Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Thema geschlossen
Alt 21.11.2022, 17:46   #1
mrs_mister
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Hallo und zunächst vielen Dank, dass Ihr immer noch Eure Hilfe anbietet!

Ich habe das Problem, dass auf meinem Notebook RAM und CPU sehr oft mit 98-100% ausgelastet sind, so dass flüssiges Arbeiten nicht mehr möglich ist. Eine zeitliche Regelmäßigkeit konnte ich nicht feststellen.
YouTube Videos, egal in welcher Auflösung, lassen sich bspw. nicht mehr ruckelfrei anschauen, allgemein laden Seiten manchmal extrem langsam, egal ob in Firefox oder Chrome, dann wieder in annehmbarer Geschwindigkeit. Selbst wenn nur 1-2 Programme geöffnet sind, hängt die Performance. Kann es ein Trojaner bzw. Cryptominer sein?

Malwarebytes hat beim letzten Scan 6 PUPs gefunden (siehe Codeblocks, PUPs sind danach in die Quarantäne verschoben worden).
Heute habe ich dann den FRST-Scan gemacht und hoffe, dass Ihr vielleicht den Grund für die zeitweise extrem schwache Performance findet.
FRST.txt und Addition.txt habe ich jeweils ebenfalls als Codeblocks hier eingefügt (Klarnamen und PDF-Dateinamen sind mit ***** anonymisiert). Die aufgelisteten Seiten unter FireFox: / FF NetworkProxy sagen mir nichts. Ich bin mir auch nicht sicher, ob ich mal weitere FF-Profile angelegt hatte.

Installierte Antivirus-Programme:
Avast Free Antivirus 22.10.6038 (Build 22.10.7633.757) (seit Februar 2022)
Malwarebytes 4.5.17 (seit letzter Woche)

Malwarebytes-Scanberichte
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 16.11.22
Scan-Zeit: 17:44
Protokolldatei: 0195c2c4-65ce-11ed-a2e0-c454443cafa4.json

-Softwaredaten-
Version: 4.5.17.221
Komponentenversion: 1.0.1806
Version des Aktualisierungspakets: 1.0.62372
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 10 (Build 19044.2251)
CPU: x64
Dateisystem: NTFS
Benutzer: *****\*****

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 381146
Erkannte Bedrohungen: 6
In die Quarantäne verschobene Bedrohungen: 6
Abgelaufene Zeit: 1 Std., 6 Min., 21 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 3
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, 157, 236865, , , , , , 
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, 157, 236865, , , , , , 
PUP.Optional.Conduit, HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, In Quarantäne, 157, 236865, 1.0.62372, , ame, , , 

Registrierungswert: 2
PUP.Optional.Conduit, HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In Quarantäne, 157, 236865, 1.0.62372, , ame, , , 
PUP.Optional.Conduit, HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, In Quarantäne, 157, 236865, 1.0.62372, , ame, , , 

Registrierungsdaten: 1
PUP.Optional.Conduit, HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Ersetzt, 157, 293058, 1.0.62372, , ame, , , 

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 21.11.22
Scan-Zeit: 11:39
Protokolldatei: ba6762a4-6988-11ed-9a09-c454443cafa4.json

-Softwaredaten-
Version: 4.5.17.221
Komponentenversion: 1.0.1806
Version des Aktualisierungspakets: 1.0.62583
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 10 (Build 19044.2251)
CPU: x64
Dateisystem: NTFS
Benutzer: *****\*****

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 381280
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 1 Std., 34 Min., 43 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         
FRST.txt
Code:
ATTFilter
==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\*****\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\66.0.3.0\crashpad_handler.exe <2>
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <15>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360565.inf_amd64_7d719e3a1bab56a3\B360372\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [297256 2017-08-29] (Lenovo -> Lenovo Group Limited)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-30] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572528 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-11-24] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3315280 2019-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11209952 2022-11-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\*****\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\MountPoints2: {a023fa8a-46d9-11ec-bc07-c454443cafa4} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\MountPoints2: {a023fb79-46d9-11ec-bc07-c454443cafa4} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2839958251-2324060183-95412134-501\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe --startup_mode (Keine Datei)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MP540 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9E.DLL [27648 2008-05-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP540 series: C:\Windows\system32\CNMLM9E.DLL [279040 2008-05-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP 5D12 Status Monitor: C:\Windows\system32\hpinksts5D12LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2363136 2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{07AA0886-CC8D-4e19-A410-1C75AF686E62}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{33c86cd6-705f-4ba1-9adb-67070b837775}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> 
HKLM\Software\...\Authentication\Credential Provider Filters: [{edd749de-2ef1-4a80-98d1-81f20e6df58e}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-11-12]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02275B37-B633-4A81-9D2B-86801443D0DC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe /launch (Keine Datei)
Task: {106CB9C9-0E3B-44EF-B247-FE038498D7C7} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {1717C752-FA7D-4CC3-AA68-367AF2DC551F} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [1783776 2016-08-01] (DivX, LLC -> DivX, LLC)
Task: {1DFBCB49-FA78-4D6B-ACA3-D16EFA1235B5} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3834520 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FF19F56-ABF4-477A-AB4B-8F02E63C8955} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-12] (Adobe Inc. -> Adobe)
Task: {221D9A1F-649A-4F47-A350-6AFFA649F200} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {239B2C9E-FCCF-4A7B-9910-EBB5E05EA31A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {23CEDD6D-2E83-4334-A467-41FF7C474AFE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {29B8E714-429C-4528-9746-806A765FD940} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A690E5B-E535-422A-B745-893F18327978} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2B3DE80D-5BCF-40D0-904A-E065A85A7D19} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {2FCD98DE-114F-46B5-A9C3-647623365BCD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3133BB99-5C58-4F26-9F70-B18AC323E486} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-12] (Adobe Inc. -> Adobe)
Task: {374DA1F9-CC7F-4B4F-A6A9-E2833030CDA8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Keine Datei)
Task: {37DD28B1-D5FD-48CE-91BC-9B6AB7BF53E4} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\AutoUpdate.exe /auto (Keine Datei)
Task: {3B15D0EA-8A83-49E3-A635-21559E356DB0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {3B9D2B52-BF32-4509-85C6-D00204EF1294} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3CC5F28A-ACB0-4C2D-B09D-729C45CA43DD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {42AA26B5-8D6B-4B55-843E-336A6E8E490C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {498C49AF-3C7A-4486-A072-3CF445D0DE8E} - \Microsoft\Windows\Setup\EOSNotify -> Keine Datei <==== ACHTUNG
Task: {4FE98CE6-D123-4ABF-9225-CBCF6F514C4F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5241D901-6842-4AC0-8AF9-37E7867CDEA4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {5811C7BF-1BB0-429F-9449-32CDE93C84CC} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Keine Datei)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6169C8D7-AD8B-4C17-8F08-20975A6D971C} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [Datei ist nicht signiert]
Task: {62B2191D-A59B-4A74-AE95-7B42AE0565E2} - System32\Tasks\CCleanerSkipUAC - ***** => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {64737F4F-CEAF-4114-BD56-93C1C17C132E} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {680EEDF1-6297-44CC-B8F0-ACE6DCF2268E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [712200 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F715D41-04B0-4EB9-AD54-3103E4C15C2D} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\Scheduler.exe /scheduler (Keine Datei)
Task: {73A6956F-B7B0-4D8E-A075-8FB604EC9F28} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {73FB205A-34A6-4130-B9B9-48F7CEBF7FE1} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2839958251-2324060183-95412134-1000 => C:\Users\*****\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2022-10-19] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {74084314-034B-492B-9A18-0ED6CC6186BC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {76750A57-8E52-4E12-A933-39094277C1E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E6E0992-71C0-4A09-81FB-E30D59D6076F} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {8237BB6A-402D-490A-B9F7-E570DF1C2A94} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Keine Datei)
Task: {8666B73F-A987-49EA-92E8-65D97A119F2C} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {8A82137C-310A-427A-97BD-56775E3A77D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {8CEB21FC-C066-4553-AFB3-55C63495DAF1} - System32\Tasks\Abelssoft\UpdateYeti scan => C:\Program Files (x86)\UpdateYeti\UpdateYeti.exe [2433048 2016-05-10] (Ascora GmbH -> Abelssoft)
Task: {8FB478B9-F1C1-4599-B47D-AB25318700B2} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-29] (Lenovo -> )
Task: {95D1B83C-758C-48CF-B397-15C74E92917C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {97F7E27E-D2AE-4D10-957A-82183FF2B83D} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {98BC2526-D25E-4636-8197-0C3CC6337B9F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {995BBDFD-47E9-4046-9E89-8AD6D632CA1A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A12B9E55-F4D1-4ECA-93B5-313AD6A5DACC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACE086D9-7B73-4045-8B1A-763594416A08} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Keine Datei)
Task: {AEF7E3D7-9051-4EBE-8A4E-384492C0B2D9} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B1E60C6E-7D22-40B2-8560-7C697D6755AD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {B417DCCA-A7DC-4A6D-AD9D-FF1CEE1B1223} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B6229762-13B5-4426-A81B-89918056B0A6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "0c0f9568-21cf-4e81-b053-f57683445683" --version "6.04.10044" --silent
Task: {C16F6120-917D-46EE-A82C-4F368D3C5110} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
Task: {CA17074C-2319-44C4-AA3F-48491E913CD3} - \Microsoft\Windows\Setup\EOSNotify2 -> Keine Datei <==== ACHTUNG
Task: {CDBF1BE9-DEDD-4768-9347-958CED3DD10D} - \PMTask -> Keine Datei <==== ACHTUNG
Task: {E943316E-6FF8-43D8-9793-87907B2FA359} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Keine Datei)
Task: {EB394CBD-70BF-4B2C-A093-5ED695DE58A9} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-29] (Lenovo -> )
Task: {EC89023A-666B-463F-BC27-DB540EBF4056} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (Keine Datei)
Task: {EEAEABCC-8459-4E3C-B358-B11171A35C69} - System32\Tasks\Driver Booster SkipUAC (*****) => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\DriverBooster.exe /skipuac (Keine Datei)
Task: {EF7EAE0E-BBFB-4E18-BB70-423255A24557} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
Task: {F15D1E57-3214-4725-A6CA-E88119C3A8C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {FB18ED1A-9044-4130-8486-88F7738E172E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000Core.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000UA.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{94dc40e5-70ac-4be6-9da0-e739c8bd3c01}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9720db88-4ae4-4430-87b8-d7afefab3ed8}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A4AD3F4E-BC1C-4142-90F9-23E1863E0E1A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e8473653-8d33-4d6b-b775-f43d8278c2a2}: [DhcpNameServer] 213.209.104.220 213.209.104.250

Edge: 
=======
DownloadDir: C:\Users\*****\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]

FireFox:
========
FF DefaultProfile: ppggg20o.default
FF DefaultProfile: cbjkvl8z.default-1470220961571
FF ProfilePath: C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\ppggg20o.default [2020-02-26]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 [2022-11-21]
FF Homepage: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> hxxps://www.theguardian.com/
FF NewTab: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> hxxps://searchdefault.co/homepage?hp=1&bitmask=9996&pId=AC191101&iDate=2020-11-13 12:16:29&bName=
FF NetworkProxy: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {else if ((shExpMatch(url, 'hxxps://www.netflix.com*')) || (shExpMatch(url, 'hxxp://www.netflix.com*')) || (host == 'netflix.com') || (host == 'www.netflix.com') || (host == 'cbp-us.nccp.netflix.com') || (url.indexOf('theplatform.com') != -1) || (shExpMatch(url, 'hxxp://www.crunchyroll.com*')) || (shExpMatch(url, 'hxxps://www.crunchyroll.com*')) || (host == 'api-manga.crunchyroll.com') || (host == 's.hulu.com') || (shExpMatch(url, 'hxxp://media.mtvnservices.com*')) || (host == 'media.mtvnservices.com')) { return 'PROXY us10.sq.proxmate.me:8000; PROXY us08.sq.proxmate.me:8000; PROXY us05.sq.proxmate.me:8000; PROXY us12.sq.proxmate.me:8000; PROXY us09.sq.proxmate.me:8000; PROXY us04.sq.proxmate.me:8000; PROXY us13.sq.proxmate.me:8000; PROXY us06.sq.proxmate.me:8000; PROXY us01.sq.proxmate.me:8000; PROXY us14.sq.proxmate.me:8000; PROXY us07.sq.proxmate.me:8000; PROXY us03.sq.proxmate.me:8000; PROXY us02.sq.proxmate.me:8000; PROXY us11.sq.proxmate.me:8000' } else { return 'DIRECT'; }}"
FF Extension: (Facebook Container) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\@contain-facebook.xpi [2022-11-04]
FF Extension: (FastForward) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\addon@fastforward.team.xpi [2022-07-20]
FF Extension: (Copyfish 🐟 Free OCR Software) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\copyfish@a9t9.com.xpi [2021-08-20]
FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\firefox@ghostery.com.xpi [2022-11-21]
FF Extension: (Tampermonkey) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\firefox@tampermonkey.net.xpi [2022-11-16]
FF Extension: (Forecastfox (fix version)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\forecastfox@s3_fix_version.xpi [2020-11-23]
FF Extension: (Simple mass downloader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\gelprec.smd@gmail.com.xpi [2019-06-08]
FF Extension: (HTTPS Everywhere) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\https-everywhere@eff.org.xpi [2021-07-16]
FF Extension: (Reverse Image Search) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-iiiWfb12bgHj8iKloOou74fb6jh@jetpack.xpi [2021-08-20]
FF Extension: (Word Count Tool) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-YHLk2psjhEWXNJqMKTU7dDcMJcN@jetpack.xpi [2018-05-01]
FF Extension: (Print Friendly & PDF) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-YQz0l1jthOIz179ehuitYAOdBEs@jetpack.xpi [2022-05-28]
FF Extension: (To Google Translate) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-22]
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-26] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (pinterest-guest) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-SWdspnBEetWxoA@jetpack.xpi [2021-08-20]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-11-04]
FF Extension: (Search image) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\searchimage@searchimage.fr.xpi [2017-02-21]
FF Extension: (SimpleBrowsingSchedule) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\simplebrowsingschedule@example.org.xpi [2022-10-06]
FF Extension: (tb-color-picker.label) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\tb-color-picker-single@codefisher.org.xpi [2018-04-22]
FF Extension: (TitleCase) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\TitleCase@htdsoftware.com.xpi [2018-12-03]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\uBlock0@raymondhill.net.xpi [2022-11-16]
FF Extension: (Vergrößern) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\zoom@stefanvd.net.xpi [2021-08-20]
FF Extension: (Zotero Connector) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\zotero@chnm.gmu.edu.xpi [2022-11-08] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]
FF Extension: (Imgur-Uploader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{11cf55c0-15ef-49d1-a0ff-02ed401413f8}.xpi [2019-04-02]
FF Extension: (Link Extractor) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{32234610-80fa-4bc1-9cef-183abea3f3b2}.xpi [2018-08-11]
FF Extension: (DuckDuckGo Search) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{37220c34-b538-4f3e-af3d-47aa40026683}.xpi [2020-09-22]
FF Extension: (Lightshot (Screenshot Tool)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}.xpi [2020-11-12]
FF Extension: (EPUBReader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-06-22]
FF Extension: (G App Launcher (Google™ Shortcuts)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi [2022-11-02]
FF Extension: (NoScript) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-11-16]
FF Extension: (User-Agent Switcher) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2022-07-12]
FF Extension: (Citavi Picker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-04-13]
FF Extension: (Auto Tab Discard) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{c2c003ee-bd69-42a2-b0e9-6f34222cb046}.xpi [2022-11-16]
FF Extension: (Web Developer) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2020-01-13]
FF Extension: (Bypass Paywalls Clean) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{d133e097-46d9-4ecc-9903-fa6a722a6e0e}.xpi [2022-11-21]
FF Extension: (Greasemonkey) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-01-28]
FF Extension: (Citavi Picker) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2017-12-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2019-12-24] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google Inc -> Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @hola.org/vlc,version=1.6.120 -> C:\Users\*****\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2022-11-12]
CHR Extension: (uBlock Origin) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-09-01]
CHR Extension: (Avira Browser Safety) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-09-05]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-14]
CHR HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\*****\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden>
CHR HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]

Opera: 
=======
OPR Profile: C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable [2022-11-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-04-24] (Advanced Micro Devices, Inc. -> )
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-29] (Adobe Systems) [Datei ist nicht signiert]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-12] (Adobe Inc. -> Adobe)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539152 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2018008 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-04-22] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-11-09] (Dropbox, Inc -> Dropbox, Inc.)
S4 FreeStyleLibre MAS Server; C:\Program Files (x86)\FreeStyle Libre\MAS.FreeStyleLibre.exe [285184 2016-01-19] () [Datei ist nicht signiert]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S4 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [169768 2017-08-29] (Lenovo -> Lenovo Group Limited)
S4 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [120400 2017-04-03] (Lenovo -> Lenovo Group Limited)
S4 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (LENOVO(JAPAN)LTD. -> Lenovo)
S4 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-16] (Malwarebytes Inc. -> Malwarebytes)
S4 PDF24; C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
S4 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2013-12-16] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S4 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [319024 2013-12-16] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-09-08] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382504 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-14] (Martin Malik - REALiX -> REALiX(tm))
S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [347224 2020-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 StillCam; C:\WINDOWS\system32\DRIVERS\serscan.sys [13312 2020-11-10] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VBoxNetAdp; C:\WINDOWS\System32\DRIVERS\VBoxNetAdp6.sys [237376 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-01-05] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-01-05] (Zemana Ltd. -> Zemana Ltd.)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-11-21 15:57 - 2022-11-21 16:00 - 000054026 _____ C:\Users\*****\Desktop\FRST.txt
2022-11-21 13:18 - 2022-11-21 13:18 - 000001422 _____ C:\Users\*****\Desktop\mwb_bericht_21.11.2022.txt
2022-11-21 13:17 - 2022-11-21 13:17 - 000002465 _____ C:\Users\*****\Desktop\mwb_bericht_16.11.2022_02.txt
2022-11-21 13:16 - 2022-11-21 13:16 - 000002465 _____ C:\Users\*****\Desktop\mwb_bericht_16.11.2022.txt
2022-11-21 12:32 - 2022-11-21 12:34 - 005659583 _____ (Swearware) C:\Users\*****\Desktop\ComboFix.exe
2022-11-21 12:21 - 2022-11-21 12:22 - 002375680 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2022-11-20 17:09 - 2022-11-20 17:09 - 010352849 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-20 16:15 - 2022-11-20 16:15 - 075389568 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-18 18:41 - 2022-11-18 18:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-16 19:29 - 2022-11-16 19:29 - 000002550 _____ C:\Users\*****\Desktop\malwarebytes log.txt
2022-11-16 17:45 - 2022-11-21 13:13 - 000000000 ____D C:\Users\*****\AppData\LocalLow\IGDump
2022-11-16 17:36 - 2022-11-16 17:36 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-11-16 17:36 - 2022-11-16 17:36 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-11-16 17:36 - 2022-11-16 17:36 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-16 17:36 - 2022-11-16 17:36 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-11-16 17:35 - 2022-11-16 17:35 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-11-16 17:35 - 2022-11-16 17:34 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-11-16 17:33 - 2022-11-16 17:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-16 17:32 - 2022-11-16 17:32 - 002632256 _____ (Malwarebytes) C:\Users\*****\Downloads\MBSetup.exe
2022-11-14 16:10 - 2022-11-14 16:21 - 505290059 _____ C:\Users\*****\Downloads\*****.zip
2022-11-13 11:37 - 2022-11-13 11:37 - 000000000 ___HD C:\$WinREAgent
2022-11-12 17:00 - 2022-11-12 17:00 - 000001153 _____ C:\Users\Public\Desktop\LibreOffice 7.4.lnk
2022-11-12 17:00 - 2022-11-12 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-11-12 15:18 - 2022-11-21 09:07 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-12 15:10 - 2022-11-12 15:10 - 000000000 ____D C:\WINDOWS\Panther
2022-11-12 10:10 - 2022-11-12 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-11-11 13:08 - 2022-11-21 09:07 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-09 21:23 - 2022-11-09 21:23 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 21:23 - 2022-11-09 21:23 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 21:22 - 2022-11-09 21:22 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 21:20 - 2022-11-09 21:20 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-09 12:36 - 2022-11-09 12:39 - 000000000 ____D C:\Program Files\LibreOffice
2022-11-09 11:32 - 2022-11-09 11:32 - 000000000 ____D C:\Users\*****\AppData\Roaming\Sun
2022-11-09 11:31 - 2022-11-09 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-11-09 11:31 - 2022-11-09 11:30 - 000195232 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-11-04 15:16 - 2022-11-04 15:17 - 001684395 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 15:11 - 2022-11-04 15:11 - 001271682 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 15:07 - 2022-11-04 15:07 - 001620388 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 11:20 - 2022-11-04 11:21 - 011943095 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 09:45 - 2022-11-04 09:45 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-04 09:45 - 2022-11-04 09:45 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-10-26 21:49 - 2022-10-26 21:49 - 000000401 _____ C:\Users\*****\Desktop\*****.txt
2022-10-24 22:40 - 2022-10-24 22:40 - 003994922 _____ C:\Users\*****\Downloads\*****.epub
2022-10-24 19:33 - 2022-10-24 21:49 - 000000000 ____D C:\Users\*****\AppData\Local\transmission
2022-10-24 19:32 - 2022-10-24 19:32 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Qt Client.lnk
2022-10-24 19:32 - 2022-10-24 19:32 - 000002459 _____ C:\Users\Public\Desktop\Transmission Qt Client.lnk
2022-10-24 19:32 - 2022-10-24 19:32 - 000000000 ____D C:\Program Files\Transmission
2022-10-24 16:16 - 2022-10-24 16:16 - 000000000 ____D C:\Users\*****\Downloads\FixMissingMSI_V2.2ForNET45
2022-10-24 16:08 - 2022-10-24 16:08 - 000002270 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2022-10-24 10:45 - 2022-10-24 13:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-10-24 10:43 - 2022-10-24 14:01 - 000157546 _____ C:\WINDOWS\ntbtlog.txt

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-11-21 16:04 - 2018-02-14 18:54 - 001479103 _____ C:\WINDOWS\ZAM.krnl.trace
2022-11-21 16:04 - 2018-02-14 18:54 - 001478320 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2022-11-21 15:59 - 2017-11-06 21:07 - 000000000 ____D C:\FRST
2022-11-21 15:56 - 2014-02-19 19:28 - 000000000 ____D C:\Program Files\JDownloader
2022-11-21 15:34 - 2014-02-01 21:11 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-21 15:06 - 2020-11-11 00:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-21 14:44 - 2014-03-25 11:26 - 000000000 ____D C:\Users\*****\Documents\*****
2022-11-21 14:33 - 2014-02-28 16:53 - 000007621 _____ C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2022-11-21 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-21 10:10 - 2018-11-26 21:32 - 000000000 ____D C:\Users\*****\AppData\Local\Microsoft_Corporation
2022-11-21 10:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-11-21 09:58 - 2015-06-19 16:10 - 000000000 ____D C:\Users\*****\AppData\Local\Dropbox
2022-11-21 09:53 - 2022-03-17 20:50 - 000000000 ____D C:\Users\*****\AppData\Roaming\DropboxElectron
2022-11-21 09:33 - 2016-11-18 09:15 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2022-11-21 09:32 - 2022-04-22 10:16 - 000000000 ____D C:\Users\*****\AppData\Local\Avast Software
2022-11-21 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-21 09:10 - 2022-09-15 17:38 - 000000000 ____D C:\Users\*****\AppData\Roaming\com.adobe.dunamis
2022-11-21 09:07 - 2014-03-06 19:31 - 000000000 ____D C:\Program Files\CCleaner
2022-11-21 09:06 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-21 08:58 - 2022-04-22 10:07 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-11-20 21:15 - 2020-07-10 11:50 - 000000000 ____D C:\Users\*****\AppData\Roaming\vlc
2022-11-20 19:29 - 2022-04-22 10:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-11-20 19:29 - 2021-08-30 12:08 - 000002248 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - user
2022-11-20 19:29 - 2021-07-25 09:07 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-11-20 19:29 - 2021-07-25 09:07 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-11-20 19:29 - 2020-11-11 01:01 - 000003724 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-11-20 19:29 - 2020-11-11 01:01 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-20 19:29 - 2020-11-11 01:01 - 000003500 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-11-20 19:29 - 2020-11-11 01:01 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-20 19:29 - 2020-11-11 01:01 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-20 19:29 - 2020-11-11 01:01 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-20 19:29 - 2020-11-11 01:01 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-11-20 19:29 - 2020-11-11 01:01 - 000002422 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002396 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002394 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002306 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_Dolby
2022-11-20 19:29 - 2020-11-11 01:01 - 000002302 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-11-20 19:29 - 2019-09-28 12:06 - 000001210 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-11-20 19:29 - 2019-09-28 12:06 - 000001206 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-11-20 18:11 - 2020-04-18 09:30 - 000000000 ____D C:\Users\*****\AppData\Roaming\Signal
2022-11-20 18:10 - 2014-06-25 09:35 - 000000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2022-11-20 16:49 - 2014-06-25 09:36 - 000000000 ____D C:\Users\*****\AppData\Local\Spotify
2022-11-20 14:50 - 2022-01-16 19:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-11-20 14:09 - 2018-07-06 12:14 - 000000000 ____D C:\Users\*****\Documents\Citavi 6
2022-11-20 13:39 - 2022-10-12 20:22 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2022-11-18 18:41 - 2022-01-23 13:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-18 18:41 - 2014-02-25 00:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-18 14:16 - 2020-01-20 23:43 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2022-11-18 13:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-16 17:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-16 17:33 - 2017-05-29 01:17 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-16 11:41 - 2016-10-02 19:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-11-14 19:54 - 2022-04-22 10:06 - 000382504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-12 16:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-12 15:11 - 2022-04-05 18:22 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-12 15:09 - 2020-11-11 01:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-12 15:09 - 2020-11-11 00:19 - 000669088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-12 15:09 - 2020-11-11 00:19 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-12 15:08 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-12 15:08 - 2014-02-01 12:57 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-11-12 15:06 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-12 12:22 - 2014-08-23 08:16 - 000000000 ____D C:\Users\*****\Documents\HK
2022-11-12 12:11 - 2014-04-14 17:10 - 000000000 ____D C:\Users\*****\Desktop\Diverses
2022-11-12 10:24 - 2022-08-14 11:20 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-12 10:11 - 2019-09-28 12:06 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-11-11 13:37 - 2017-01-01 20:46 - 000000000 ____D C:\Users\*****\.mediathek3
2022-11-11 13:24 - 2018-06-02 01:03 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2022-11-09 21:20 - 2020-11-11 00:22 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 20:27 - 2014-02-01 14:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 20:09 - 2013-01-17 08:28 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-09 11:29 - 2018-05-20 09:09 - 000000000 ____D C:\Program Files\Java
2022-11-07 17:05 - 2022-03-31 18:15 - 000002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-04 09:45 - 2022-04-22 10:06 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-04 09:44 - 2022-04-22 10:06 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-04 09:44 - 2022-04-22 10:06 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys.166842994448401
2022-11-04 09:44 - 2022-04-22 10:06 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-04 09:44 - 2022-04-22 10:06 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-02 20:20 - 2020-11-11 00:41 - 001964048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-02 20:20 - 2019-12-07 15:51 - 000839802 _____ C:\WINDOWS\system32\perfh007.dat
2022-11-02 20:20 - 2019-12-07 15:51 - 000185158 _____ C:\WINDOWS\system32\perfc007.dat
2022-10-31 17:35 - 2021-06-03 17:51 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-31 12:02 - 2019-01-23 21:47 - 000000000 ____D C:\Users\*****\AppData\Roaming\Telegram Desktop
2022-10-26 11:04 - 2018-01-27 23:09 - 000000000 ____D C:\Users\*****\AppData\Local\LenovoServiceBridge
2022-10-24 20:45 - 2014-04-28 08:05 - 000000000 ___RD C:\Users\*****\Downloads\*****
2022-10-24 20:13 - 2020-12-22 18:50 - 000000000 ____D C:\Program Files\MediathekView
2022-10-24 20:12 - 2020-12-22 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediathekView
2022-10-24 16:18 - 2022-10-12 20:22 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2022-10-24 16:08 - 2022-02-11 13:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-24 16:05 - 2014-02-01 21:02 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-24 10:43 - 2020-03-01 00:57 - 000000000 ____D C:\WINDOWS\TempInst
2022-10-24 10:32 - 2014-03-30 15:13 - 000000000 ____D C:\WINDOWS\pss

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-01-13 22:55 - 2020-01-13 22:55 - 000000008 __RSH () C:\ProgramData\sysqcl1131236454.dat
2017-06-04 19:58 - 2017-03-23 05:23 - 000966656 _____ () C:\Program Files (x86)\1026.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001048576 _____ () C:\Program Files (x86)\1028.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000487424 _____ () C:\Program Files (x86)\1029.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000495616 _____ () C:\Program Files (x86)\1030.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000507904 _____ () C:\Program Files (x86)\1031.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000864256 _____ () C:\Program Files (x86)\1032.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000032768 _____ () C:\Program Files (x86)\1033.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000528384 _____ () C:\Program Files (x86)\1034.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000524288 _____ () C:\Program Files (x86)\1036.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000512000 _____ () C:\Program Files (x86)\1038.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000479232 _____ () C:\Program Files (x86)\1040.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001351680 _____ () C:\Program Files (x86)\1041.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 003022848 _____ () C:\Program Files (x86)\1042.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000454656 _____ () C:\Program Files (x86)\1043.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000475136 _____ () C:\Program Files (x86)\1045.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000466944 _____ () C:\Program Files (x86)\1046.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000962560 _____ () C:\Program Files (x86)\1049.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000540672 _____ () C:\Program Files (x86)\1051.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000454656 _____ () C:\Program Files (x86)\1053.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000475136 _____ () C:\Program Files (x86)\1055.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000917504 _____ () C:\Program Files (x86)\1058.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000487424 _____ () C:\Program Files (x86)\1061.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001339392 _____ () C:\Program Files (x86)\1066.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000356352 _____ () C:\Program Files (x86)\2052.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 009675776 _____ () C:\Program Files (x86)\ABBYY FineReader 14 x64.msi
2017-06-04 19:58 - 2017-03-23 05:23 - 009568768 _____ () C:\Program Files (x86)\ABBYY FineReader 14.msi
2017-06-04 19:57 - 2017-03-23 05:14 - 001133208 _____ (ABBYY Production LLC.) C:\Program Files (x86)\AutoRun.exe
2017-06-04 19:57 - 2016-11-18 17:49 - 000001981 _____ () C:\Program Files (x86)\AutoRun.inf
2022-07-17 14:31 - 2022-07-17 14:31 - 009738240 _____ () C:\Program Files (x86)\GUTDD0D.tmp
2017-06-04 19:57 - 2017-03-23 05:14 - 000987800 _____ (ABBYY Production LLC.) C:\Program Files (x86)\Setup.exe
2017-06-04 19:57 - 2016-07-13 17:52 - 000000862 _____ () C:\Program Files (x86)\setup.ini
2018-07-09 09:33 - 2018-08-22 17:00 - 000000033 _____ () C:\Users\*****\AppData\Roaming\AdobeWLCMCache.dat
2015-07-19 18:46 - 2021-09-10 11:54 - 000002298 _____ () C:\Users\*****\AppData\Roaming\ASSDraw3.cfg
2018-08-14 00:04 - 2018-08-14 00:04 - 000000028 _____ () C:\Users\*****\AppData\Roaming\kulerdata.json
2020-11-13 00:58 - 2012-04-30 11:53 - 001249792 _____ (hxxp://www.ruby-lang.org/) C:\Users\*****\AppData\Roaming\msvcr90-ruby191.dll
2014-02-23 11:28 - 2014-02-23 11:28 - 000016660 _____ () C:\Users\*****\AppData\Roaming\UserTile.png
2018-04-05 11:57 - 2021-12-12 20:46 - 000000128 _____ () C:\Users\*****\AppData\Roaming\winscp.rnd
2014-11-23 14:13 - 2014-11-23 14:13 - 000000275 _____ () C:\Users\*****\AppData\Local\HamsterAudioConverterSettings.cfg
2020-03-24 13:36 - 2020-03-24 13:36 - 000000000 _____ () C:\Users\*****\AppData\Local\oobelibMkey.log
2020-06-15 23:16 - 2020-06-15 23:16 - 000001882 _____ () C:\Users\*****\AppData\Local\psppirerc
2022-05-23 12:26 - 2022-05-23 12:26 - 000000767 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2014-02-28 16:53 - 2022-11-21 14:33 - 000007621 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
Addition.txt
Code:
ATTFilter
==================== Speicherinformationen =========================== 

BIOS: LENOVO HSET64WW (2.09 ) 10/19/2015
Hauptplatine: LENOVO 20BC0006GE
Prozessor: AMD E1-2500 APU with Radeon(TM) HD Graphics 
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 7449.73 MB
Verfügbarer physikalischer RAM: 3012.61 MB
Summe virtueller Speicher: 17449.73 MB
Verfügbarer virtueller Speicher: 9824.83 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:5.5 GB) (Model: Samsung SSD 840 Series SATA Disk Device) NTFS
Drive d: (*****) (Fixed) (Total:465.76 GB) (Free:240.19 GB) (Model: HGST HTS 545050A7E380 USB Device) NTFS

\\?\Volume{85bc2e43-8b25-11e3-983b-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 000A62BB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

Alt 21.11.2022, 18:04   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Zitat:
Prozessor: AMD E1-2500 APU with Radeon(TM) HD Graphics
Du hast da ein Schrottgerät, weil extrem langsame CPU. Da wirst du dir wohl ein neues Gerät kaufen müssen, CPUs in Notebooks kann man nicht wechseln.
__________________

__________________

Alt 21.11.2022, 21:26   #3
mrs_mister
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Zitat:
Zitat von cosinus Beitrag anzeigen
Du hast da ein Schrottgerät, weil extrem langsame CPU. Da wirst du dir wohl ein neues Gerät kaufen müssen, CPUs in Notebooks kann man nicht wechseln.
Danke für die Ersteinschätzung, aber ein Neukauf ist gerade leider nicht drin.

Mir ist auch klar, dass das Notebook schon älter ist, die CPU nicht gewechselt werden kann und der Speicher ziemlich zugestopft ist mit Daten, aber die Performance war trotzdem unter gleichen Voraussetzungen mal besser, deshalb ja meine Bitte, ob jemand in den Scans was Auffälliges entdeckt hat, was das Gerät so extrem verlangsamt.

Bzgl. Browser: ich hatte auch schon mal versucht, in Firefox (Version 107.0) alle Erweiterungen (darunter uBlock Origin, Ghostery) zu deaktivieren, aber habe keine merkliche Änderung feststellen können.
__________________

Alt 21.11.2022, 21:31   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Die Performance kann auch vorher nicht besser gewesen sein. Diese CPU ist einfach zu schlecht.

Abgesehen davon, dass du so einen Schrott wie Avast drauf hast, sind die Logfiles unvollständig.
__________________
Logs bitte immer in CODE-Tags posten

Alt 21.11.2022, 21:46   #5
mrs_mister
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Zitat:
Zitat von cosinus Beitrag anzeigen
Die Performance kann auch vorher nicht besser gewesen sein. Diese CPU ist einfach zu schlecht.
Die Performance (Seitenaufbau im Browser, Programmstart, etc.) war sehr wohl mal besser, ich rede ja nicht von Benchmarks sondern von allgemeiner Usability.

Zitat:
Zitat von cosinus Beitrag anzeigen
Abgesehen davon, dass du so einen Schrott wie Avast drauf hast, sind die Logfiles unvollständig.
Avast werde ich auch wieder runterschmeißen, hatte mich durch die Panikmache mit Kaspersky, dass ich vorher drauf hatte, verunsichern lassen.

Inwiefern sind die Logfiles unvollständig? Hab mich genau an die Anleitung in https://www.trojaner-board.de/69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html gehalten. Was fehlt denn?


Alt 21.11.2022, 22:03   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Bei der FRST.txt fehlt der Anfang und von der Addition.txt hast du nur das Ende gepostet.

Poste für den Anfang in der nächsten Antwort erstmal nur die Addition.txt komplett.
__________________
--> Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam

Alt 21.11.2022, 23:19   #7
mrs_mister
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Zitat:
Zitat von cosinus Beitrag anzeigen
Bei der FRST.txt fehlt der Anfang und von der Addition.txt hast du nur das Ende gepostet.

Poste für den Anfang in der nächsten Antwort erstmal nur die Addition.txt komplett.
Sorry, mir ist gerade eingefallen, dass ich auf Empfehlung von chip.de in Farbar bei Shortcut.txt ein Häkchen gesetzt hatte, aber nach dem Scan darin nix angezeigt wurde und ich die Datei deshalb nicht gespeichert habe.
Die Logfiles FRST.txt und Addition.txt habe ich genauso übernommen wie Farbar sie mir zum Speichern angeboten hat.

Da muss dann was schiefgelaufen sein und ich muss den Scan wohl noch mal machen,
Das dauert dann ein bisschen, sorry noch mal.

Neuer Versuch und hoffentlich diesmal komplett. Der Scan ging auch viel schneller als beim ersten Mal.

Addition - Log
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-11-2022
durchgeführt von user (21-11-2022 22:37:37)
Gestartet von C:\Users\*****\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) (2020-11-11 00:03:04)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2839958251-2324060183-95412134-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2839958251-2324060183-95412134-503 - Limited - Disabled)
Gast (S-1-5-21-2839958251-2324060183-95412134-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2839958251-2324060183-95412134-1006 - Limited - Enabled)
***** (S-1-5-21-2839958251-2324060183-95412134-1000 - Administrator - Enabled) => C:\Users\*****
WDAGUtilityAccount (S-1-5-21-2839958251-2324060183-95412134-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
7-Zip 22.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 22.003.20282 - Adobe Systems Incorporated)
Adobe Bridge 1.0 (HKLM-x32\...\{B74D4E10-6884-0000-0000-000000000101}) (Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (HKLM-x32\...\{8EDBA74D-0686-4C99-BFDD-F894678E5101}) (Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Help Center 1.0 (HKLM-x32\...\{E9787678-119F-4D52-B551-6739B2B22101}) (Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos 1.0 (HKLM-x32\...\{786C5747-0C40-4930-9AFE-113BCE553101}) (Version: 1.0.1 - Adobe Systems) Hidden
Akai Professional MPX File Conversion Utility (HKLM-x32\...\MPXFileConversionUtility) (Version:  - )
AMD Accelerated Video Transcoding (HKLM\...\{7E703C24-FE37-6B04-8E02-AE42F5BC8696}) (Version: 12.10.100.30622 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.17.25.506 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (HKLM\...\{CF84CD21-FC52-857E-AF41-9DEE9C76D245}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (HKLM\...\{7B70FA22-6E62-306E-9744-21BA814E9F74}) (Version: 1.0.80622.2220 - Advanced Micro Devices, Inc.) Hidden
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2021.0511.1352.24954 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver Alpha (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.5.2 - Advanced Micro Devices, Inc.)
AMD Steady Video Plug-In  (HKLM\...\{94BFDEF9-D91D-4B5D-8A60-08514C7191AF}) (Version: 2.08.0000 - AMD) Hidden
AMD Wireless Display v3.0 (HKLM\...\{630E5EF7-72F8-9E5D-BEF5-ED85B698E160}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{9bbdaa84-1315-4bcf-ac55-57449b4228f1}) (Version: 2.17.25.506 - Advanced Micro Devices, Inc.) Hidden
AS4 ACPI Driver (HKLM-x32\...\{FDA6853C-2E76-4C5A-8341-F7B974BA134F}) (Version: 1.2.0.0046 - Advanced Micro Devices, Inc.) Hidden
Audacity 3.1.3 (64 Bit) (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Audiobookmaker (HKLM-x32\...\Audiobookmaker_is1) (Version:  - Anton Ryazanov)
Authy Desktop (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\authy) (Version: 2.2.1 - Twilio Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.10.6038 - Avast Software)
balenaEtcher 1.7.1 (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.7.1 - Balena Inc.)
Bose Updater (HKLM-x32\...\Bose Updater) (Version: 1.2.2.815 - Bose Corporation)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.201 - Broadcom Corporation)
Broken X Disk Manager - Demo Version 4.13 (HKLM-x32\...\Broken X Disk Manager_is1) (Version: 4.13.2374 - Kevin Fucik)
calibre 64bit (HKLM\...\{AD46B379-13AD-4790-8137-2311E8825039}) (Version: 3.44.0 - Kovid Goyal)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.04 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.7.0.0 - Swiss Academic Software)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
CopyTrans HEIC for Windows (HKLM\...\CopyTrans HEIC for Windows_is1) (Version: 2.0.0.0 - Ursa Minor Ltd)
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 3.5 - DiskInternals Research)
DivX-Setup (HKLM\...\DivX Setup) (Version: 3.0.0.83 - DivX, LLC)
Dropbox (HKLM-x32\...\Dropbox) (Version: 161.4.4923 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.639.1 - Dropbox, Inc.) Hidden
FFmpeg v2.2.2 for Audacity - 64bit (HKLM\...\FFmpeg for Audacity_is1) (Version:  - )
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
FreeStyle Libre (HKLM-x32\...\FreeStyle Libre 1.0) (Version: 1.0 - Abbott Diabetes Care)
GÉANTLink 1.2g x64 (HKLM\...\{9724DC5C-8574-47AF-9978-04ED7FA83EF4}) (Version: 1.2.11 - GÉANT)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 66.0.3.0 - Google LLC)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.21) (Version: 9.21 - Artifex Software Inc.)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
HP Customer Experience Enhancements (HKLM-x32\...\{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}) (Version: 6.0.3.1 - Hewlett-Packard) Hidden
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.1.0- - Inkscape)
IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
Java 8 Update 351 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 2.43 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.43 - Dominik Reichl)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.21 - Lenovo)
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.23.0 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.23 - Lenovo) Hidden
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.00 - Lenovo Group Limited)
Lenovo Service Bridge (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.13 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0140 - Lenovo)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
LibreOffice 7.4.2.3 (HKLM\...\{B9AD5CF7-CCB5-4C79-A693-29E7A6340F41}) (Version: 7.4.2.3 - The Document Foundation)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.36.86 - Logitech)
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.123 - Logitech)
Malwarebytes version 4.5.17.221 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.17.221 - Malwarebytes)
MediathekView 13.9.1 (HKLM\...\1927-5045-2127-3394) (Version: 13.9.1 - MediathekView Team)
Mendeley Reference Manager 2.59.0 (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\b4b58389-01e4-5dfd-9842-aad36733657a) (Version: 2.59.0 - Mendeley)
Microsoft .NET Framework 4.6.1 (DEU) (HKLM\...\{AAC5C889-B75D-3368-BC63-CB660DE44C66}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 (HKLM\...\{E0C7523C-686B-3EE6-8FB1-CB4339E30EDD}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\OneDriveSetup.exe) (Version: 22.186.0904.0001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720 (HKLM\...\{CB4A0FDE-1126-4AE2-97C6-A243692C3D95}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720 (HKLM\...\{DD1EC0FD-3F0A-4740-A05E-1DCD14A6B0D1}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
MKVToolNix 70.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 70.0.0 - Moritz Bunkus)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 107.0 (x64 de)) (Version: 107.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 107.0.0.8349 - Mozilla)
Mozilla Thunderbird (x86 de) (HKLM-x32\...\Mozilla Thunderbird 102.5.0 (x86 de)) (Version: 102.5.0 - Mozilla)
Mp3tag v3.17 (HKLM\...\Mp3tag) (Version: 3.17 - Florian Heidenreich)
MPC-HC 1.9.1 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.1 - MPC-HC Team)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MyKeyFinder 2018 (HKLM-x32\...\{c6396ed4-bdba-4f98-8739-767cb6bd16e6}_is1) (Version: 7.2 - Abelssoft)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.9 - F.J. Wechselberger)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.71 - Nmap Project)
OEM Application Profile (HKLM-x32\...\{B58255B5-DF43-3FA9-3DF9-618510C1109A}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{9108ED9C-43BD-44DF-83AF-6DB198556920}) (Version: 4.3.7 - dotPDN LLC)
PDF24 Creator 10.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.7.0 - PDF24.org)
PDF-XChange Editor (HKLM\...\{F15CB44E-856E-4872-A767-5628971A761C}) (Version: 7.0.325.1 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{2be0fb67-0906-4428-ab19-02ae10c7e4bc}) (Version: 7.0.325.1 - Tracker Software Products (Canada) Ltd.)
Photo Common (HKLM-x32\...\{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Raspberry Pi Imager (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Raspberry Pi Imager) (Version: 1.6.2 - Raspberry Pi)
RealSpeak Solo fur Deutsch - Steffi (HKLM-x32\...\{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}) (Version: 4.00.0000 - ScanSoft)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10240.29091 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.98.107.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9225.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software)
Shotcut (HKLM\...\Shotcut) (Version: 22.01.30 - Meltytech, LLC)
Signal 5.63.1 (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.63.1 - Signal Messenger, LLC)
Skype Version 8.32 (HKLM-x32\...\Skype_is1) (Version: 8.32 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18052.28 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18052.28 - Samsung Electronics Co., Ltd.)
Spotify (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Spotify) (Version: 1.1.98.691.gf759311c - Spotify AB)
Subtitle Edit 3.6.7 (HKLM\...\SubtitleEdit_is1) (Version: 3.6.7.0 - Nikse)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation)
Telegram Desktop version 4.1.1 (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.1.1 - Telegram FZ-LLC)
TeX Live 2019 (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\TeXLive2019) (Version: 2019 - TeX Live)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
Transmission 3.00 (bb6b5a062e) (x64) (HKLM\...\{B206C51C-27D2-4251-95E2-B4B28DE80633}) (Version: 3.00.0 - Transmission Project)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66233218-CA57-4AB2-BA43-A97AA4635960}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{CE52672C-A0E9-4450-8875-88A221D5CD50}) (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{FC071B45-4A5F-408F-92F8-4D9D693E866F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{714E162E-CD4F-4F1B-8302-7F5179409C25}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{955E4722-1480-4198-A144-65FA5F4446DA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (HKLM-x32\...\{A951D5DA-4759-4C3B-9C36-C6BF30082A2F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinSCP 5.19.5 (HKLM-x32\...\winscp3_is1) (Version: 5.19.5 - Martin Prikryl)
Zoom (HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\ZoomUMX) (Version: 5.8.6 (2048) - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 5.0.82 (x86 en-US)) (Version: 5.0.82 - Corporation for Digital Scholarship)

Packages:
=========
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-12] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
NostalgicPlayer -> C:\Program Files\WindowsApps\30962Polycode.NostalgicPlayer_1.8.0.0_x64__60a1k5d03dx7r [2022-10-24] (Polycode)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2839958251-2324060183-95412134-1000_Classes\CLSID\{04271989-C4D2-A3D1-DD36-F93FD4EECA41} -> [OneDrive - *****] => C:\Users\*****\OneDrive - ***** [2016-10-03 00:06]
CustomCLSID: HKU\S-1-5-21-2839958251-2324060183-95412134-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2839958251-2324060183-95412134-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\*****\Dropbox [2014-03-18 16:38]
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2016-03-24] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Datei ist nicht signiert]
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Datei ist nicht signiert]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2016-03-24] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Keine Datei
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Datei ist nicht signiert]
ContextMenuHandlers1_S-1-5-21-2839958251-2324060183-95412134-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1_S-1-5-21-2839958251-2324060183-95412134-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} =>  -> Keine Datei
ContextMenuHandlers4_S-1-5-21-2839958251-2324060183-95412134-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2839958251-2324060183-95412134-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeX Live 2019\TeX Live command-line.lnk -> C:\texlive\2019\tlpkg\installer\tl-cmd.bat ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeX Live 2019\Uninstall TeX Live.lnk -> C:\texlive\2019\tlpkg\installer\uninst.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2022-06-03 19:33 - 2021-03-09 19:48 - 000017920 _____ () [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 003567616 _____ () [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2022-06-03 19:34 - 2021-05-11 13:34 - 001704960 _____ (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2022-06-15 17:00 - 2022-06-15 17:00 - 000094720 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
2022-11-12 16:01 - 2022-11-12 16:01 - 009261056 _____ (Nikse) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\libse\a97097d3a983743b31c20eee545bfb09\libse.ni.dll
2017-02-12 01:28 - 2015-09-28 19:08 - 000255488 _____ (Sysprogs OU) [Datei ist nicht signiert] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000031744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000039424 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000031744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000414720 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000025088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000024576 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000023552 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000532992 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 001441792 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 001189888 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000134656 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 006184448 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 006867456 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000735232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 001104896 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000325120 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 003668480 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000517120 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000051712 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 004228608 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000171008 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 001085440 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000480256 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000205824 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000329728 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000127488 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000390656 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 095598080 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 005587968 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000462848 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000188928 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 002878464 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000055808 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000059392 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2022-06-03 19:34 - 2021-03-09 19:48 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000284160 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2022-06-03 19:33 - 2021-03-09 19:48 - 000333824 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2022-06-03 19:34 - 2021-03-09 19:48 - 000090112 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2022-06-03 19:34 - 2021-03-09 19:48 - 000313856 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2022-06-03 19:34 - 2021-03-09 19:48 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2022-06-03 19:34 - 2021-03-09 19:48 - 000091648 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2022-11-09] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-11-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\sharepoint.com -> hxxps://hawhamburgde-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\ws.microsoft.com -> hxxp://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\ws.microsoft.com -> hxxps://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\wustat.windows.com -> hxxp://wustat.windows.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2017-10-31 10:46 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\ThinkPad\Bluetooth Software;C:\Program Files\ThinkPad\Bluetooth Software\syswow64;C:\Program Files\Calibre2;C:\Program Files (x86)\Common Files\Adobe\AGL;C:\Program Files\FileBot;C:\Program Files (x86)\Skype\Phone;C:\Program Files\Calibre2\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Inkscape\bin;C:\Program Files (x86)\Windows Live\Shared
HKCU\Environment\\Path -> ;C:\texlive\2019\bin\win32;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2839958251-2324060183-95412134-501\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
 ist aktiviert.

Network Binding:
=============
Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 
Ethernet 2: AppEx Networks Accelerator -> appex_acc (enabled) 
WLAN: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 
WLAN: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) 
WLAN: AppEx Networks Accelerator -> appex_acc (enabled) 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\Services: AdaptiveSleepService => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGMService => 3
MSCONFIG\Services: AGSService => 3
MSCONFIG\Services: AMD Crash Defender Service => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: DFWSIDService => 2
MSCONFIG\Services: ElevationService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IBMPMSVC => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: kpm_launch_service => 3
MSCONFIG\Services: KSDE5.3 => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LENOVO.CAMMUTE => 2
MSCONFIG\Services: LENOVO.TPKNRSVC => 2
MSCONFIG\Services: LENOVO.TVTVCAM => 2
MSCONFIG\Services: Lenovo.VIRTSCRLSVC => 2
MSCONFIG\Services: lnvDiscoveryWinSvc => 2
MSCONFIG\Services: LPlatSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PDF24 => 2
MSCONFIG\Services: QuickControlService => 3
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: SUService => 3
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TPHKLOAD => 2
MSCONFIG\Services: TPHKSVC => 2
MSCONFIG\Services: vpnagent => 2
MSCONFIG\Services: Wondershare InstallAssist => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LightBulb.lnk => C:\Windows\pss\LightBulb.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk.Startup
MSCONFIG\startupreg: 331BigDog => "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AppEx Accelerator UI => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: com.squirrel.Teams.Teams => C:\Users\*****\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: FreeStyle AutoLaunch => "C:\Program Files (x86)\Abbott Diabetes Care\FreeStyle Auto-Assist\adclaunchd.exe"
MSCONFIG\startupreg: FreeStyleLibreautorunexe => C:\Program Files (x86)\FreeStyle Libre\MASLaunchClient.FreeStyleLibre.exe
MSCONFIG\startupreg: HP Officejet 6600 (NET) => "C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe" -deviceID "CN41P8R03C05RN:NW" -scfn "HP Officejet 6600 (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: LenovoNal => C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: StartCN => "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
HKLM\...\StartupApproved\StartupFolder: => "WSAppHelper.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WSAndroidAppHelper.lnk"
HKLM\...\StartupApproved\Run: => "LENOVO.TPKNRRES"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "331BigDog"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "kpm_tray.exe"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "LENOVO.TPKNRRES"
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\StartupApproved\StartupFolder: => "Reallusion Hub.lnk"
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\StartupApproved\Run: => "Vivaldi Update Notifier"
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{308918B0-2474-4E04-A53B-96B0D0B68C2C}] => (Allow) C:\Users\*****\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{3D6E2544-B05A-4CDB-A6AA-508596F50E63}C:\users\*****\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\*****\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D88CC42B-564F-4716-8E90-96EB825EF241}C:\users\*****\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\*****\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B6A99F1-6B9C-4B00-BDC6-D40794DBD44F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2218D046-808D-4D8B-96A5-B438E396E428}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BDDD550F-89BE-4C35-9C09-EA716A57A645}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C74F92B-E58A-483A-B854-4143662F63B5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E27A852E-98BD-4E32-BCF6-89299F5E8D1D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{55B1055F-5F19-414F-B5BA-F408C803BF99}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2A9D4CF0-D46D-4757-A7C5-B8E6CC5E6D0D}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{BDAF5CA9-E945-41F5-8836-D270BE8EE4C8}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{8B3F1BC1-DC22-4E8E-9960-3ACD600DBDBD}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C60318EE-6C04-443C-945E-57D89147A0DB}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C02AC36C-FA4C-4F62-B207-CB41A04D8A60}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{7CB30875-5372-42E9-8932-EF5078BEBB8A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{343B3581-4ABE-4886-BEDA-47762001E049}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{C5499C46-BC18-4D59-A306-8D9F8ACCE36B}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{927FB62D-8B1A-4CFA-8A9D-E839E747366F}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{0EDF27FD-A575-4AD1-B318-EAE53DBC4FA8}] => (Allow) C:\Users\*****\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B8283ADE-38B5-4350-8952-83F9EBC06BCA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3C32430-0C62-4F56-82B5-B8BC9AE67EC9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E82182D-66CC-461F-A41E-6C2ADBA4D9C5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1C0149D-7486-44D2-A213-289B94A3B233}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B464583-952F-4EA5-8146-3389D3DBFFE2}] => (Allow) LPort=2869
FirewallRules: [{AFBD5EEF-F0BB-4C74-A952-246CB2723BBD}] => (Allow) LPort=1900
FirewallRules: [{61AA7C74-A0BF-4050-8384-FB24D2A87023}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D77EABEB-DC77-46D0-95CC-F29A97E45204}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{22F9DAC4-0704-4A4E-AD31-D144BA46BAF5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{1A286207-B463-43B7-8548-824AD7162E8D}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{12C2E091-C675-41A9-AB18-2E3BB73A22D1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{679B374B-819C-4762-9AEF-872AC3752078}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9CBDB29E-B53E-4C98-8471-F9455BD63C44}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94D79484-11FE-4C87-B724-31AEF4350E22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B80FA69B-99E1-42CE-9951-72251E23457B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{B77C8A6D-ADCB-4C9D-A49E-37DB826B089C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F3810CDA-AD2A-4A4D-B68D-84EA8AF8B35A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (11/21/2022 08:50:40 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (11/21/2022 08:50:40 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/20/2022 07:00:03 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "S:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (11/18/2022 01:07:42 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029

Error: (11/18/2022 01:07:41 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/16/2022 11:22:40 AM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029

Error: (11/16/2022 11:22:40 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/14/2022 07:53:59 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029


Systemfehler:
=============
Error: (11/21/2022 08:51:09 PM) (Source: DCOM) (EventID: 10001) (User: *****)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147942402"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/21/2022 09:16:06 AM) (Source: DCOM) (EventID: 10001) (User: *****)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147942402"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/20/2022 05:35:35 PM) (Source: DCOM) (EventID: 10001) (User: *****)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147942402"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/20/2022 05:24:09 PM) (Source: DCOM) (EventID: 10001) (User: *****)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147942402"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/20/2022 04:47:42 PM) (Source: DCOM) (EventID: 10029) (User: NT-AUTORITÄT)
Description: Das Zeitlimit für die Aktivierung der CLSID "{8A1A8BB1-242F-431A-9F5B-254BA754631C}" wurde überschritten, während auf das Beenden von Dienst "UsoSvc" gewartet wurde.

Error: (11/20/2022 01:17:45 PM) (Source: DCOM) (EventID: 10001) (User: *****)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147942402"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/19/2022 11:47:19 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (11/19/2022 10:55:28 AM) (Source: DCOM) (EventID: 10001) (User: *****)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147942402"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca


Windows Defender:
================
Date: 2022-04-22 11:08:16
Description: 
Der überwachte Ordnerzugriff hat C:\Program Files\Avast Software\Avast\AvBugReport.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2022-04-22T09:08:16.673Z
Benutzer: *****\*****
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: C:\Program Files\Avast Software\Avast\AvBugReport.exe
Sicherheitsversion: 1.363.716.0
Modulversion: 1.1.19100.5
Produktversion: 4.18.2203.5

Date: 2022-04-22 11:08:16
Description: 
Der überwachte Ordnerzugriff hat C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2022-04-22T09:08:16.507Z
Benutzer: *****\*****
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Sicherheitsversion: 1.363.716.0
Modulversion: 1.1.19100.5
Produktversion: 4.18.2203.5

Date: 2022-04-22 11:08:16
Description: 
Der überwachte Ordnerzugriff hat C:\Program Files\Avast Software\Avast\wsc_proxy.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2022-04-22T09:08:16.407Z
Benutzer: *****\*****
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: C:\Program Files\Avast Software\Avast\wsc_proxy.exe
Sicherheitsversion: 1.363.716.0
Modulversion: 1.1.19100.5
Produktversion: 4.18.2203.5

Date: 2022-04-22 11:08:08
Description: 
Der überwachte Ordnerzugriff hat C:\Program Files\Avast Software\Avast\RegSvr.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2022-04-22T09:08:08.695Z
Benutzer: *****\*****
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: C:\Program Files\Avast Software\Avast\RegSvr.exe
Sicherheitsversion: 1.363.716.0
Modulversion: 1.1.19100.5
Produktversion: 4.18.2203.5

Date: 2022-04-22 11:08:08
Description: 
Der überwachte Ordnerzugriff hat C:\Program Files\Avast Software\Avast\x86\RegSvr.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2022-04-22T09:08:08.681Z
Benutzer: *****\*****
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: C:\Program Files\Avast Software\Avast\x86\RegSvr.exe
Sicherheitsversion: 1.363.716.0
Modulversion: 1.1.19100.5
Produktversion: 4.18.2203.5
Event[0]:

Date: 2022-04-14 06:08:33
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.363.323.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.19100.5
Fehlercode: 0x80240009
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". 

CodeIntegrity:
===============
Date: 2022-11-21 22:12:23
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-21 22:12:22
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-21 21:32:08
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-11-21 15:53:14
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: LENOVO HSET64WW (2.09 ) 10/19/2015
Hauptplatine: LENOVO 20BC0006GE
Prozessor: AMD E1-2500 APU with Radeon(TM) HD Graphics 
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 7449.73 MB
Verfügbarer physikalischer RAM: 4250.05 MB
Summe virtueller Speicher: 17449.73 MB
Verfügbarer virtueller Speicher: 12183.05 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:5.55 GB) (Model: Samsung SSD 840 Series SATA Disk Device) NTFS
Drive d: (*****) (Fixed) (Total:465.76 GB) (Free:240.19 GB) (Model: HGST HTS 545050A7E380 USB Device) NTFS

\\?\Volume{85bc2e43-8b25-11e3-983b-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 000A62BB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

Alt 21.11.2022, 23:40   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Jetzt sehe ich fast alles. Tut mir Leid, aber das System ist planlos zugemüllt. Und bei sowas wie

Zitat:
Adobe Flash Player 32 NPAPI
klappen sich meine Zehennägel hoch. Der Flash Player ist jetzt wie lange tot? 2 Jahre? Du hast da grundsätzlich eine sehr sehr schlechte Systempflege. Und das ist neben schlechten CPUs auch der Hauptgrund für superlangsame Systeme, eben das planlose Zumüllen bzw. die fehlende Pflege.

Aus deinem Rechner wird auchkeine Rakete, nur weil man jetzt hier und da was löscht. Man müsste schon das gesamte System einreißen, Windows neu installieren und dann nur das was man braucht. Selbst dann wird das System nicht schnell sein eben weil diese CPU sehr schnell an ihre Grenzen kommt.
__________________
Logs bitte immer in CODE-Tags posten

Alt 22.11.2022, 20:21   #9
mrs_mister
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Zitat:
Zitat von cosinus Beitrag anzeigen
Jetzt sehe ich fast alles. Tut mir Leid, aber das System ist planlos zugemüllt.
Damit kann ich leben, obwohl es nicht schön ist. Der Plan ist sowieso, bei dem nächsten Rechner, den ich mir hoffentlich bald leisten kann, etwas sorgfältiger zu sein.
Ich wollte ja eigentlich auch nur, dass jemand mit Fachwissen mal nachschaut, ob es Hinweise auf Cryptominer/Trojaner gibt.
Hier wäre in diesem Fall noch der (hoffentlich diesmal) vollständige FRST-txt.
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2022
durchgeführt von ***** (Administrator) auf ***** (LENOVO 20BC0006GE) (21-11-2022 22:28:39)
Gestartet von C:\Users\*****\Desktop
Geladene Profile: *****
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\66.0.3.0\crashpad_handler.exe
(explorer.exe ->) (LINET Services GmbH -> ) C:\Program Files\MKVToolNix\mkvtoolnix-gui.exe
(explorer.exe ->) (Nikse) [Datei ist nicht signiert] C:\Program Files\Subtitle Edit\SubtitleEdit.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <15>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360565.inf_amd64_7d719e3a1bab56a3\B360372\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2180_none_7e328fe47c714aab\TiWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [297256 2017-08-29] (Lenovo -> Lenovo Group Limited)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-30] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572528 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-11-24] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3315280 2019-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11209952 2022-11-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\*****\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\MountPoints2: {a023fa8a-46d9-11ec-bc07-c454443cafa4} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\MountPoints2: {a023fb79-46d9-11ec-bc07-c454443cafa4} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2839958251-2324060183-95412134-501\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe --startup_mode (Keine Datei)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MP540 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9E.DLL [27648 2008-05-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP540 series: C:\Windows\system32\CNMLM9E.DLL [279040 2008-05-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP 5D12 Status Monitor: C:\Windows\system32\hpinksts5D12LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2363136 2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{07AA0886-CC8D-4e19-A410-1C75AF686E62}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{33c86cd6-705f-4ba1-9adb-67070b837775}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> 
HKLM\Software\...\Authentication\Credential Provider Filters: [{edd749de-2ef1-4a80-98d1-81f20e6df58e}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-11-12]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02275B37-B633-4A81-9D2B-86801443D0DC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe /launch (Keine Datei)
Task: {106CB9C9-0E3B-44EF-B247-FE038498D7C7} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {1717C752-FA7D-4CC3-AA68-367AF2DC551F} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [1783776 2016-08-01] (DivX, LLC -> DivX, LLC)
Task: {1DFBCB49-FA78-4D6B-ACA3-D16EFA1235B5} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3834520 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FF19F56-ABF4-477A-AB4B-8F02E63C8955} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-12] (Adobe Inc. -> Adobe)
Task: {221D9A1F-649A-4F47-A350-6AFFA649F200} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {239B2C9E-FCCF-4A7B-9910-EBB5E05EA31A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {23CEDD6D-2E83-4334-A467-41FF7C474AFE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {29B8E714-429C-4528-9746-806A765FD940} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A690E5B-E535-422A-B745-893F18327978} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2B3DE80D-5BCF-40D0-904A-E065A85A7D19} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {2FCD98DE-114F-46B5-A9C3-647623365BCD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3133BB99-5C58-4F26-9F70-B18AC323E486} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-12] (Adobe Inc. -> Adobe)
Task: {374DA1F9-CC7F-4B4F-A6A9-E2833030CDA8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Keine Datei)
Task: {37DD28B1-D5FD-48CE-91BC-9B6AB7BF53E4} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\AutoUpdate.exe /auto (Keine Datei)
Task: {3B15D0EA-8A83-49E3-A635-21559E356DB0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {3B9D2B52-BF32-4509-85C6-D00204EF1294} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3CC5F28A-ACB0-4C2D-B09D-729C45CA43DD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {42AA26B5-8D6B-4B55-843E-336A6E8E490C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {498C49AF-3C7A-4486-A072-3CF445D0DE8E} - \Microsoft\Windows\Setup\EOSNotify -> Keine Datei <==== ACHTUNG
Task: {4FE98CE6-D123-4ABF-9225-CBCF6F514C4F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5241D901-6842-4AC0-8AF9-37E7867CDEA4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {5811C7BF-1BB0-429F-9449-32CDE93C84CC} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Keine Datei)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6169C8D7-AD8B-4C17-8F08-20975A6D971C} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [Datei ist nicht signiert]
Task: {62B2191D-A59B-4A74-AE95-7B42AE0565E2} - System32\Tasks\CCleanerSkipUAC - ***** => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {64737F4F-CEAF-4114-BD56-93C1C17C132E} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {680EEDF1-6297-44CC-B8F0-ACE6DCF2268E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [712200 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F715D41-04B0-4EB9-AD54-3103E4C15C2D} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\Scheduler.exe /scheduler (Keine Datei)
Task: {73A6956F-B7B0-4D8E-A075-8FB604EC9F28} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {73FB205A-34A6-4130-B9B9-48F7CEBF7FE1} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2839958251-2324060183-95412134-1000 => C:\Users\*****\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2022-10-19] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {74084314-034B-492B-9A18-0ED6CC6186BC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {76750A57-8E52-4E12-A933-39094277C1E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E6E0992-71C0-4A09-81FB-E30D59D6076F} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {8237BB6A-402D-490A-B9F7-E570DF1C2A94} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Keine Datei)
Task: {8666B73F-A987-49EA-92E8-65D97A119F2C} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {8A82137C-310A-427A-97BD-56775E3A77D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {8CEB21FC-C066-4553-AFB3-55C63495DAF1} - System32\Tasks\Abelssoft\UpdateYeti scan => C:\Program Files (x86)\UpdateYeti\UpdateYeti.exe [2433048 2016-05-10] (Ascora GmbH -> Abelssoft)
Task: {8FB478B9-F1C1-4599-B47D-AB25318700B2} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-29] (Lenovo -> )
Task: {95D1B83C-758C-48CF-B397-15C74E92917C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {97F7E27E-D2AE-4D10-957A-82183FF2B83D} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {98BC2526-D25E-4636-8197-0C3CC6337B9F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {995BBDFD-47E9-4046-9E89-8AD6D632CA1A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A12B9E55-F4D1-4ECA-93B5-313AD6A5DACC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACE086D9-7B73-4045-8B1A-763594416A08} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Keine Datei)
Task: {AEF7E3D7-9051-4EBE-8A4E-384492C0B2D9} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B1E60C6E-7D22-40B2-8560-7C697D6755AD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {B417DCCA-A7DC-4A6D-AD9D-FF1CEE1B1223} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C16F6120-917D-46EE-A82C-4F368D3C5110} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
Task: {C5E125F1-7B9C-4584-8DCC-DD87BFB08860} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "0c0f9568-21cf-4e81-b053-f57683445683" --version "6.04.10044" --silent
Task: {CA17074C-2319-44C4-AA3F-48491E913CD3} - \Microsoft\Windows\Setup\EOSNotify2 -> Keine Datei <==== ACHTUNG
Task: {CDBF1BE9-DEDD-4768-9347-958CED3DD10D} - \PMTask -> Keine Datei <==== ACHTUNG
Task: {E943316E-6FF8-43D8-9793-87907B2FA359} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Keine Datei)
Task: {EB394CBD-70BF-4B2C-A093-5ED695DE58A9} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-29] (Lenovo -> )
Task: {EC89023A-666B-463F-BC27-DB540EBF4056} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (Keine Datei)
Task: {EEAEABCC-8459-4E3C-B358-B11171A35C69} - System32\Tasks\Driver Booster SkipUAC (*****) => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\DriverBooster.exe /skipuac (Keine Datei)
Task: {EF7EAE0E-BBFB-4E18-BB70-423255A24557} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
Task: {F15D1E57-3214-4725-A6CA-E88119C3A8C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {FB18ED1A-9044-4130-8486-88F7738E172E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000Core.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000UA.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{94dc40e5-70ac-4be6-9da0-e739c8bd3c01}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9720db88-4ae4-4430-87b8-d7afefab3ed8}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A4AD3F4E-BC1C-4142-90F9-23E1863E0E1A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e8473653-8d33-4d6b-b775-f43d8278c2a2}: [DhcpNameServer] 213.209.104.220 213.209.104.250

Edge: 
=======
DownloadDir: C:\Users\*****\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]

FireFox:
========
FF DefaultProfile: ppggg20o.default
FF DefaultProfile: cbjkvl8z.default-1470220961571
FF ProfilePath: C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\ppggg20o.default [2020-02-26]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 [2022-11-21]
FF Homepage: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> hxxps://www.theguardian.com/
FF NewTab: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> hxxps://searchdefault.co/homepage?hp=1&bitmask=9996&pId=AC191101&iDate=2020-11-13 12:16:29&bName=
FF NetworkProxy: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {else if ((shExpMatch(url, 'hxxps://www.netflix.com*')) || (shExpMatch(url, 'hxxp://www.netflix.com*')) || (host == 'netflix.com') || (host == 'www.netflix.com') || (host == 'cbp-us.nccp.netflix.com') || (url.indexOf('theplatform.com') != -1) || (shExpMatch(url, 'hxxp://www.crunchyroll.com*')) || (shExpMatch(url, 'hxxps://www.crunchyroll.com*')) || (host == 'api-manga.crunchyroll.com') || (host == 's.hulu.com') || (shExpMatch(url, 'hxxp://media.mtvnservices.com*')) || (host == 'media.mtvnservices.com')) { return 'PROXY us10.sq.proxmate.me:8000; PROXY us08.sq.proxmate.me:8000; PROXY us05.sq.proxmate.me:8000; PROXY us12.sq.proxmate.me:8000; PROXY us09.sq.proxmate.me:8000; PROXY us04.sq.proxmate.me:8000; PROXY us13.sq.proxmate.me:8000; PROXY us06.sq.proxmate.me:8000; PROXY us01.sq.proxmate.me:8000; PROXY us14.sq.proxmate.me:8000; PROXY us07.sq.proxmate.me:8000; PROXY us03.sq.proxmate.me:8000; PROXY us02.sq.proxmate.me:8000; PROXY us11.sq.proxmate.me:8000' } else { return 'DIRECT'; }}"
FF Extension: (Facebook Container) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\@contain-facebook.xpi [2022-11-04]
FF Extension: (FastForward) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\addon@fastforward.team.xpi [2022-07-20]
FF Extension: (Copyfish 🐟 Free OCR Software) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\copyfish@a9t9.com.xpi [2021-08-20]
FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\firefox@ghostery.com.xpi [2022-11-21]
FF Extension: (Tampermonkey) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\firefox@tampermonkey.net.xpi [2022-11-16]
FF Extension: (Forecastfox (fix version)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\forecastfox@s3_fix_version.xpi [2020-11-23]
FF Extension: (Simple mass downloader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\gelprec.smd@gmail.com.xpi [2019-06-08]
FF Extension: (HTTPS Everywhere) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\https-everywhere@eff.org.xpi [2021-07-16]
FF Extension: (Reverse Image Search) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-iiiWfb12bgHj8iKloOou74fb6jh@jetpack.xpi [2021-08-20]
FF Extension: (Word Count Tool) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-YHLk2psjhEWXNJqMKTU7dDcMJcN@jetpack.xpi [2018-05-01]
FF Extension: (Print Friendly & PDF) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-YQz0l1jthOIz179ehuitYAOdBEs@jetpack.xpi [2022-05-28]
FF Extension: (To Google Translate) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-22]
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-26] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (pinterest-guest) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-SWdspnBEetWxoA@jetpack.xpi [2021-08-20]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-11-04]
FF Extension: (Search image) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\searchimage@searchimage.fr.xpi [2017-02-21]
FF Extension: (SimpleBrowsingSchedule) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\simplebrowsingschedule@example.org.xpi [2022-10-06]
FF Extension: (tb-color-picker.label) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\tb-color-picker-single@codefisher.org.xpi [2018-04-22]
FF Extension: (TitleCase) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\TitleCase@htdsoftware.com.xpi [2018-12-03]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\uBlock0@raymondhill.net.xpi [2022-11-16]
FF Extension: (Vergrößern) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\zoom@stefanvd.net.xpi [2021-08-20]
FF Extension: (Zotero Connector) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\zotero@chnm.gmu.edu.xpi [2022-11-08] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]
FF Extension: (Imgur-Uploader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{11cf55c0-15ef-49d1-a0ff-02ed401413f8}.xpi [2019-04-02]
FF Extension: (Link Extractor) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{32234610-80fa-4bc1-9cef-183abea3f3b2}.xpi [2018-08-11]
FF Extension: (DuckDuckGo Search) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{37220c34-b538-4f3e-af3d-47aa40026683}.xpi [2020-09-22]
FF Extension: (Lightshot (Screenshot Tool)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}.xpi [2020-11-12]
FF Extension: (EPUBReader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-06-22]
FF Extension: (G App Launcher (Google™ Shortcuts)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi [2022-11-02]
FF Extension: (NoScript) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-11-16]
FF Extension: (User-Agent Switcher) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2022-07-12]
FF Extension: (Citavi Picker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-04-13]
FF Extension: (Auto Tab Discard) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{c2c003ee-bd69-42a2-b0e9-6f34222cb046}.xpi [2022-11-16]
FF Extension: (Web Developer) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2020-01-13]
FF Extension: (Bypass Paywalls Clean) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{d133e097-46d9-4ecc-9903-fa6a722a6e0e}.xpi [2022-11-21]
FF Extension: (Greasemonkey) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-01-28]
FF Extension: (Citavi Picker) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2017-12-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2019-12-24] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google Inc -> Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @hola.org/vlc,version=1.6.120 -> C:\Users\*****\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2022-11-12]
CHR Extension: (uBlock Origin) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-09-01]
CHR Extension: (Avira Browser Safety) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-09-05]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-14]
CHR HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\*****\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden>
CHR HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]

Opera: 
=======
OPR Profile: C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable [2022-11-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-04-24] (Advanced Micro Devices, Inc. -> )
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-29] (Adobe Systems) [Datei ist nicht signiert]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-12] (Adobe Inc. -> Adobe)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539152 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2018008 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-04-22] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-11-09] (Dropbox, Inc -> Dropbox, Inc.)
S4 FreeStyleLibre MAS Server; C:\Program Files (x86)\FreeStyle Libre\MAS.FreeStyleLibre.exe [285184 2016-01-19] () [Datei ist nicht signiert]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S4 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [169768 2017-08-29] (Lenovo -> Lenovo Group Limited)
S4 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [120400 2017-04-03] (Lenovo -> Lenovo Group Limited)
S4 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (LENOVO(JAPAN)LTD. -> Lenovo)
S4 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-16] (Malwarebytes Inc. -> Malwarebytes)
S4 PDF24; C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
S4 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2013-12-16] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S4 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [319024 2013-12-16] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-09-08] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382504 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-14] (Martin Malik - REALiX -> REALiX(tm))
S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [347224 2020-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 StillCam; C:\WINDOWS\system32\DRIVERS\serscan.sys [13312 2020-11-10] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VBoxNetAdp; C:\WINDOWS\System32\DRIVERS\VBoxNetAdp6.sys [237376 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-01-05] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-01-05] (Zemana Ltd. -> Zemana Ltd.)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-11-21 16:13 - 2022-11-21 16:32 - 000001354 _____ C:\Users\*****\Desktop\Addition.txt
2022-11-21 15:57 - 2022-11-21 22:31 - 000054161 _____ C:\Users\*****\Desktop\FRST.txt
2022-11-21 13:18 - 2022-11-21 17:29 - 000001421 _____ C:\Users\*****\Desktop\mwb_bericht_21.11.2022.txt
2022-11-21 13:17 - 2022-11-21 13:17 - 000002465 _____ C:\Users\*****\Desktop\mwb_bericht_16.11.2022_02.txt
2022-11-21 13:16 - 2022-11-21 17:14 - 000002464 _____ C:\Users\*****\Desktop\mwb_bericht_16.11.2022.txt
2022-11-21 12:32 - 2022-11-21 12:34 - 005659583 _____ (Swearware) C:\Users\*****\Desktop\ComboFix.exe
2022-11-21 12:21 - 2022-11-21 12:22 - 002375680 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2022-11-20 17:09 - 2022-11-20 17:09 - 010352849 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-20 16:15 - 2022-11-20 16:15 - 075389568 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-18 18:41 - 2022-11-18 18:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-16 19:29 - 2022-11-16 19:29 - 000002550 _____ C:\Users\*****\Desktop\malwarebytes log.txt
2022-11-16 17:45 - 2022-11-21 13:13 - 000000000 ____D C:\Users\*****\AppData\LocalLow\IGDump
2022-11-16 17:36 - 2022-11-16 17:36 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-11-16 17:36 - 2022-11-16 17:36 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-11-16 17:36 - 2022-11-16 17:36 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-16 17:36 - 2022-11-16 17:36 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-11-16 17:35 - 2022-11-16 17:35 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-11-16 17:35 - 2022-11-16 17:34 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-11-16 17:33 - 2022-11-16 17:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-16 17:32 - 2022-11-16 17:32 - 002632256 _____ (Malwarebytes) C:\Users\*****\Downloads\MBSetup.exe
2022-11-14 16:10 - 2022-11-14 16:21 - 505290059 _____ C:\Users\*****\Downloads\drive-download-*****.zip
2022-11-13 11:37 - 2022-11-13 11:37 - 000000000 ___HD C:\$WinREAgent
2022-11-12 17:00 - 2022-11-12 17:00 - 000001153 _____ C:\Users\Public\Desktop\LibreOffice 7.4.lnk
2022-11-12 17:00 - 2022-11-12 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-11-12 15:18 - 2022-11-21 21:00 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-12 15:10 - 2022-11-12 15:10 - 000000000 ____D C:\WINDOWS\Panther
2022-11-12 10:10 - 2022-11-12 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-11-11 13:08 - 2022-11-21 21:00 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-09 21:23 - 2022-11-09 21:23 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 21:23 - 2022-11-09 21:23 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 21:22 - 2022-11-09 21:22 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 21:20 - 2022-11-09 21:20 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-09 12:36 - 2022-11-09 12:39 - 000000000 ____D C:\Program Files\LibreOffice
2022-11-09 11:32 - 2022-11-09 11:32 - 000000000 ____D C:\Users\*****\AppData\Roaming\Sun
2022-11-09 11:31 - 2022-11-09 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-11-09 11:31 - 2022-11-09 11:30 - 000195232 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-11-04 15:16 - 2022-11-04 15:17 - 001684395 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 15:11 - 2022-11-04 15:11 - 001271682 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 15:07 - 2022-11-04 15:07 - 001620388 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 11:20 - 2022-11-04 11:21 - 011943095 _____ C:\Users\user\Downloads\*****.pdf
2022-11-04 09:45 - 2022-11-04 09:45 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-04 09:45 - 2022-11-04 09:45 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-10-26 21:49 - 2022-10-26 21:49 - 000000401 _____ C:\Users\*****\Desktop\*****.txt
2022-10-24 22:40 - 2022-10-24 22:40 - 003994922 _____ C:\Users\*****\Downloads\*****.epub
2022-10-24 19:33 - 2022-10-24 21:49 - 000000000 ____D C:\Users\*****\AppData\Local\transmission
2022-10-24 19:32 - 2022-10-24 19:32 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Qt Client.lnk
2022-10-24 19:32 - 2022-10-24 19:32 - 000002459 _____ C:\Users\Public\Desktop\Transmission Qt Client.lnk
2022-10-24 19:32 - 2022-10-24 19:32 - 000000000 ____D C:\Program Files\Transmission
2022-10-24 16:16 - 2022-10-24 16:16 - 000000000 ____D C:\Users\*****\Downloads\FixMissingMSI_V2.2ForNET45
2022-10-24 16:08 - 2022-10-24 16:08 - 000002270 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2022-10-24 10:45 - 2022-10-24 13:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-10-24 10:43 - 2022-10-24 14:01 - 000157546 _____ C:\WINDOWS\ntbtlog.txt

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-11-21 22:35 - 2018-02-14 18:54 - 001553895 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2022-11-21 22:35 - 2018-02-14 18:54 - 001553502 _____ C:\WINDOWS\ZAM.krnl.trace
2022-11-21 22:30 - 2017-11-06 21:07 - 000000000 ____D C:\FRST
2022-11-21 22:29 - 2014-02-01 21:11 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-21 21:33 - 2016-11-18 09:15 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2022-11-21 21:21 - 2022-04-22 10:16 - 000000000 ____D C:\Users\*****\AppData\Local\Avast Software
2022-11-21 21:09 - 2020-11-11 00:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-21 21:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-21 21:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-21 21:00 - 2014-03-06 19:31 - 000000000 ____D C:\Program Files\CCleaner
2022-11-21 20:50 - 2015-06-19 16:10 - 000000000 ____D C:\Users\*****\AppData\Local\Dropbox
2022-11-21 15:56 - 2014-02-19 19:28 - 000000000 ____D C:\Program Files\JDownloader
2022-11-21 14:44 - 2014-03-25 11:26 - 000000000 ____D C:\Users\*****\Documents\*****
2022-11-21 14:33 - 2014-02-28 16:53 - 000007621 _____ C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2022-11-21 10:10 - 2018-11-26 21:32 - 000000000 ____D C:\Users\*****\AppData\Local\Microsoft_Corporation
2022-11-21 10:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-11-21 09:53 - 2022-03-17 20:50 - 000000000 ____D C:\Users\*****\AppData\Roaming\DropboxElectron
2022-11-21 09:10 - 2022-09-15 17:38 - 000000000 ____D C:\Users\*****\AppData\Roaming\com.adobe.dunamis
2022-11-21 09:06 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-21 08:58 - 2022-04-22 10:07 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-11-20 21:15 - 2020-07-10 11:50 - 000000000 ____D C:\Users\*****\AppData\Roaming\vlc
2022-11-20 19:29 - 2022-04-22 10:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-11-20 19:29 - 2021-08-30 12:08 - 000002248 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - *****
2022-11-20 19:29 - 2021-07-25 09:07 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-11-20 19:29 - 2021-07-25 09:07 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-11-20 19:29 - 2020-11-11 01:01 - 000003724 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-11-20 19:29 - 2020-11-11 01:01 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-20 19:29 - 2020-11-11 01:01 - 000003500 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-11-20 19:29 - 2020-11-11 01:01 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-20 19:29 - 2020-11-11 01:01 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-20 19:29 - 2020-11-11 01:01 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-20 19:29 - 2020-11-11 01:01 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-11-20 19:29 - 2020-11-11 01:01 - 000002422 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002396 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002394 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002306 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_Dolby
2022-11-20 19:29 - 2020-11-11 01:01 - 000002302 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-11-20 19:29 - 2019-09-28 12:06 - 000001210 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-11-20 19:29 - 2019-09-28 12:06 - 000001206 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-11-20 18:11 - 2020-04-18 09:30 - 000000000 ____D C:\Users\*****\AppData\Roaming\Signal
2022-11-20 18:10 - 2014-06-25 09:35 - 000000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2022-11-20 16:49 - 2014-06-25 09:36 - 000000000 ____D C:\Users\*****\AppData\Local\Spotify
2022-11-20 14:50 - 2022-01-16 19:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-11-20 14:09 - 2018-07-06 12:14 - 000000000 ____D C:\Users\*****\Documents\Citavi 6
2022-11-20 13:39 - 2022-10-12 20:22 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2022-11-18 18:41 - 2022-01-23 13:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-18 18:41 - 2014-02-25 00:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-18 14:16 - 2020-01-20 23:43 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2022-11-18 13:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-16 17:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-16 17:33 - 2017-05-29 01:17 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-16 11:41 - 2016-10-02 19:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-11-14 19:54 - 2022-04-22 10:06 - 000382504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-12 16:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-12 15:11 - 2022-04-05 18:22 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-12 15:09 - 2020-11-11 01:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-12 15:09 - 2020-11-11 00:19 - 000669088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-12 15:09 - 2020-11-11 00:19 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-12 15:08 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-12 15:08 - 2014-02-01 12:57 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-11-12 15:06 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-12 12:22 - 2014-08-23 08:16 - 000000000 ____D C:\Users\*****\Documents\HK
2022-11-12 12:11 - 2014-04-14 17:10 - 000000000 ____D C:\Users\*****\Desktop\Diverses
2022-11-12 10:24 - 2022-08-14 11:20 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-12 10:11 - 2019-09-28 12:06 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-11-11 13:37 - 2017-01-01 20:46 - 000000000 ____D C:\Users\*****\.mediathek3
2022-11-11 13:24 - 2018-06-02 01:03 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2022-11-09 21:20 - 2020-11-11 00:22 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 20:27 - 2014-02-01 14:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 20:09 - 2013-01-17 08:28 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-09 11:29 - 2018-05-20 09:09 - 000000000 ____D C:\Program Files\Java
2022-11-07 17:05 - 2022-03-31 18:15 - 000002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-04 09:45 - 2022-04-22 10:06 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-04 09:44 - 2022-04-22 10:06 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-04 09:44 - 2022-04-22 10:06 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys.166842994448401
2022-11-04 09:44 - 2022-04-22 10:06 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-04 09:44 - 2022-04-22 10:06 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-02 20:20 - 2020-11-11 00:41 - 001964048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-02 20:20 - 2019-12-07 15:51 - 000839802 _____ C:\WINDOWS\system32\perfh007.dat
2022-11-02 20:20 - 2019-12-07 15:51 - 000185158 _____ C:\WINDOWS\system32\perfc007.dat
2022-10-31 17:35 - 2021-06-03 17:51 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-31 12:02 - 2019-01-23 21:47 - 000000000 ____D C:\Users\*****\AppData\Roaming\Telegram Desktop
2022-10-26 11:04 - 2018-01-27 23:09 - 000000000 ____D C:\Users\*****\AppData\Local\LenovoServiceBridge
2022-10-24 20:45 - 2014-04-28 08:05 - 000000000 ___RD C:\Users\*****\Downloads\*****
2022-10-24 20:13 - 2020-12-22 18:50 - 000000000 ____D C:\Program Files\MediathekView
2022-10-24 20:12 - 2020-12-22 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediathekView
2022-10-24 16:18 - 2022-10-12 20:22 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2022-10-24 16:08 - 2022-02-11 13:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-24 16:05 - 2014-02-01 21:02 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-24 10:43 - 2020-03-01 00:57 - 000000000 ____D C:\WINDOWS\TempInst
2022-10-24 10:32 - 2014-03-30 15:13 - 000000000 ____D C:\WINDOWS\pss

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-01-13 22:55 - 2020-01-13 22:55 - 000000008 __RSH () C:\ProgramData\sysqcl1131236454.dat
2017-06-04 19:58 - 2017-03-23 05:23 - 000966656 _____ () C:\Program Files (x86)\1026.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001048576 _____ () C:\Program Files (x86)\1028.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000487424 _____ () C:\Program Files (x86)\1029.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000495616 _____ () C:\Program Files (x86)\1030.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000507904 _____ () C:\Program Files (x86)\1031.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000864256 _____ () C:\Program Files (x86)\1032.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000032768 _____ () C:\Program Files (x86)\1033.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000528384 _____ () C:\Program Files (x86)\1034.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000524288 _____ () C:\Program Files (x86)\1036.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000512000 _____ () C:\Program Files (x86)\1038.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000479232 _____ () C:\Program Files (x86)\1040.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001351680 _____ () C:\Program Files (x86)\1041.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 003022848 _____ () C:\Program Files (x86)\1042.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000454656 _____ () C:\Program Files (x86)\1043.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000475136 _____ () C:\Program Files (x86)\1045.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000466944 _____ () C:\Program Files (x86)\1046.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000962560 _____ () C:\Program Files (x86)\1049.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000540672 _____ () C:\Program Files (x86)\1051.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000454656 _____ () C:\Program Files (x86)\1053.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000475136 _____ () C:\Program Files (x86)\1055.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000917504 _____ () C:\Program Files (x86)\1058.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000487424 _____ () C:\Program Files (x86)\1061.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001339392 _____ () C:\Program Files (x86)\1066.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000356352 _____ () C:\Program Files (x86)\2052.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 009675776 _____ () C:\Program Files (x86)\ABBYY FineReader 14 x64.msi
2017-06-04 19:58 - 2017-03-23 05:23 - 009568768 _____ () C:\Program Files (x86)\ABBYY FineReader 14.msi
2017-06-04 19:57 - 2017-03-23 05:14 - 001133208 _____ (ABBYY Production LLC.) C:\Program Files (x86)\AutoRun.exe
2017-06-04 19:57 - 2016-11-18 17:49 - 000001981 _____ () C:\Program Files (x86)\AutoRun.inf
2022-07-17 14:31 - 2022-07-17 14:31 - 009738240 _____ () C:\Program Files (x86)\GUTDD0D.tmp
2017-06-04 19:57 - 2017-03-23 05:14 - 000987800 _____ (ABBYY Production LLC.) C:\Program Files (x86)\Setup.exe
2017-06-04 19:57 - 2016-07-13 17:52 - 000000862 _____ () C:\Program Files (x86)\setup.ini
2018-07-09 09:33 - 2018-08-22 17:00 - 000000033 _____ () C:\Users\*****\AppData\Roaming\AdobeWLCMCache.dat
2015-07-19 18:46 - 2021-09-10 11:54 - 000002298 _____ () C:\Users\*****\AppData\Roaming\ASSDraw3.cfg
2018-08-14 00:04 - 2018-08-14 00:04 - 000000028 _____ () C:\Users\*****\AppData\Roaming\kulerdata.json
2020-11-13 00:58 - 2012-04-30 11:53 - 001249792 _____ (hxxp://www.ruby-lang.org/) C:\Users\*****\AppData\Roaming\msvcr90-ruby191.dll
2014-02-23 11:28 - 2014-02-23 11:28 - 000016660 _____ () C:\Users\*****\AppData\Roaming\UserTile.png
2018-04-05 11:57 - 2021-12-12 20:46 - 000000128 _____ () C:\Users\*****\AppData\Roaming\winscp.rnd
2014-11-23 14:13 - 2014-11-23 14:13 - 000000275 _____ () C:\Users\*****\AppData\Local\HamsterAudioConverterSettings.cfg
2020-03-24 13:36 - 2020-03-24 13:36 - 000000000 _____ () C:\Users\*****\AppData\Local\oobelibMkey.log
2020-06-15 23:16 - 2020-06-15 23:16 - 000001882 _____ () C:\Users\*****\AppData\Local\psppirerc
2022-05-23 12:26 - 2022-05-23 12:26 - 000000767 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2014-02-28 16:53 - 2022-11-21 14:33 - 000007621 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
Danke jedenfalls und noch einen schönen Abend!

Alt 22.11.2022, 21:40   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Da fällt mir nochwas auf:

Zitat:
Drive c: () (Fixed) (Total:111.69 GB) (Free:5.55 GB) (Model: Samsung SSD 840 Series SATA Disk Device) NTFS
Dein C-Laufwerk ist überfüllt. keine 6 GB freier Speicher ist keine gute Ausgangsposition. Wenn du das System retten willst musst du da dringend aufräumen. Und als erstes mal den alten Krempel von Adobe und Avast deinstallieren.
__________________
Logs bitte immer in CODE-Tags posten

Alt 24.11.2022, 21:18   #11
mrs_mister
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Zitat:
Zitat von cosinus Beitrag anzeigen
Dein C-Laufwerk ist überfüllt. keine 6 GB freier Speicher ist keine gute Ausgangsposition. Wenn du das System retten willst musst du da dringend aufräumen. Und als erstes mal den alten Krempel von Adobe und Avast deinstallieren.
Es gibt also keine Hinweise auf Viren/Trojaner? Das würde mich schon noch interessieren.
Avast und Adobe Flash / Acrobat Reader habe ich auf Dein Anraten hin deinstalliert, außerdem per Windows die Festplatte bereinigt. Dass das System ziemlich zugemüllt ist und wenig Speicherplatz vorhanden ist, wusste ich ja bereits schon vorher. Jetzt habe ich aber wieder ein bisschen mehr Platz (14,3 GB) und es läuft etwas flüssiger.

Alt 24.11.2022, 21:31   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________
Logs bitte immer in CODE-Tags posten

Alt 24.11.2022, 22:02   #13
mrs_mister
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Zitat:
Zitat von cosinus Beitrag anzeigen
adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
AdwCleaner.txt
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-24-2022
# Duration: 00:00:03
# OS:       Windows 10 (Build 19044.2251)
# Cleaned:  15
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted       C:\Users\*****\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted       C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\invalidprefs.js

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted       HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F715D41-04B0-4EB9-AD54-3103E4C15C2D} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted       HKLM\Software\Classes\Installer\Features\952BA647474611149866C1269F6A0E36
Deleted       HKLM\Software\Classes\Installer\Products\952BA647474611149866C1269F6A0E36
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6966 octets] - [24/11/2022 21:41:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
         
AdwCleaner.txt Vorinstallierte Software
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-24-2022
# Duration: 00:00:21
# OS:       Windows 10 (Build 19044.2251)
# Cleaned:  34
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.HPCeement   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForUser
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\*****\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}
Deleted       Preinstalled.LenovoEasyCamera   Folder   C:\Program Files (x86)\USB CAMERA
Deleted       Preinstalled.LenovoEasyCamera   Registry   HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\331BigDog
Deleted       Preinstalled.LenovoEasyCamera   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|331BigDog
Deleted       Preinstalled.LenovoEasyCamera   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|331BigDog
Deleted       Preinstalled.LenovoEasyCamera   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}
Deleted       Preinstalled.LenovoHotkeyManager   Folder   C:\Program Files\LENOVO\HOTKEY
Deleted       Preinstalled.LenovoHotkeyManager   Folder   C:\Users\*****\AppData\Local\LENOVO\HOTKEY
Deleted       Preinstalled.LenovoHotkeyManager   Registry   HKLM\Software\Classes\CLSID\{53A8E17F-2DE5-4DD7-AF26-74ED2F3223B9}
Deleted       Preinstalled.LenovoHotkeyManager   Registry   HKLM\Software\Classes\CLSID\{A48CA1A4-C36B-44f2-8090-19E08DF4365E}
Deleted       Preinstalled.LenovoPeerConnectSDK   Folder   C:\Program Files\LENOVO\LENOVO PEER CONNECT
Deleted       Preinstalled.LenovoPowerManager   Folder   C:\Windows\SysWOW64\LENOVO\POWERMGR
Deleted       Preinstalled.LenovoPowerManager   Folder   C:\Windows\System32\LENOVO\POWERMGR
Deleted       Preinstalled.LenovoServiceBridge   Folder   C:\Users\*****\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Deleted       Preinstalled.LenovoServiceBridge   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Deleted       Preinstalled.LenovoSimpleTap   Folder   C:\Program Files\LENOVO\SIMPLETAP
Deleted       Preinstalled.LenovoThinkVantageAccessConnections   Folder   C:\Users\Public\LENOVO\ACCESS CONNECTIONS
Deleted       Preinstalled.LenovoThinkVantageCommunicationsUtility   Folder   C:\Program Files\LENOVO\COMMUNICATIONS UTILITY
Deleted       Preinstalled.LenovoThinkVantageCommunicationsUtility   Registry   HKLM\Software\Classes\CLSID\{88C6A6D9-324C-46E8-BA87-563D14021442}
Deleted       Preinstalled.LenovoThinkVantageCommunicationsUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|LENOVO.TPKNRRES
Deleted       Preinstalled.LenovoThinkVantageCommunicationsUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LENOVO.TPKNRRES
Deleted       Preinstalled.LenovoThinkVantageCommunicationsUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LENOVO.TPKNRRES
Deleted       Preinstalled.LenovoThinkVantageCommunicationsUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1
Deleted       Preinstalled.LenovoUpdate   Folder   C:\Program Files (x86)\LENOVO\SYSTEM UPDATE
Deleted       Preinstalled.LenovoUpdate   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
Deleted       Preinstalled.LenovoUpdate   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1
Deleted       Preinstalled.SamsungSmartSwitch   File   C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk
Deleted       Preinstalled.SamsungSmartSwitch   Folder   C:\Program Files (x86)\SAMSUNG\SMART SWITCH PC
Deleted       Preinstalled.SamsungSmartSwitch   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Deleted       Preinstalled.SamsungSmartSwitch   Folder   C:\Users\*****\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Deleted       Preinstalled.SamsungSmartSwitch   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Deleted       Preinstalled.SamsungSmartSwitch   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6966 octets] - [24/11/2022 21:41:50]
AdwCleaner[C00].txt - [2860 octets] - [24/11/2022 21:43:28]
AdwCleaner[S01].txt - [5561 octets] - [24/11/2022 21:49:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
         
Funde und vorinstallierte Software befinden sich jetzt in der Quarantäne. Nach neuem Scan keine Funde mehr.

Kann ich die Funde und die vorinstallierte Software in der Quarantäne löschen?

Alt 24.11.2022, 22:12   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Dann bitte jetzt ne neue FRST.txt und Addition.txt
__________________
Logs bitte immer in CODE-Tags posten

Alt 24.11.2022, 22:49   #15
mrs_mister
 
Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Standard

Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam



Zitat:
Zitat von cosinus Beitrag anzeigen
Dann bitte jetzt ne neue FRST.txt und Addition.txt
FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2022
durchgeführt von ***** (Administrator) auf ***** (LENOVO 20BC0006GE) (24-11-2022 22:14:30)
Gestartet von C:\Users\*****\Desktop
Geladene Profile: *****
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-30] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572528 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-11-24] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3315280 2019-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11209952 2022-11-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\*****\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\MountPoints2: {a023fa8a-46d9-11ec-bc07-c454443cafa4} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\MountPoints2: {a023fb79-46d9-11ec-bc07-c454443cafa4} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2839958251-2324060183-95412134-501\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe --startup_mode (Keine Datei)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MP540 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9E.DLL [27648 2008-05-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP540 series: C:\Windows\system32\CNMLM9E.DLL [279040 2008-05-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP 5D12 Status Monitor: C:\Windows\system32\hpinksts5D12LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2363136 2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.121\Installer\chrmstp.exe [2022-11-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{07AA0886-CC8D-4e19-A410-1C75AF686E62}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{33c86cd6-705f-4ba1-9adb-67070b837775}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> 
HKLM\Software\...\Authentication\Credential Provider Filters: [{edd749de-2ef1-4a80-98d1-81f20e6df58e}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-11-12]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02275B37-B633-4A81-9D2B-86801443D0DC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe /launch (Keine Datei)
Task: {106CB9C9-0E3B-44EF-B247-FE038498D7C7} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {1717C752-FA7D-4CC3-AA68-367AF2DC551F} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [1783776 2016-08-01] (DivX, LLC -> DivX, LLC)
Task: {1DFBCB49-FA78-4D6B-ACA3-D16EFA1235B5} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3834520 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {221D9A1F-649A-4F47-A350-6AFFA649F200} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {23CEDD6D-2E83-4334-A467-41FF7C474AFE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2A690E5B-E535-422A-B745-893F18327978} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2B3DE80D-5BCF-40D0-904A-E065A85A7D19} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {374DA1F9-CC7F-4B4F-A6A9-E2833030CDA8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Keine Datei)
Task: {37DD28B1-D5FD-48CE-91BC-9B6AB7BF53E4} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\AutoUpdate.exe /auto (Keine Datei)
Task: {3B15D0EA-8A83-49E3-A635-21559E356DB0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {3B9D2B52-BF32-4509-85C6-D00204EF1294} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3CC5F28A-ACB0-4C2D-B09D-729C45CA43DD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {42AA26B5-8D6B-4B55-843E-336A6E8E490C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {498C49AF-3C7A-4486-A072-3CF445D0DE8E} - \Microsoft\Windows\Setup\EOSNotify -> Keine Datei <==== ACHTUNG
Task: {4FE98CE6-D123-4ABF-9225-CBCF6F514C4F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5241D901-6842-4AC0-8AF9-37E7867CDEA4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {5811C7BF-1BB0-429F-9449-32CDE93C84CC} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Keine Datei)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6169C8D7-AD8B-4C17-8F08-20975A6D971C} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [Datei ist nicht signiert]
Task: {62B2191D-A59B-4A74-AE95-7B42AE0565E2} - System32\Tasks\CCleanerSkipUAC - user => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {64737F4F-CEAF-4114-BD56-93C1C17C132E} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {67CC4EA0-8421-4C12-AC06-015774541FB5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "0c0f9568-21cf-4e81-b053-f57683445683" --version "6.04.10044" --silent
Task: {680EEDF1-6297-44CC-B8F0-ACE6DCF2268E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [712200 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {73A6956F-B7B0-4D8E-A075-8FB604EC9F28} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {73FB205A-34A6-4130-B9B9-48F7CEBF7FE1} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2839958251-2324060183-95412134-1000 => C:\Users\*****\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (Keine Datei)
Task: {74084314-034B-492B-9A18-0ED6CC6186BC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {76750A57-8E52-4E12-A933-39094277C1E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E6E0992-71C0-4A09-81FB-E30D59D6076F} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (Keine Datei)
Task: {8237BB6A-402D-490A-B9F7-E570DF1C2A94} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Keine Datei)
Task: {8666B73F-A987-49EA-92E8-65D97A119F2C} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {8CEB21FC-C066-4553-AFB3-55C63495DAF1} - System32\Tasks\Abelssoft\UpdateYeti scan => C:\Program Files (x86)\UpdateYeti\UpdateYeti.exe [2433048 2016-05-10] (Ascora GmbH -> Abelssoft)
Task: {8FB478B9-F1C1-4599-B47D-AB25318700B2} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (Keine Datei)
Task: {95D1B83C-758C-48CF-B397-15C74E92917C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {97F7E27E-D2AE-4D10-957A-82183FF2B83D} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {98BC2526-D25E-4636-8197-0C3CC6337B9F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {995BBDFD-47E9-4046-9E89-8AD6D632CA1A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A12B9E55-F4D1-4ECA-93B5-313AD6A5DACC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACE086D9-7B73-4045-8B1A-763594416A08} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Keine Datei)
Task: {AEF7E3D7-9051-4EBE-8A4E-384492C0B2D9} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B1E60C6E-7D22-40B2-8560-7C697D6755AD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {B417DCCA-A7DC-4A6D-AD9D-FF1CEE1B1223} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B9426E7B-0C07-4FF8-BDF7-5D5F0B8BF4E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB08BF0D-4E62-49E5-9BFD-83AED0D551B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA17074C-2319-44C4-AA3F-48491E913CD3} - \Microsoft\Windows\Setup\EOSNotify2 -> Keine Datei <==== ACHTUNG
Task: {CDBF1BE9-DEDD-4768-9347-958CED3DD10D} - \PMTask -> Keine Datei <==== ACHTUNG
Task: {DFFF93D9-0E99-45AE-8998-85C34133BEFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E943316E-6FF8-43D8-9793-87907B2FA359} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Keine Datei)
Task: {EB394CBD-70BF-4B2C-A093-5ED695DE58A9} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (Keine Datei)
Task: {EC89023A-666B-463F-BC27-DB540EBF4056} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (Keine Datei)
Task: {EEAEABCC-8459-4E3C-B358-B11171A35C69} - System32\Tasks\Driver Booster SkipUAC (user) => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\DriverBooster.exe /skipuac (Keine Datei)
Task: {F15D1E57-3214-4725-A6CA-E88119C3A8C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {FA5E7740-AB49-4EF3-A672-717AAE10F310} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FB18ED1A-9044-4130-8486-88F7738E172E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000Core.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000UA.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{94dc40e5-70ac-4be6-9da0-e739c8bd3c01}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9720db88-4ae4-4430-87b8-d7afefab3ed8}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A4AD3F4E-BC1C-4142-90F9-23E1863E0E1A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e8473653-8d33-4d6b-b775-f43d8278c2a2}: [DhcpNameServer] 213.209.104.220 213.209.104.250

Edge: 
=======
DownloadDir: C:\Users\*****\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]

FireFox:
========
FF DefaultProfile: ppggg20o.default
FF DefaultProfile: cbjkvl8z.default-1470220961571
FF ProfilePath: C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\ppggg20o.default [2020-02-26]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 [2022-11-24]
FF Homepage: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> hxxps://www.theguardian.com/
FF NewTab: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> hxxps://searchdefault.co/homepage?hp=1&bitmask=9996&pId=AC191101&iDate=2020-11-13 12:16:29&bName=
FF NetworkProxy: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {else if ((shExpMatch(url, 'hxxps://www.netflix.com*')) || (shExpMatch(url, 'hxxp://www.netflix.com*')) || (host == 'netflix.com') || (host == 'www.netflix.com') || (host == 'cbp-us.nccp.netflix.com') || (url.indexOf('theplatform.com') != -1) || (shExpMatch(url, 'hxxp://www.crunchyroll.com*')) || (shExpMatch(url, 'hxxps://www.crunchyroll.com*')) || (host == 'api-manga.crunchyroll.com') || (host == 's.hulu.com') || (shExpMatch(url, 'hxxp://media.mtvnservices.com*')) || (host == 'media.mtvnservices.com')) { return 'PROXY us10.sq.proxmate.me:8000; PROXY us08.sq.proxmate.me:8000; PROXY us05.sq.proxmate.me:8000; PROXY us12.sq.proxmate.me:8000; PROXY us09.sq.proxmate.me:8000; PROXY us04.sq.proxmate.me:8000; PROXY us13.sq.proxmate.me:8000; PROXY us06.sq.proxmate.me:8000; PROXY us01.sq.proxmate.me:8000; PROXY us14.sq.proxmate.me:8000; PROXY us07.sq.proxmate.me:8000; PROXY us03.sq.proxmate.me:8000; PROXY us02.sq.proxmate.me:8000; PROXY us11.sq.proxmate.me:8000' } else { return 'DIRECT'; }}"
FF Extension: (Facebook Container) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\@contain-facebook.xpi [2022-11-04]
FF Extension: (FastForward) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\addon@fastforward.team.xpi [2022-07-20]
FF Extension: (Copyfish 🐟 Free OCR Software) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\copyfish@a9t9.com.xpi [2021-08-20]
FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\firefox@ghostery.com.xpi [2022-11-23]
FF Extension: (Tampermonkey) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\firefox@tampermonkey.net.xpi [2022-11-16]
FF Extension: (Forecastfox (fix version)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\forecastfox@s3_fix_version.xpi [2020-11-23]
FF Extension: (Simple mass downloader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\gelprec.smd@gmail.com.xpi [2019-06-08]
FF Extension: (HTTPS Everywhere) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\https-everywhere@eff.org.xpi [2021-07-16]
FF Extension: (Reverse Image Search) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-iiiWfb12bgHj8iKloOou74fb6jh@jetpack.xpi [2021-08-20]
FF Extension: (Word Count Tool) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-YHLk2psjhEWXNJqMKTU7dDcMJcN@jetpack.xpi [2018-05-01]
FF Extension: (Print Friendly & PDF) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-YQz0l1jthOIz179ehuitYAOdBEs@jetpack.xpi [2022-05-28]
FF Extension: (To Google Translate) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-22]
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-26] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (pinterest-guest) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-SWdspnBEetWxoA@jetpack.xpi [2021-08-20]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-11-04]
FF Extension: (Search image) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\searchimage@searchimage.fr.xpi [2017-02-21]
FF Extension: (SimpleBrowsingSchedule) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\simplebrowsingschedule@example.org.xpi [2022-10-06]
FF Extension: (tb-color-picker.label) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\tb-color-picker-single@codefisher.org.xpi [2018-04-22]
FF Extension: (TitleCase) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\TitleCase@htdsoftware.com.xpi [2018-12-03]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\uBlock0@raymondhill.net.xpi [2022-11-16]
FF Extension: (Vergrößern) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\zoom@stefanvd.net.xpi [2021-08-20]
FF Extension: (Zotero Connector) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\zotero@chnm.gmu.edu.xpi [2022-11-08] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]
FF Extension: (Imgur-Uploader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{11cf55c0-15ef-49d1-a0ff-02ed401413f8}.xpi [2019-04-02]
FF Extension: (Link Extractor) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{32234610-80fa-4bc1-9cef-183abea3f3b2}.xpi [2018-08-11]
FF Extension: (DuckDuckGo Search) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{37220c34-b538-4f3e-af3d-47aa40026683}.xpi [2020-09-22]
FF Extension: (Lightshot (Screenshot Tool)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}.xpi [2020-11-12]
FF Extension: (EPUBReader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-06-22]
FF Extension: (G App Launcher (Google™ Shortcuts)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi [2022-11-23]
FF Extension: (NoScript) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-11-22]
FF Extension: (User-Agent Switcher) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2022-07-12]
FF Extension: (Citavi Picker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-04-13]
FF Extension: (Auto Tab Discard) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{c2c003ee-bd69-42a2-b0e9-6f34222cb046}.xpi [2022-11-16]
FF Extension: (Web Developer) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2020-01-13]
FF Extension: (Bypass Paywalls Clean) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{d133e097-46d9-4ecc-9903-fa6a722a6e0e}.xpi [2022-11-21]
FF Extension: (Greasemonkey) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-01-28]
FF Extension: (Citavi Picker) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2017-12-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2019-12-24] [ist nicht signiert]
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google Inc -> Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @hola.org/vlc,version=1.6.120 -> C:\Users\*****\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2022-11-12]
CHR Extension: (uBlock Origin) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-09-01]
CHR Extension: (Avira Browser Safety) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-09-05]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-14]
CHR HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\*****\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden>
CHR HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]

Opera: 
=======
OPR Profile: C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable [2022-11-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-04-24] (Advanced Micro Devices, Inc. -> )
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-29] (Adobe Systems) [Datei ist nicht signiert]
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-11-09] (Dropbox, Inc -> Dropbox, Inc.)
S4 FreeStyleLibre MAS Server; C:\Program Files (x86)\FreeStyle Libre\MAS.FreeStyleLibre.exe [285184 2016-01-19] () [Datei ist nicht signiert]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S4 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [120400 2017-04-03] (Lenovo -> Lenovo Group Limited)
S4 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-11-23] (Malwarebytes Inc. -> Malwarebytes)
S4 PDF24; C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
S4 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2013-12-16] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S4 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [319024 2013-12-16] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-09-08] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 LENOVO.CAMMUTE; "C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe" [X]
S4 LENOVO.TPKNRSVC; "C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe" [X]
S4 LENOVO.TVTVCAM; "C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe" [X]
S4 lnvDiscoveryWinSvc; "C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe" [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
S4 TPHKSVC; "C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-14] (Martin Malik - REALiX -> REALiX(tm))
S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl2f402900; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{05415462-ADB8-404A-99D5-85E3515F5BE3}\MpKslDrv.sys [214280 2022-11-24] (Microsoft Windows -> Microsoft Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [347224 2020-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 StillCam; C:\WINDOWS\system32\DRIVERS\serscan.sys [13312 2020-11-10] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VBoxNetAdp; C:\WINDOWS\System32\DRIVERS\VBoxNetAdp6.sys [237376 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-24] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-24] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-01-05] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-01-05] (Zemana Ltd. -> Zemana Ltd.)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-11-24 22:14 - 2022-11-24 22:17 - 000047385 _____ C:\Users\*****\Desktop\FRST.txt
2022-11-24 21:34 - 2022-11-24 21:34 - 008791352 _____ (Malwarebytes) C:\Users\*****\Downloads\adwcleaner.exe
2022-11-23 16:50 - 2022-11-23 16:51 - 000000000 ____D C:\Users\*****\Desktop\FRST Addition
2022-11-23 14:39 - 2022-11-23 14:39 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-11-21 13:18 - 2022-11-21 17:29 - 000001421 _____ C:\Users\*****\Desktop\mwb_bericht_21.11.2022.txt
2022-11-21 13:17 - 2022-11-21 13:17 - 000002465 _____ C:\Users\*****\Desktop\mwb_bericht_16.11.2022_02.txt
2022-11-21 13:16 - 2022-11-21 17:14 - 000002464 _____ C:\Users\*****\Desktop\mwb_bericht_16.11.2022.txt
2022-11-21 12:32 - 2022-11-21 12:34 - 005659583 _____ (Swearware) C:\Users\*****\Desktop\ComboFix.exe
2022-11-21 12:21 - 2022-11-21 12:22 - 002375680 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2022-11-20 17:09 - 2022-11-20 17:09 - 010352849 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-20 16:15 - 2022-11-20 16:15 - 075389568 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-18 18:41 - 2022-11-18 18:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-16 19:29 - 2022-11-16 19:29 - 000002550 _____ C:\Users\*****\Desktop\malwarebytes log.txt
2022-11-16 17:45 - 2022-11-21 13:13 - 000000000 ____D C:\Users\*****\AppData\LocalLow\IGDump
2022-11-16 17:36 - 2022-11-16 17:36 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-11-16 17:36 - 2022-11-16 17:36 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-16 17:36 - 2022-11-16 17:36 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-11-16 17:35 - 2022-11-16 17:35 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-11-16 17:35 - 2022-11-16 17:34 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-11-16 17:33 - 2022-11-16 17:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-14 16:10 - 2022-11-14 16:21 - 505290059 _____ C:\Users\*****\Downloads\drive-download-20221114T150818Z-001.zip
2022-11-13 11:37 - 2022-11-13 11:37 - 000000000 ___HD C:\$WinREAgent
2022-11-12 17:00 - 2022-11-12 17:00 - 000001153 _____ C:\Users\Public\Desktop\LibreOffice 7.4.lnk
2022-11-12 17:00 - 2022-11-12 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-11-12 15:18 - 2022-11-24 19:32 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-12 15:10 - 2022-11-12 15:10 - 000000000 ____D C:\WINDOWS\Panther
2022-11-12 10:10 - 2022-11-12 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-11-11 13:08 - 2022-11-24 19:32 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-09 21:23 - 2022-11-09 21:23 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 21:23 - 2022-11-09 21:23 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 21:22 - 2022-11-09 21:22 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 21:20 - 2022-11-09 21:20 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-09 12:36 - 2022-11-09 12:39 - 000000000 ____D C:\Program Files\LibreOffice
2022-11-09 11:32 - 2022-11-09 11:32 - 000000000 ____D C:\Users\*****\AppData\Roaming\Sun
2022-11-09 11:31 - 2022-11-09 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-11-09 11:31 - 2022-11-09 11:30 - 000195232 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-11-04 15:16 - 2022-11-04 15:17 - 001684395 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 15:11 - 2022-11-04 15:11 - 001271682 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 15:07 - 2022-11-04 15:07 - 001620388 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 11:20 - 2022-11-04 11:21 - 011943095 _____ C:\Users\*****\Downloads\*****.pdf
2022-10-26 21:49 - 2022-10-26 21:49 - 000000401 _____ C:\Users\*****\Desktop\*****.txt

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-11-24 22:19 - 2018-02-14 18:54 - 000291906 _____ C:\WINDOWS\ZAM.krnl.trace
2022-11-24 22:19 - 2018-02-14 18:54 - 000256943 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2022-11-24 22:16 - 2017-11-06 21:07 - 000000000 ____D C:\FRST
2022-11-24 22:15 - 2016-11-18 09:15 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2022-11-24 21:51 - 2020-01-23 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2022-11-24 21:51 - 2020-01-23 21:03 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2022-11-24 21:51 - 2018-09-12 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2022-11-24 21:51 - 2018-09-12 22:31 - 000000000 ____D C:\Users\*****\AppData\Roaming\Samsung
2022-11-24 21:51 - 2018-09-12 22:30 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-11-24 21:51 - 2015-12-16 15:20 - 000000000 ____D C:\Users\*****\AppData\Roaming\Hewlett-Packard
2022-11-24 21:51 - 2014-02-01 21:27 - 000000000 ____D C:\Users\*****\AppData\Local\Lenovo
2022-11-24 21:51 - 2014-02-01 12:36 - 000000000 ____D C:\Users\Public\Lenovo
2022-11-24 21:51 - 2014-02-01 12:30 - 000000000 ____D C:\Program Files\Lenovo
2022-11-24 21:51 - 2014-02-01 12:30 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-11-24 21:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-24 21:43 - 2014-12-14 13:32 - 000000000 ____D C:\Users\*****\AppData\Roaming\IObit
2022-11-24 21:41 - 2014-10-27 23:13 - 000000000 ____D C:\AdwCleaner
2022-11-24 21:41 - 2014-02-01 21:11 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-24 21:40 - 2014-02-19 19:28 - 000000000 ____D C:\Program Files\JDownloader
2022-11-24 21:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-24 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-24 19:50 - 2022-08-14 11:20 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-24 19:48 - 2020-01-20 15:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-24 19:34 - 2015-06-19 16:10 - 000000000 ____D C:\Users\*****\AppData\Local\Dropbox
2022-11-24 19:32 - 2014-03-06 19:31 - 000000000 ____D C:\Program Files\CCleaner
2022-11-23 16:51 - 2020-01-20 23:43 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2022-11-23 16:07 - 2020-11-11 00:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-23 14:43 - 2020-11-11 00:41 - 001964048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-23 14:43 - 2019-12-07 15:51 - 000839802 _____ C:\WINDOWS\system32\perfh007.dat
2022-11-23 14:43 - 2019-12-07 15:51 - 000185158 _____ C:\WINDOWS\system32\perfc007.dat
2022-11-23 14:42 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-23 14:38 - 2022-04-22 10:16 - 000000000 ____D C:\Users\*****\AppData\Local\Avast Software
2022-11-23 14:38 - 2022-04-05 18:22 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-23 14:38 - 2022-01-23 13:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-23 14:38 - 2022-01-16 19:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-11-23 14:38 - 2020-11-11 01:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-23 14:38 - 2020-11-11 00:19 - 000782424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-23 14:38 - 2020-11-11 00:19 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-23 14:38 - 2019-09-28 12:06 - 000001210 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-11-23 14:38 - 2019-09-28 12:06 - 000001206 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-11-23 14:38 - 2014-02-25 00:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-23 14:37 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-23 14:37 - 2014-02-01 12:57 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-11-23 14:32 - 2018-06-02 01:03 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2022-11-23 14:14 - 2017-11-04 14:29 - 000000000 ____D C:\Program Files\7-Zip
2022-11-23 14:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-11-23 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-11-21 14:44 - 2014-03-25 11:26 - 000000000 ____D C:\Users\*****\Documents\Wohnung
2022-11-21 14:33 - 2014-02-28 16:53 - 000007621 _____ C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2022-11-21 10:10 - 2018-11-26 21:32 - 000000000 ____D C:\Users\*****\AppData\Local\Microsoft_Corporation
2022-11-21 10:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-11-21 09:53 - 2022-03-17 20:50 - 000000000 ____D C:\Users\*****\AppData\Roaming\DropboxElectron
2022-11-21 09:10 - 2022-09-15 17:38 - 000000000 ____D C:\Users\*****\AppData\Roaming\com.adobe.dunamis
2022-11-20 21:15 - 2020-07-10 11:50 - 000000000 ____D C:\Users\*****\AppData\Roaming\vlc
2022-11-20 19:29 - 2021-08-30 12:08 - 000002248 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - user
2022-11-20 19:29 - 2021-07-25 09:07 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-11-20 19:29 - 2021-07-25 09:07 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-11-20 19:29 - 2020-11-11 01:01 - 000003724 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-11-20 19:29 - 2020-11-11 01:01 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-20 19:29 - 2020-11-11 01:01 - 000003500 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-11-20 19:29 - 2020-11-11 01:01 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-20 19:29 - 2020-11-11 01:01 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-20 19:29 - 2020-11-11 01:01 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-11-20 19:29 - 2020-11-11 01:01 - 000002422 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002396 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002394 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002306 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_Dolby
2022-11-20 19:29 - 2020-11-11 01:01 - 000002302 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-11-20 18:11 - 2020-04-18 09:30 - 000000000 ____D C:\Users\*****\AppData\Roaming\Signal
2022-11-20 18:10 - 2014-06-25 09:35 - 000000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2022-11-20 16:49 - 2014-06-25 09:36 - 000000000 ____D C:\Users\*****\AppData\Local\Spotify
2022-11-20 14:09 - 2018-07-06 12:14 - 000000000 ____D C:\Users\*****\Documents\Citavi 6
2022-11-16 17:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-16 17:33 - 2017-05-29 01:17 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-16 11:41 - 2016-10-02 19:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-11-12 16:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-12 15:06 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-12 12:22 - 2014-08-23 08:16 - 000000000 ____D C:\Users\*****\Documents\HK
2022-11-12 12:11 - 2014-04-14 17:10 - 000000000 ____D C:\Users\*****\Desktop\Diverses
2022-11-12 10:11 - 2019-09-28 12:06 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-11-11 13:37 - 2017-01-01 20:46 - 000000000 ____D C:\Users\*****\.mediathek3
2022-11-09 21:20 - 2020-11-11 00:22 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 20:27 - 2014-02-01 14:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 20:09 - 2013-01-17 08:28 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-09 11:29 - 2018-05-20 09:09 - 000000000 ____D C:\Program Files\Java
2022-11-07 17:05 - 2022-03-31 18:15 - 000002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-04 09:44 - 2022-04-22 10:06 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys.166842994448401
2022-10-31 17:35 - 2021-06-03 17:51 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-31 12:02 - 2019-01-23 21:47 - 000000000 ____D C:\Users\*****\AppData\Roaming\Telegram Desktop
2022-10-26 11:04 - 2018-01-27 23:09 - 000000000 ____D C:\Users\*****\AppData\Local\LenovoServiceBridge

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-01-13 22:55 - 2020-01-13 22:55 - 000000008 __RSH () C:\ProgramData\sysqcl1131236454.dat
2017-06-04 19:58 - 2017-03-23 05:23 - 000966656 _____ () C:\Program Files (x86)\1026.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001048576 _____ () C:\Program Files (x86)\1028.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000487424 _____ () C:\Program Files (x86)\1029.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000495616 _____ () C:\Program Files (x86)\1030.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000507904 _____ () C:\Program Files (x86)\1031.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000864256 _____ () C:\Program Files (x86)\1032.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000032768 _____ () C:\Program Files (x86)\1033.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000528384 _____ () C:\Program Files (x86)\1034.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000524288 _____ () C:\Program Files (x86)\1036.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000512000 _____ () C:\Program Files (x86)\1038.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000479232 _____ () C:\Program Files (x86)\1040.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001351680 _____ () C:\Program Files (x86)\1041.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 003022848 _____ () C:\Program Files (x86)\1042.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000454656 _____ () C:\Program Files (x86)\1043.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000475136 _____ () C:\Program Files (x86)\1045.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000466944 _____ () C:\Program Files (x86)\1046.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000962560 _____ () C:\Program Files (x86)\1049.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000540672 _____ () C:\Program Files (x86)\1051.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000454656 _____ () C:\Program Files (x86)\1053.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000475136 _____ () C:\Program Files (x86)\1055.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000917504 _____ () C:\Program Files (x86)\1058.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000487424 _____ () C:\Program Files (x86)\1061.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001339392 _____ () C:\Program Files (x86)\1066.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000356352 _____ () C:\Program Files (x86)\2052.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 009675776 _____ () C:\Program Files (x86)\ABBYY FineReader 14 x64.msi
2017-06-04 19:58 - 2017-03-23 05:23 - 009568768 _____ () C:\Program Files (x86)\ABBYY FineReader 14.msi
2017-06-04 19:57 - 2017-03-23 05:14 - 001133208 _____ (ABBYY Production LLC.) C:\Program Files (x86)\AutoRun.exe
2017-06-04 19:57 - 2016-11-18 17:49 - 000001981 _____ () C:\Program Files (x86)\AutoRun.inf
2022-07-17 14:31 - 2022-07-17 14:31 - 009738240 _____ () C:\Program Files (x86)\GUTDD0D.tmp
2017-06-04 19:57 - 2017-03-23 05:14 - 000987800 _____ (ABBYY Production LLC.) C:\Program Files (x86)\Setup.exe
2017-06-04 19:57 - 2016-07-13 17:52 - 000000862 _____ () C:\Program Files (x86)\setup.ini
2018-07-09 09:33 - 2018-08-22 17:00 - 000000033 _____ () C:\Users\*****\AppData\Roaming\AdobeWLCMCache.dat
2015-07-19 18:46 - 2021-09-10 11:54 - 000002298 _____ () C:\Users\*****\AppData\Roaming\ASSDraw3.cfg
2018-08-14 00:04 - 2018-08-14 00:04 - 000000028 _____ () C:\Users\*****\AppData\Roaming\kulerdata.json
2020-11-13 00:58 - 2012-04-30 11:53 - 001249792 _____ (hxxp://www.ruby-lang.org/) C:\Users\*****\AppData\Roaming\msvcr90-ruby191.dll
2014-02-23 11:28 - 2014-02-23 11:28 - 000016660 _____ () C:\Users\*****\AppData\Roaming\UserTile.png
2018-04-05 11:57 - 2021-12-12 20:46 - 000000128 _____ () C:\Users\*****\AppData\Roaming\winscp.rnd
2014-11-23 14:13 - 2014-11-23 14:13 - 000000275 _____ () C:\Users\*****\AppData\Local\HamsterAudioConverterSettings.cfg
2020-03-24 13:36 - 2020-03-24 13:36 - 000000000 _____ () C:\Users\*****\AppData\Local\oobelibMkey.log
2020-06-15 23:16 - 2020-06-15 23:16 - 000001882 _____ () C:\Users\*****\AppData\Local\psppirerc
2022-05-23 12:26 - 2022-05-23 12:26 - 000000767 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2014-02-28 16:53 - 2022-11-21 14:33 - 000007621 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         

Thema geschlossen

Themen zu Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam
ausgelastet, avira, avp, cpu, desktop, firefox, flash player, google, homepage, hängt, internet, internet explorer, kaspersky, langsam, mozilla, port, problem, prozesse, realtek, registry, scan, trojaner, trojaner?, usb, windows



Ähnliche Themen: Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam


  1. Win10 Extrem hohe CPU / RAM Auslastung bei Firefox
    Alles rund um Windows - 18.01.2022 (7)
  2. Mein Notebook hat immer eine sehr hohe Auslastung ich vermute schon lange das ein Trojaner vorhanden ist. Hohe Auslastung des RAM
    Netzwerk und Hardware - 18.09.2021 (6)
  3. Extrem hohe Datenträger/CPU Auslastung Lenovo G580 Windows 8.1
    Plagegeister aller Art und deren Bekämpfung - 24.05.2016 (8)
  4. Windows 7 dauerhaft sehr hohe CPU Auslastung, Rechner/Seitenaufbau total lahm
    Alles rund um Windows - 06.05.2016 (9)
  5. PC extrem langsam, hohe RAM-Auslastung, hohe Temperatur
    Log-Analyse und Auswertung - 14.04.2016 (1)
  6. Windows Vista: svchost.exe verursacht sehr hohe CPU-Auslastung
    Log-Analyse und Auswertung - 22.09.2015 (15)
  7. Laptop (Vista) sehr langsam, hohe CPU Auslastung
    Log-Analyse und Auswertung - 20.11.2014 (16)
  8. Ntoskrnl verursachen sehr hohe HDD-Auslastung | Windows 8.1, McAfee hat ARTEMIS entdeckt
    Log-Analyse und Auswertung - 29.06.2014 (13)
  9. System / Ntoskrnl verursachen sehr hohe HDD-Auslastung | Windows 8.1
    Plagegeister aller Art und deren Bekämpfung - 15.02.2014 (3)
  10. Rechner hängt minutenlang, temporär extrem langsam, hohe cpu-Auslastung
    Log-Analyse und Auswertung - 03.08.2012 (41)
  11. Laptop wir nach 5 min extrem langsam, sehr hohe CPU-Auslastung ohne ersichtlichen Grund
    Log-Analyse und Auswertung - 29.02.2012 (2)
  12. Alle PC's im Netz sehr langsam, hohe CPU Auslastung
    Log-Analyse und Auswertung - 19.09.2011 (14)
  13. PC sehr langsam und hohe CPU auslastung
    Log-Analyse und Auswertung - 11.07.2009 (6)
  14. Extrem hohe CPU Auslastung durch Warcraft 3!
    Alles rund um Windows - 26.11.2008 (5)
  15. Hilfe Trojaner. Windows extrem langsam. 100%CPU Auslastung
    Log-Analyse und Auswertung - 05.08.2008 (1)
  16. Internet-Explorer extrem langsam + hohe CPU-Auslastung + dubiose Prozesse...
    Log-Analyse und Auswertung - 04.02.2008 (0)
  17. Bitte um Hilfe - IE sehr langsam, extrem hohe Speicherauslastung
    Log-Analyse und Auswertung - 09.08.2007 (1)

Zum Thema Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam - Hallo und zunächst vielen Dank, dass Ihr immer noch Eure Hilfe anbietet! Ich habe das Problem, dass auf meinem Notebook RAM und CPU sehr oft mit 98-100% ausgelastet sind, so - Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam...
Archiv
Du betrachtest: Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.