Avira Fund HEUR/AGEN.1124272

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-12-2021
durchgeführt von Hold (Administrator) auf HOLD-PC (Micro-Star International Co., Ltd MS-7B86) (03-12-2021 07:07:52)
Gestartet von C:\Users\Hold\Downloads
Geladene Profile: Hold
Plattform: Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <16>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1084704 2020-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-06-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1713432 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Hold\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-03-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2542440 2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31176112 2021-08-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\Run: [Opera Browser Assistant] => C:\Users\Hold\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\Run: [] => [X]
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\MountPoints2: {42dc64ac-fa67-11eb-8155-001a7dda7115} - "H:\HiSuiteDownLoader.exe" 
HKLM\...\Windows x64\Print Processors\Canon MG6800 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCR.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFO.DLL [529408 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\WINDOWS\system32\CNMLMAT.DLL [385024 2012-03-14] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6800 series: C:\WINDOWS\system32\CNMLMCR.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: C:\WINDOWS\system32\CNMLM9Z.DLL [336896 2010-04-24] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5300 series: C:\WINDOWS\system32\CNMLMFO.DLL [959488 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [355840 2011-02-01] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\system32\cpwmon64.dll [87600 2013-10-23] (Acro Software Inc. -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\Users\Hold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2020-04-22]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Hold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Avira.lnk [2019-11-08]
ShortcutTarget: Avira.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Keine Datei)
Startup: C:\Users\Hold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-10-05]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Hold\AppData\Local\Facebook\Games\FacebookGameroom.exe (Keine Datei)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0076A310-FB48-4BF7-9078-9E2A6A62A216} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2108624 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {03B9CAC4-B6A0-41EC-9259-B6323B494193} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {040B7342-0024-4CE1-B35C-331AC4EC4C09} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {074F0BCF-D262-4943-8B7D-346CC4E1ACF7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0B41A108-D84C-4E91-A5FF-DCC5274AFE3F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {13607C5B-F632-4BAA-B11A-6DC858AF1B99} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-05-20] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
Task: {153FA499-D799-4D21-B7FE-C757EFBEBF0A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {163777C8-1A69-4710-B2C8-2AC9C4FEE2B1} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {20605C4F-50AE-49B2-904E-E23F419A53B0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {243E93C6-C42A-4012-A369-0B1BBC0BB437} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [237216 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {243FF020-E062-4857-8BBC-5A610B8A1453} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {297F6368-E760-4DB7-98E3-B6F98B0502CE} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {38DD5971-D9C3-4221-A7BA-CDDD115BAE7A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-16] (Google LLC -> Google LLC)
Task: {398DA360-A0FF-4B1D-B8AF-4D5D88A34FDB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {42EF6F11-9B4A-428C-BA1D-8D21660C1E2F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {44760C04-E7BC-406F-BA3E-86509300AE8B} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4E538AD1-3A04-4BAF-A971-53D32373A51F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {4E907AD4-84BC-4307-ACF6-9E82E0968B41} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {54808A73-314E-416C-A626-0B1D66759CAD} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1673272 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5B437BC4-0C71-4F84-9B8B-F9BB02100075} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {68F79554-6A20-4695-B959-5EA6F4876363} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {6A9788E1-BC0B-4511-ACD7-61277207944D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-08-24] (Garmin International, Inc. -> )
Task: {6F1364A9-39BA-4297-B4BF-3387E9D12CBB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {72C76ACE-D546-4502-B01F-DF8F77365753} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {78DE7A41-9A86-4C94-9A4E-655AF7FC411F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {85C24524-293C-4CA8-923A-8E47BD41A160} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {8857F712-A579-4203-A3C8-E4F6669A366D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [28678840 2020-06-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {8E7662FE-F650-40A5-84DA-358C28F1CA02} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {8FD0D2E1-998E-439A-B2B0-A3DD161FFCE4} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [31904 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {92580229-DF6B-4155-B490-BBC7DE267238} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-05-20] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
Task: {932C01F8-5455-43DD-9A8B-71BCB3E95678} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {A132A6C4-4B7C-4EFD-82D7-4A355229C854} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1491664 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {A57441ED-A016-4CA4-95D0-05D7984B45E6} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" <==== ACHTUNG
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B287C656-9F60-433E-9487-61424FD0371D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4F2D410-343C-4E0D-996E-A6DAF7B649C1} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {BA7D26AF-140A-4C9C-916E-E701D87654F8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {BECD3DD0-6BFE-4A75-BCD4-8F1D2C5D6192} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1491664 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF263775-1C92-4E44-BEBD-15E514C1C2D6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {C0BD2686-AB02-42F9-A5BA-AE5C01C73A8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-16] (Google LLC -> Google LLC)
Task: {C7D56C5D-C965-4033-A227-055219D5C869} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C9D8392F-B479-4957-90E4-529F794676EE} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1627648 2020-05-20] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
Task: {CFB4AFBA-A286-4142-B3D5-CACC8F86AEB6} - System32\Tasks\Opera scheduled assistant Autoupdate 1588331751 => C:\Users\Hold\AppData\Local\Programs\Opera\launcher.exe [1753808 2021-11-23] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Hold\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D28B5C2B-4E20-44B9-A480-318A6C13A086} - System32\Tasks\{7EBD5F35-2CFB-441A-B155-F53E9B47C259} => C:\Windows\system32\pcalua.exe -a "G:\Acrobat 8\APRO23_Win_ESD1_WWEFG.exe" -d "G:\Acrobat 8"
Task: {D6AF8F74-916F-4951-A04F-AC1283E9FF36} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4072312 2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {D70A2725-2B77-4914-8279-CE2CBE8C4954} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {E02B9FF8-94B0-4452-8924-73F27C5025B2} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {E8D504A5-BB36-463D-811A-2A40A7E6CF74} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2108624 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F28DD7AA-7C78-4487-98D3-8B61F83E9F2C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F51824DB-2BC8-43B9-BBB8-5E59A1F78240} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {F848D2AA-7194-4797-80BE-D03650521791} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2179792 2013-05-13] (Microsoft Corporation -> Microsoft)
Task: {FB25598E-F0C1-4E50-AC6A-B9AB78D93879} - System32\Tasks\Opera scheduled Autoupdate 1586608251 => C:\Users\Hold\AppData\Local\Programs\Opera\launcher.exe [1753808 2021-11-23] (Opera Software AS -> Opera Software)
Task: {FC47EB4B-6416-49E5-A588-4D42A398CD4B} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FD2CB703-7BB6-4F61-8097-ED6ADB61E916} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138
Tcpip\..\Interfaces\{117921c0-aa1a-4711-8fc7-afe9d4de684b}: [DhcpNameServer] 10.0.0.138 10.0.0.138
Tcpip\..\Interfaces\{71ed5fbf-68cc-4197-8727-c3b123ec4794}: [DhcpNameServer] 10.0.0.138 10.0.0.138

Edge: 
=======
DownloadDir: C:\Users\Hold\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Hold\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-26]
Edge DownloadDir: Default -> C:\Users\Hold\Downloads
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Hold\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: ddgha12u.default-1458347090774-1576507469294
FF ProfilePath: C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294 [2021-12-03]
FF Homepage: Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294 -> www.orf.at
FF Notifications: Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294 -> hxxps://www.youtube.com
FF Extension: (Facebook Container) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\@contain-facebook.xpi [2021-08-03]
FF Extension: (AdBlocker Ultimate) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-07]
FF Extension: (HTTPS Everywhere) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\https-everywhere@eff.org.xpi [2021-07-15]
FF Extension: (Watermelon Surge) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{0ad3f4fd-59cf-4a55-9ded-68261e219d6c}.xpi [2021-09-10]
FF Extension: (Microsoft Office - Dark Gray) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{1c41d9fb-f904-4d38-850f-074312f06e64}.xpi [2021-10-05]
FF Extension: (Photon Colors) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{2c6c94f3-c656-41e9-aa4b-1edba5be9c21}.xpi [2021-10-05]
FF Extension: (Three Wolf Moon Shirt) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{50193c98-9eee-4b67-9244-95ced154911d}.xpi [2021-10-05]
FF Extension: (Minimalist Blue) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{623e2c8d-8986-4f2d-af27-e60982948572}.xpi [2021-10-05]
FF Extension: (ANIMATED CAT LICKING YOUR SCREEN) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{6a21e28f-b023-41bb-aad9-7db3a398599f}.xpi [2021-10-05]
FF Extension: (NoScript) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-29]
FF Extension: (Download Statusbar) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{76faaba6-3aa1-47a4-bf40-90aa2505e79c}.xpi [2019-12-17]
FF Extension: (Matte Black (Red)) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2021-10-06]
FF Extension: (SciFi) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{a7f8e0cd-f3f4-41bb-9043-d3fc0e9e0b92}.xpi [2021-10-05]
FF Extension: (puits bleu d'infini) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{b3994f5b-c557-4b30-b0e1-1db9098f690e}.xpi [2021-09-10]
FF Extension: (Dark Fox) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-10-05]
FF Extension: (Kurgzsekseta) - C:\Users\Hold\AppData\Roaming\Mozilla\Firefox\Profiles\ddgha12u.default-1458347090774-1576507469294\Extensions\{e8f3b919-d290-4270-b66f-29f3fdbb1986}.xpi [2021-10-05]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.13 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default [2021-09-29]
CHR Extension: (Präsentationen) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-16]
CHR Extension: (Docs) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-16]
CHR Extension: (Google Drive) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03]
CHR Extension: (YouTube) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-16]
CHR Extension: (Avira Password Manager) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-07-29]
CHR Extension: (Avira Safe Shopping) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-07-29]
CHR Extension: (Tabellen) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-16]
CHR Extension: (Avira Browserschutz) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-07-29]
CHR Extension: (Google Docs Offline) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-29]
CHR Extension: (Google Mail) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\Hold\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-29]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera: 
=======
OPR Profile: C:\Users\Hold\AppData\Roaming\Opera Software\Opera Stable [2021-10-14]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.at/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Avira Safe Shopping) - C:\Users\Hold\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2021-07-28]
OPR Extension: (Rich Hints Agent) - C:\Users\Hold\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-07-28]
OPR Extension: (Avira Password Manager) - C:\Users\Hold\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2021-07-29]
OPR Extension: (Free Avira Phantom VPN – Entsperrt Webseiten) - C:\Users\Hold\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-11-05]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [275320 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [273536 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncHelper.exe [3279232 2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-02] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe [3736424 2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-05-30] (Reason Software Company Inc. -> Reason Software Company Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [300456 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R1 AsrAppCharger; C:\WINDOWS\System32\DRIVERS\AsrAppCharger.sys [17192 2011-05-10] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-07-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-29] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-27] (Malwarebytes Inc -> Malwarebytes)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [221824 2016-04-24] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] (Paragon Software GmbH -> )
R1 Uim_VIM; C:\WINDOWS\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon Software GmbH -> Paragon)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 NTIOLib_DVDSetup; \??\E:\NTIOLib_X64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-12-03 07:07 - 2021-12-03 07:08 - 000040403 _____ C:\Users\Hold\Downloads\FRST.txt
2021-12-03 07:07 - 2021-12-03 07:08 - 000000000 ____D C:\FRST
2021-12-03 07:06 - 2021-12-03 07:06 - 002311680 _____ (Farbar) C:\Users\Hold\Downloads\FRST64.exe
2021-12-02 19:34 - 2021-12-02 19:34 - 008540344 _____ (Malwarebytes) C:\Users\Hold\Desktop\adwcleaner.exe
2021-12-02 17:27 - 2021-12-02 17:27 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2021-12-02 07:11 - 2021-12-02 09:40 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-12-01 16:04 - 2021-12-01 16:04 - 000106593 _____ C:\Users\Hold\Downloads\00977833-Umsatzliste-20211201-1638371043528-AT751200010012802871.pdf
2021-11-23 17:33 - 2021-11-23 21:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-11-19 17:28 - 2021-11-20 11:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-11-16 17:20 - 2021-11-16 17:20 - 000000000 ____D C:\Users\Hold\AppData\LocalLow\Synamedia
2021-11-16 17:19 - 2021-12-01 23:10 - 000000000 ____D C:\Users\Hold\AppData\Roaming\Sky Q
2021-11-16 17:19 - 2021-11-16 17:20 - 000001027 _____ C:\Users\Hold\Desktop\Sky X.lnk
2021-11-16 17:19 - 2021-11-16 17:20 - 000000000 ____D C:\Users\Hold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky
2021-11-16 17:19 - 2021-11-16 17:19 - 000000000 ____D C:\Users\Hold\AppData\Roaming\Sky
2021-11-16 17:18 - 2021-11-16 17:18 - 056046615 _____ C:\Users\Hold\Downloads\SkyXInstallerWindows.zip
2021-11-16 17:18 - 2021-11-16 17:18 - 000000000 ____D C:\Users\Hold\Downloads\SkyXInstallerWindows
2021-11-11 15:37 - 2021-11-11 15:37 - 000127856 _____ C:\Users\Hold\Downloads\COVID-19-Impfzertifikat-Hold-20211028 (1).pdf
2021-11-11 15:30 - 2021-11-11 15:30 - 000127548 _____ C:\Users\Hold\Downloads\COVID-19-Impfzertifikat-Hold-20211111 (1).pdf
2021-11-11 15:24 - 2021-11-11 15:24 - 000127548 _____ C:\Users\Hold\Downloads\COVID-19-Impfzertifikat-Hold-20211111.pdf
2021-11-10 16:29 - 2021-11-10 16:29 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-10 16:29 - 2021-11-10 16:29 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-10 16:29 - 2021-11-10 16:29 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-10 16:28 - 2021-11-10 16:28 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-10 16:19 - 2021-11-10 16:19 - 000000000 ___HD C:\$WinREAgent
2021-11-08 18:40 - 2021-11-08 18:40 - 000002223 _____ C:\Users\Public\Desktop\Canon Easy-PhotoPrint Editor.lnk
2021-11-08 18:38 - 2021-11-08 18:38 - 112544672 _____ C:\Users\Hold\Downloads\epd_-win-1_6_1-ea20_4.exe

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-12-03 07:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-03 06:53 - 2014-02-20 12:49 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-03 06:52 - 2016-11-28 17:57 - 000000000 ____D C:\Users\Hold\AppData\LocalLow\Mozilla
2021-12-03 06:48 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-03 06:40 - 2020-10-18 16:59 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{AD2B4477-891E-4F60-8EE5-9F132CEC2808}
2021-12-03 06:40 - 2020-10-18 16:43 - 001917508 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-03 06:40 - 2019-12-07 15:50 - 000820860 _____ C:\WINDOWS\system32\perfh007.dat
2021-12-03 06:40 - 2019-12-07 15:50 - 000177392 _____ C:\WINDOWS\system32\perfc007.dat
2021-12-03 06:35 - 2020-03-16 14:22 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-03 06:33 - 2021-09-20 16:11 - 000003108 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-12-03 06:33 - 2021-03-11 07:34 - 000003094 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-12-03 06:33 - 2020-10-18 16:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-03 06:33 - 2016-05-14 18:17 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-12-03 06:33 - 2014-02-23 13:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-12-03 06:32 - 2020-10-18 16:26 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-02 23:23 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-02 19:32 - 2020-10-18 16:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-02 18:01 - 2018-05-09 22:09 - 000000000 ____D C:\Users\Hold\AppData\Local\D3DSCache
2021-12-02 17:28 - 2020-08-14 12:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-02 17:28 - 2020-08-14 12:00 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-02 17:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-02 17:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-02 17:27 - 2021-04-17 11:09 - 000001078 _____ C:\Users\Public\Desktop\Avira.lnk
2021-12-02 17:27 - 2020-12-03 07:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-12-02 17:27 - 2020-10-18 16:59 - 000003632 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-12-02 17:27 - 2014-02-21 12:23 - 000000000 ____D C:\ProgramData\Avira
2021-12-02 15:04 - 2019-04-10 17:27 - 000000000 ____D C:\Users\Hold\AppData\Roaming\PersBackup6
2021-12-02 12:29 - 2020-12-26 20:35 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-12-02 09:40 - 2020-10-29 23:24 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-02 09:40 - 2019-06-29 15:17 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-12-02 09:40 - 2019-06-29 15:17 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-02 09:39 - 2018-03-30 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-02 09:39 - 2015-11-10 20:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-02 08:26 - 2014-02-20 23:49 - 000000000 ____D C:\Users\Hold\Documents\PersBackup
2021-11-30 14:58 - 2020-11-05 09:41 - 001930322 _____ C:\Users\Hold\Desktop\Zeitschriften1.xlsx
2021-11-30 10:12 - 2014-02-20 18:16 - 000000000 ____D C:\Users\Hold\Desktop\Dokumente
2021-11-25 13:25 - 2020-10-18 16:59 - 000004172 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1586608251
2021-11-25 13:25 - 2020-04-11 13:30 - 000001386 _____ C:\Users\Hold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-11-23 21:50 - 2021-10-22 15:11 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-11-23 21:50 - 2014-02-20 12:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-23 18:08 - 2021-10-05 17:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-23 18:08 - 2014-02-20 12:49 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-23 17:32 - 2021-10-22 15:11 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-11-23 17:32 - 2021-10-22 15:11 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-22 16:52 - 2017-12-13 16:41 - 000000000 ____D C:\Users\Hold\AppData\Local\Packages
2021-11-22 16:33 - 2018-07-02 20:35 - 000000000 ____D C:\ProgramData\Packages
2021-11-19 17:29 - 2020-03-16 14:23 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-19 17:29 - 2020-03-16 14:23 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-17 16:09 - 2020-10-18 18:03 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a5658a907ddc
2021-11-17 16:09 - 2020-10-18 16:59 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-10 16:35 - 2020-10-18 16:26 - 000494000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-10 16:34 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 16:34 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-10 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-10 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-10 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-10 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-10 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-10 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-10 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-10 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 16:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-10 16:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-10 16:14 - 2020-04-22 19:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-11-10 16:13 - 2014-02-20 14:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 16:09 - 2014-02-20 14:48 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-08 18:40 - 2021-07-09 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2021-11-08 18:39 - 2014-02-20 14:31 - 000000000 ____D C:\Program Files (x86)\Canon

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2015-11-08 16:47 - 2015-11-08 16:47 - 000003904 _____ () C:\Users\Hold\AppData\Local\recently-used.xbel
2016-05-14 21:18 - 2016-05-14 21:18 - 000000017 _____ () C:\Users\Hold\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-12-2021
durchgeführt von Hold (03-12-2021 07:10:09)
Gestartet von C:\Users\Hold\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) (2020-10-18 16:00:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-856262021-2868319075-1551791506-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-856262021-2868319075-1551791506-503 - Limited - Disabled)
Gast (S-1-5-21-856262021-2868319075-1551791506-501 - Limited - Disabled)
Hold (S-1-5-21-856262021-2868319075-1551791506-1000 - Administrator - Enabled) => C:\Users\Hold
WDAGUtilityAccount (S-1-5-21-856262021-2868319075-1551791506-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.8 - Adobe Systems Incorporated)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.05.04.352 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.10.20 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{810a2b63-212d-4a59-bfb5-f2d575cd44f0}) (Version: 2.05.04.352 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (HKLM\...\{C908C165-F564-4420-AFBC-BC9BB5093D89}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2111.2126 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.59.25531 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version:  - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{D72D7C97-7AEC-43E0-A8CF-B23F27422FE0}) (Version: 2.0.6.22870 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.5.0.10950 - Avira Operations GmbH & Co. KG) Hidden
BIPA FotoShop (HKLM-x32\...\BIPA FotoShop) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.6.1 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MG6800 series On-screen Manual (HKLM-x32\...\Canon MG6800 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon TS5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5300_series) (Version: 1.04 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.03104 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{A4076314-DE10-4FEB-A977-A3AF859B4073}) (Version: 4.10.03104 - Cisco Systems, Inc.) Hidden
Citrix Online Plug-in - Web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 11.2.0.31560 - Citrix Systems, Inc.)
Client (HKLM-x32\...\{BAB4AAD2-93A4-11D4-A165-00508B67A692}) (Version: 5.50.000 - BMD Systemhaus GesmbH)
CoolUtils Mail Viewer (HKLM-x32\...\CoolUtils Mail Viewer_is1) (Version: 2.5 - Softplicity, Inc.)
CrystalDiskInfo 8.9.0a (HKLM\...\CrystalDiskInfo_is1) (Version: 8.9.0a - Crystal Dew World)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - Acro Software Inc.)
Druckerregistrierung (HKLM-x32\...\Canon EISRegistration) (Version: 1.7.5 - Canon Inc.)
Elevated Installer (HKLM-x32\...\{AA541EFB-3F91-4A7E-A915-CCDD91C2AE11}) (Version: 7.8.1.0 - Garmin Ltd or its subsidiaries) Hidden
Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
Garmin Express (HKLM-x32\...\{4CE72891-E662-4E1D-997A-2DB13467F489}) (Version: 7.8.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{e0284aaa-26dc-4fb0-b0b6-06e658bdc602}) (Version: 7.8.1.0 - Garmin Ltd or its subsidiaries)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.41 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.41 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 94.0.2 (x64 de)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0 - Mozilla)
Mozilla Thunderbird (x86 de) (HKLM-x32\...\Mozilla Thunderbird 91.3.2 (x86 de)) (Version: 91.3.2 - Mozilla)
MyHarmony (HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
OpenOffice 4.1.11 (HKLM-x32\...\{372A5898-9772-4413-9767-06E9F4580830}) (Version: 4.111.9808 - Apache Software Foundation)
Opera Stable 81.0.4196.60 (HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\Opera 81.0.4196.60) (Version: 81.0.4196.60 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paragon Backup & Recovery™ 17 CE (HKLM\...\{505143F0-48A3-4ABD-A1FE-F77425BFBF66}) (Version: 17.9.3.4927 - Paragon Software) Hidden
Paragon Backup & Recovery™ 17 CE (HKLM-x32\...\{37102375-99b6-4ec1-af7d-ec77bb61cd49}) (Version: 17.9.3.4927 - Paragon Software GmbH)
Paragon UIM (HKLM\...\{49AED3CA-E137-4E65-9555-D05C60281BAC}) (Version: 24.60.0.460 - Paragon Software) Hidden
PerformanceTest v10.0 (HKLM\...\PerformanceTest 10_is1) (Version: 10.0.1010.0 - Passmark Software)
Personal Backup 5.9.4.14 (32-bit) (HKLM-x32\...\Personal Backup 5_is1) (Version: 5.9.4.14 - Dr. J. Rathlev)
Personal Backup 6.0.3.0 (32-bit) (HKLM-x32\...\Personal Backup 6_is1) (Version: 6.0.3.0 - Dr. J. Rathlev)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8960.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.38.1118.2019 - Realtek)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Sky X 21.7.3.0 (HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\com.bskyb.skyxplayer_is1) (Version: 21.7.3.0 - Sky)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.24.5 - TeamViewer)
twengoo (HKLM-x32\...\{2ADA8DBD-2833-4235-A07E-0CD653A992FF}) (Version: 1.0.0.0 - Twengoo)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.STANDARD_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Windows-PC-Integritätsprüfung (HKLM\...\{63EFBDB5-01B0-4614-BE9F-7F1908E42275}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Winmail Opener 1.7 (HKLM-x32\...\Winmail Opener) (Version: 1.7 - Eolsoft)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-17] (Advanced Micro Devices Inc.) [Startup Task]
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.70.2.0_x86__kgqvnymyfvs32 [2021-12-02] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2150.1.0_x86__kgqvnymyfvs32 [2021-11-12] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.207.400.0_x86__kgqvnymyfvs32 [2021-11-26] (king.com)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-10-29] (Apple Inc.) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-24] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2020-12-26] (Realtek Semiconductor Corp)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-05-14] (Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-856262021-2868319075-1551791506-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-856262021-2868319075-1551791506-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Hold\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-856262021-2868319075-1551791506-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-856262021-2868319075-1551791506-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Hold\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19350.3\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-06-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-06-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-06-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2016-10-15 21:30 - 2010-04-24 04:00 - 000336896 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMLM9Z.DLL
2016-05-14 18:36 - 2012-03-14 05:00 - 000385024 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMLMAT.DLL
2014-02-20 14:32 - 2011-02-01 09:23 - 000355840 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
2021-10-14 18:14 - 2021-10-14 18:14 - 000913920 _____ (ServiceStack) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\fb21ba318211e2a3a0f38edb00e12ae8\ServiceStack.Text.ni.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-856262021-2868319075-1551791506-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-856262021-2868319075-1551791506-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-08-19] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7940 mehr Seiten.

IE trusted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\secunia.com. -> hxxps://secunia.com.
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7945 mehr Seiten.


==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2018-04-12 00:38 - 2021-12-03 06:33 - 000003384 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\Control Panel\Desktop\\Wallpaper -> D:\Fotos\Brasilien16\IMG_2909.JPG
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-856262021-2868319075-1551791506-1000\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{4CE991B2-B38A-43BC-BAB1-9203556C713F}C:\users\hold\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hold\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D84E05FD-2312-4DC4-8075-9A1916BD56AF}C:\users\hold\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hold\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F73053EF-6862-458C-BC42-D4B98A11B16D}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{BE532A11-CF89-4BBB-90B7-8DDD768F6477}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FD9B3171-81C7-44F3-B314-5DCD5059D0C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{11F4409C-2B7C-45FA-8E05-B139C11B6B98}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{34E1B575-13A3-4AE6-A311-70E0FFA0746D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{497899E9-744A-4864-9C97-DE2B8CDE2DE7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{67213130-5D65-4419-B5DE-56A61D621311}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{9A510696-5EF3-4BDB-A2D0-B6538A8A3C36}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{A647EC86-C8D9-40AF-8EDC-B4B7F2D227B3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{9FA8C1C0-2873-4DCB-BCCB-725634382F9F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{144B52A2-03C0-43C9-9000-94FCC46DF928}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8D6E07EA-8B15-470B-AD53-1D65193D9D87}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{61609687-0C7C-415C-B23B-0F923276F75B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DA2E6B64-A564-4ED5-898C-84AA839A2051}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7E7BAE3A-47E5-4EA7-B5A6-27A73A77CC4F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{36141544-BC02-40B4-A642-9DEDCB9F416E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8A4BFD9A-1F48-4D98-B312-A8F2B81901A0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D711970B-5C3B-44FA-8EE2-B7902E8BE39D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B4E24D3-8CB8-4219-9918-9C2EC8A165FB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1FD1649E-350A-45AD-A440-58BE0E84B20F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4D9124A-6CCC-474D-BBD7-75E919010A3E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C8999AFB-D429-4E01-BBA5-668AC79F67BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{09EB353E-0861-4EB0-B105-A3AE46D6D720}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1852BB3B-2964-4F26-9A52-7480F8E5287C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5F848580-FA85-4729-B629-159F0B3554BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BF6D40F3-FB75-4658-AB1E-2782344408AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7642F735-4294-4C45-B0F8-BBEF3B06E6FD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.41\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

10-11-2021 16:14:36 Windows Modules Installer
18-11-2021 18:39:17 Geplanter Prüfpunkt
27-11-2021 19:29:53 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (12/03/2021 06:36:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.6.0.1030, Zeitstempel: 0x5042b0f0
Name des fehlerhaften Moduls: IAStorUtil.ni.dll, Version: 11.6.0.1030, Zeitstempel: 0x5042b0eb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000305e5
ID des fehlerhaften Prozesses: 0x1054
Startzeit der fehlerhaften Anwendung: 0x01d7e807a4ee8c4e
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\c4911bd0015bf76eabe750e62bfb741e\IAStorUtil.ni.dll
Berichtskennung: 245bb05a-ae21-41b8-aafa-da2f25a777ea
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/03/2021 06:35:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/02/2021 10:22:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.6.0.1030, Zeitstempel: 0x5042b0f0
Name des fehlerhaften Moduls: IAStorUtil.ni.dll, Version: 11.6.0.1030, Zeitstempel: 0x5042b0eb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000305e5
ID des fehlerhaften Prozesses: 0x23dc
Startzeit der fehlerhaften Anwendung: 0x01d7e7c2bd6587b5
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\c4911bd0015bf76eabe750e62bfb741e\IAStorUtil.ni.dll
Berichtskennung: c5a24e2f-c5d3-4181-a6e5-ec3f5191e950
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/02/2021 10:22:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/02/2021 07:38:16 PM) (Source: COM) (EventID: 10035) (User: )
Description: Der COM-Standardmarshaler war nicht in der Lage, einen Konflikt zwischen der vom Server bereitgestellten IID {618736E0-3C3D-11CF-810C-00AA00389B71} und der vom Client angeforderten IID {00020400-0000-0000-C000-000000000046} mit der Handler-CLSID {00EB5084-29B8-7620-6970-03768450EB00} zu beheben. Der Fehlercode war 0x800401fd.

Error: (12/02/2021 05:26:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.6.0.1030, Zeitstempel: 0x5042b0f0
Name des fehlerhaften Moduls: IAStorUtil.ni.dll, Version: 11.6.0.1030, Zeitstempel: 0x5042b0eb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000305e5
ID des fehlerhaften Prozesses: 0x2320
Startzeit der fehlerhaften Anwendung: 0x01d7e7996b893bee
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\c4911bd0015bf76eabe750e62bfb741e\IAStorUtil.ni.dll
Berichtskennung: 73b7fbd3-2a1e-41f0-bb09-63564efe88ae
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/02/2021 05:26:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/02/2021 11:30:59 AM) (Source: COM) (EventID: 10035) (User: )
Description: Der COM-Standardmarshaler war nicht in der Lage, einen Konflikt zwischen der vom Server bereitgestellten IID {618736E0-3C3D-11CF-810C-00AA00389B71} und der vom Client angeforderten IID {00020400-0000-0000-C000-000000000046} mit der Handler-CLSID {00EB5084-29B8-7662-6970-45768450EB00} zu beheben. Der Fehlercode war 0x800401fd.


Systemfehler:
=============
Error: (12/03/2021 06:36:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/03/2021 06:33:04 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (12/02/2021 10:22:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/02/2021 10:19:50 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (12/02/2021 05:28:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246007 fehlgeschlagen: Canon - Printer - 8/24/2018 12:00:00 AM - 2.90.2.20

Error: (12/02/2021 05:27:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/02/2021 05:23:53 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (12/02/2021 10:57:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===============
Date: 2021-12-03 06:33:05
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-12-02 14:54:46
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. M.70 06/17/2020
Hauptplatine: Micro-Star International Co., Ltd B450-A PRO MAX (MS-7B86)
Prozessor: AMD Ryzen 5 3400G with Radeon Vega Graphics 
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 14282.68 MB
Verfügbarer physikalischer RAM: 8885.86 MB
Summe virtueller Speicher: 28618.68 MB
Verfügbarer virtueller Speicher: 22318.96 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:359.24 GB) (Free:133.11 GB) NTFS
Drive d: (Volume) (Fixed) (Total:87.79 GB) (Free:47.77 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:473.96 GB) NTFS


==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 624A1F8B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=87.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=359.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: CED0B5E5)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt =======================