuresPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_4.2.5.0_x64__qmba6cd70vzyy [2021-10-12] (ASUSTeK COMPUTER INC.)
Autumn Colors -> C:\Program Files\WindowsApps\Microsoft.AutumnColors_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Autumn in Sweden -> C:\Program Files\WindowsApps\Microsoft.AutumninSweden_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-12-13] (Canon Inc.)
DVD player - TrueDVD Streamer support VLC and youtube -> C:\Program Files\WindowsApps\46109SoftwareDevlope.DVDplayer-TrueDVDStreamersupp_1.1.5.0_x64__ygjcrtpe42fe2 [2021-10-27] (SoftwareDevlope)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-29] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-11-06] (Apple Inc.) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-11] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10201.5809.0_x64__8wekyb3d8bbwe [2022-02-03] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-14] (NVIDIA Corp.)
Otters -> C:\Program Files\WindowsApps\Microsoft.Otters_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.30181.0_x64__8wekyb3d8bbwe [2022-02-05] (Microsoft Corporation)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-09-13] (VideoLAN)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5370604078F8} -> [Creative Cloud Files] => C:\Users\Caro\Creative Cloud Files [2018-11-23 23:29]
CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Caro\Dropbox [2020-09-01 09:16]
CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\nvshext.dll [2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-08-18 13:27 - 2021-08-18 13:27 - 000477696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 13:27 - 2021-08-18 13:27 - 000471040 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 13:27 - 2021-08-18 13:27 - 000454656 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2021-10-12 11:56 - 2021-02-18 11:07 - 000085504 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\zlib1.dll
2021-10-12 11:56 - 2021-08-25 16:50 - 001149952 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\DIP4FanCalibration.dll
2021-10-12 11:56 - 2021-08-25 16:54 - 001542144 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\swInterface.dll
2021-10-12 11:55 - 2019-12-23 17:51 - 000093184 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-08-18 13:27 - 2021-08-18 13:27 - 000081920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2020-04-27 16:55 - 2020-04-22 11:21 - 002123264 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\ffmpeg.dll
2020-04-27 16:55 - 2020-04-22 11:21 - 000131072 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\libegl.dll
2020-04-27 16:55 - 2020-04-22 11:21 - 006792704 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\libglesv2.dll
2020-05-26 16:08 - 2020-05-26 16:08 - 002831360 _____ (Apache Software Foundation) [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\log4cxx.dll
2017-04-02 17:58 - 2014-08-06 12:25 - 000375296 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
2021-10-12 11:56 - 2021-02-18 11:07 - 000287232 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcurl.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcrypto-1_1-x64.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 002281984 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\LIBEAY32.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libssl-1_1-x64.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 000361472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\SSLEAY32.dll
2021-10-12 11:55 - 2019-06-26 15:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2021-10-12 11:55 - 2019-06-26 15:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

SearchScopes: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002 -> {61A18614-9A33-46A1-8D11-25C0ABEA3FDA} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Programme\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programme\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002 -> Kein Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} -  Keine Datei

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2019-01-07 12:35 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-11-03 14:27 - 2019-11-03 14:27 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3671133233-2531484000-2582408703-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\Control Panel\Desktop\\Wallpaper -> D:\Documents\08_Sonstiges\Dual Monitor Hintergründe\Dual-Monitor-Wallpaper-22.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

Network Binding:
=============
Ethernet 3: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
Ethernet 2: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
Ethernet 4: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
WLAN 2: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: CmWebAdmin.exe => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Online Connect => 2
MSCONFIG\Services: Intel(R) Online Connect Helper => 2
MSCONFIG\Services: Intel(R) Online Connect Software Asset Manager => 2
MSCONFIG\Services: Intel(R) TechnologyAccessLegacyCSLoader => 2
MSCONFIG\Services: Intel(R) TechnologyAccessService => 2
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: klvssbridge64_21.3 => 3
MSCONFIG\Services: kpm_launch_service => 3
MSCONFIG\Services: KSDE5.3 => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NVIDIA Wireless Controller Service => 2
MSCONFIG\Services: RealtekCU => 2
MSCONFIG\Services: RunSwUSB => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{103BFB37-ADC5-4C97-8073-1C4DE189E1EB}] => (Allow) C:\Users\Caro\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7E02AE46-AD0D-4DCA-B8F2-8B0478DFA27A}] => (Allow) C:\Users\Caro\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{7AC6111A-8D4C-43E4-9CC3-156FF2CDE906}C:\program files\vectorworks 2020\vectorworks2020.exe] => (Block) C:\program files\vectorworks 2020\vectorworks2020.exe => Keine Datei
FirewallRules: [TCP Query User{3BC91753-BAE0-45F5-B47B-FBBCC3A1ABEE}C:\program files\vectorworks 2020\vectorworks2020.exe] => (Block) C:\program files\vectorworks 2020\vectorworks2020.exe => Keine Datei
FirewallRules: [{3BA94BC9-204B-4909-8C26-05979814584F}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{540DC681-75E4-45C5-895A-B512D45985B7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [UDP Query User{311D68E8-F98D-4E90-B247-63AEA3F9EC0D}D:\programme\archicad\neuer ordnerarchi\archicad.exe] => (Allow) D:\programme\archicad\neuer ordnerarchi\archicad.exe => Keine Datei
FirewallRules: [TCP Query User{AEA97307-106E-4D79-A451-D28DBFD9BF06}D:\programme\archicad\neuer ordnerarchi\archicad.exe] => (Allow) D:\programme\archicad\neuer ordnerarchi\archicad.exe => Keine Datei
FirewallRules: [{A96080F3-45FC-43E2-BB4C-ABFDF012B217}] => (Allow) D:\Programme\Microsoft Office\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38DC9561-1ADA-402E-849E-4E3ED07FCD12}] => (Allow) D:\Programme\Microsoft Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{62F2097F-BAF9-46A6-9F82-0D1623591DCE}] => (Allow) D:\Programme\Microsoft Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C755FA6-EB14-4870-A682-11015AB57322}] => (Allow) D:\Programme\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE2BEF2A-66AF-4BAC-8B7E-97DEE494A413}] => (Allow) D:\Programme\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{442D63F9-A87C-4CD8-AEA2-8D6DE62512FA}] => (Block) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [{5C904C29-A633-4388-85B1-392629DAEFDA}] => (Block) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [UDP Query User{F03A035B-92A1-4F69-BAD1-EFE827E764B9}D:\programme\vektorworks\vectorworks2018e.exe] => (Allow) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [TCP Query User{E9427056-30D6-4B50-A860-10A5A61C3BF2}D:\programme\vektorworks\vectorworks2018e.exe] => (Allow) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [UDP Query User{B37E40F2-F5B7-4E33-880C-6A9B9A3B122C}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{43C40599-4714-49B7-9B83-53B0A9F82DD9}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{189CCEC9-6D44-4963-B9BA-E24F743F8AD0}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{3F51C2F1-63BC-4EEE-A71A-3FAD37E7DA4D}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{B850E85A-8557-4CFB-93AA-13E6D552ECDD}C:\program files (x86)\archicad20\licensefilegenerator.exe] => (Allow) C:\program files (x86)\archicad20\licensefilegenerator.exe => Keine Datei
FirewallRules: [TCP Query User{5CF10A1E-66C7-4C5B-B866-AD1E7626BEEE}C:\program files (x86)\archicad20\licensefilegenerator.exe] => (Allow) C:\program files (x86)\archicad20\licensefilegenerator.exe => Keine Datei
FirewallRules: [{076F77BB-1426-43BA-9357-A6C79AF3424B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{B86178ED-C694-41B2-9C3D-97ECB25F7A5D}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{DE4D120C-8E2D-4753-8A65-95213CE689D4}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [{3D50CB20-DA48-4C77-BC3F-1FAE1045721A}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [{7E3A988B-0E25-4DD8-A5DE-A259113611C6}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [{E94815B0-FEE6-4C9B-9218-B8477BB5B2F2}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [UDP Query User{FB31F15D-437A-434D-B40E-3795935822CE}C:\program files\programme\archicad programm\licensefilegenerator.exe] => (Allow) C:\program files\programme\archicad programm\licensefilegenerator.exe => Keine Datei
FirewallRules: [TCP Query User{3FE56CCB-5828-439C-967F-9E707AD31299}C:\program files\programme\archicad programm\licensefilegenerator.exe] => (Allow) C:\program files\programme\archicad programm\licensefilegenerator.exe => Keine Datei
FirewallRules: [UDP Query User{CD134EB8-5188-4BB3-B2B2-8AA7640440FB}C:\program files\programme\archicad programm\overwatchserver.exe] => (Allow) C:\program files\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [TCP Query User{AFB220E9-76BC-429B-B362-5221ED80FA7E}C:\program files\programme\archicad programm\overwatchserver.exe] => (Allow) C:\program files\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [UDP Query User{6FBE67FC-CA01-46D8-824A-58A097A0B8E2}C:\program files\programme\archicad programm\archicad.exe] => (Allow) C:\program files\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [TCP Query User{B0E84A7E-FA5F-4078-94F6-E0E3DF26CCC4}C:\program files\programme\archicad programm\archicad.exe] => (Allow) C:\program files\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [{DB6739E6-2204-4B09-B41B-30968CA9CFD1}] => (Block) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [{6A545E13-8CF1-4023-A9C1-9CA1EEB620DF}] => (Block) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [UDP Query User{778E1A82-286F-4FE1-BE57-4CA6EC8925D6}D:\programme\archicad programm\overwatchserver.exe] => (Allow) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [TCP Query User{296B780E-8AAA-42EB-AE50-F680F62B9BBC}D:\programme\archicad programm\overwatchserver.exe] => (Allow) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [UDP Query User{CF75E19E-6C46-41F6-8D44-01E7F8FE2E7D}D:\programme\archicad programm\archicad.exe] => (Allow) D:\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [TCP Query User{A4D1DAB3-C170-4E40-85D3-51B0504A3479}D:\programme\archicad programm\archicad.exe] => (Allow) D:\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [{6554799D-E07B-4AB2-844E-4DA7F409DF4B}] => (Block) D:\Programme\Neuer Ordner\OverwatchServer.exe => Keine Datei
FirewallRules: [{DBF87FB9-8EA0-4D89-B24E-2F55A4ABB1E7}] => (Allow) D:\Programme\Neuer Ordner\BIMxUploader.exe => Keine Datei
FirewallRules: [{9258A666-5949-4A3E-9336-366B9A300E6B}] => (Block) D:\Programme\Neuer Ordner\CineRender\CineRender 64bit.exe => Keine Datei
FirewallRules: [{49E7C456-E3B8-4878-B0E7-76DB3ECD4CF3}] => (Block) D:\Programme\Neuer Ordner\ARCHICAD.exe => Keine Datei
FirewallRules: [{441A4EE9-45D4-4815-A29C-C91AB8303305}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\Rtldhcp.exe (Realtek) [Datei ist nicht signiert]
FirewallRules: [{726D7D19-1755-4DE1-BCB8-C06D3BC8CB34}] => (Allow) LPort=53
FirewallRules: [{6120098B-5097-410C-8C00-8A7BF7676442}] => (Allow) LPort=53
FirewallRules: [{4C73448B-B40B-4705-8A30-DDD5EDE0CEC9}] => (Allow) LPort=68
FirewallRules: [{8B654C7F-3E38-4C77-B3C3-5ED26B6B6618}] => (Allow) LPort=67
FirewallRules: [{FD438F58-F35B-4212-BD80-1E5481A6D314}] => (Allow) LPort=53
FirewallRules: [{07869E25-0997-473C-9BDF-288F3F806744}] => (Allow) LPort=1542
FirewallRules: [{B4C70D86-4782-476C-8042-A4602C809393}] => (Allow) LPort=1542
FirewallRules: [{D19EFC04-8F56-4D8C-AB1C-78C82B4476DB}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
FirewallRules: [{01F75DD0-663B-4CCB-964B-17FFC731DD41}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
FirewallRules: [{8237B493-1476-431C-8BB4-D3A0C1EE25E4}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Anno 2205\Bin\Win64\Anno2205.exe (Blue Byte GmbH -> Ubisoft)
FirewallRules: [TCP Query User{9B72727D-7C82-417E-9038-EEC44B59BB66}D:\programme\vectorworks 2019\vectorworks2019.exe] => (Allow) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [UDP Query User{7098CF80-605A-40E8-990C-2EF29526654B}D:\programme\vectorworks 2019\vectorworks2019.exe] => (Allow) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [{002ADA28-1AFB-4FE6-8D2F-B2C4D11EC154}] => (Block) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [{430963B0-6785-4E33-B505-AEA003F69110}] => (Block) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [{C52B6DB2-CB9D-4C35-BCFE-724A663F2BC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C12B714F-F4FA-47B1-BAD4-37B5750809AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A6C06521-4B8C-43D4-A683-039264E3F4F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D51E99A1-038E-47CA-80E4-5D947C74516D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4B36B334-4C93-4187-848A-627BF472264B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{3ABF503F-36E6-4871-BE0E-D347FCBDA8FC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{E9ADF80F-41DB-4FFA-8DED-B6F3513C395C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{A3440304-1B41-4CD8-9320-0EB65E7C518A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{425F93A0-29CC-4043-B79D-DA8FAC9A2DF5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9750C618-E4F1-4C0D-B1BF-823BB3AA8818}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EB4FBE25-6225-4B0C-8BFF-0E9F388E648A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5478A773-663A-4561-9220-E2BB9A1BCB88}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{19727FE3-6C85-4368-A4F5-94F08A5A2A8F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{378FBCA8-18BF-4895-A013-EB6C23D2892F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9337AD6E-BCE7-4FB9-A247-76B24077C449}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8F0DD151-5DE5-4C7E-B701-F188790CF0DD}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{EA9A196D-8FBF-4C26-8471-9BD8E51D039B}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{062C35E5-C83F-4EE9-BE11-528782F1B3E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6B489A55-E4E2-4C87-8A6C-257445F9522F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D55BE7D3-02AA-40A4-8136-7BA599B05FF9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C4176973-9EF7-466A-A459-0E7B563EE1DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C56C1610-3824-4C82-AA3F-9982D33C95EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A96C4156-561F-49EE-9415-577A3124EEB2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{0CEED22D-3EA0-4590-8AB4-89638B31C0BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF951C40-57E5-4CE6-ACB8-7252AB2D9E2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B8B7E52D-8B49-49C7-B4D1-B3DA9AF8894F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DD1E34F-46BA-469B-966C-05F37B4EA831}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C1C697E-74ED-4B63-8228-06C409C8B683}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Wiederherstellungspunkte =========================

21-02-2022 21:04:17 Geplanter Prüfpunkt
23-02-2022 21:35:03 OpenOffice 4.1.11 wird installiert

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (02/23/2022 10:28:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Aac3572MbHal_x86.exe, Version: 1.2.3.1, Zeitstempel: 0x6142afdc
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.19041.1348, Zeitstempel: 0xf1a7c19a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000d8ea9
ID des fehlerhaften Prozesses: 0x1ec4
Startzeit der fehlerhaften Anwendung: 0x01d828f573869c49
Pfad der fehlerhaften Anwendung: C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\combase.dll
Berichtskennung: ff5a1198-a9ce-43a2-8024-e86c033ed1cd
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/23/2022 10:22:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsusFanControlService.exe, Version: 3.0.0.0, Zeitstempel: 0x610b8c15
Name des fehlerhaften Moduls: AsusFanControlService.exe, Version: 3.0.0.0, Zeitstempel: 0x610b8c15
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003ca97
ID des fehlerhaften Prozesses: 0x1248
Startzeit der fehlerhaften Anwendung: 0x01d828f57091b39b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe
Berichtskennung: e3c8dfe0-71a0-4ac4-b27f-3ab2ce068410
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/23/2022 09:56:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: InDesign.exe, Version: 17.1.0.50, Zeitstempel: 0x61e0fb5b
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1466, Zeitstempel: 0xe2f8ca76
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x5e0c
Startzeit der fehlerhaften Anwendung: 0x01d828f693003973
Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe InDesign 2022\InDesign.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 2da307a4-8c3c-46a2-9a01-83fb5ec090bb
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/23/2022 09:38:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (02/23/2022 09:38:56 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (02/23/2022 09:38:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (02/23/2022 09:38:56 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (02/23/2022 09:34:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Vectorworks2021.exe, Version: 26.0.4.0, Zeitstempel: 0x60ccaf7d
Name des fehlerhaften Moduls: libcef.dll, Version: 84.2.6.0, Zeitstempel: 0x5f08e1b8
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000002be2b49
ID des fehlerhaften Prozesses: 0x2550
Startzeit der fehlerhaften Anwendung: 0x01d828f1bd8f79e2
Pfad der fehlerhaften Anwendung: C:\Program Files\Vectorworks 2021\Vectorworks2021.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Vectorworks 2021\ChromiumEF_dlls\libcef.dll
Berichtskennung: a0fa5158-ce98-4fa9-96f2-79f1e69055a2
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (02/23/2022 11:15:31 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "asComSvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}

Error: (02/23/2022 11:15:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht.

Error: (02/23/2022 11:15:16 PM) (Source: Netwtw10) (EventID: 5010) (User: )
Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (02/23/2022 11:15:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AsusFanControlService" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/23/2022 11:15:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AsusFanControlService erreicht.

Error: (02/23/2022 11:15:01 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "asComSvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}

Error: (02/23/2022 11:15:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht.

Error: (02/23/2022 11:14:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AsusFanControlService" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


CodeIntegrity:
===============
Date: 2022-02-23 22:18:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume12\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume12\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2022-02-23 21:39:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume12\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume12\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. 2423 08/09/2021
Hauptplatine: ASUSTeK COMPUTER INC. PRIME B550M-A (WI-FI)
Prozessor: AMD Ryzen 5 5600X 6-Core Processor
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 16299.37 MB
Verfügbarer physikalischer RAM: 8871.73 MB
Summe virtueller Speicher: 22699.37 MB
Verfügbarer virtueller Speicher: 13307.55 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:231.81 GB) (Free:73.62 GB) NTFS
Drive d: () (Fixed) (Total:931.38 GB) (Free:375.56 GB) NTFS
Drive e: () (Fixed) (Total:931.38 GB) (Free:422.82 GB) NTFS
Drive f: (Windows) (Fixed) (Total:464.77 GB) (Free:434.72 GB) NTFS

\\?\Volume{a7af9eac-cc55-49a5-8600-c6ef4ff82100}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{8193e75b-3416-472e-bb8f-91ef883aa56b}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{defb8d1e-f58b-4ebc-b967-f5ed9b1398ae}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{56134543-78f4-4721-b382-d2543fec4cae}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{806931e6-103b-4540-9c29-7bbe4d6caaf4}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: D17FEDD6)

Partition: GPT.

==================== Ende von Addition.txt =======================

cosinus 24.02.2022 08:36
Da ist ja noch Kaspersky drauf. Das bitte komplett deinstalliere. Auch OpenOffice und den ganzen unnötigen Schrottkrempel von ASUS.

gigalos 24.02.2022 09:32
Von Asus kann ich alles bezüglich Aura deinstallieren wo „hidden“ dahinter steht nehme ich an? Kaspersky generell Schrott (und quasi Geld umsonst ausgegeben) oder kann ich’s nach den Maßnahmen hier wieder installieren?

Danach wieder den FRST Log Posten?

cosinus 24.02.2022 09:35
Von Kaspersky und anderem Geraffel wie Avira oder GDATA wird grundsätzlich abgeraten. Warum hast du vorher hier nicht gefragt? Das Geld hättest dir sparen oder in Backupmittel investieren können, das wäre da wesentlich sinnvoller gewesen.
Der in Windows eingebaute Defender ist genauso gut oder schlecht was Erkennungen angeht.

Zitat:
Microsoft Office Professional Plus 2010
Das muss auch deinstalliert werden, ist völlig veraltet.

M-K-D-B 24.02.2022 14:31
Zitat:
Zitat von gigalos (Beitrag 1763280)
habe dummerweise den Fehler gemacht und auf OpenOffice.de statt Openoffice.org zu downloaden.
Ja, von dort haben sich schon viele die Systeme zugemüllt.

Nur ist OpenOffice ja nicht deine einzige schlechte Downloadquelle... Chip.de ist genau so schlecht:
Zitat:
2022-02-23 22:18 - 2022-02-23 22:18 - 006125096 _____ (CHIP Digital GmbH) C:\Users\Caro\Desktop\Malwarebytes - Malware Scanner _SkAmZ.exe
>>> Software lädt man direkt beim Hersteller, in diesem Fall direkt bei Malwarebytes






Downloadquellen
Die folgenden Seiten verteilen Software häufig mit einem sog. "Installer", mit dem Potentiell Unerwünschte Programme (PUP) oder Adware installiert werden können.
Vereinzelt beinhalten diese "Installer" sogar Trojaner.
Vermeide daher unbedingt die folgenden Seiten:
  • Chip.de
  • Softonic.de
  • sourceforge.net
  • openoffice.de
  • VLC.de
  • audacity.de
  • gimp24.de
  • jdownloader.org
  • computerbild.de
  • updatestar.com

Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> chocolatey Paketmanager für Windows

Wir empfehlen dringend, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein.
Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch)
Selbstverständlich darfst du auch Fragen zu chocolatey im o.g. Thread zu chocolatey stellen.

Für den seltenen Fall, dass du das benötigte Programm nicht im repository von chocolatey findest: Lade diese Software immer direkt beim jeweiligen Hersteller / Entwickler.

gigalos 24.02.2022 20:43
Danke für die ganzen Anregungen und die Hilfe.

nun also die aktuellen Logs:

Malwarebytes premium testversion:

Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 24.02.22
Scan-Zeit: 20:26
Protokolldatei: a5fa1ace-95a7-11ec-9c06-f02f74f2b40b.json

-Softwaredaten-
Version: 4.5.4.168
Komponentenversion: 1.0.1599
Version des Aktualisierungspakets: 1.0.51611
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19043.1526)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-LJVJBQ2\Caro

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 328361
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 1 Min., 28 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
FRST:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2022
durchgeführt von Caro (Administrator) auf DESKTOP-LJVJBQ2 (ASUS System Product Name) (24-02-2022 20:30:47)
Gestartet von C:\Users\Caro\Desktop
Geladene Profile: Caro
Plattform: Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ->) (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\142.4.4197\QtWebEngineProcess.exe <2>
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Mattermost, Inc. -> Mattermost, Inc.) C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\Mattermost.exe <4>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe <6>
(explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2014-07-30] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819104 2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2022-02-01] (Adobe Inc. -> Adobe Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Spotify] => C:\Users\Caro\AppData\Roaming\Spotify\Spotify.exe [18750392 2021-11-23] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5407968 2021-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2022-01-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33650656 2022-02-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Mattermost] => C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\Mattermost.exe [100306760 2020-04-22] (Mattermost, Inc. -> Mattermost, Inc.)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [OfficeSyncProcess] => "D:\Programme\Microsoft Office\Office14\MSOSYNC.EXE" (Keine Datei)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [MicrosoftEdgeAutoLaunch_288402229142217F72A4B195D34AE808] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\Windows\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2014-08-06] (CANON INC.) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2019-11-12]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2017-10-15]
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2018-02-02]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [Datei ist nicht signiert]

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0589798C-1928-4775-B81C-9F3C174F97A8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0A17C0F3-E75A-4279-85F5-39D1A642D062} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0B75F6FC-BA0A-4442-AAFC-80904088208C} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Keine Datei)
Task: {0D7D92FD-89B5-4A6F-97CA-C27C675D5A0E} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2179960 2021-09-16] (ASUSTeK Computer Inc. -> ASUS)
Task: {0E7F8CEE-7F8E-4B33-B8F5-97C28CFC7985} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {11C26323-FE36-4B6A-A118-91147930FA0B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {11CC8186-FF3E-4166-B1FF-3978F616F350} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {1BBC9956-5889-4623-B9DF-5AFA10B24437} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44588888 2021-08-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {20832FEB-2B37-47BD-9F0D-36D05208231E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d7bf56fc559d67 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {2615AA9E-E5DA-4842-BCEF-C66CFAD9BBA5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {27B692D4-01EC-4E84-BCC2-7FF381328EF5} - System32\Tasks\ASUS\TriggerCheckLMVersion => C:\Program [Argument = Files (x86)\ASUS\ROG Live Service\CheckLMstatus.exe]
Task: {2AE891F5-8A6E-46BC-BF87-5D90C07FE15A} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [104600 2021-09-16] (ASUSTeK Computer Inc. -> ASUS)
Task: {600609C8-44B9-47EA-A077-643135EF9597} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {631C211E-FAD0-4B72-A30D-FCC78E63056E} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe [764152 2021-06-10] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {6F177B8C-949B-48E5-953A-5A527A0DC4A1} - System32\Tasks\GreatDealzUpdater => C:\ProgramData\greatdealzupdater\tUpdater.exe (Keine Datei)
Task: {8F153D68-C127-4A85-B1CA-C7B3031363FE} - System32\Tasks\ASUS\NoiseCancelingEngine.exe => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241448 2021-06-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {96CB12A3-6C31-49FB-AF2D-DF675694621E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {BBB5DED1-4B7E-4630-BBF8-C718E9120294} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.56\Installer\setup.exe [3196848 2022-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFDCEA5B-6C4E-457B-BC0E-5668BC541487} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {C53B9548-D807-4E37-BA7B-CF01CB65B080} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-03] (Google Inc -> Google Inc.)
Task: {D7C4304A-2233-4EAC-B47A-2A1325C5D8BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-03] (Google Inc -> Google Inc.)
Task: {DE2ADAB3-4FCE-4A0E-B8EB-AA5821BF0685} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {FB40AEE8-C168-4F2B-A9BD-C25B0EF5BDC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GreatDealzUpdater.job => C:\ProgramData\greatdealzupdater\tUpdater.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0e9ed192-41f8-494d-9b56-0cb39d641b94}: [DhcpNameServer] 192.168.142.254
Tcpip\..\Interfaces\{1e92237a-aaab-41d6-bfa3-fee8253df165}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6e92aef6-5e01-4a47-8881-f79c587294f5}: [DhcpNameServer] 192.168.74.1
Tcpip\..\Interfaces\{727a03b2-91bc-49fc-896e-08a5b80af7cb}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c279de3b-b889-41c7-941c-4c582d3eb6e7}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{e36f689a-bdf6-4d7b-82e1-565889d07cb3}: [DhcpNameServer] 192.168.178.1

Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-24]
Edge DownloadDir: Default -> C:\Users\Caro\Desktop
Edge Notifications: Default -> hxxps://www.youtube.com
Edge StartupUrls: Default -> "hxxps://fba.h-da.de/aktuelles/"
Edge Extension: (Proxy SwitchySharp) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2021-12-12]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2021-12-21]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-14]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-02-01] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-02-01] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default [2022-02-24]
CHR DownloadDir: C:\Users\Caro\Desktop
CHR Notifications: Default -> hxxps://sxce.info; hxxps://web.whatsapp.com; hxxps://www.autodoc.de; hxxps://www.autoscout24.de; hxxps://www.computerbild.de; hxxps://www.frag-mutti.de; hxxps://www.giga.de; hxxps://www.lieferando.de; hxxps://www.pcwelt.de; hxxps://www.pinterest.de; hxxps://www.prosieben.de; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://fba.h-da.de/aktuelles/"
CHR Extension: (Präsentationen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Just Black) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-01]
CHR Extension: (Docs) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-03]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-14]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2021-07-05]
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-24]
CHR Extension: (Tabellen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Google Docs Offline) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-17]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-12-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2022-02-01] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2021-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-08-20] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe [2201416 2021-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [842128 2022-02-24] (ASUSTeK Computer Inc. -> )
S4 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9760664 2018-12-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
S4 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S4 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S4 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
S4 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
S4 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354008 2019-02-08] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-24] (Malwarebytes Inc -> Malwarebytes)
S4 RealtekCU; C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
S4 RunSwUSB; C:\Windows\runSW.exe [36864 2012-09-20] () [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13036464 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43160 2021-08-20] (ASUSTeK Computer Inc. -> )
R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-02-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-02-24] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-15] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2016-12-20] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-02-24 20:30 - 2022-02-24 20:31 - 000034488 _____ C:\Users\Caro\Desktop\FRST.txt
2022-02-24 20:30 - 2022-02-24 20:30 - 000000000 ____D C:\Users\Caro\Desktop\FRST-OlderVersion
2022-02-24 20:29 - 2022-02-24 20:29 - 000001424 _____ C:\Users\Caro\Desktop\mwb.txt
2022-02-24 20:26 - 2022-02-24 20:26 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-02-24 20:26 - 2022-02-24 20:26 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-02-24 20:26 - 2022-02-24 20:26 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-02-24 20:25 - 2022-02-24 20:25 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-02-24 20:25 - 2022-02-24 20:25 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-02-24 20:25 - 2022-02-24 20:25 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-02-24 20:25 - 2022-02-24 20:25 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-02-24 20:25 - 2022-02-24 20:25 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-02-24 20:25 - 2022-02-24 20:25 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-24 20:25 - 2022-02-24 20:25 - 000000000 ____D C:\Users\Caro\AppData\Local\mbam
2022-02-24 20:25 - 2022-02-24 20:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-02-24 20:25 - 2022-02-24 20:25 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-24 20:24 - 2022-02-24 20:24 - 002419896 _____ (Malwarebytes) C:\Users\Caro\Desktop\MBSetup.exe
2022-02-24 09:28 - 2022-02-24 09:28 - 000000000 ___HD C:\VW_2022_uninst
2022-02-24 09:17 - 2022-02-24 09:17 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2022-02-23 23:15 - 2022-02-24 20:30 - 002312192 _____ (Farbar) C:\Users\Caro\Desktop\FRST64.exe
2022-02-23 23:15 - 2022-02-24 20:30 - 000000000 ____D C:\FRST
2022-02-23 22:21 - 2022-02-23 22:22 - 000000000 ____D C:\AdwCleaner
2022-02-23 21:35 - 2022-02-23 21:35 - 000000000 ____D C:\Users\Caro\AppData\Roaming\OpenOffice
2022-02-23 21:23 - 2022-02-24 19:43 - 189051836 _____ C:\Users\Caro\Desktop\220215_Griesheim Entwurf_caro.vwxw
2022-02-17 11:52 - 2022-02-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-02-16 11:31 - 2022-02-16 11:31 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2022-02-16 11:28 - 2022-02-16 11:28 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2022-02-16 11:23 - 2022-02-16 11:23 - 000000000 ____D C:\Users\Caro\AppData\Roaming\NVIDIA
2022-02-14 13:35 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-02-14 13:35 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-02-14 13:34 - 2022-01-28 20:19 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001466000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001207440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001144552 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001144552 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 001528448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 001179584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 000795264 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 000714880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 000638912 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 008610432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 002121360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 001602704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 000985024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 000794552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 000710800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-02-14 13:34 - 2022-01-28 20:15 - 000455808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-02-14 13:34 - 2022-01-28 20:14 - 007715256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-02-14 13:34 - 2022-01-28 20:14 - 005726336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-02-14 13:34 - 2022-01-28 20:14 - 005098112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-02-14 13:34 - 2022-01-28 20:14 - 002932864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-02-14 13:34 - 2022-01-28 20:13 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-02-14 13:34 - 2022-01-28 20:11 - 006459952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-02-14 13:34 - 2022-01-28 12:28 - 000089185 _____ C:\WINDOWS\system32\nvinfo.pb
2022-02-14 13:34 - 2022-01-28 12:28 - 000040920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-02-14 13:33 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-02-14 13:32 - 2022-01-28 20:11 - 007612320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-02-14 10:06 - 2022-01-07 13:36 - 004955248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2022-02-14 10:06 - 2022-01-07 13:36 - 001622088 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2022-02-14 10:06 - 2022-01-07 13:05 - 045101144 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-02-13 06:44 - 2022-02-13 06:44 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-02-09 13:11 - 2022-02-09 13:11 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-09 13:08 - 2022-02-09 13:08 - 000000000 ___HD C:\$WinREAgent
2022-02-08 22:41 - 2022-02-08 22:41 - 000000000 ____D C:\Users\Caro\AppData\Roaming\com.adobe.dunamis
2022-02-01 19:57 - 2022-02-01 19:57 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2022.lnk
2022-02-01 15:05 - 2022-02-01 15:05 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-02-01 10:25 - 2022-02-01 10:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-01 10:24 - 2022-02-01 10:24 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-01 10:24 - 2022-02-01 10:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-01 10:24 - 2022-02-01 10:24 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-02-24 20:28 - 2020-08-31 17:26 - 001632230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-24 20:28 - 2019-12-07 15:50 - 000705894 _____ C:\WINDOWS\system32\perfh007.dat
2022-02-24 20:28 - 2019-12-07 15:50 - 000142188 _____ C:\WINDOWS\system32\perfc007.dat
2022-02-24 20:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-24 20:25 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-02-24 20:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-24 20:25 - 2017-03-03 17:08 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-24 20:23 - 2021-10-12 11:47 - 000880672 _____ C:\WINDOWS\system32\wpbbin.exe
2022-02-24 20:23 - 2021-10-12 11:47 - 000842128 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2022-02-24 20:23 - 2020-11-02 12:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-02-24 20:23 - 2020-09-01 09:12 - 000000000 ____D C:\Users\Caro\AppData\Local\Dropbox
2022-02-24 20:23 - 2020-08-31 17:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-24 20:23 - 2020-08-31 17:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-24 20:23 - 2020-04-27 16:55 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Mattermost
2022-02-24 20:23 - 2019-10-07 20:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-02-24 20:23 - 2018-11-23 23:29 - 000000000 ___RD C:\Users\Caro\Creative Cloud Files
2022-02-24 20:23 - 2017-02-24 16:05 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-24 20:22 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-02-24 20:14 - 2019-04-12 17:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-02-24 20:14 - 2019-04-12 17:18 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-02-24 20:12 - 2021-10-12 11:56 - 000000000 ____D C:\Program Files (x86)\LightingService
2022-02-24 20:12 - 2021-10-12 11:55 - 000000000 ____D C:\Program Files\ASUS
2022-02-24 20:12 - 2021-10-12 11:49 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-02-24 20:12 - 2017-02-24 16:00 - 000000000 ____D C:\ProgramData\Package Cache
2022-02-24 20:11 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-24 20:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-24 20:11 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\Packages
2022-02-24 20:09 - 2020-08-31 17:17 - 001056824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-24 20:08 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-02-24 20:08 - 2019-04-12 17:19 - 000000000 ____D C:\Program Files\Common Files\AV
2022-02-24 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-02-24 20:06 - 2017-04-02 13:07 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-02-24 20:05 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-02-24 20:05 - 2017-02-24 16:08 - 000000000 ____D C:\Program Files\Microsoft Office
2022-02-24 20:05 - 2016-07-16 12:47 - 000000076 _____ C:\WINDOWS\win.ini
2022-02-24 19:43 - 2018-03-13 21:50 - 000000000 ____D C:\Users\Caro\Documents\VW Backup
2022-02-24 19:23 - 2020-08-31 17:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-24 10:01 - 2021-08-02 11:34 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Enscape
2022-02-24 09:17 - 2020-08-29 18:19 - 000000000 ___HD C:\adobeTemp
2022-02-23 16:42 - 2021-10-24 18:32 - 000000000 ____D C:\Users\Caro\AppData\Roaming\discord
2022-02-23 16:28 - 2021-10-24 18:32 - 000000000 ____D C:\Users\Caro\AppData\Local\Discord
2022-02-23 10:19 - 2018-11-23 22:51 - 000000000 ____D C:\Users\Caro\AppData\Local\D3DSCache
2022-02-21 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-20 13:55 - 2020-09-01 09:16 - 000000000 ___RD C:\Users\Caro\Dropbox
2022-02-19 10:52 - 2021-11-22 09:05 - 000004782 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-02-19 10:52 - 2020-07-01 17:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-18 11:27 - 2021-02-12 14:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-17 11:52 - 2020-09-01 09:12 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-02-17 11:51 - 2017-03-03 17:09 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-16 11:31 - 2018-11-23 23:30 - 000000000 ____D C:\Program Files\Adobe
2022-02-16 11:26 - 2018-07-04 18:39 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-02-16 11:26 - 2017-03-04 17:22 - 000000000 ____D C:\ProgramData\Adobe
2022-02-16 11:19 - 2021-12-11 16:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3671133233-2531484000-2582408703-1002
2022-02-16 11:19 - 2020-08-31 17:24 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3671133233-2531484000-2582408703-1002
2022-02-16 11:19 - 2020-08-31 17:17 - 000002396 _____ C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-14 13:40 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\NVIDIA
2022-02-14 13:35 - 2017-02-24 16:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-02-14 13:34 - 2017-02-24 16:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-02-14 13:31 - 2017-02-24 16:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-02-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-09 15:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-09 13:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-09 13:07 - 2018-11-23 20:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-09 13:06 - 2018-11-23 20:32 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-02 11:00 - 2018-11-27 19:45 - 000000000 ____D C:\Users\Caro\AppData\Local\PlaceholderTileLogoFolder
2022-02-02 10:57 - 2017-06-19 12:08 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Spotify
2022-02-02 10:41 - 2017-06-19 12:10 - 000000000 ____D C:\Users\Caro\AppData\Local\Spotify
2022-02-01 21:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-01 20:30 - 2017-03-03 17:46 - 000000000 ____D C:\Users\Caro\AppData\Roaming\MAXON
2022-02-01 20:29 - 2019-11-20 16:21 - 000000000 ____D C:\Users\Caro\AppData\Roaming\vectorworks-installer
2022-02-01 15:05 - 2017-03-10 20:02 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-01 10:24 - 2020-08-31 17:22 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-01 10:16 - 2018-11-23 22:54 - 000000000 ____D C:\ProgramData\Packages
2022-02-01 10:15 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\NVIDIA Corporation
2022-01-28 12:28 - 2021-01-06 15:39 - 000127968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-01-26 12:33 - 2020-08-31 17:24 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-26 12:33 - 2020-08-31 17:24 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-02-09 20:03 - 2021-11-04 20:48 - 000001456 _____ () C:\Users\Caro\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2018-11-23 23:26 - 2021-10-12 11:53 - 000000615 _____ () C:\Users\Caro\AppData\Local\oobelibMkey.log
2018-10-23 16:23 - 2020-11-23 12:11 - 000007602 _____ () C:\Users\Caro\AppData\Local\Resmon.ResmonCfg
2018-02-03 14:08 - 2019-01-15 16:12 - 000000287 _____ () C:\Users\Caro\AppData\Local\VersionChecker_23.xml

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2022
durchgeführt von Caro (24-02-2022 20:31:25)
Gestartet von C:\Users\Caro\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) (2020-08-31 16:24:27)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3671133233-2531484000-2582408703-500 - Administrator - Disabled)
Caro (S-1-5-21-3671133233-2531484000-2582408703-1002 - Administrator - Enabled) => C:\Users\Caro
DefaultAccount (S-1-5-21-3671133233-2531484000-2582408703-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3671133233-2531484000-2582408703-1001 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3671133233-2531484000-2582408703-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3671133233-2531484000-2582408703-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_0_3) (Version: 26.0.3 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_3) (Version: 16.3 - Adobe Inc.)
Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_1) (Version: 17.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_5_2) (Version: 5.2 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_11_2) (Version: 11.2 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_1) (Version: 23.2.1.303 - Adobe Inc.)
AirDroid 3.7.0.0 (HKLM-x32\...\AirDroid) (Version: 3.7.0.0 - Sand Studio)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.36.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{37daa872-b179-48ca-a185-be987f7c63cf}) (Version: 1.1.36.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{9c72488b-eb92-40bd-94a3-de309514c154}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.2.3.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{c347309a-a19c-44af-9d6c-5c60ba1ba83b}) (Version: 1.2.3.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{8bf47d14-406b-49e8-8759-966757033aa0}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 2.00.13 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.67 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.14 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{c6391bdc-929f-4a9f-98cd-9a3038379379}) (Version: 1.1.14 - ASUS) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)
Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.)
CodeMeter Runtime Kit v6.80 (HKLM\...\{8F3C9680-6728-4AD2-992D-9615C0DA06C0}) (Version: 6.80.3312.500 - WIBU-SYSTEMS AG)
DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.3.2.258 - DIAL GmbH)
DIAL Data Dispatcher (HKLM-x32\...\DIAL Data Dispatcher1.0) (Version: 2.0.24.0 - DIAL GmbH)
Discord (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 142.4.4197 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.37.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{413fe4b8-1352-4234-a775-ff2f04ad9042}) (Version: 1.1.37.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{bf1d7028-d935-477f-b5b2-053062f9b527}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden
Enscape (HKLM\...\{88C5A62D-AE1F-4033-9300-1D72FF1F82B1}) (Version: 3.1.0.51316 - Enscape GmbH)
Epic Games Launcher (HKLM-x32\...\{422FC196-EA1D-448E-A505-BC7DFC21C880}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{26b750af-32e4-4afb-aed3-d4c571b122ad}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.4.168 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.4.168 - Malwarebytes)
Mattermost 4.4.1 (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\0cc73166-b7d0-592b-8d95-6cbe304083a6) (Version: 4.4.1 - Mattermost, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.56 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.56 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\OneDriveSetup.exe) (Version: 22.012.0117.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29910 (HKLM-x32\...\{53f1dc9d-ed94-4650-a079-129785ce7905}) (Version: 14.28.29910.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MTpro64 5.0 (HKLM\...\MTpro64) (Version: 5.0.2.2 - Bosch Rexroth AG)
NVIDIA Grafiktreiber 511.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.4 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{3c403389-0bc5-4298-bebf-09de0c0b745d}) (Version: 1.0.6.4 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Sitecom WiFi USB adapter N300 Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0201 - Sitecom Europe BV)
Spotify (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Spotify) (Version: 1.1.72.439.gc253025e - Spotify AB)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.26.4 - TeamViewer)
TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{95EF5DBB-C2DA-48AF-93B4-533333227486}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_0_0) (Version: 1.0.0 - Adobe Inc.)
Vectorworks 2021 (HKLM\...\Vectorworks 2021 26.0.3) (Version: 26.0.3 - Vectorworks, Inc.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{589d5178-7c46-4052-8509-a0685184d622}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22866 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-09-13] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-09-13] (Adobe Systems Incorporated)
Architectural Structures PREMIUM -> C:\Program Files\WindowsApps\Microsoft.ArchitecturalStructuresPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Autumn Colors -> C:\Program Files\WindowsApps\Microsoft.AutumnColors_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Autumn in Sweden -> C:\Program Files\WindowsApps\Microsoft.AutumninSweden_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-12-13] (Canon Inc.)
DVD player - TrueDVD Streamer support VLC and youtube -> C:\Program Files\WindowsApps\46109SoftwareDevlope.DVDplayer-TrueDVDStreamersupp_1.1.5.0_x64__ygjcrtpe42fe2 [2021-10-27] (SoftwareDevlope)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-29] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-11-06] (Apple Inc.) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-11] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10201.5809.0_x64__8wekyb3d8bbwe [2022-02-03] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-14] (NVIDIA Corp.)
Otters -> C:\Program Files\WindowsApps\Microsoft.Otters_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.30181.0_x64__8wekyb3d8bbwe [2022-02-05] (Microsoft Corporation)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-09-13] (VideoLAN)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5370604078F8} -> [Creative Cloud Files] => C:\Users\Caro\Creative Cloud Files [2018-11-23 23:29]
CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Caro\Dropbox [2020-09-01 09:16]
CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [  AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\nvshext.dll [2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-24] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-08-18 13:27 - 2021-08-18 13:27 - 000477696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 13:27 - 2021-08-18 13:27 - 000471040 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 13:27 - 2021-08-18 13:27 - 000454656 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2021-10-12 11:56 - 2021-02-18 11:07 - 000085504 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\zlib1.dll
2021-10-12 11:56 - 2021-08-25 16:50 - 001149952 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\DIP4FanCalibration.dll
2021-10-12 11:56 - 2021-08-25 16:54 - 001542144 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\swInterface.dll
2021-10-12 11:55 - 2019-12-23 17:51 - 000093184 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-08-18 13:27 - 2021-08-18 13:27 - 000081920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2020-04-27 16:55 - 2020-04-22 11:21 - 002123264 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\ffmpeg.dll
2020-04-27 16:55 - 2020-04-22 11:21 - 000131072 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\libegl.dll
2020-04-27 16:55 - 2020-04-22 11:21 - 006792704 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\libglesv2.dll
2021-09-09 06:16 - 2021-09-09 06:16 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2017-04-02 17:58 - 2014-08-06 12:25 - 000375296 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
2021-10-12 11:56 - 2021-02-18 11:07 - 000287232 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcurl.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcrypto-1_1-x64.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 002281984 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\LIBEAY32.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libssl-1_1-x64.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 000361472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\SSLEAY32.dll
2021-10-12 11:55 - 2019-06-26 15:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2021-10-12 11:55 - 2019-06-26 15:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

SearchScopes: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002 -> {61A18614-9A33-46A1-8D11-25C0ABEA3FDA} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002 -> Kein Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} -  Keine Datei

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2019-01-07 12:35 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-11-03 14:27 - 2019-11-03 14:27 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3671133233-2531484000-2582408703-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\Control Panel\Desktop\\Wallpaper -> D:\Documents\08_Sonstiges\Dual Monitor Hintergründe\Dual-Monitor-Wallpaper-22.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

Network Binding:
=============
Ethernet 3: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
Ethernet 4: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
WLAN 2: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: CmWebAdmin.exe => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Online Connect => 2
MSCONFIG\Services: Intel(R) Online Connect Helper => 2
MSCONFIG\Services: Intel(R) Online Connect Software Asset Manager => 2
MSCONFIG\Services: Intel(R) TechnologyAccessLegacyCSLoader => 2
MSCONFIG\Services: Intel(R) TechnologyAccessService => 2
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: klvssbridge64_21.3 => 3
MSCONFIG\Services: kpm_launch_service => 3
MSCONFIG\Services: KSDE5.3 => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NVIDIA Wireless Controller Service => 2
MSCONFIG\Services: RealtekCU => 2
MSCONFIG\Services: RunSwUSB => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{103BFB37-ADC5-4C97-8073-1C4DE189E1EB}] => (Allow) C:\Users\Caro\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7E02AE46-AD0D-4DCA-B8F2-8B0478DFA27A}] => (Allow) C:\Users\Caro\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{7AC6111A-8D4C-43E4-9CC3-156FF2CDE906}C:\program files\vectorworks 2020\vectorworks2020.exe] => (Block) C:\program files\vectorworks 2020\vectorworks2020.exe => Keine Datei
FirewallRules: [TCP Query User{3BC91753-BAE0-45F5-B47B-FBBCC3A1ABEE}C:\program files\vectorworks 2020\vectorworks2020.exe] => (Block) C:\program files\vectorworks 2020\vectorworks2020.exe => Keine Datei
FirewallRules: [{3BA94BC9-204B-4909-8C26-05979814584F}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{540DC681-75E4-45C5-895A-B512D45985B7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [UDP Query User{311D68E8-F98D-4E90-B247-63AEA3F9EC0D}D:\programme\archicad\neuer ordnerarchi\archicad.exe] => (Allow) D:\programme\archicad\neuer ordnerarchi\archicad.exe => Keine Datei
FirewallRules: [TCP Query User{AEA97307-106E-4D79-A451-D28DBFD9BF06}D:\programme\archicad\neuer ordnerarchi\archicad.exe] => (Allow) D:\programme\archicad\neuer ordnerarchi\archicad.exe => Keine Datei
FirewallRules: [{442D63F9-A87C-4CD8-AEA2-8D6DE62512FA}] => (Block) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [{5C904C29-A633-4388-85B1-392629DAEFDA}] => (Block) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [UDP Query User{F03A035B-92A1-4F69-BAD1-EFE827E764B9}D:\programme\vektorworks\vectorworks2018e.exe] => (Allow) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [TCP Query User{E9427056-30D6-4B50-A860-10A5A61C3BF2}D:\programme\vektorworks\vectorworks2018e.exe] => (Allow) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [UDP Query User{B37E40F2-F5B7-4E33-880C-6A9B9A3B122C}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{43C40599-4714-49B7-9B83-53B0A9F82DD9}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{189CCEC9-6D44-4963-B9BA-E24F743F8AD0}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{3F51C2F1-63BC-4EEE-A71A-3FAD37E7DA4D}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{B850E85A-8557-4CFB-93AA-13E6D552ECDD}C:\program files (x86)\archicad20\licensefilegenerator.exe] => (Allow) C:\program files (x86)\archicad20\licensefilegenerator.exe => Keine Datei
FirewallRules: [TCP Query User{5CF10A1E-66C7-4C5B-B866-AD1E7626BEEE}C:\program files (x86)\archicad20\licensefilegenerator.exe] => (Allow) C:\program files (x86)\archicad20\licensefilegenerator.exe => Keine Datei
FirewallRules: [{076F77BB-1426-43BA-9357-A6C79AF3424B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{B86178ED-C694-41B2-9C3D-97ECB25F7A5D}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{DE4D120C-8E2D-4753-8A65-95213CE689D4}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [{3D50CB20-DA48-4C77-BC3F-1FAE1045721A}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [{7E3A988B-0E25-4DD8-A5DE-A259113611C6}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [{E94815B0-FEE6-4C9B-9218-B8477BB5B2F2}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [UDP Query User{FB31F15D-437A-434D-B40E-3795935822CE}C:\program files\programme\archicad programm\licensefilegenerator.exe] => (Allow) C:\program files\programme\archicad programm\licensefilegenerator.exe => Keine Datei
FirewallRules: [TCP Query User{3FE56CCB-5828-439C-967F-9E707AD31299}C:\program files\programme\archicad programm\licensefilegenerator.exe] => (Allow) C:\program files\programme\archicad programm\licensefilegenerator.exe => Keine Datei
FirewallRules: [UDP Query User{CD134EB8-5188-4BB3-B2B2-8AA7640440FB}C:\program files\programme\archicad programm\overwatchserver.exe] => (Allow) C:\program files\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [TCP Query User{AFB220E9-76BC-429B-B362-5221ED80FA7E}C:\program files\programme\archicad programm\overwatchserver.exe] => (Allow) C:\program files\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [UDP Query User{6FBE67FC-CA01-46D8-824A-58A097A0B8E2}C:\program files\programme\archicad programm\archicad.exe] => (Allow) C:\program files\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [TCP Query User{B0E84A7E-FA5F-4078-94F6-E0E3DF26CCC4}C:\program files\programme\archicad programm\archicad.exe] => (Allow) C:\program files\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [{DB6739E6-2204-4B09-B41B-30968CA9CFD1}] => (Block) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [{6A545E13-8CF1-4023-A9C1-9CA1EEB620DF}] => (Block) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [UDP Query User{778E1A82-286F-4FE1-BE57-4CA6EC8925D6}D:\programme\archicad programm\overwatchserver.exe] => (Allow) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [TCP Query User{296B780E-8AAA-42EB-AE50-F680F62B9BBC}D:\programme\archicad programm\overwatchserver.exe] => (Allow) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [UDP Query User{CF75E19E-6C46-41F6-8D44-01E7F8FE2E7D}D:\programme\archicad programm\archicad.exe] => (Allow) D:\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [TCP Query User{A4D1DAB3-C170-4E40-85D3-51B0504A3479}D:\programme\archicad programm\archicad.exe] => (Allow) D:\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [{6554799D-E07B-4AB2-844E-4DA7F409DF4B}] => (Block) D:\Programme\Neuer Ordner\OverwatchServer.exe => Keine Datei
FirewallRules: [{DBF87FB9-8EA0-4D89-B24E-2F55A4ABB1E7}] => (Allow) D:\Programme\Neuer Ordner\BIMxUploader.exe => Keine Datei
FirewallRules: [{9258A666-5949-4A3E-9336-366B9A300E6B}] => (Block) D:\Programme\Neuer Ordner\CineRender\CineRender 64bit.exe => Keine Datei
FirewallRules: [{49E7C456-E3B8-4878-B0E7-76DB3ECD4CF3}] => (Block) D:\Programme\Neuer Ordner\ARCHICAD.exe => Keine Datei
FirewallRules: [{441A4EE9-45D4-4815-A29C-C91AB8303305}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\Rtldhcp.exe (Realtek) [Datei ist nicht signiert]
FirewallRules: [{726D7D19-1755-4DE1-BCB8-C06D3BC8CB34}] => (Allow) LPort=53
FirewallRules: [{6120098B-5097-410C-8C00-8A7BF7676442}] => (Allow) LPort=53
FirewallRules: [{4C73448B-B40B-4705-8A30-DDD5EDE0CEC9}] => (Allow) LPort=68
FirewallRules: [{8B654C7F-3E38-4C77-B3C3-5ED26B6B6618}] => (Allow) LPort=67
FirewallRules: [{FD438F58-F35B-4212-BD80-1E5481A6D314}] => (Allow) LPort=53
FirewallRules: [{07869E25-0997-473C-9BDF-288F3F806744}] => (Allow) LPort=1542
FirewallRules: [{B4C70D86-4782-476C-8042-A4602C809393}] => (Allow) LPort=1542
FirewallRules: [{D19EFC04-8F56-4D8C-AB1C-78C82B4476DB}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
FirewallRules: [{01F75DD0-663B-4CCB-964B-17FFC731DD41}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
FirewallRules: [{8237B493-1476-431C-8BB4-D3A0C1EE25E4}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Anno 2205\Bin\Win64\Anno2205.exe (Blue Byte GmbH -> Ubisoft)
FirewallRules: [TCP Query User{9B72727D-7C82-417E-9038-EEC44B59BB66}D:\programme\vectorworks 2019\vectorworks2019.exe] => (Allow) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [UDP Query User{7098CF80-605A-40E8-990C-2EF29526654B}D:\programme\vectorworks 2019\vectorworks2019.exe] => (Allow) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [{002ADA28-1AFB-4FE6-8D2F-B2C4D11EC154}] => (Block) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [{430963B0-6785-4E33-B505-AEA003F69110}] => (Block) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [{C52B6DB2-CB9D-4C35-BCFE-724A663F2BC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C12B714F-F4FA-47B1-BAD4-37B5750809AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A6C06521-4B8C-43D4-A683-039264E3F4F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D51E99A1-038E-47CA-80E4-5D947C74516D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4B36B334-4C93-4187-848A-627BF472264B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{3ABF503F-36E6-4871-BE0E-D347FCBDA8FC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{E9ADF80F-41DB-4FFA-8DED-B6F3513C395C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{A3440304-1B41-4CD8-9320-0EB65E7C518A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{425F93A0-29CC-4043-B79D-DA8FAC9A2DF5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9750C618-E4F1-4C0D-B1BF-823BB3AA8818}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EB4FBE25-6225-4B0C-8BFF-0E9F388E648A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5478A773-663A-4561-9220-E2BB9A1BCB88}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{19727FE3-6C85-4368-A4F5-94F08A5A2A8F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{378FBCA8-18BF-4895-A013-EB6C23D2892F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9337AD6E-BCE7-4FB9-A247-76B24077C449}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{062C35E5-C83F-4EE9-BE11-528782F1B3E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6B489A55-E4E2-4C87-8A6C-257445F9522F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D55BE7D3-02AA-40A4-8136-7BA599B05FF9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C4176973-9EF7-466A-A459-0E7B563EE1DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C56C1610-3824-4C82-AA3F-9982D33C95EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A96C4156-561F-49EE-9415-577A3124EEB2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{0CEED22D-3EA0-4590-8AB4-89638B31C0BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF951C40-57E5-4CE6-ACB8-7252AB2D9E2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B8B7E52D-8B49-49C7-B4D1-B3DA9AF8894F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DD1E34F-46BA-469B-966C-05F37B4EA831}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C1C697E-74ED-4B63-8228-06C409C8B683}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Wiederherstellungspunkte =========================

21-02-2022 21:04:17 Geplanter Prüfpunkt
23-02-2022 21:35:03 OpenOffice 4.1.11 wird installiert

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Kaspersky Security Data Escort Adapter #2
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (02/24/2022 08:20:54 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-LJVJBQ2)
Description: Die Anwendung oder der Dienst "ROG Live Service" konnte nicht neu gestartet werden.

Error: (02/24/2022 08:11:55 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-LJVJBQ2)
Description: Die Anwendung oder der Dienst "ARMOURY CRATE Service" konnte nicht neu gestartet werden.

Error: (02/24/2022 08:07:47 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Das Sicherheitscenter konnte den Aufrufer nicht überprüfen. Der Fehler %1 ist aufgetreten.

Error: (02/24/2022 07:44:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Vectorworks2021.exe, Version: 26.0.4.0, Zeitstempel: 0x60ccaf7d
Name des fehlerhaften Moduls: libcef.dll, Version: 84.2.6.0, Zeitstempel: 0x5f08e1b8
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000002be2b49
ID des fehlerhaften Prozesses: 0x3cf8
Startzeit der fehlerhaften Anwendung: 0x01d8295d163629a1
Pfad der fehlerhaften Anwendung: C:\Program Files\Vectorworks 2021\Vectorworks2021.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Vectorworks 2021\ChromiumEF_dlls\libcef.dll
Berichtskennung: 0094f235-3cb5-4cd0-a480-90be0044b948
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/24/2022 09:26:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Vectorworks2022.exe, Version: 27.0.2.0, Zeitstempel: 0x6196e5df
Name des fehlerhaften Moduls: libcef.dll, Version: 84.2.6.0, Zeitstempel: 0x5f08e1b8
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000002be2b49
ID des fehlerhaften Prozesses: 0x4edc
Startzeit der fehlerhaften Anwendung: 0x01d82956dca4e92d
Pfad der fehlerhaften Anwendung: C:\Program Files\Vectorworks 2022\Vectorworks2022.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Vectorworks 2022\ChromiumEF_dlls\libcef.dll
Berichtskennung: b2f57462-7958-47ec-a00d-f5d33aa6d4f6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/24/2022 09:11:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ArmouryWebBrowserEdge.exe, Version: 1.0.0.8, Zeitstempel: 0x6142e251
Name des fehlerhaften Moduls: ArmouryWebBrowserEdge.exe, Version: 1.0.0.8, Zeitstempel: 0x6142e251
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007903
ID des fehlerhaften Prozesses: 0x47a0
Startzeit der fehlerhaften Anwendung: 0x01d829561318e266
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
Berichtskennung: c0762dad-925c-42aa-af6d-a2b52ceef679
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/23/2022 10:28:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Aac3572MbHal_x86.exe, Version: 1.2.3.1, Zeitstempel: 0x6142afdc
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.19041.1348, Zeitstempel: 0xf1a7c19a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000d8ea9
ID des fehlerhaften Prozesses: 0x1ec4
Startzeit der fehlerhaften Anwendung: 0x01d828f573869c49
Pfad der fehlerhaften Anwendung: C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\combase.dll
Berichtskennung: ff5a1198-a9ce-43a2-8024-e86c033ed1cd
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/23/2022 10:22:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsusFanControlService.exe, Version: 3.0.0.0, Zeitstempel: 0x610b8c15
Name des fehlerhaften Moduls: AsusFanControlService.exe, Version: 3.0.0.0, Zeitstempel: 0x610b8c15
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003ca97
ID des fehlerhaften Prozesses: 0x1248
Startzeit der fehlerhaften Anwendung: 0x01d828f57091b39b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe
Berichtskennung: e3c8dfe0-71a0-4ac4-b27f-3ab2ce068410
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (02/24/2022 08:28:32 PM) (Source: Netwtw10) (EventID: 5010) (User: )
Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (02/24/2022 08:25:32 PM) (Source: Netwtw10) (EventID: 5010) (User: )
Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (02/24/2022 08:22:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LJVJBQ2)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/24/2022 08:22:31 PM) (Source: Netwtw10) (EventID: 5010) (User: )
Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (02/24/2022 08:20:31 PM) (Source: Netwtw10) (EventID: 5010) (User: )
Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (02/24/2022 08:19:31 PM) (Source: Netwtw10) (EventID: 5010) (User: )
Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (02/24/2022 08:17:31 PM) (Source: Netwtw10) (EventID: 5010) (User: )
Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (02/24/2022 08:16:31 PM) (Source: Netwtw10) (EventID: 5010) (User: )
Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben.
5010 - Driver DBG_ASSERT - instead of BSOD


Windows Defender:
================Event[0]:

Date: 2022-02-24 20:08:04
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.349.1925.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18500.10
Fehlercode: 0x80240017
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

CodeIntegrity:
===============
Date: 2022-02-24 20:07:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume12\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume12\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2022-02-24 20:05:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume12\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume12\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. 2423 08/09/2021
Hauptplatine: ASUSTeK COMPUTER INC. PRIME B550M-A (WI-FI)
Prozessor: AMD Ryzen 5 5600X 6-Core Processor
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 16299.37 MB
Verfügbarer physikalischer RAM: 9843.79 MB
Summe virtueller Speicher: 22699.37 MB
Verfügbarer virtueller Speicher: 14271.59 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:231.81 GB) (Free:90.19 GB) NTFS
Drive d: () (Fixed) (Total:931.38 GB) (Free:377.38 GB) NTFS
Drive e: () (Fixed) (Total:931.38 GB) (Free:423.6 GB) NTFS
Drive f: (Windows) (Fixed) (Total:464.77 GB) (Free:434.73 GB) NTFS

\\?\Volume{a7af9eac-cc55-49a5-8600-c6ef4ff82100}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{8193e75b-3416-472e-bb8f-91ef883aa56b}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{defb8d1e-f58b-4ebc-b967-f5ed9b1398ae}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{56134543-78f4-4721-b382-d2543fec4cae}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{806931e6-103b-4540-9c29-7bbe4d6caaf4}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: D17FEDD6)

Partition: GPT.

==================== Ende von Addition.txt =======================
PUP.Optional.Fake.OpenOfficeUpdater C:\Users\Caro\AppData\Roaming\OpenOffice Updater
PUP.Optional.GreatDealz C:\Users\Caro\AppData\LocalLow\GreatDealz
PUP.Optional.Legacy C:\Users\Caro\AppData\Local\YSearchUtil

mein laienhafter Blick hat zumindest "Greatdealz" in der FRST Liste gefunden.

M-K-D-B 24.02.2022 21:26
Vielen Dank für die Logdateien. :daumenhoc



Bitte mal folgenden FRST-Fix ausführen, ist für Analysezwecke:

Schritt 1
WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
  • Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    Start::
    SystemRestore: On
    CreateRestorePoint:
    CloseProcesses:
    VirusTotal: C:\WINDOWS\Tasks\GreatDealzUpdater.job
    Task: C:\WINDOWS\Tasks\GreatDealzUpdater.job => C:\ProgramData\greatdealzupdater\tUpdater.exe
    VirusTotal: C:\ProgramData\greatdealzupdater\tUpdater.exe
    VirusTotal: C:\Windows\System32\Tasks\GreatDealzUpdater
    Task: {6F177B8C-949B-48E5-953A-5A527A0DC4A1} - System32\Tasks\GreatDealzUpdater => C:\ProgramData\greatdealzupdater\tUpdater.exe
    C:\ProgramData\greatdealzupdater
    HKLM-x32\...\Run: [] => [X]
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
    EmptyTemp:
    End::
  • Starte nun FRST und klicke direkt den Reparieren Button.
    Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

cosinus 24.02.2022 21:38
Scripting/Repair mit FRST64

WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    Start::
    CloseProcesses:
    AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
    Task: {11C26323-FE36-4B6A-A118-91147930FA0B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
    Task: {6F177B8C-949B-48E5-953A-5A527A0DC4A1} - System32\Tasks\GreatDealzUpdater => C:\ProgramData\greatdealzupdater\tUpdater.exe (Keine Datei)
    Task: C:\WINDOWS\Tasks\GreatDealzUpdater.job => C:\ProgramData\greatdealzupdater\tUpdater.exe
    Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
    Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
    Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
    Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
    C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
    C:\ProgramData\greatdealzupdater
    C:\Program Files\Common Files\Avast Software
    C:\Users\Caro\AppData\Roaming\OpenOffice
    emptytemp:
    End::
  • Starte nun FRST und klicke direkt den Reparieren Button.Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

gigalos 24.02.2022 22:07
Anbei der erste Fixlog:

Code:
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2022
durchgeführt von Caro (24-02-2022 21:31:59) Run:1
Gestartet von C:\Users\Caro\Desktop
Geladene Profile: defaultuser0 & Caro
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
VirusTotal: C:\WINDOWS\Tasks\GreatDealzUpdater.job
Task: C:\WINDOWS\Tasks\GreatDealzUpdater.job => C:\ProgramData\greatdealzupdater\tUpdater.exe
VirusTotal: C:\ProgramData\greatdealzupdater\tUpdater.exe
VirusTotal: C:\Windows\System32\Tasks\GreatDealzUpdater
Task: {6F177B8C-949B-48E5-953A-5A527A0DC4A1} - System32\Tasks\GreatDealzUpdater => C:\ProgramData\greatdealzupdater\tUpdater.exe
C:\ProgramData\greatdealzupdater
HKLM-x32\...\Run: [] => [X]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
EmptyTemp:

*****************

SystemRestore: On => abgeschlossen
Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozesse erfolgreich geschlossen.
VirusTotal: C:\WINDOWS\Tasks\GreatDealzUpdater.job => https://www.virustotal.com/gui/file/2573a63a6adfbe108d3775fa37493749ed5fab50abec7a6298900bc56f6ca664/detection/f-2573a63a6adfbe108d3775fa37493749ed5fab50abec7a6298900bc56f6ca664-1645734726
C:\WINDOWS\Tasks\GreatDealzUpdater.job => erfolgreich verschoben
"VirusTotal: C:\ProgramData\greatdealzupdater\tUpdater.exe" => nicht gefunden
VirusTotal: C:\Windows\System32\Tasks\GreatDealzUpdater => https://www.virustotal.com/gui/file/2aff3417ab7637b391e37c390c25c662872634bfbecf47a29ba576affdfaf199/detection/f-2aff3417ab7637b391e37c390c25c662872634bfbecf47a29ba576affdfaf199-1645734727
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F177B8C-949B-48E5-953A-5A527A0DC4A1}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F177B8C-949B-48E5-953A-5A527A0DC4A1}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\GreatDealzUpdater => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GreatDealzUpdater" => erfolgreich entfernt
"C:\ProgramData\greatdealzupdater" => nicht gefunden
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => erfolgreich entfernt
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG => erfolgreich wiederhergestellt

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25187203 B
Java, Flash, Steam htmlcache => 714 B
Windows/system/drivers => 23292094 B
Edge => 14285988 B
Chrome => 859642228 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 432 B
LocalService => 590392 B
NetworkService => 610414 B
defaultuser0 => 610414 B
Caro => 5621008437 B

RecycleBin => 220346356 B
EmptyTemp: => 6.3 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:59:30 ====
der zweite Fixlog:

Code:
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2022
durchgeführt von Caro (24-02-2022 22:05:34) Run:2
Gestartet von C:\Users\Caro\Desktop
Geladene Profile: defaultuser0 & Caro
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
Task: {11C26323-FE36-4B6A-A118-91147930FA0B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {6F177B8C-949B-48E5-953A-5A527A0DC4A1} - System32\Tasks\GreatDealzUpdater => C:\ProgramData\greatdealzupdater\tUpdater.exe (Keine Datei)
Task: C:\WINDOWS\Tasks\GreatDealzUpdater.job => C:\ProgramData\greatdealzupdater\tUpdater.exe
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
C:\ProgramData\greatdealzupdater
C:\Program Files\Common Files\Avast Software
C:\Users\Caro\AppData\Roaming\OpenOffice
emptytemp:

*****************

Prozesse erfolgreich geschlossen.
"AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}" => erfolgreich entfernt
"AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}" => erfolgreich entfernt
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG => erfolgreich wiederhergestellt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{11C26323-FE36-4B6A-A118-91147930FA0B}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11C26323-FE36-4B6A-A118-91147930FA0B}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Avast Software\Overseer => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F177B8C-949B-48E5-953A-5A527A0DC4A1}" => nicht gefunden
"C:\WINDOWS\System32\Tasks\GreatDealzUpdater" => nicht gefunden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GreatDealzUpdater" => nicht gefunden
"C:\WINDOWS\Tasks\GreatDealzUpdater.job" => nicht gefunden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => erfolgreich entfernt
C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => erfolgreich verschoben
"C:\ProgramData\greatdealzupdater" => nicht gefunden
C:\Program Files\Common Files\Avast Software => erfolgreich verschoben
C:\Users\Caro\AppData\Roaming\OpenOffice => erfolgreich verschoben

=========== EmptyTemp: ==========

BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7410596 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 22669 B
Edge => 0 B
Chrome => 8978025 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 13940 B
NetworkService => 13940 B
defaultuser0 => 13940 B
Caro => 5013979 B

RecycleBin => 0 B
EmptyTemp: => 21.2 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 22:05:40 ====

cosinus 24.02.2022 22:11
Da hat MKDB schon vor mir dazwischengehauen. :wtf:

gigalos 24.02.2022 22:22
Hab ich jetzt was kaputt gemacht? 😳

cosinus 24.02.2022 22:31
Nein, MKDB und ich hätten uns nur besser abstimmen müssen vorher. Deswegen hast du jetzt zwei Fixes von uns bekommen. Da aber grundsätzlich nur unnötige und schädliche Einträge gefixt werden, kann da so nichts kaputtgehen.

M-K-D-B 25.02.2022 12:06
Zitat:
Zitat von cosinus (Beitrag 1763324)
Da hat MKDB schon vor mir dazwischengehauen. :wtf:
Sorry, mein Fehler. :headbang:


Ist aber alles gut, da ging nichts kaputt. :)

M-K-D-B 25.02.2022 15:01
Poste bitte neue Logdateien von FRST, damit cosinus weitermachen kann. :)
  • Starte FRST erneut und klicke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

gigalos 27.02.2022 11:15
Servus Leute,

anbei nun die neuen Logdateien.

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2022
durchgeführt von Caro (Administrator) auf DESKTOP-LJVJBQ2 (ASUS System Product Name) (27-02-2022 11:12:30)
Gestartet von C:\Users\Caro\Desktop
Geladene Profile: Caro
Plattform: Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe <2>
(C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Systems, Incorporated -> ) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\FullTrustNotifier.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ->) (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\142.4.4197\QtWebEngineProcess.exe <2>
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Mattermost, Inc. -> Mattermost, Inc.) C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\Mattermost.exe <4>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2014-07-30] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819104 2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2022-02-01] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Spotify] => C:\Users\Caro\AppData\Roaming\Spotify\Spotify.exe [18750392 2021-11-23] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5407968 2021-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2022-01-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33650656 2022-02-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Mattermost] => C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\Mattermost.exe [100306760 2020-04-22] (Mattermost, Inc. -> Mattermost, Inc.)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [OfficeSyncProcess] => "D:\Programme\Microsoft Office\Office14\MSOSYNC.EXE" (Keine Datei)
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [MicrosoftEdgeAutoLaunch_288402229142217F72A4B195D34AE808] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\Windows\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2014-08-06] (CANON INC.) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2019-11-12]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2017-10-15]
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2018-02-02]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [Datei ist nicht signiert]

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0589798C-1928-4775-B81C-9F3C174F97A8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0A17C0F3-E75A-4279-85F5-39D1A642D062} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0B75F6FC-BA0A-4442-AAFC-80904088208C} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Keine Datei)
Task: {0D7D92FD-89B5-4A6F-97CA-C27C675D5A0E} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2179960 2021-09-16] (ASUSTeK Computer Inc. -> ASUS)
Task: {0E7F8CEE-7F8E-4B33-B8F5-97C28CFC7985} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {11CC8186-FF3E-4166-B1FF-3978F616F350} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {1BBC9956-5889-4623-B9DF-5AFA10B24437} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44588888 2021-08-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {20832FEB-2B37-47BD-9F0D-36D05208231E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d7bf56fc559d67 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {2615AA9E-E5DA-4842-BCEF-C66CFAD9BBA5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {27B692D4-01EC-4E84-BCC2-7FF381328EF5} - System32\Tasks\ASUS\TriggerCheckLMVersion => C:\Program [Argument = Files (x86)\ASUS\ROG Live Service\CheckLMstatus.exe]
Task: {2AE891F5-8A6E-46BC-BF87-5D90C07FE15A} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [104600 2021-09-16] (ASUSTeK Computer Inc. -> ASUS)
Task: {600609C8-44B9-47EA-A077-643135EF9597} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {631C211E-FAD0-4B72-A30D-FCC78E63056E} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe [764152 2021-06-10] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {8F153D68-C127-4A85-B1CA-C7B3031363FE} - System32\Tasks\ASUS\NoiseCancelingEngine.exe => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241448 2021-06-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {96CB12A3-6C31-49FB-AF2D-DF675694621E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {BBB5DED1-4B7E-4630-BBF8-C718E9120294} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.62\Installer\setup.exe [3195784 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFDCEA5B-6C4E-457B-BC0E-5668BC541487} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {C53B9548-D807-4E37-BA7B-CF01CB65B080} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-03] (Google Inc -> Google Inc.)
Task: {D7C4304A-2233-4EAC-B47A-2A1325C5D8BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-03] (Google Inc -> Google Inc.)
Task: {DE2ADAB3-4FCE-4A0E-B8EB-AA5821BF0685} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {FB40AEE8-C168-4F2B-A9BD-C25B0EF5BDC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0e9ed192-41f8-494d-9b56-0cb39d641b94}: [DhcpNameServer] 192.168.142.254
Tcpip\..\Interfaces\{1e92237a-aaab-41d6-bfa3-fee8253df165}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6e92aef6-5e01-4a47-8881-f79c587294f5}: [DhcpNameServer] 192.168.74.1
Tcpip\..\Interfaces\{727a03b2-91bc-49fc-896e-08a5b80af7cb}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c279de3b-b889-41c7-941c-4c582d3eb6e7}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{e36f689a-bdf6-4d7b-82e1-565889d07cb3}: [DhcpNameServer] 192.168.178.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-27]
Edge DownloadDir: Default -> C:\Users\Caro\Desktop
Edge Notifications: Default -> hxxps://www.youtube.com
Edge StartupUrls: Default -> "hxxps://fba.h-da.de/aktuelles/"
Edge Extension: (Proxy SwitchySharp) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2021-12-12]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2021-12-21]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-14]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-02-01] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-02-01] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default [2022-02-27]
CHR DownloadDir: C:\Users\Caro\Desktop
CHR Notifications: Default -> hxxps://sxce.info; hxxps://web.whatsapp.com; hxxps://www.autodoc.de; hxxps://www.autoscout24.de; hxxps://www.computerbild.de; hxxps://www.frag-mutti.de; hxxps://www.giga.de; hxxps://www.lieferando.de; hxxps://www.pcwelt.de; hxxps://www.pinterest.de; hxxps://www.prosieben.de; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://fba.h-da.de/aktuelles/"
CHR Extension: (Präsentationen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Just Black) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-01]
CHR Extension: (Docs) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-03]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-14]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2021-07-05]
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-24]
CHR Extension: (Tabellen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Google Docs Offline) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2022-02-01] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2021-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-08-20] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe [2201416 2021-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [842128 2022-02-24] (ASUSTeK Computer Inc. -> )
S4 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9760664 2018-12-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
S4 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S4 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S4 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
S4 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
S4 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354008 2019-02-08] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-24] (Malwarebytes Inc -> Malwarebytes)
S4 RealtekCU; C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
S4 RunSwUSB; C:\Windows\runSW.exe [36864 2012-09-20] () [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13036464 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43160 2021-08-20] (ASUSTeK Computer Inc. -> )
R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-02-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-02-24] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-15] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2016-12-20] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-02-27 11:12 - 2022-02-27 11:12 - 000252466 _____ C:\Users\Caro\Documents\IMG_20220227_0002.pdf
2022-02-27 11:12 - 2022-02-27 11:12 - 000033195 _____ C:\Users\Caro\Desktop\FRST.txt
2022-02-27 11:10 - 2022-02-27 11:10 - 000435643 _____ C:\Users\Caro\Documents\IMG_20220227_0001.pdf
2022-02-27 11:08 - 2022-02-27 11:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2022-02-24 22:06 - 2022-02-24 22:06 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-02-24 22:06 - 2022-02-24 22:06 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-02-24 22:06 - 2022-02-24 22:06 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-02-24 20:30 - 2022-02-24 20:30 - 000000000 ____D C:\Users\Caro\Desktop\FRST-OlderVersion
2022-02-24 20:29 - 2022-02-24 20:29 - 000001424 _____ C:\Users\Caro\Desktop\mwb.txt
2022-02-24 20:25 - 2022-02-24 20:25 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-02-24 20:25 - 2022-02-24 20:25 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-02-24 20:25 - 2022-02-24 20:25 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-02-24 20:25 - 2022-02-24 20:25 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-02-24 20:25 - 2022-02-24 20:25 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-02-24 20:25 - 2022-02-24 20:25 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-24 20:25 - 2022-02-24 20:25 - 000000000 ____D C:\Users\Caro\AppData\Local\mbam
2022-02-24 20:25 - 2022-02-24 20:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-02-24 20:25 - 2022-02-24 20:25 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-24 20:24 - 2022-02-24 20:24 - 002419896 _____ (Malwarebytes) C:\Users\Caro\Desktop\MBSetup.exe
2022-02-24 09:28 - 2022-02-24 09:28 - 000000000 ___HD C:\VW_2022_uninst
2022-02-24 09:17 - 2022-02-24 09:17 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2022-02-23 23:15 - 2022-02-27 11:12 - 000000000 ____D C:\FRST
2022-02-23 23:15 - 2022-02-24 20:30 - 002312192 _____ (Farbar) C:\Users\Caro\Desktop\FRST64.exe
2022-02-23 22:21 - 2022-02-23 22:22 - 000000000 ____D C:\AdwCleaner
2022-02-23 21:23 - 2022-02-24 19:43 - 189051836 _____ C:\Users\Caro\Desktop\220215_Griesheim Entwurf_caro.vwxw
2022-02-17 11:52 - 2022-02-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-02-16 11:31 - 2022-02-16 11:31 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2022-02-16 11:28 - 2022-02-16 11:28 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2022-02-16 11:23 - 2022-02-16 11:23 - 000000000 ____D C:\Users\Caro\AppData\Roaming\NVIDIA
2022-02-14 13:35 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-02-14 13:35 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-02-14 13:34 - 2022-01-28 20:19 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-02-14 13:34 - 2022-01-28 20:19 - 001466000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001207440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001144552 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-02-14 13:34 - 2022-01-28 20:19 - 001144552 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 001528448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 001179584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 000795264 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 000714880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-02-14 13:34 - 2022-01-28 20:16 - 000638912 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 008610432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 002121360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 001602704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 000985024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 000794552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-02-14 13:34 - 2022-01-28 20:15 - 000710800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-02-14 13:34 - 2022-01-28 20:15 - 000455808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-02-14 13:34 - 2022-01-28 20:14 - 007715256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-02-14 13:34 - 2022-01-28 20:14 - 005726336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-02-14 13:34 - 2022-01-28 20:14 - 005098112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-02-14 13:34 - 2022-01-28 20:14 - 002932864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-02-14 13:34 - 2022-01-28 20:13 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-02-14 13:34 - 2022-01-28 20:11 - 006459952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-02-14 13:34 - 2022-01-28 12:28 - 000089185 _____ C:\WINDOWS\system32\nvinfo.pb
2022-02-14 13:34 - 2022-01-28 12:28 - 000040920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-02-14 13:33 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-02-14 13:32 - 2022-01-28 20:11 - 007612320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-02-14 10:06 - 2022-01-07 13:36 - 004955248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2022-02-14 10:06 - 2022-01-07 13:36 - 001622088 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2022-02-14 10:06 - 2022-01-07 13:05 - 045101144 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-02-13 06:44 - 2022-02-13 06:44 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-02-09 13:11 - 2022-02-09 13:11 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-09 13:08 - 2022-02-09 13:08 - 000000000 ___HD C:\$WinREAgent
2022-02-08 22:41 - 2022-02-08 22:41 - 000000000 ____D C:\Users\Caro\AppData\Roaming\com.adobe.dunamis
2022-02-01 19:57 - 2022-02-01 19:57 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2022.lnk
2022-02-01 15:05 - 2022-02-01 15:05 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-02-01 10:25 - 2022-02-01 10:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-01 10:24 - 2022-02-01 10:24 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-01 10:24 - 2022-02-01 10:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-01 10:24 - 2022-02-01 10:24 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-02-27 11:10 - 2017-03-03 17:08 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-27 11:09 - 2021-11-22 09:05 - 000004782 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-02-27 11:09 - 2020-07-01 17:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-27 11:09 - 2018-11-23 23:29 - 000000000 ___RD C:\Users\Caro\Creative Cloud Files
2022-02-27 11:08 - 2020-09-01 09:16 - 000000000 ___RD C:\Users\Caro\Dropbox
2022-02-27 11:08 - 2020-09-01 09:12 - 000000000 ____D C:\Users\Caro\AppData\Local\Dropbox
2022-02-27 11:08 - 2020-04-27 16:55 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Mattermost
2022-02-27 11:08 - 2017-03-03 13:19 - 000000000 ____D C:\Users\Caro\AppData\Local\CrashDumps
2022-02-25 11:16 - 2017-02-24 16:05 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-25 11:06 - 2021-12-11 16:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3671133233-2531484000-2582408703-1002
2022-02-25 11:06 - 2020-08-31 17:24 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3671133233-2531484000-2582408703-1002
2022-02-25 11:06 - 2020-08-31 17:17 - 000002396 _____ C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-25 00:28 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-25 00:22 - 2020-08-31 17:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-24 22:10 - 2020-08-31 17:26 - 001632230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-24 22:10 - 2019-12-07 15:50 - 000705894 _____ C:\WINDOWS\system32\perfh007.dat
2022-02-24 22:10 - 2019-12-07 15:50 - 000142188 _____ C:\WINDOWS\system32\perfc007.dat
2022-02-24 22:10 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-24 22:06 - 2021-10-12 11:47 - 000880672 _____ C:\WINDOWS\system32\wpbbin.exe
2022-02-24 22:06 - 2021-10-12 11:47 - 000842128 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2022-02-24 22:06 - 2020-11-02 12:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-02-24 22:06 - 2020-08-31 17:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-24 22:06 - 2020-08-31 17:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-24 22:05 - 2020-08-31 17:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-02-24 22:05 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-02-24 21:35 - 2017-03-10 19:41 - 000000000 ____D C:\Users\Caro\AppData\LocalLow\Temp
2022-02-24 20:25 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-02-24 20:23 - 2019-10-07 20:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-02-24 20:14 - 2019-04-12 17:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-02-24 20:14 - 2019-04-12 17:18 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-02-24 20:12 - 2021-10-12 11:56 - 000000000 ____D C:\Program Files (x86)\LightingService
2022-02-24 20:12 - 2021-10-12 11:55 - 000000000 ____D C:\Program Files\ASUS
2022-02-24 20:12 - 2021-10-12 11:49 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-02-24 20:12 - 2017-02-24 16:00 - 000000000 ____D C:\ProgramData\Package Cache
2022-02-24 20:11 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-24 20:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-24 20:11 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\Packages
2022-02-24 20:09 - 2020-08-31 17:17 - 001056824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-24 20:08 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-02-24 20:08 - 2019-04-12 17:19 - 000000000 ____D C:\Program Files\Common Files\AV
2022-02-24 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-02-24 20:06 - 2017-04-02 13:07 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-02-24 20:05 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-02-24 20:05 - 2017-02-24 16:08 - 000000000 ____D C:\Program Files\Microsoft Office
2022-02-24 20:05 - 2016-07-16 12:47 - 000000076 _____ C:\WINDOWS\win.ini
2022-02-24 19:43 - 2018-03-13 21:50 - 000000000 ____D C:\Users\Caro\Documents\VW Backup
2022-02-24 10:01 - 2021-08-02 11:34 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Enscape
2022-02-24 09:17 - 2020-08-29 18:19 - 000000000 ___HD C:\adobeTemp
2022-02-23 16:42 - 2021-10-24 18:32 - 000000000 ____D C:\Users\Caro\AppData\Roaming\discord
2022-02-23 16:28 - 2021-10-24 18:32 - 000000000 ____D C:\Users\Caro\AppData\Local\Discord
2022-02-23 10:19 - 2018-11-23 22:51 - 000000000 ____D C:\Users\Caro\AppData\Local\D3DSCache
2022-02-21 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-18 11:27 - 2021-02-12 14:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-17 11:52 - 2020-09-01 09:12 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-02-17 11:51 - 2017-03-03 17:09 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-16 11:31 - 2018-11-23 23:30 - 000000000 ____D C:\Program Files\Adobe
2022-02-16 11:26 - 2018-07-04 18:39 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-02-16 11:26 - 2017-03-04 17:22 - 000000000 ____D C:\ProgramData\Adobe
2022-02-14 13:40 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\NVIDIA
2022-02-14 13:35 - 2017-02-24 16:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-02-14 13:34 - 2017-02-24 16:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-02-14 13:31 - 2017-02-24 16:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-02-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-09 15:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-09 13:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-09 13:07 - 2018-11-23 20:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-09 13:06 - 2018-11-23 20:32 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-02 11:00 - 2018-11-27 19:45 - 000000000 ____D C:\Users\Caro\AppData\Local\PlaceholderTileLogoFolder
2022-02-02 10:57 - 2017-06-19 12:08 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Spotify
2022-02-02 10:41 - 2017-06-19 12:10 - 000000000 ____D C:\Users\Caro\AppData\Local\Spotify
2022-02-01 21:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-01 20:30 - 2017-03-03 17:46 - 000000000 ____D C:\Users\Caro\AppData\Roaming\MAXON
2022-02-01 20:29 - 2019-11-20 16:21 - 000000000 ____D C:\Users\Caro\AppData\Roaming\vectorworks-installer
2022-02-01 15:05 - 2017-03-10 20:02 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-01 10:24 - 2020-08-31 17:22 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-01 10:16 - 2018-11-23 22:54 - 000000000 ____D C:\ProgramData\Packages
2022-02-01 10:15 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\NVIDIA Corporation
2022-01-28 12:28 - 2021-01-06 15:39 - 000127968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-02-09 20:03 - 2021-11-04 20:48 - 000001456 _____ () C:\Users\Caro\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2018-11-23 23:26 - 2021-10-12 11:53 - 000000615 _____ () C:\Users\Caro\AppData\Local\oobelibMkey.log
2018-10-23 16:23 - 2020-11-23 12:11 - 000007602 _____ () C:\Users\Caro\AppData\Local\Resmon.ResmonCfg
2018-02-03 14:08 - 2019-01-15 16:12 - 000000287 _____ () C:\Users\Caro\AppData\Local\VersionChecker_23.xml

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2022
durchgeführt von Caro (27-02-2022 11:13:11)
Gestartet von C:\Users\Caro\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) (2020-08-31 16:24:27)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3671133233-2531484000-2582408703-500 - Administrator - Disabled)
Caro (S-1-5-21-3671133233-2531484000-2582408703-1002 - Administrator - Enabled) => C:\Users\Caro
DefaultAccount (S-1-5-21-3671133233-2531484000-2582408703-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3671133233-2531484000-2582408703-1001 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3671133233-2531484000-2582408703-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3671133233-2531484000-2582408703-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_0_3) (Version: 26.0.3 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_3) (Version: 16.3 - Adobe Inc.)
Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_1) (Version: 17.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_5_2) (Version: 5.2 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_11_2) (Version: 11.2 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_1) (Version: 23.2.1.303 - Adobe Inc.)
AirDroid 3.7.0.0 (HKLM-x32\...\AirDroid) (Version: 3.7.0.0 - Sand Studio)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.36.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{37daa872-b179-48ca-a185-be987f7c63cf}) (Version: 1.1.36.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{9c72488b-eb92-40bd-94a3-de309514c154}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.2.3.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{c347309a-a19c-44af-9d6c-5c60ba1ba83b}) (Version: 1.2.3.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{8bf47d14-406b-49e8-8759-966757033aa0}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 2.00.13 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.67 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.14 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{c6391bdc-929f-4a9f-98cd-9a3038379379}) (Version: 1.1.14 - ASUS) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)
Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.)
CodeMeter Runtime Kit v6.80 (HKLM\...\{8F3C9680-6728-4AD2-992D-9615C0DA06C0}) (Version: 6.80.3312.500 - WIBU-SYSTEMS AG)
DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.3.2.258 - DIAL GmbH)
DIAL Data Dispatcher (HKLM-x32\...\DIAL Data Dispatcher1.0) (Version: 2.0.24.0 - DIAL GmbH)
Discord (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 142.4.4197 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.37.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{413fe4b8-1352-4234-a775-ff2f04ad9042}) (Version: 1.1.37.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{bf1d7028-d935-477f-b5b2-053062f9b527}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden
Enscape (HKLM\...\{88C5A62D-AE1F-4033-9300-1D72FF1F82B1}) (Version: 3.1.0.51316 - Enscape GmbH)
Epic Games Launcher (HKLM-x32\...\{422FC196-EA1D-448E-A505-BC7DFC21C880}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{26b750af-32e4-4afb-aed3-d4c571b122ad}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.4.168 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.4.168 - Malwarebytes)
Mattermost 4.4.1 (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\0cc73166-b7d0-592b-8d95-6cbe304083a6) (Version: 4.4.1 - Mattermost, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.62 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.56 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\OneDriveSetup.exe) (Version: 22.022.0130.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29910 (HKLM-x32\...\{53f1dc9d-ed94-4650-a079-129785ce7905}) (Version: 14.28.29910.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MTpro64 5.0 (HKLM\...\MTpro64) (Version: 5.0.2.2 - Bosch Rexroth AG)
NVIDIA Grafiktreiber 511.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.4 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{3c403389-0bc5-4298-bebf-09de0c0b745d}) (Version: 1.0.6.4 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Sitecom WiFi USB adapter N300 Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0201 - Sitecom Europe BV)
Spotify (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Spotify) (Version: 1.1.72.439.gc253025e - Spotify AB)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.26.4 - TeamViewer)
TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{95EF5DBB-C2DA-48AF-93B4-533333227486}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_0_0) (Version: 1.0.0 - Adobe Inc.)
Vectorworks 2021 (HKLM\...\Vectorworks 2021 26.0.3) (Version: 26.0.3 - Vectorworks, Inc.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{589d5178-7c46-4052-8509-a0685184d622}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22866 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-09-13] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-09-13] (Adobe Systems Incorporated)
Architectural Structures PREMIUM -> C:\Program Files\WindowsApps\Microsoft.ArchitecturalStructuresPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Autumn Colors -> C:\Program Files\WindowsApps\Microsoft.AutumnColors_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Autumn in Sweden -> C:\Program Files\WindowsApps\Microsoft.AutumninSweden_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-12-13] (Canon Inc.)
DVD player - TrueDVD Streamer support VLC and youtube -> C:\Program Files\WindowsApps\46109SoftwareDevlope.DVDplayer-TrueDVDStreamersupp_1.1.5.0_x64__ygjcrtpe42fe2 [2021-10-27] (SoftwareDevlope)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-29] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-11-06] (Apple Inc.) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-11] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10201.5809.0_x64__8wekyb3d8bbwe [2022-02-03] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-14] (NVIDIA Corp.)
Otters -> C:\Program Files\WindowsApps\Microsoft.Otters_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.30181.0_x64__8wekyb3d8bbwe [2022-02-05] (Microsoft Corporation)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-09-13] (VideoLAN)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5370604078F8} -> [Creative Cloud Files] => C:\Users\Caro\Creative Cloud Files [2018-11-23 23:29]
CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Caro\Dropbox [2020-09-01 09:16]
CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [  AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\nvshext.dll [2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-24] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-08-18 13:27 - 2021-08-18 13:27 - 000477696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 13:27 - 2021-08-18 13:27 - 000471040 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 13:27 - 2021-08-18 13:27 - 000454656 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2021-10-12 11:56 - 2021-02-18 11:07 - 000085504 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\zlib1.dll
2021-10-12 11:56 - 2021-08-25 16:50 - 001149952 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\DIP4FanCalibration.dll
2021-10-12 11:56 - 2021-08-25 16:54 - 001542144 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\swInterface.dll
2021-10-12 11:55 - 2019-12-23 17:51 - 000093184 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-08-18 13:27 - 2021-08-18 13:27 - 000081920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2020-04-27 16:55 - 2020-04-22 11:21 - 002123264 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\ffmpeg.dll
2020-04-27 16:55 - 2020-04-22 11:21 - 000131072 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\libegl.dll
2020-04-27 16:55 - 2020-04-22 11:21 - 006792704 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\libglesv2.dll
2017-04-02 17:58 - 2014-08-06 12:25 - 000375296 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
2021-10-12 11:56 - 2021-02-18 11:07 - 000287232 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcurl.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcrypto-1_1-x64.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 002281984 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\LIBEAY32.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libssl-1_1-x64.dll
2021-10-12 11:56 - 2021-02-18 11:07 - 000361472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\SSLEAY32.dll
2021-10-12 11:55 - 2019-06-26 15:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2021-10-12 11:55 - 2019-06-26 15:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

SearchScopes: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002 -> {61A18614-9A33-46A1-8D11-25C0ABEA3FDA} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002 -> Kein Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} -  Keine Datei

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2019-01-07 12:35 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-11-03 14:27 - 2019-11-03 14:27 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3671133233-2531484000-2582408703-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\Control Panel\Desktop\\Wallpaper -> D:\Documents\08_Sonstiges\Dual Monitor Hintergründe\Dual-Monitor-Wallpaper-22.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

Network Binding:
=============
Ethernet 3: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
Ethernet 4: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
WLAN 2: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: CmWebAdmin.exe => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Online Connect => 2
MSCONFIG\Services: Intel(R) Online Connect Helper => 2
MSCONFIG\Services: Intel(R) Online Connect Software Asset Manager => 2
MSCONFIG\Services: Intel(R) TechnologyAccessLegacyCSLoader => 2
MSCONFIG\Services: Intel(R) TechnologyAccessService => 2
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: klvssbridge64_21.3 => 3
MSCONFIG\Services: kpm_launch_service => 3
MSCONFIG\Services: KSDE5.3 => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NVIDIA Wireless Controller Service => 2
MSCONFIG\Services: RealtekCU => 2
MSCONFIG\Services: RunSwUSB => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{103BFB37-ADC5-4C97-8073-1C4DE189E1EB}] => (Allow) C:\Users\Caro\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7E02AE46-AD0D-4DCA-B8F2-8B0478DFA27A}] => (Allow) C:\Users\Caro\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{7AC6111A-8D4C-43E4-9CC3-156FF2CDE906}C:\program files\vectorworks 2020\vectorworks2020.exe] => (Block) C:\program files\vectorworks 2020\vectorworks2020.exe => Keine Datei
FirewallRules: [TCP Query User{3BC91753-BAE0-45F5-B47B-FBBCC3A1ABEE}C:\program files\vectorworks 2020\vectorworks2020.exe] => (Block) C:\program files\vectorworks 2020\vectorworks2020.exe => Keine Datei
FirewallRules: [{3BA94BC9-204B-4909-8C26-05979814584F}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{540DC681-75E4-45C5-895A-B512D45985B7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [UDP Query User{311D68E8-F98D-4E90-B247-63AEA3F9EC0D}D:\programme\archicad\neuer ordnerarchi\archicad.exe] => (Allow) D:\programme\archicad\neuer ordnerarchi\archicad.exe => Keine Datei
FirewallRules: [TCP Query User{AEA97307-106E-4D79-A451-D28DBFD9BF06}D:\programme\archicad\neuer ordnerarchi\archicad.exe] => (Allow) D:\programme\archicad\neuer ordnerarchi\archicad.exe => Keine Datei
FirewallRules: [{442D63F9-A87C-4CD8-AEA2-8D6DE62512FA}] => (Block) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [{5C904C29-A633-4388-85B1-392629DAEFDA}] => (Block) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [UDP Query User{F03A035B-92A1-4F69-BAD1-EFE827E764B9}D:\programme\vektorworks\vectorworks2018e.exe] => (Allow) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [TCP Query User{E9427056-30D6-4B50-A860-10A5A61C3BF2}D:\programme\vektorworks\vectorworks2018e.exe] => (Allow) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei
FirewallRules: [UDP Query User{B37E40F2-F5B7-4E33-880C-6A9B9A3B122C}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{43C40599-4714-49B7-9B83-53B0A9F82DD9}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{189CCEC9-6D44-4963-B9BA-E24F743F8AD0}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{3F51C2F1-63BC-4EEE-A71A-3FAD37E7DA4D}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{B850E85A-8557-4CFB-93AA-13E6D552ECDD}C:\program files (x86)\archicad20\licensefilegenerator.exe] => (Allow) C:\program files (x86)\archicad20\licensefilegenerator.exe => Keine Datei
FirewallRules: [TCP Query User{5CF10A1E-66C7-4C5B-B866-AD1E7626BEEE}C:\program files (x86)\archicad20\licensefilegenerator.exe] => (Allow) C:\program files (x86)\archicad20\licensefilegenerator.exe => Keine Datei
FirewallRules: [{076F77BB-1426-43BA-9357-A6C79AF3424B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{B86178ED-C694-41B2-9C3D-97ECB25F7A5D}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{DE4D120C-8E2D-4753-8A65-95213CE689D4}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [{3D50CB20-DA48-4C77-BC3F-1FAE1045721A}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [{7E3A988B-0E25-4DD8-A5DE-A259113611C6}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [{E94815B0-FEE6-4C9B-9218-B8477BB5B2F2}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei
FirewallRules: [UDP Query User{FB31F15D-437A-434D-B40E-3795935822CE}C:\program files\programme\archicad programm\licensefilegenerator.exe] => (Allow) C:\program files\programme\archicad programm\licensefilegenerator.exe => Keine Datei
FirewallRules: [TCP Query User{3FE56CCB-5828-439C-967F-9E707AD31299}C:\program files\programme\archicad programm\licensefilegenerator.exe] => (Allow) C:\program files\programme\archicad programm\licensefilegenerator.exe => Keine Datei
FirewallRules: [UDP Query User{CD134EB8-5188-4BB3-B2B2-8AA7640440FB}C:\program files\programme\archicad programm\overwatchserver.exe] => (Allow) C:\program files\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [TCP Query User{AFB220E9-76BC-429B-B362-5221ED80FA7E}C:\program files\programme\archicad programm\overwatchserver.exe] => (Allow) C:\program files\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [UDP Query User{6FBE67FC-CA01-46D8-824A-58A097A0B8E2}C:\program files\programme\archicad programm\archicad.exe] => (Allow) C:\program files\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [TCP Query User{B0E84A7E-FA5F-4078-94F6-E0E3DF26CCC4}C:\program files\programme\archicad programm\archicad.exe] => (Allow) C:\program files\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [{DB6739E6-2204-4B09-B41B-30968CA9CFD1}] => (Block) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [{6A545E13-8CF1-4023-A9C1-9CA1EEB620DF}] => (Block) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [UDP Query User{778E1A82-286F-4FE1-BE57-4CA6EC8925D6}D:\programme\archicad programm\overwatchserver.exe] => (Allow) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [TCP Query User{296B780E-8AAA-42EB-AE50-F680F62B9BBC}D:\programme\archicad programm\overwatchserver.exe] => (Allow) D:\programme\archicad programm\overwatchserver.exe => Keine Datei
FirewallRules: [UDP Query User{CF75E19E-6C46-41F6-8D44-01E7F8FE2E7D}D:\programme\archicad programm\archicad.exe] => (Allow) D:\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [TCP Query User{A4D1DAB3-C170-4E40-85D3-51B0504A3479}D:\programme\archicad programm\archicad.exe] => (Allow) D:\programme\archicad programm\archicad.exe => Keine Datei
FirewallRules: [{6554799D-E07B-4AB2-844E-4DA7F409DF4B}] => (Block) D:\Programme\Neuer Ordner\OverwatchServer.exe => Keine Datei
FirewallRules: [{DBF87FB9-8EA0-4D89-B24E-2F55A4ABB1E7}] => (Allow) D:\Programme\Neuer Ordner\BIMxUploader.exe => Keine Datei
FirewallRules: [{9258A666-5949-4A3E-9336-366B9A300E6B}] => (Block) D:\Programme\Neuer Ordner\CineRender\CineRender 64bit.exe => Keine Datei
FirewallRules: [{49E7C456-E3B8-4878-B0E7-76DB3ECD4CF3}] => (Block) D:\Programme\Neuer Ordner\ARCHICAD.exe => Keine Datei
FirewallRules: [{441A4EE9-45D4-4815-A29C-C91AB8303305}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\Rtldhcp.exe (Realtek) [Datei ist nicht signiert]
FirewallRules: [{726D7D19-1755-4DE1-BCB8-C06D3BC8CB34}] => (Allow) LPort=53
FirewallRules: [{6120098B-5097-410C-8C00-8A7BF7676442}] => (Allow) LPort=53
FirewallRules: [{4C73448B-B40B-4705-8A30-DDD5EDE0CEC9}] => (Allow) LPort=68
FirewallRules: [{8B654C7F-3E38-4C77-B3C3-5ED26B6B6618}] => (Allow) LPort=67
FirewallRules: [{FD438F58-F35B-4212-BD80-1E5481A6D314}] => (Allow) LPort=53
FirewallRules: [{07869E25-0997-473C-9BDF-288F3F806744}] => (Allow) LPort=1542
FirewallRules: [{B4C70D86-4782-476C-8042-A4602C809393}] => (Allow) LPort=1542
FirewallRules: [{D19EFC04-8F56-4D8C-AB1C-78C82B4476DB}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
FirewallRules: [{01F75DD0-663B-4CCB-964B-17FFC731DD41}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
FirewallRules: [{8237B493-1476-431C-8BB4-D3A0C1EE25E4}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Anno 2205\Bin\Win64\Anno2205.exe (Blue Byte GmbH -> Ubisoft)
FirewallRules: [TCP Query User{9B72727D-7C82-417E-9038-EEC44B59BB66}D:\programme\vectorworks 2019\vectorworks2019.exe] => (Allow) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [UDP Query User{7098CF80-605A-40E8-990C-2EF29526654B}D:\programme\vectorworks 2019\vectorworks2019.exe] => (Allow) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [{002ADA28-1AFB-4FE6-8D2F-B2C4D11EC154}] => (Block) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [{430963B0-6785-4E33-B505-AEA003F69110}] => (Block) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei
FirewallRules: [{C52B6DB2-CB9D-4C35-BCFE-724A663F2BC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C12B714F-F4FA-47B1-BAD4-37B5750809AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A6C06521-4B8C-43D4-A683-039264E3F4F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D51E99A1-038E-47CA-80E4-5D947C74516D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4B36B334-4C93-4187-848A-627BF472264B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{3ABF503F-36E6-4871-BE0E-D347FCBDA8FC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{E9ADF80F-41DB-4FFA-8DED-B6F3513C395C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{A3440304-1B41-4CD8-9320-0EB65E7C518A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{425F93A0-29CC-4043-B79D-DA8FAC9A2DF5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9750C618-E4F1-4C0D-B1BF-823BB3AA8818}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EB4FBE25-6225-4B0C-8BFF-0E9F388E648A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5478A773-663A-4561-9220-E2BB9A1BCB88}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{19727FE3-6C85-4368-A4F5-94F08A5A2A8F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{378FBCA8-18BF-4895-A013-EB6C23D2892F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9337AD6E-BCE7-4FB9-A247-76B24077C449}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{062C35E5-C83F-4EE9-BE11-528782F1B3E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6B489A55-E4E2-4C87-8A6C-257445F9522F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D55BE7D3-02AA-40A4-8136-7BA599B05FF9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C4176973-9EF7-466A-A459-0E7B563EE1DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C56C1610-3824-4C82-AA3F-9982D33C95EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A96C4156-561F-49EE-9415-577A3124EEB2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{0CEED22D-3EA0-4590-8AB4-89638B31C0BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF951C40-57E5-4CE6-ACB8-7252AB2D9E2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B8B7E52D-8B49-49C7-B4D1-B3DA9AF8894F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DD1E34F-46BA-469B-966C-05F37B4EA831}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C1C697E-74ED-4B63-8228-06C409C8B683}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Wiederherstellungspunkte =========================

21-02-2022 21:04:17 Geplanter Prüfpunkt
23-02-2022 21:35:03 OpenOffice 4.1.11 wird installiert

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Kaspersky Security Data Escort Adapter #2
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (02/27/2022 11:08:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ArmouryWebBrowserEdge.exe, Version: 1.0.0.8, Zeitstempel: 0x6142e251
Name des fehlerhaften Moduls: ArmouryWebBrowserEdge.exe, Version: 1.0.0.8, Zeitstempel: 0x6142e251
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007903
ID des fehlerhaften Prozesses: 0x3c14
Startzeit der fehlerhaften Anwendung: 0x01d82bc1e90ffea9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
Berichtskennung: 4df18b72-c650-4614-b6ba-b7e2eb98747d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/25/2022 11:06:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ArmouryWebBrowserEdge.exe, Version: 1.0.0.8, Zeitstempel: 0x6142e251
Name des fehlerhaften Moduls: ArmouryWebBrowserEdge.exe, Version: 1.0.0.8, Zeitstempel: 0x6142e251
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007903
ID des fehlerhaften Prozesses: 0x550
Startzeit der fehlerhaften Anwendung: 0x01d82a2f5c8c1cb6
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
Berichtskennung: 668df69f-f1da-48e8-b3bc-2d553bfb542a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/24/2022 09:32:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet

Error: (02/24/2022 09:31:59 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {2dbea54f-96e6-4f64-8858-5cbdb2861da9}

Error: (02/24/2022 08:20:54 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-LJVJBQ2)
Description: Die Anwendung oder der Dienst "ROG Live Service" konnte nicht neu gestartet werden.

Error: (02/24/2022 08:11:55 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-LJVJBQ2)
Description: Die Anwendung oder der Dienst "ARMOURY CRATE Service" konnte nicht neu gestartet werden.

Error: (02/24/2022 08:07:47 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Das Sicherheitscenter konnte den Aufrufer nicht überprüfen. Der Fehler %1 ist aufgetreten.

Error: (02/24/2022 07:44:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Vectorworks2021.exe, Version: 26.0.4.0, Zeitstempel: 0x60ccaf7d
Name des fehlerhaften Moduls: libcef.dll, Version: 84.2.6.0, Zeitstempel: 0x5f08e1b8
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000002be2b49
ID des fehlerhaften Prozesses: 0x3cf8
Startzeit der fehlerhaften Anwendung: 0x01d8295d163629a1
Pfad der fehlerhaften Anwendung: C:\Program Files\Vectorworks 2021\Vectorworks2021.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Vectorworks 2021\ChromiumEF_dlls\libcef.dll
Berichtskennung: 0094f235-3cb5-4cd0-a480-90be0044b948
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (02/25/2022 11:15:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LJVJBQ2)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/25/2022 11:15:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LJVJBQ2)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/25/2022 11:15:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LJVJBQ2)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/25/2022 11:15:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LJVJBQ2)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/25/2022 11:15:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LJVJBQ2)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/25/2022 11:15:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LJVJBQ2)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/25/2022 11:15:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LJVJBQ2)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/25/2022 11:15:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LJVJBQ2)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================Event[0]:

Date: 2022-02-24 20:08:04
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.349.1925.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18500.10
Fehlercode: 0x80240017
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

CodeIntegrity:
===============
Date: 2022-02-24 20:07:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume12\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume12\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2022-02-24 20:05:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume12\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume12\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. 2423 08/09/2021
Hauptplatine: ASUSTeK COMPUTER INC. PRIME B550M-A (WI-FI)
Prozessor: AMD Ryzen 5 5600X 6-Core Processor
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 16299.37 MB
Verfügbarer physikalischer RAM: 9695.44 MB
Summe virtueller Speicher: 22699.37 MB
Verfügbarer virtueller Speicher: 14320.5 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:231.81 GB) (Free:92.57 GB) NTFS
Drive d: () (Fixed) (Total:931.38 GB) (Free:377.38 GB) NTFS
Drive e: () (Fixed) (Total:931.38 GB) (Free:423.6 GB) NTFS
Drive f: (Windows) (Fixed) (Total:464.77 GB) (Free:434.73 GB) NTFS

\\?\Volume{a7af9eac-cc55-49a5-8600-c6ef4ff82100}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{8193e75b-3416-472e-bb8f-91ef883aa56b}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{defb8d1e-f58b-4ebc-b967-f5ed9b1398ae}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{56134543-78f4-4721-b382-d2543fec4cae}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{806931e6-103b-4540-9c29-7bbe4d6caaf4}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: D17FEDD6)

Partition: GPT.

==================== Ende von Addition.txt =======================

cosinus 27.02.2022 16:54
Zitat:
Kaspersky Password Manager
Das noch deinstallieren.
Passwörter kannst du doch im Firefox verwalten. Mach ich auch, mit Masterpasswort. Und dokumentieren oder nur verwalten, mit Keepass.

gigalos 27.02.2022 17:24
Alles klar! Wäre erledigt.

cosinus 27.02.2022 17:56
Da ist ja immer noch was von Avast :wtf:

Scripting/Repair mit FRST64

WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    Start::
    CloseProcesses:
    C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif
    C:\WINDOWS\system32\Tasks\Avast Software
    emptytemp:
    End::
  • Starte nun FRST und klicke direkt den Reparieren Button.Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

gigalos 28.02.2022 15:36
Code:
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-02-2022
durchgeführt von Caro (28-02-2022 15:32:08) Run:3
Gestartet von C:\Users\Caro\Desktop
Geladene Profile: defaultuser0 & Caro
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif
C:\WINDOWS\system32\Tasks\Avast Software
emptytemp:

*****************

Prozesse erfolgreich geschlossen.
C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif => erfolgreich verschoben
C:\WINDOWS\system32\Tasks\Avast Software => erfolgreich verschoben

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45382176 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 569967 B
Edge => 0 B
Chrome => 468261028 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15650 B
NetworkService => 15650 B
defaultuser0 => 15650 B
Caro => 822576773 B

RecycleBin => 112583 B
EmptyTemp: => 1.2 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 15:32:18 ====
soweit erledigt.

cosinus 28.02.2022 15:41
Kontrollscans mit MBAM und RK

Wir sind fast fertig. Jetzt ist es an der Zeit für Kontrollscans mit
Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.

gigalos 28.02.2022 19:11
Anbei die Logs:

Code:
Program            : RogueKiller Anti-Malware
Version            : 15.3.0.0
x64                : Yes
Program Date      : Feb 17 2022
Location          : C:\Users\Caro\Desktop\RogueKiller_portable64.exe
Premium            : No
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System  : Windows 10 (10.0.19043) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User              : Caro
User is Admin      : Yes
Date              : 2022/02/28 18:03:11
Type              : Removal
Aborted            : No
Scan Mode          : Standard
Duration          : 235
Found items        : 2
Total scanned      : 90804
Signatures Version : 20220228_112716
Truesight Driver  : Yes
Updates Count      : 1

************************* Warnings *************************

************************* Removal *************************
[PUP.WinZipDiskTools (Potenziell bösartig)] HKEY_USERS\S-1-5-21-3671133233-2531484000-2582408703-1002\Software\Nico Mak Computing --  -> Gelöscht
  [+] scan_what      : 2
  [+] vendors        : PUP.WinZipDiskTools
  [+] Name            : HKEY_USERS\S-1-5-21-3671133233-2531484000-2582408703-1002\Software\Nico Mak Computing
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 0
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed        : Yes
  [+] status_choice  : 2
  [+] malpe_score    : 0

[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-3671133233-2531484000-2582408703-1002\Software\OCS --  -> Gelöscht
  [+] scan_what      : 2
  [+] vendors        : PUP.Gen1
  [+] Name            : HKEY_USERS\S-1-5-21-3671133233-2531484000-2582408703-1002\Software\OCS
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 1
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed        : Yes
  [+] status_choice  : 2
  [+] malpe_score    : 0
Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 28.02.22
Scan-Zeit: 19:06
Protokolldatei: 25e544ae-98c1-11ec-9999-f02f74f2b40b.json

-Softwaredaten-
Version: 4.5.4.168
Komponentenversion: 1.0.1599
Version des Aktualisierungspakets: 1.0.51679
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19043.1526)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-LJVJBQ2\Caro

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 326144
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 2 Min., 0 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus 28.02.2022 22:45
Dann wären wir durch! :daumenhoc

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

Abschließend unbedingt unsere Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:

Anleitung: Cleanup & Maßnahmen zur Absicherung des Rechners

M-K-D-B 02.03.2022 11:02
Wir sind froh, dass wir helfen konnten :abklatsch:

Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:55 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131