Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen?

dommymaster · 23.04.2023, 12:27

Hallo,

seit ich vor ca. 10 tagen aus dem Urlaub zurückkam ist das Internet unglaublich langsam. Manche Seite öffnen einfach nach langem warten gar nicht mehr. An der Leitung liegt es nicht, es kommt immer noch genau so viel an.

Vielleicht hab ich mir da irgendwas eingefangen?

Hier sind die Logs von FRST und Addition.

Anderes hab ich noch nicht durchlaufen lassen.

Weil die FRST und Addition zu groß sind habe ich die angehängt.

Danke im voraus.

cosinus · 23.04.2023, 13:41

Posten in CODE-Tags

Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

dommymaster · 23.04.2023, 13:54

Achso, ich hatte es so verstanden, dass wenns nicht geht man zippen soll:

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2023 01
durchgeführt von do83h (Administrator) auf DESKTOP-V3T0UTA (MEDION E63007) (23-04-2023 13:13:24)
Gestartet von C:\Users\do83h\OneDrive\Desktop\FRST64.exe
Geladene Profile: do83h
Plattform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Autodesk, Inc. -> Autodesk) C:\Users\do83h\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.48\msedgewebview2.exe <7>
(C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(C:\Program Files (x86)\TotalAV\SecurityService.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Users\do83h\Knuddels-Stapp\CommonFiles\Java\bin\javaw.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <21>
(C:\Users\do83h\Knuddels-Stapp\CommonFiles\Java\bin\javaw.exe ->) (TEAMDEV LTD. -> The Chromium Authors) C:\Users\do83h\AppData\Local\JxBrowser\7.28_x64\chromium.exe <14>
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxEM.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(explorer.exe ->) (Lavasoft Software Canada Inc. -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Users\do83h\Knuddels-Stapp\CommonFiles\Java\bin\javaw.exe
(explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_6\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe <2>
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\AuthManager\AuthManSvr.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\VUL\McVulCtr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe [3380320 2021-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [256952 2023-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [665384 2019-12-05] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\do83h\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [109324536 2021-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1713432 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [InstallHelper] => C:\Program Files (x86)\Citrix\Citrix WorkSpace 2302\InstallHelper.exe [410544 2023-02-07] (Citrix Systems, Inc. -> Cloud Software Group, Inc.)
HKLM-x32\...\Run: [AnalyticsSrv] => C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe [2644072 2023-02-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2974600 2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [562056 2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [292104 2023-02-28] (Intel Corporation -> Intel)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.2.0\GoogleDriveFS.exe [53340440 2023-04-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.2.0\GoogleDriveFS.exe [53340440 2023-04-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33000928 2021-04-07] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9255120 2023-03-18] (Lavasoft Software Canada Inc. -> Lavasoft)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [com.squirrel.Teams.Teams] => C:\Users\do83h\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-07-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.2.0\GoogleDriveFS.exe [53340440 2023-04-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [] => [X]
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Policies\Explorer: [] 
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {11ae930c-1cdb-11eb-a845-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {2d9bfd5a-ab41-11eb-a86b-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {2f109b79-53b8-11ec-a87f-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {8e9c3683-068a-11ed-a89a-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.2.0\GoogleDriveFS.exe [53340440 2023-04-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\...\Windows x64\Print Processors\HPM11M13PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM11M13PP.DLL [74240 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP BC11 Status Monitor: C:\Windows\system32\hpinkstsBC11LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 7520 series): C:\Windows\system32\HPDiscoPMBC11.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HPM11M13LM: C:\Windows\system32\HPM11M13LM.DLL [288768 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.138\Installer\chrmstp.exe [2023-04-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{60f15951-e7ef-11ea-b28e-c4b301b9ed33}] -> C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\108.1.1.97\Installer\chrmstp.exe [2023-02-28] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2021-11-01]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\Users\do83h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 7520 series.lnk [2023-04-23]
ShortcutAndArgument: Tintenwarnungen überwachen - HP Photosmart 7520 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Photosmart 7520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH4A1710WP05YY;CONNECTION=USB;MONITOR=1;
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {040310DD-CB77-43E4-8279-924E17C6B61B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [156112424 2023-04-15] (Microsoft Windows -> Microsoft Corporation)
Task: {0C513AFB-E8CE-4D7C-BAC3-AC1624BB4C62} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114624 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2010EA3E-9F0D-415E-A218-4FDC3E41E911} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5037496 2023-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {262C3E9C-36FB-416D-9B22-681018F087E0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {3F91757F-92A4-4741-8CE7-5F4348663D09} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-09] (McAfee, LLC -> McAfee, LLC)
Task: {41FB538F-E69F-4062-A8FE-42B756762C06} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2172344 2023-04-15] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {44C1D279-047F-4D25-9130-340FC3BDCA5E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation)
Task: {4F689235-F97C-46C4-B507-240CA6C38203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {53DD5BC8-EC96-40DF-AC1E-73ADE4A3807B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114624 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E016F5B-57AC-4FDF-B0EE-DD9111BA47EF} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {6C00A265-94E7-4865-B2EC-59EFABDAE67F} - System32\Tasks\Opera scheduled Autoupdate 1605363011 => C:\Users\do83h\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-03] (Opera Software AS -> Opera Software)
Task: {78DDFC1F-7D48-40BE-B0AE-595F0AB40665} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4564016 2023-01-16] (McAfee, LLC -> McAfee, LLC)
Task: {7C6AAADD-6794-4CEC-842E-F176CA9317EC} - System32\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {8ED46F6B-D868-45F9-A5DA-F936D7B2E679} - System32\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {8EFF55D3-C8A4-4882-BF83-295EEAAB4288} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {8F8519B8-C23A-4E03-A22F-7761436B1C73} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [7074232 2023-03-01] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A160F302-5259-4CC8-88D7-5327AE03EDBA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {AE4CD1A5-76DE-44A6-889D-7885E061B63F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26301352 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF02A63D-FDCC-4CFB-A094-48A4E4432387} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-17] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B473CF9B-0E2C-4DEB-8FC8-7FE808EE020F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26301352 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFEB3880-E556-4F2C-B7D0-790E7658A61B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {C145D0EA-DB56-421C-B716-F1D441FEB974} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.108\DADUpdater.exe [4094568 2023-02-17] (McAfee, LLC -> McAfee, LLC)
Task: {D3F7123B-3C07-446B-9FFE-FCC5C5061943} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E65BF73C-EB8F-452B-979A-36C9931D7E92} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7474536-071E-469B-B266-FC9A0EF2AE45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {E8A0CD34-2229-4F32-8BAB-DFCA367A434F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {F59146C7-C25F-4DE3-99D4-7D64FB97AAD4} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {FCCA6D1E-93E4-42CC-9BA0-A2D2C26F7175} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005.job => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005.job => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0894d97c-231f-418b-bd94-97d6dc7075e5}: [DhcpNameServer] 192.168.2.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\do83h\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-09]

FireFox:
========
FF DefaultProfile: 3uauklfr.default
FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\3uauklfr.default [nicht gefunden] <==== ACHTUNG
FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\bxljijxg.dominik [2023-04-23]
FF Homepage: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620
FF Notifications: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://www.planetromeo.com; hxxps://www.jako.de; hxxps://www.romeo.com
FF SearchPlugin: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\bxljijxg.dominik\searchplugins\Yahoo Search.xml [2022-06-17]
FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\79tx312p.default-release [2023-04-21]
FF Homepage: Mozilla\Firefox\Profiles\79tx312p.default-release -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620
FF NewTab: Mozilla\Firefox\Profiles\79tx312p.default-release -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620
FF SearchPlugin: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\79tx312p.default-release\searchplugins\Yahoo Search.xml [2022-06-17]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [ist nicht signiert]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-12-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-12-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default [2023-04-23]
CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://www.fmscout.com
CHR Extension: (McAfee® WebAdvisor) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-06]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-584500284-1391629960-3397962802-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera: 
=======
OPR Profile: C:\Users\do83h\AppData\Roaming\Opera Software\Opera Stable [2020-11-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1047416 2019-12-05] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
S3 appprotectionsvc; C:\Program Files (x86)\Citrix\ICA Client\appprotection.exe [520624 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [619960 2023-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [620472 2023-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8930232 2023-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512768 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [10759616 2021-09-29] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [66480 2023-02-07] (Citrix Systems, Inc. -> Cloud Software Group, Inc.)
R2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2023-03-18] (Lavasoft Software Canada Inc. -> )
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42760 2023-02-28] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [211208 2023-02-28] (Intel Corporation -> Intel)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncHelper.exe [3420040 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [128272 2016-03-30] (Hewlett-Packard Company -> HP)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [856472 2023-04-05] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_6\McApExe.exe [768256 2020-09-11] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [584296 2020-02-06] (McAfee, LLC. -> McAfee, LLC.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\\McCSPServiceHost.exe [2726312 ] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1745400 2020-08-14] (McAfee, LLC -> McAfee, LLC)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.066.0326.0005\OneDriveUpdaterService.exe [3805576 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4221040 2020-07-29] (McAfee, LLC -> McAfee, LLC)
R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [283112 2022-09-27] (Protected Antivirus Limited -> TotalAV) <==== ACHTUNG
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [27856 2023-03-18] (Lavasoft Software Canada Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 CitrixEnterpriseBrowserElevationService; "C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\108.1.1.97\elevation_service.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 acsock; C:\Windows\system32\DRIVERS\acsock64.sys [300456 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [31456 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [231840 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [391896 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [297920 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [96512 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\Windows\System32\drivers\avgElam.sys [25064 2022-10-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [39688 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [268520 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [557176 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [209088 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [105288 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [80456 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [941960 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [699712 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [212720 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [319088 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [199312 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [367096 2023-03-18] (Bitdefender SRL -> Bitdefender)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [75704 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R2 ctxusbm; C:\Windows\system32\DRIVERS\ctxusbmon.sys [156072 2022-12-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 entryprotectdrv; C:\Program Files (x86)\Citrix\ICA Client\entryprotect.sys [72064 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 epinject6; C:\Program Files (x86)\Citrix\ICA Client\epinject.sys [161832 2023-01-17] (Citrix Systems, Inc. -> )
S4 epusbfilter; C:\Program Files (x86)\Citrix\ICA Client\epusbfilter.sys [43904 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
S3 iaLPSS2_GPIO2_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_90beccc7e046abab\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_I2C_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_66a759065dfa6f64\iaLPSS2_SPI_ICL.sys [160024 2020-04-27] (Intel Corporation -> Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [529848 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [382392 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85928 2020-06-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [521656 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [1006008 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [595896 2020-06-08] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [107960 2020-06-08] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116664 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252344 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S0 ProtectedELAM; C:\Windows\System32\drivers\protected_elam.sys [18912 2022-09-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> TODO: <Company name>)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 Usbnet; C:\Windows\System32\drivers\usbnet.sys [46080 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [74064 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-11-06] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429288 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
R1 webshieldfilter; C:\Windows\System32\drivers\webshieldfilter.sys [96264 2022-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-04-23 12:34 - 2023-04-23 12:37 - 000091985 _____ C:\Users\do83h\Downloads\Addition.txt
2023-04-23 12:32 - 2023-04-23 13:13 - 000000000 ____D C:\FRST
2023-04-23 12:32 - 2023-04-23 12:37 - 000055029 _____ C:\Users\do83h\Downloads\FRST.txt
2023-04-23 12:32 - 2023-04-23 12:32 - 000000000 ____D C:\Users\do83h\Downloads\FRST-OlderVersion
2023-04-23 11:32 - 2023-04-23 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2023-04-21 17:28 - 2023-04-21 17:28 - 000005961 _____ C:\Users\do83h\Downloads\FID_PCHS_INV_1666020271_dfhJMkTU.pdf
2023-04-17 21:13 - 2023-04-20 12:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-16 11:12 - 2023-04-16 11:12 - 000000004 ____H C:\ProgramData\cm-lock
2023-04-15 16:10 - 2023-04-15 16:10 - 000000000 ___HD C:\$WinREAgent
2023-04-06 20:05 - 2023-04-06 20:05 - 000188129 _____ C:\Users\do83h\Downloads\Vorlage_Exposé_BuK_Website(5).dotx
2023-04-06 20:04 - 2023-04-06 20:04 - 000188129 _____ C:\Users\do83h\Downloads\Vorlage_Exposé_BuK_Website(3).dotx
2023-04-06 20:04 - 2023-04-06 20:04 - 000188129 _____ C:\Users\do83h\Downloads\Vorlage_Exposé_BuK_Website(2).dotx
2023-04-06 19:42 - 2023-04-06 19:42 - 000188129 _____ C:\Users\do83h\Downloads\Vorlage_Exposé_BuK_Website(1).dotx
2023-04-05 23:43 - 2023-04-23 12:31 - 000002678 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2023-04-03 10:41 - 2023-04-03 10:41 - 000115679 _____ C:\Users\do83h\Downloads\Organigramm_Stadt_Wuppertal_ab_02.2023.pdf
2023-03-31 16:54 - 2023-03-31 16:54 - 000000162 ____H C:\Users\do83h\Downloads\~$rlage_Exposé_BuK_Website.dotx
2023-03-31 16:53 - 2023-03-31 16:53 - 000256395 _____ C:\Users\do83h\Downloads\Humboldt Universität z_expose_090402.pdf
2023-03-30 12:51 - 2023-03-30 12:51 - 000323037 _____ C:\Users\do83h\OneDrive\Dokumente\Krankmeldungen DH.pdf
2023-03-29 18:01 - 2023-03-29 18:01 - 001382425 _____ C:\Users\do83h\Downloads\broschuere_elektromobilitaet_kurz_erklaert_01.17.pdf
2023-03-29 15:21 - 2023-03-29 15:21 - 000001094 _____ C:\Users\Public\Desktop\Funkyplot.lnk
2023-03-29 14:59 - 2023-03-29 15:00 - 006758511 _____ (LOGICIEL ) C:\Users\do83h\Downloads\funkyplot-1.1.0-pre1_win32_installer_v002(1).exe

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-04-23 13:14 - 2020-10-31 17:15 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Microsoft\Word
2023-04-23 13:11 - 2021-11-01 18:16 - 000000068 ___SH C:\Windows\system32\Drivers\WppRecorder.winsecurity
2023-04-23 13:06 - 2020-10-29 15:00 - 000000000 ____D C:\Users\do83h\AppData\Local\D3DSCache
2023-04-23 13:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-23 12:41 - 2021-11-01 18:16 - 000000068 ___SH C:\Windows\system32\Drivers\WdfLdr.winsecurity
2023-04-23 12:31 - 2022-01-06 16:39 - 000003066 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-584500284-1391629960-3397962802-1005
2023-04-23 12:31 - 2021-07-14 11:35 - 000002716 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-04-23 12:31 - 2021-03-08 16:10 - 000003042 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2023-04-23 12:31 - 2021-03-05 20:47 - 000002970 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2023-04-23 12:31 - 2021-03-05 20:47 - 000002604 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2023-04-23 12:31 - 2021-02-18 14:56 - 000003260 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005
2023-04-23 12:31 - 2021-02-18 14:56 - 000003164 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005
2023-04-23 12:31 - 2021-02-18 14:56 - 000000666 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005.job
2023-04-23 12:31 - 2021-02-18 14:56 - 000000570 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005.job
2023-04-23 12:31 - 2020-11-15 20:07 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2023-04-23 12:31 - 2020-11-14 16:10 - 000003624 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1605363011
2023-04-23 12:31 - 2020-11-14 16:07 - 000003044 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2023-04-23 12:31 - 2020-11-11 15:09 - 000002718 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Photosmart 7520 series
2023-04-23 12:31 - 2020-11-01 15:12 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-04-23 12:31 - 2020-10-29 14:48 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-23 12:31 - 2020-10-29 14:44 - 000003568 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-04-23 12:31 - 2020-10-29 14:44 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-04-23 12:31 - 2020-07-14 15:01 - 000002674 _____ C:\Windows\system32\Tasks\McAfeeLogon
2023-04-23 12:31 - 2020-07-14 15:00 - 000002650 _____ C:\Windows\system32\Tasks\McAfee Remediation (Prepare)
2023-04-23 12:31 - 2020-07-02 09:15 - 000003684 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-23 12:31 - 2020-07-02 09:15 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-04-23 11:42 - 2020-10-29 14:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-23 11:36 - 2020-10-29 13:58 - 000000000 ____D C:\Users\do83h
2023-04-23 11:32 - 2022-10-23 13:31 - 000001162 _____ C:\Users\do83h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2023-04-23 11:32 - 2020-10-29 15:32 - 000000000 ____D C:\Users\do83h\Knuddels-Stapp
2023-04-23 11:32 - 2020-07-02 09:15 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-23 11:32 - 2020-07-02 09:15 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-04-23 11:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-23 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-23 11:30 - 2020-10-29 14:03 - 000000000 __SHD C:\Users\do83h\IntelGraphicsProfiles
2023-04-22 19:51 - 2020-10-29 21:37 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Microsoft\Excel
2023-04-22 19:22 - 2021-12-19 00:44 - 000000000 ____D C:\Windows\SystemTemp
2023-04-22 18:34 - 2020-06-15 08:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-21 17:47 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-21 15:01 - 2020-10-29 14:46 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-21 15:01 - 2020-10-29 14:46 - 000002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-04-21 14:58 - 2021-09-22 18:18 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-04-21 14:58 - 2021-09-22 18:18 - 000001903 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-04-21 14:58 - 2021-09-22 18:18 - 000001903 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-04-21 14:58 - 2021-09-22 18:18 - 000001891 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-04-20 12:36 - 2020-10-29 15:01 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-20 12:36 - 2020-10-29 15:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-19 18:13 - 2020-10-29 14:03 - 000000000 ____D C:\Users\do83h\AppData\Local\Packages
2023-04-18 18:23 - 2020-10-29 15:01 - 000000000 ____D C:\Users\do83h\AppData\LocalLow\Mozilla
2023-04-18 17:52 - 2020-10-30 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-04-17 20:49 - 2022-10-23 13:30 - 000000000 ____D C:\Program Files (x86)\TotalAV
2023-04-17 09:44 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-16 11:16 - 2020-07-02 08:37 - 000747396 _____ C:\Windows\system32\perfh007.dat
2023-04-16 11:16 - 2020-07-02 08:37 - 000151262 _____ C:\Windows\system32\perfc007.dat
2023-04-16 11:16 - 2020-06-15 09:07 - 001731656 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-16 11:12 - 2020-11-14 16:05 - 000000000 ____D C:\ProgramData\AVG
2023-04-16 11:12 - 2020-06-15 08:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-16 11:11 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-04-15 17:38 - 2021-08-26 13:18 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-04-15 17:38 - 2020-06-15 08:59 - 000608824 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-15 16:17 - 2020-06-15 09:01 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-15 16:13 - 2022-10-11 16:18 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-04-15 16:13 - 2022-10-11 16:18 - 000002128 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-04-15 16:08 - 2020-11-01 17:21 - 000000000 ____D C:\Windows\system32\MRT
2023-04-15 16:05 - 2020-07-02 09:13 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-04-15 15:24 - 2021-07-14 11:35 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-15 15:19 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-04-02 16:18 - 2020-10-30 15:06 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Microsoft\UProof
2023-04-02 00:06 - 2020-10-29 17:28 - 000000000 ____D C:\Users\do83h\OneDrive\Dokumente\eigene dateien
2023-03-29 15:21 - 2020-11-28 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Funkyplot
2023-03-29 15:21 - 2020-11-28 22:46 - 000000000 ____D C:\Program Files (x86)\Funkyplot
2023-03-26 17:31 - 2020-10-29 21:36 - 000000000 ____D C:\Users\do83h\OneDrive\Dokumente\UniWuppertal1

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-12-30 00:50 - 2020-12-30 00:50 - 000000457 _____ () C:\Program Files (x86)\INSTALL.LOG
2021-07-14 16:13 - 2022-07-20 00:01 - 000030049 _____ () C:\Users\do83h\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2020-10-30 15:19 - 2021-06-30 15:53 - 000022399 _____ () C:\Users\do83h\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2020-10-29 21:51 - 2021-01-06 19:19 - 000000081 _____ () C:\Users\do83h\AppData\Local\.bidstack.fault
2021-03-14 22:46 - 2021-03-14 22:46 - 000000950 _____ () C:\Users\do83h\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

dommymaster · 23.04.2023, 13:55

und

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-04-2023 01
durchgeführt von do83h (23-04-2023 13:14:29)
Gestartet von C:\Users\do83h\OneDrive\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2020-08-27 06:57:47)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-584500284-1391629960-3397962802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-584500284-1391629960-3397962802-503 - Limited - Disabled)
do83h (S-1-5-21-584500284-1391629960-3397962802-1005 - Administrator - Enabled) => C:\Users\do83h
Gast (S-1-5-21-584500284-1391629960-3397962802-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-584500284-1391629960-3397962802-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Total AV (Enabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: McAfee VirusScan (Disabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 23.001.20143 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AutoCAD 2021 - Deutsch (German) (HKLM\...\{28B89EEF-4101-0407-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 - Deutsch (German) (HKLM\...\AutoCAD 2021 - Deutsch (German)) (Version: 24.0.47.0 - Autodesk)
Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.21.17 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk)
AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 23.2.7961.610 - AVG)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
BCR Plug-in (HKLM-x32\...\{FFC7EBF7-F91B-4FB6-98CD-A8828C5A87BA}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version:  - Cheat Engine)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.03104 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{A4076314-DE10-4FEB-A977-A3AF859B4073}) (Version: 4.10.03104 - Cisco Systems, Inc.) Hidden
Citrix Authentication Manager (HKLM-x32\...\{05050F9C-B6C7-446C-B2B9-4C03DB2E79E2}) (Version: 23.3.0.5 - Cloud Software Group, Inc.) Hidden
Citrix Web Helper (HKLM-x32\...\{6D00D7E5-31A3-4122-82E8-32791FF475A3}) (Version: 23.2.0.21 - Cloud Software Group, Inc.) Hidden
Citrix Workspace (DV) (HKLM-x32\...\{8DBE26D1-262A-42AE-9894-F4D67A25E5E8}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden
Citrix Workspace (USB) (HKLM-x32\...\{78457B01-3E7D-4565-96B5-00B7D9B58750}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden
Citrix Workspace 2302 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 23.2.0.38 - Cloud Software Group, Inc.)
Citrix Workspace Inside (HKLM-x32\...\{ABAB33DE-1F6B-431A-B72B-0E1E31AD1E2A}) (Version: 23.2.0.15 - Citrix Systems, Inc.) Hidden
CodeMeter Runtime Kit v7.30a (HKLM\...\{9B600D30-C133-4D53-BDE1-CBDC9783E657}) (Version: 7.30.4820.501 - WIBU-SYSTEMS AG)
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.8922 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.8922 - CyberLink Corp.)
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.51.0 (HKLM-x32\...\FileZilla Client) (Version: 3.51.0 - Tim Kosse)
Funkyplot 1.1.0-pre1 (HKLM-x32\...\Funkyplot_is1) (Version:  - LOGICIEL)
FUSSBALL MANAGER 11 (HKLM-x32\...\FUSSBALL MANAGER 11) (Version:  - Electronic Arts)
GGU-SOFTWARE COMPLETE PACK (HKLM-x32\...\{B2A0B907-6666-4ADD-817D-173678BAD83E}) (Version: 20.21.023 - Civilserve GmbH)
GIMP 2.10.22 (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 112.0.5615.138 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 74.0.2.0 - Google LLC)
GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version:  - )
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 7520 series - Grundlegende Software für das Gerät (HKLM\...\{62883BA5-32F6-44D0-AF9D-9CBED778F36F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Hilfe (HKLM-x32\...\{2230C40A-ADE0-4231-98EC-7AAFC14BC7F3}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
In Autodesk Web & Mobile speichern (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Intel Driver && Support Assistant (HKLM-x32\...\{91672422-9B98-4606-A6D7-E164D7037B06}) (Version: 23.1.9.7 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{318C30A1-C7AF-414E-890F-6345E6E0FD33}) (Version: 2.4.09084 - Intel Corporation)
Intel(R) SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{a532c7c7-1594-49bb-a186-f44c52c9509e}) (Version: 23.1.9.7 - Intel)
Knuddels Standalone App (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R28 - McAfee, LLC)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft 365 Apps for Business - de-de (HKLM\...\O365BusinessRetail - de-de) (Version: 16.0.16130.20394 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{3196C85D-CFB0-3E5B-A592-0322692C2140}) (Version: 112.0.1722.58 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.48 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (HKLM\...\{90140000-002A-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.066.0326.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Teams) (Version: 1.4.00.18264 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.63 - mIRC Co. Ltd.)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 112.0.1 (x64 de)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20394 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{E4FE6BEF-21A1-49E2-B3C8-56752D626893}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden
OpenOffice 4.1.7 (HKLM-x32\...\{81D7585D-3E44-4984-B99B-911492419D3E}) (Version: 4.17.9800 - Apache Software Foundation)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
PremierOpinion (HKLM-x32\...\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}) (Version: 1.3.338.320 - VoiceFive, Inc.) <==== ACHTUNG
QGIS 3.28.1 'Firenze' (HKLM\...\{7EC18ED8-729C-1014-BC9F-C7938B569609}) (Version: 3.28.1 - QGIS.org)
RuckZuck Demo (HKLM-x32\...\{E7EB9C2F-4270-435E-93C3-3BC734234A75}) (Version: 6.0.22 - MURSOFT)
Self-Service Plug-in (HKLM-x32\...\{E8019414-F222-40FF-8131-B02FC64BC67D}) (Version: 23.2.0.21 - Cloud Software Group, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{97099817-53F1-4CA1-ACEA-DA6D74371689}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{996096F8-956B-41C9-A7E3-9BA1E801014F}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{D505EC85-885F-4BE3-8A89-3EFE4F855692}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SmartTools Office DDE-Fix (HKLM-x32\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Stahlbau (HKLM-x32\...\{41C5E1CA-3507-49CE-87D4-9939AE5D3521}) (Version: 1.1.1 - Schneider Bautabellen)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Photosmart 7520 series Produkten (HKLM\...\{D662A279-973A-42A0-8D4B-8747C56C0501}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
SupportAPP (HKLM\...\{0000A0AB-3A12-1EF4-A21C-9ADE1843AB04}) (Version: 1.1 - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
TotalAV (HKLM-x32\...\TotalAV) (Version: 5.18.284 - TotalAV) <==== ACHTUNG
Verfügbare Autodesk-Apps 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
Web Companion (HKLM-x32\...\{928be91b-ffd0-48ac-9e85-bef0fbc8a78e}) (Version: 8.9.0.748 - Lavasoft)
WebAdvisor von McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.810 - McAfee, LLC)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\ZoomUMX) (Version: 5.13.5 (12053) - Zoom Video Communications, Inc.)

Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2201.1.0_x64__6bk20wvc8rfx2 [2022-12-30] (Hauke Hasselberg)
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2020-10-29] (Adobe Systems Incorporated)
Aldi Angebote -> C:\Program Files\WindowsApps\MEDION.AldiAngebote_1.1.4.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION)
Aldi Foto -> C:\Program Files\WindowsApps\MEDION.AldiFoto_1.1.46.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION)
ALDI life -> C:\Program Files\WindowsApps\MEDION.ALDIlife_1.1.5.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION)
AldiTalk -> C:\Program Files\WindowsApps\MEDION.AldiTalk_1.1.28.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.27.0_x64__ffd303wmbhcjt [2023-03-23] (BreeZip)
Dropbox für S Modus -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_23.4.16.0_x64__xbfy0k16fey96 [2023-04-15] (Dropbox Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_144.1.1068.0_x64__v10z8vjag6ke6 [2023-04-07] (HP Inc.)
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-04-15] (INTEL CORP) [Startup Task]
Internet-Security -> C:\Program Files\WindowsApps\MEDION.Internet-Security_1.1.26.0_x64__eqf9tz77ft5w8 [2020-10-30] (MEDION)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-16] (Microsoft Corporation)
MEDION -> C:\Program Files\WindowsApps\MEDION.MEDION_1.1.18.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-23] (Microsoft Corporation) [MS Ad]
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Corporation)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2023-03-07] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.259.0_x64__dt26b99r8h8gj [2022-02-04] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0 [2023-04-15] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.6.0_x64__cv1g1gvanyjgm [2023-04-23] (WhatsApp Inc.) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-02] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{04271989-C4D2-3B08-EDAD-DFB9128A2A49} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\do83h\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel)
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\do83h\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\do83h\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\de-DE\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-03-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-03-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-03-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-03-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-03-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\do83h\OneDrive\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2022-08-09 15:02 - 2022-08-09 15:02 - 005998080 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll
2023-04-23 11:31 - 2023-04-23 11:31 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_ctypes.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_elementtree.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_hashlib.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_multiprocessing.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_psutil_windows.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_socket.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 002825216 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_ssl.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_yappi.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\bz2.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\common.time34.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\hashobjs_ext.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\PIL._imaging.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\pyexpat.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\pysqlite2._sqlite.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\pythoncom27.dll
2023-04-23 11:31 - 2023-04-23 11:31 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\pywintypes27.dll
2023-04-23 11:31 - 2023-04-23 11:31 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\select.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\thumbnails_ext.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\unicodedata.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\usb_ext.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32api.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32com.shell.shell.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32crypt.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32event.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32file.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32gui.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32inet.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32pdh.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32pipe.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32process.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32profile.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32security.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32ts.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\windows.conditional.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\windows.connectivity.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\windows.device_monitor.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\windows.volumes.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\windows.winwrap.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._controls_.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._core_.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._gdi_.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._html2.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._misc_.pyd
2023-04-23 11:31 - 2023-04-23 11:31 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._windows_.pyd
2023-02-07 00:23 - 2023-02-07 00:23 - 000512000 _____ (Cloud Software Group, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\Shims.dll
2023-04-23 11:31 - 2023-04-23 11:31 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\python27.dll
2023-02-24 23:02 - 2023-02-24 23:02 - 001600512 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2023-02-24 23:02 - 2023-02-24 23:02 - 002165760 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2021-09-29 07:30 - 2021-09-29 07:30 - 000218624 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.lDe
2021-09-29 07:30 - 2021-09-29 07:30 - 000056320 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\Windows\SYSTEM32\WIBUCM64.lDe
2023-04-23 11:31 - 2023-04-23 11:31 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxbase30u_net_vc90_x64.dll
2023-04-23 11:31 - 2023-04-23 11:31 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxbase30u_vc90_x64.dll
2023-04-23 11:31 - 2023-04-23 11:31 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxmsw30u_adv_vc90_x64.dll
2023-04-23 11:31 - 2023-04-23 11:31 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxmsw30u_core_vc90_x64.dll
2023-04-23 11:31 - 2023-04-23 11:31 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxmsw30u_html_vc90_x64.dll
2023-04-23 11:31 - 2023-04-23 11:31 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:CM_460d012b145979dbf37dc3b0d01ccb88c0d32947f35d43424efdd9b5dd3d14d5 [74]
AlternateDataStreams: C:\Windows:CM_663b0d0a539d6165560218efcbd7453ad718e66208ff706cc3a31c7a8e4b9b0e [74]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-584500284-1391629960-3397962802-1005\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-584500284-1391629960-3397962802-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D110620-A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016
SearchScopes: HKU\S-1-5-21-584500284-1391629960-3397962802-1005 -> DefaultScope {4226AE2E-DA9C-4FEC-ADD0-2938E5D206C9} URL = 
SearchScopes: HKU\S-1-5-21-584500284-1391629960-3397962802-1005 -> {4226AE2E-DA9C-4FEC-ADD0-2938E5D206C9} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-584500284-1391629960-3397962802-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\do83h\OneDrive\Bilder\20201203_232012.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "GoogleDriveFS"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{91097782-B4C1-4FCA-BF83-9AD32B9890CA}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{7CF70F64-0B6D-4329-A798-1CE1A865BBAE}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{C799C331-682B-4A56-ABE3-A05198BF033C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{1A83EFA7-0542-46E5-9787-595031A07EB6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5731ADC6-7E60-4ED0-8B37-E2980C4408E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C992071C-F4BA-461C-8494-4EB8CA948F98}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4269E496-7B7B-49DE-A2C6-85BA6181F15A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{07AD66A0-7A75-4700-AD0B-447D1CCA7173}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C5A75EDE-55BF-4D8E-B211-90421381FEDD}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AB9924EC-BE8D-4050-896F-F7B061682528}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C9FBF2F2-D244-4EFD-BBDB-D359A5DCA33D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{2B4D694B-B65E-492B-AA68-6EFD9C6D7478}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{78965097-61FD-4ED1-B0DB-E0E4554F5C8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{4961590A-E9C8-413A-B8B3-422F32EA911F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{2DE5F4C7-FEFE-45FA-9DD2-774EFF9C0594}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [Datei ist nicht signiert]
FirewallRules: [{B983BDC8-9219-4CDB-BADE-2C1207477073}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [Datei ist nicht signiert]
FirewallRules: [{27A009E9-D942-4FDB-9E04-A943590297D0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => Keine Datei
FirewallRules: [{4804A448-841A-4375-A3E1-31A216F373B3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => Keine Datei
FirewallRules: [{D22BF529-B605-4B6B-9980-DB6EF6631A6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8168CAFE-BEF4-4770-94FF-9C165B5BA5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{6076706E-C7C9-4EDA-AC8C-AE97ACD9F30B}D:\germanfunscript\mirc.exe] => (Allow) D:\germanfunscript\mirc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [UDP Query User{4B855A4A-6C2C-460C-A9BC-F2B422E04D5C}D:\germanfunscript\mirc.exe] => (Allow) D:\germanfunscript\mirc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{077F70C1-2CEA-4C12-9779-4A83A7C367C5}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7DCFF239-148D-47FA-97BF-6F199139BB76}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A4EED48E-BFCB-4021-BF6F-C17CC386549B}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0E839BF7-3245-48F4-888B-01F936DFBA5E}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C3AC304C-3C8E-426C-9B83-93608B27420C}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{19EA0D33-EDB7-4A72-ACC7-3CEC33B7A378}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3261CB5D-DFC2-48EF-8B1C-BC07CB075042}] => (Allow) C:\Users\do83h\AppData\Local\Temp\7zS3462\HP.EasyStart.exe => Keine Datei
FirewallRules: [{3016874C-B080-4FE8-A159-09C8CEA3257C}] => (Allow) C:\Users\do83h\AppData\Local\Temp\7zS355A\HP.EasyStart.exe => Keine Datei
FirewallRules: [{B576C5F3-E56F-41C7-94AA-1B681CE44758}] => (Allow) C:\Programme\ftp-uploader\FTPUploader.exe => Keine Datei
FirewallRules: [{58D2599F-700D-4DC0-B034-E98317FCC896}] => (Allow) C:\Programme\ftp-uploader\FTPUploader.exe => Keine Datei
FirewallRules: [{6B34D53D-3A32-4C7F-BA5F-CEC894277B41}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe => Keine Datei
FirewallRules: [{A2B1FAF7-1044-4101-B797-57990D2D71CA}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe => Keine Datei
FirewallRules: [{2F7F35B0-8DEB-4112-8305-7A9C9DF86471}] => (Allow) C:\Users\do83h\AppData\Local\Programs\Opera\67.0.3575.53\opera.exe => Keine Datei
FirewallRules: [TCP Query User{52DE1D0B-80DE-48E7-B07A-8C2621FB460A}C:\program files (x86)\icq\icq.exe] => (Allow) C:\program files (x86)\icq\icq.exe => Keine Datei
FirewallRules: [UDP Query User{4CE88939-DF7E-4732-BD99-82EA33DF945C}C:\program files (x86)\icq\icq.exe] => (Allow) C:\program files (x86)\icq\icq.exe => Keine Datei
FirewallRules: [{0BD76F22-3A76-4AE8-B85E-0D5F0EC682C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [{2763FA1C-BCFD-4FD6-9A0C-6CD2044D5F03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [{AD42407A-317B-4BC1-A57D-58DDE7C30BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021 Touch\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [{397D6737-1738-496D-A5F3-4620080DB974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021 Touch\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{04634F77-68BA-44D0-96FA-2E269400C92D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{D90C5E21-9D34-4BD3-95D8-5A90EF934BDF}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{CA9EF035-44A2-4023-994E-F06C7267A2AE}G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe] => (Allow) G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B5384481-8A52-49BE-B452-E9FEB687C5A8}G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe] => (Allow) G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{9C266B58-5837-4F14-8ED3-55850FEFCB9B}C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F970D8C5-A9BB-4BB5-BBD7-4E2CA061E2B0}C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E996BBA-E521-4C0C-BFB2-44006CEAA027}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C62A528F-9005-4B14-9645-9CBF11A2211A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0AE8D691-C774-4DDE-A3B5-DB93D95520CC}C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe] => (Allow) C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe (TEAMDEV LTD. -> The Chromium Authors)
FirewallRules: [UDP Query User{6E56B611-983C-45E7-B9A0-126D0B1BA121}C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe] => (Allow) C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe (TEAMDEV LTD. -> The Chromium Authors)
FirewallRules: [TCP Query User{48BAD51C-6E9D-4ADA-ABC3-2C293FCB7F60}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{A490F037-01AD-4740-8428-4901A593DD1A}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{1D3A27B8-E90E-403D-B14D-75762255F683}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B9C33F69-B4CF-4E27-A100-1AF8A5EFD605}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [{F9257276-5D95-48B2-8D94-4D0F314FF9FE}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2BED97C3-C9F1-4838-BEFF-3CD10A8440AF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{FC85DFCD-E50E-44EF-BFE8-E156210BA8E6}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1BAF5D6E-30B7-459F-A220-967CFF7AE31D}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{F31317B2-5019-43F3-9CA8-BCA6B81B6ACB}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{97250A55-32AB-44E1-A35E-7AFE8E944E57}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{C038A0F9-7DC6-45EA-8BF0-F66054BDB1CF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{7B1E9BE0-D757-428A-9801-08F57E63BB0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [{D28CC963-9B82-4191-B5B5-F36DA1B1CD8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [{44D08B88-985A-4679-A942-15FAA5F1690B}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{6DDAAEFE-A5CA-465F-9E56-C7F6003988E6}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{426DF6BA-7EAC-425F-9A41-10ACC7575050}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{349A9509-0562-4E8C-8E1B-82DEE374ECD1}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{4599150E-EE6C-4BFF-A54F-BD8BFB9E134A}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{8368168C-9629-4E62-B484-F6751CCFDFB1}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{C9424330-09EB-4CC1-A938-9534CF8C59A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0FB0B6C2-558C-4190-BBF8-F827086F1E41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA5256F6-44D3-4BFF-8493-F6C83BE6090B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDFE08D6-2D12-4A59-9FAD-A152E840314B}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2ADFBFE8-7C9B-4C67-9D30-9E1EED70CDE0}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{35C59D83-368A-44D8-96E3-5D8FF9B76E2C}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{01ED5F99-B8B6-4A96-867A-BD094B93ABCF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{54BA204B-45EC-4DF4-8B49-F560AF474F0A}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{DBF7FC75-387B-47BC-AC24-DAD807426B46}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{AD6006F8-04D0-410B-93DA-A762A8F9FB24}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{AD2982F0-2F42-418F-8C47-DF460B9CFE35}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{9F5714B7-3E5A-472A-8377-23CDF8D6163C}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{C2E89D23-C8A0-4EF5-BAB4-E5F5CEFD7C39}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{6FAFF0E4-0B0A-4471-B6E0-228380983555}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{B2FB0A4E-C7FE-4163-982B-F0B688CDF303}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2ED68962-F905-4924-A4CF-56B83F88AF14}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{30339956-8C4F-4735-8CC8-2EC3A5A534CF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{86ED600E-DAC4-4940-B927-7F1D076A6849}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{EA75FAE2-A25D-4211-BC4F-79AF5AFEB8CC}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{DE86BE77-8AA1-46EA-9B88-CEA7785648C4}] => (Allow) C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\CitrixEnterpriseBrowser.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{1550DA8F-6ECA-42BB-A215-D8055EE73786}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{EF1F8A95-A410-4418-BEE2-B9EAE245AEA9}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{1140C0D0-5214-41F2-B9F1-55C49F529AF7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F00A2095-7BE0-4F1F-B87A-8DA54E1ABD05}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{CC522D3A-097C-48E0-BE0B-DE7D8DCD0D1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{641ED20C-2908-41CE-A66A-B82141CBD3FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{A074F7DF-BC8B-4C7F-8C14-1D731AE2889A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{7EE6912D-E4CD-4EE6-A08C-B9024F01B42A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{84853C0F-C549-41F6-BDD4-61D4E829C236}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{F93BF714-2736-4CA2-BB10-8B5C43EE7A99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{C63533A9-BAE1-493A-8462-1D9E5F8F3BC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{228F5254-9211-4663-9223-DD263DD2774B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{DB8C9316-25C8-4DB1-876F-2367F999D3F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{6BAFC3FF-0314-4209-A897-299F5D502AB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{F932AAB2-E83B-4A75-97BE-913711F206E5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.48\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8B37696-3363-4A41-9AA1-C5EE894A78D1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{84E29D0E-2AC8-422A-88FE-6DD7BF75E1B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{863ECA00-17C9-4E5C-B70E-B6EBED8B2E3B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{70A73443-F799-4FE7-B449-EC54222B314E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{D677658E-2237-4B2F-ABC3-84F7A6CF94D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Wiederherstellungspunkte =========================

21-04-2023 18:56:53 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (04/23/2023 11:34:04 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/22/2023 08:06:44 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Mapi. Fehlerbeschreibung: Eine DLL-Initialisierungsroutine ist fehlgeschlagen.  (HRESULT : 0x8007045a).

Error: (04/22/2023 07:33:40 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Mapi. Fehlerbeschreibung: Eine DLL-Initialisierungsroutine ist fehlgeschlagen.  (HRESULT : 0x8007045a).

Error: (04/21/2023 06:46:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf HDDRIVE2GO (G:) nicht abschließen. Grund: Dieser Vorgang wird auf diesem Dateisystem nicht unterstützt. (0x89000020)

Error: (04/18/2023 05:52:44 PM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x8007045b).

Error: (04/18/2023 05:52:44 PM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x8007045b.

Error: (04/18/2023 05:51:56 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-V3T0UTA)
Description: Die Anwendung oder der Dienst "Microsoft Outlook" konnte nicht heruntergefahren werden.

Error: (04/17/2023 08:43:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SecurityService.exe, Version: 5.18.284.0, Zeitstempel: 0x609c79ed
Name des fehlerhaften Moduls: coreclr.dll, Version: 4.700.21.26205, Zeitstempel: 0x609c3176
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001b17ff
ID des fehlerhaften Prozesses: 0x1e54
Startzeit der fehlerhaften Anwendung: 0x01d970438cf6495f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\TotalAV\SecurityService.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\TotalAV\coreclr.dll
Berichtskennung: b69cd246-3a3c-497a-988e-8ae9234295fa
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (04/22/2023 06:37:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (04/21/2023 06:38:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop

Error: (04/21/2023 02:52:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/17/2023 09:31:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop

Error: (04/16/2023 11:11:54 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst AVG Antivirus konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (04/16/2023 11:11:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2023 07:28:40 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (04/15/2023 05:39:22 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst AVG Antivirus konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.


Windows Defender:
================
Date: 2023-03-11 12:04:15
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=App:Cheat_Engine_BundleInstaller&threatid=268652&enterprise=1
Name: App:Cheat_Engine_BundleInstaller
Schweregrad: Mittel
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\do83h\Downloads\CheatEngine72.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\TotalAV\SecurityService.exe
Sicherheitsversion: AV: 1.327.879.0, AS: 1.327.879.0, NIS: 1.327.879.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2022-12-15 15:52:24
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=App:Cheat_Engine_BundleInstaller&threatid=268652&enterprise=1
Name: App:Cheat_Engine_BundleInstaller
Schweregrad: Mittel
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\do83h\Downloads\CheatEngine72.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\TotalAV\SecurityService.exe
Sicherheitsversion: AV: 1.327.879.0, AS: 1.327.879.0, NIS: 1.327.879.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2022-11-07 18:48:04
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=App:Cheat_Engine_BundleInstaller&threatid=268652&enterprise=1
Name: App:Cheat_Engine_BundleInstaller
Schweregrad: Mittel
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\do83h\Downloads\CheatEngine72.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\TotalAV\SecurityService.exe
Sicherheitsversion: AV: 1.327.879.0, AS: 1.327.879.0, NIS: 1.327.879.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2022-11-03 12:35:35
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=App:Cheat_Engine_BundleInstaller&threatid=268652&enterprise=1
Name: App:Cheat_Engine_BundleInstaller
Schweregrad: Mittel
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\do83h\Downloads\CheatEngine72.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\TotalAV\SecurityService.exe
Sicherheitsversion: AV: 1.327.879.0, AS: 1.327.879.0, NIS: 1.327.879.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2020-11-14 15:07:45
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/PremierOpinion&threatid=223808&enterprise=1
Name: PUA:Win32/PremierOpinion
Schweregrad: Schwerwiegend
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Program Files (x86)\PremierOpinion\pmservice.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT Authority\System
Prozessname: System
Sicherheitsversion: AV: 1.327.879.0, AS: 1.327.879.0, NIS: 1.327.879.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Event[0]:

Date: 2023-03-18 11:58:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.327.879.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 

Date: 2023-03-18 11:58:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.327.879.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 

Date: 2023-03-18 11:58:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.327.879.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 

Date: 2023-03-18 11:58:49
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.385.384.0
%Vorherige Version der Sicherheitsinformationen: 1.327.879.0
Update Source: Benutzer
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 1.1.20100.6
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 

Date: 2023-03-18 11:58:49
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.385.384.0
%Vorherige Version der Sicherheitsinformationen: 1.327.879.0
Update Source: Benutzer
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 1.1.20100.6
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 

CodeIntegrity:
===============
Date: 2023-04-23 13:06:51
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-04-23 13:06:51
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 360H4W0X.116 02/25/2020
Hauptplatine: MEDION B360H4-EM
Prozessor: Intel(R) Core(TM) i5-9400 CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 16237.52 MB
Verfügbarer physikalischer RAM: 5918.34 MB
Summe virtueller Speicher: 18925.52 MB
Verfügbarer virtueller Speicher: 6005.26 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:449.85 GB) (Free:34.77 GB) (Model: E12-512G-PHISON-SSD-B16-BB1) NTFS
Drive d: (Recover) (Fixed) (Total:25 GB) (Free:7.09 GB) (Model: E12-512G-PHISON-SSD-B16-BB1) NTFS
Drive g: (HDDRIVE2GO) (Fixed) (Total:931.47 GB) (Free:432.03 GB) (Model: ASMT 2115 SCSI Disk Device) FAT32

\\?\Volume{b319fff4-b23e-42fe-b98d-753bae4dd40c}\ () (Fixed) (Total:0.98 GB) (Free:0.38 GB) NTFS
\\?\Volume{63a434ab-a066-44ea-8fb0-0e21ce378da4}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==================== Ende von Addition.txt =======================

cosinus · 23.04.2023, 14:21

auch hier sieht das Problem selbstverschuldet aus. Warum müllt ihr euch alle eure Rechner immer so zu? Sehr schlechte Systempflege.

Störende, veraltete oder unnötige Programme deinstallieren

Bitte über Programme und Features (appwiz.cpl) deinstallieren:

Adobe Reader (PDF-Dateien lassen sich wunderbar mit Mozilla Firefox oder SumatraPDF anzeigen)
AVG AntiVirus Free
FileZilla Client 3.51.0
GIMP 2.10.22
Google Chrome (durch Mozilla Firefox ersetzen)
Knuddels Standalone App
McAfee LiveSafe
Microsoft Office Professional Plus 2010
OpenOffice 4.1.7 (durch LibreOffice ersetzen)
PremierOpinion
RuckZuck Demo
TotalAV
Web Companion
WebAdvisor von McAfee

dommymaster · 27.04.2023, 09:22

Vielen Dank, es scheint wieder deutlich schneller zu laufen.

Habt ihr hier einen Thread wo es eine Übersicht mit guten AntiVirus-Programmen gibt, wovon man am besten eines nutzen sollte? Habe in der Suche nichts gefunden.

cosinus · 27.04.2023, 09:42

adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner bitte wiederholen falls es Funde gab.

dommymaster · 27.04.2023, 20:45

Hier die Log:

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-27-2023
# Duration: 00:00:10
# OS:       Windows 10 (Build 19045.2846)
# Cleaned:  57
# Awaiting reboot:1
# Failed:   0


***** [ Services ] *****

Deleted       WCAssistantService
Deleted       webshieldfilter

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Lavasoft\Web Companion
Deleted       C:\ProgramData\Lavasoft\Web Companion
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
Deleted       C:\ProgramData\SecuritySuite
Deleted       C:\Users\do83h\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4
Deleted       C:\Users\do83h\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted       C:\Users\do83h\AppData\Roaming\Lavasoft\Web Companion
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV

***** [ Files ] *****

Deleted       C:\Users\do83h\Downloads\TOTALAV.EXE
Deleted       C:\Windows\restoro.ini
Needs Reboot  C:\Windows\System32\drivers\webshieldfilter.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Local AppWizard-Generated Applications\Restoro
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted       HKCU\Software\Restoro
Deleted       HKCU\Software\SSProtect
Deleted       HKCU\Software\csastats
Deleted       HKLM\SOFTWARE\Classes\*\shell\TotalAV
Deleted       HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6B34D53D-3A32-4C7F-BA5F-CEC894277B41}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A2B1FAF7-1044-4101-B797-57990D2D71CA}
Deleted       HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
Deleted       HKLM\Software\Classes\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}
Deleted       HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Classes\Restoro.Engine
Deleted       HKLM\Software\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
Deleted       HKLM\Software\Classes\totalav
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Restoro
Deleted       HKLM\Software\Restoro
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{928be91b-ffd0-48ac-9e85-bef0fbc8a78e}|DisplayIcon
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{928be91b-ffd0-48ac-9e85-bef0fbc8a78e}|DisplayName
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{928be91b-ffd0-48ac-9e85-bef0fbc8a78e}|UninstallString
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted       HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted       Bing Default Search
Deleted       Bing Default Search
Deleted       My Firefox Search
Deleted       My Firefox Search
Deleted       My Firefox Search
Deleted       My Firefox Search

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Files ] *****

Cleaned           C:\Windows\System32\drivers\webshieldfilter.sys

*************************

AdwCleaner[S00].txt - [6702 octets] - [27/04/2023 21:41:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

cosinus · 02.05.2023, 08:19

Hast du meinen Post komplett gelesen?
Was ist zu tun, wenn adwCleaner Funde hatte?

M-K-D-B · 06.05.2023, 10:18

Fehlende Rückmeldung
Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten.
Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen!

cosinus · 07.05.2023, 15:53

Thread ist wieder offen.

dommymaster · 07.05.2023, 16:08

Der weitere Scan:

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-07-2023
# Duration: 00:00:10
# OS:       Windows 10 (Build 19045.2846)
# Scanned:  32091
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [6702 octets] - [27/04/2023 21:41:50]
AdwCleaner[C00].txt - [6039 octets] - [27/04/2023 21:42:23]
AdwCleaner[S01].txt - [1542 octets] - [27/04/2023 21:49:09]
AdwCleaner[S02].txt - [1603 octets] - [07/05/2023 13:31:44]
AdwCleaner[S03].txt - [1664 octets] - [07/05/2023 13:32:48]
AdwCleaner[S04].txt - [1725 octets] - [07/05/2023 13:35:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

cosinus · 07.05.2023, 18:28

Dann jetzt bitte neue FRST-Logs.

dommymaster · 10.05.2023, 19:13

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-05-2023
durchgeführt von do83h (Administrator) auf DESKTOP-V3T0UTA (MEDION E63007) (10-05-2023 20:06:35)
Gestartet von C:\Users\do83h\OneDrive\Desktop\FRST64.exe
Geladene Profile: do83h
Plattform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Autodesk, Inc. -> Autodesk) C:\Users\do83h\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxEM.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe <2>
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2780_none_7df1b05c7ca1f251\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe [3380320 2021-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [665384 2019-12-05] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\do83h\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [109324536 2021-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1713432 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [InstallHelper] => C:\Program Files (x86)\Citrix\Citrix WorkSpace 2302\InstallHelper.exe [410544 2023-02-07] (Citrix Systems, Inc. -> Cloud Software Group, Inc.)
HKLM-x32\...\Run: [AnalyticsSrv] => C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe [2644072 2023-02-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2974600 2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [562056 2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [292104 2023-02-28] (Intel Corporation -> Intel)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33000928 2021-04-07] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [com.squirrel.Teams.Teams] => C:\Users\do83h\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-07-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [] => [X]
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Policies\Explorer: [] 
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {11ae930c-1cdb-11eb-a845-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {2d9bfd5a-ab41-11eb-a86b-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {2f109b79-53b8-11ec-a87f-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {8e9c3683-068a-11ed-a89a-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\...\Windows x64\Print Processors\HPM11M13PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM11M13PP.DLL [74240 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP BC11 Status Monitor: C:\Windows\system32\hpinkstsBC11LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 7520 series): C:\Windows\system32\HPDiscoPMBC11.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HPM11M13LM: C:\Windows\system32\HPM11M13LM.DLL [288768 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.140\Installer\chrmstp.exe [2023-05-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{60f15951-e7ef-11ea-b28e-c4b301b9ed33}] -> C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\108.1.1.97\Installer\chrmstp.exe [2023-02-28] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2021-11-01]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\Users\do83h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 7520 series.lnk [2023-05-10]
ShortcutAndArgument: Tintenwarnungen überwachen - HP Photosmart 7520 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Photosmart 7520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH4A1710WP05YY;CONNECTION=USB;MONITOR=1;
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {040310DD-CB77-43E4-8279-924E17C6B61B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [156112424 2023-04-15] (Microsoft Windows -> Microsoft Corporation)
Task: {0F6DD865-D582-4419-AF23-517024B3C5F9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26301352 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FB5BBDB-B3C6-4455-A77A-6F371047A8B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2D252927-3F67-486B-B0AE-FDA700635A82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {39F44E05-C6A6-4FFE-BFE6-0B8BB1877B35} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114624 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {44C1D279-047F-4D25-9130-340FC3BDCA5E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation)
Task: {4F689235-F97C-46C4-B507-240CA6C38203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {5A46C9B6-282E-4C77-BE38-E8BA34F15D3C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E016F5B-57AC-4FDF-B0EE-DD9111BA47EF} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\System32\Wscript.exe [170496 2021-09-15] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {6C00A265-94E7-4865-B2EC-59EFABDAE67F} - System32\Tasks\Opera scheduled Autoupdate 1605363011 => C:\Users\do83h\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-03] (Opera Software AS -> Opera Software)
Task: {795F0DB5-45C3-49D5-B115-0AD0A8D35102} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196784 2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C6AAADD-6794-4CEC-842E-F176CA9317EC} - System32\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {81214D6B-8E5A-470D-ACD5-F6E5ED211BB0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114624 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8ED46F6B-D868-45F9-A5DA-F936D7B2E679} - System32\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A160F302-5259-4CC8-88D7-5327AE03EDBA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe--automatic
Task: {AF02A63D-FDCC-4CFB-A094-48A4E4432387} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-25] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {BFEB3880-E556-4F2C-B7D0-790E7658A61B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-04-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {E65BF73C-EB8F-452B-979A-36C9931D7E92} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196784 2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7474536-071E-469B-B266-FC9A0EF2AE45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {E7BFFB67-3038-4FFF-82E2-BF41FA79BA58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8A0CD34-2229-4F32-8BAB-DFCA367A434F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {F59146C7-C25F-4DE3-99D4-7D64FB97AAD4} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {FCCA6D1E-93E4-42CC-9BA0-A2D2C26F7175} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation)
Task: {FDC64B14-F563-4E1C-B37E-8AC7CC8F23DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26301352 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005.job => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005.job => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0894d97c-231f-418b-bd94-97d6dc7075e5}: [DhcpNameServer] 192.168.2.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\do83h\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-09]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]

FireFox:
========
FF DefaultProfile: 3uauklfr.default
FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\3uauklfr.default [nicht gefunden] <==== ACHTUNG
FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\bxljijxg.dominik [2023-05-09]
FF Homepage: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620
FF Notifications: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://www.planetromeo.com; hxxps://www.jako.de; hxxps://www.romeo.com
FF Extension: (Citavi Picker) - C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\bxljijxg.dominik\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2023-05-02]
FF SearchPlugin: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\bxljijxg.dominik\searchplugins\Yahoo Search.xml [2022-06-17]
FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\79tx312p.default-release [2023-04-24]
FF Homepage: Mozilla\Firefox\Profiles\79tx312p.default-release -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620
FF NewTab: Mozilla\Firefox\Profiles\79tx312p.default-release -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620
FF SearchPlugin: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\79tx312p.default-release\searchplugins\Yahoo Search.xml [2022-06-17]
FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2023-03-23]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [ist nicht signiert]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-12-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-12-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default [2023-05-10]
CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://www.fmscout.com
CHR Extension: (Google Docs Offline) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-27]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Citavi Picker) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2023-05-01]
CHR HKU\S-1-5-21-584500284-1391629960-3397962802-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]

Opera: 
=======
OPR Profile: C:\Users\do83h\AppData\Roaming\Opera Software\Opera Stable [2020-11-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1047416 2019-12-05] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
S3 appprotectionsvc; C:\Program Files (x86)\Citrix\ICA Client\appprotection.exe [520624 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512768 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [10759616 2021-09-29] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [66480 2023-02-07] (Citrix Systems, Inc. -> Cloud Software Group, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42760 2023-02-28] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [211208 2023-02-28] (Intel Corporation -> Intel)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncHelper.exe [3445120 2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [128272 2016-03-30] (Hewlett-Packard Company -> HP)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.081.0416.0001\OneDriveUpdaterService.exe [3781512 2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AvgWscReporter; "C:\Program Files\AVG\Antivirus\wsc_proxy.exe" /runassvc /rpcserver [X]
S3 CitrixEnterpriseBrowserElevationService; "C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\108.1.1.97\elevation_service.exe" [X]
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X] <==== ACHTUNG

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 acsock; C:\Windows\system32\DRIVERS\acsock64.sys [300456 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [209088 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [199312 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [367096 2023-03-18] (Bitdefender SRL -> Bitdefender)
R2 ctxusbm; C:\Windows\system32\DRIVERS\ctxusbmon.sys [156072 2022-12-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 entryprotectdrv; C:\Program Files (x86)\Citrix\ICA Client\entryprotect.sys [72064 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 epinject6; C:\Program Files (x86)\Citrix\ICA Client\epinject.sys [161832 2023-01-17] (Citrix Systems, Inc. -> )
S4 epusbfilter; C:\Program Files (x86)\Citrix\ICA Client\epusbfilter.sys [43904 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 iaLPSS2_GPIO2_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_90beccc7e046abab\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_I2C_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_66a759065dfa6f64\iaLPSS2_SPI_ICL.sys [160024 2020-04-27] (Intel Corporation -> Intel Corporation)
R3 MpKsl333de18a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C0B91F3-8C37-4B3B-B201-C43C42E0148F}\MpKslDrv.sys [212264 2023-05-08] (Microsoft Windows -> Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S0 ProtectedELAM; C:\Windows\System32\drivers\protected_elam.sys [18912 2022-09-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> TODO: <Company name>)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 Usbnet; C:\Windows\System32\drivers\usbnet.sys [46080 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [74064 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49616 2023-05-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-05-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-05-01 23:04 - 2023-05-01 23:08 - 000000000 ____D C:\Users\do83h\OneDrive\Dokumente\Citavi 6
2023-05-01 23:04 - 2023-05-01 23:08 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Swiss Academic Software
2023-05-01 23:04 - 2023-05-01 23:04 - 000000000 ____D C:\Users\do83h\AppData\Local\Swiss Academic Software
2023-05-01 23:04 - 2023-05-01 23:04 - 000000000 ____D C:\ProgramData\Swiss Academic Software
2023-05-01 23:03 - 2023-05-01 23:03 - 000002112 _____ C:\Users\Public\Desktop\Citavi 6.lnk
2023-05-01 23:03 - 2023-05-01 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 6
2023-05-01 23:03 - 2023-05-01 23:03 - 000000000 ____D C:\Program Files (x86)\Citavi 6
2023-05-01 23:02 - 2023-05-01 23:02 - 000000000 ____D C:\Users\do83h\AppData\Local\Downloaded Installations
2023-05-01 22:59 - 2023-05-01 23:02 - 155929680 _____ (Swiss Academic Software) C:\Users\do83h\Downloads\Citavi6Setup.exe
2023-05-01 22:54 - 2023-05-01 22:54 - 000188129 _____ C:\Users\do83h\Downloads\Vorlage_Exposé_BuK_Website(4).dotx
2023-04-27 21:42 - 2023-04-27 21:43 - 000000004 ____H C:\ProgramData\cm-lock
2023-04-27 21:42 - 2023-04-27 21:42 - 000001435 _____ C:\Windows\system32\default_error_stack-000021-000000.txt
2023-04-27 21:41 - 2023-04-27 21:42 - 000000000 ____D C:\AdwCleaner
2023-04-25 17:57 - 2023-05-01 23:03 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-24 10:41 - 2023-04-24 10:41 - 000002587 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-04-24 10:41 - 2023-04-24 10:41 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-04-24 10:41 - 2023-04-24 10:41 - 000002562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-04-24 10:41 - 2023-04-24 10:41 - 000002540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2023-04-24 10:41 - 2023-04-24 10:41 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-04-24 10:41 - 2023-04-24 10:41 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-04-24 10:41 - 2023-04-24 10:41 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-04-24 10:41 - 2023-04-24 10:41 - 000002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-04-24 10:41 - 2023-04-24 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-04-24 10:29 - 2023-04-24 10:29 - 000001427 _____ C:\Windows\system32\default_error_stack-000020-000000.txt
2023-04-23 14:00 - 2023-04-23 14:01 - 007614193 _____ C:\Users\do83h\Downloads\VID-20230423-WA0004.mp4
2023-04-23 13:57 - 2023-04-23 13:57 - 007445490 _____ C:\Users\do83h\Downloads\VID-20230423-WA0005.mp4
2023-04-23 13:20 - 2023-04-23 13:20 - 001575742 _____ (Igor Pavlov) C:\Users\do83h\Downloads\7z2201-x64.exe
2023-04-23 13:20 - 2023-04-23 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-04-23 13:20 - 2023-04-23 13:20 - 000000000 ____D C:\Program Files\7-Zip
2023-04-23 12:34 - 2023-04-23 12:37 - 000091985 _____ C:\Users\do83h\Downloads\Addition.txt
2023-04-23 12:32 - 2023-05-10 20:06 - 000000000 ____D C:\FRST
2023-04-23 12:32 - 2023-04-23 12:37 - 000055029 _____ C:\Users\do83h\Downloads\FRST.txt
2023-04-23 12:32 - 2023-04-23 12:32 - 000000000 ____D C:\Users\do83h\Downloads\FRST-OlderVersion
2023-04-21 17:28 - 2023-04-21 17:28 - 000005961 _____ C:\Users\do83h\Downloads\FID_PCHS_INV_1666020271_dfhJMkTU.pdf
2023-04-15 16:10 - 2023-04-15 16:10 - 000000000 ___HD C:\$WinREAgent

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-05-10 20:06 - 2020-10-29 14:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-10 20:05 - 2020-10-29 14:03 - 000000000 __SHD C:\Users\do83h\IntelGraphicsProfiles
2023-05-09 23:12 - 2021-11-01 18:16 - 000000068 ___SH C:\Windows\system32\Drivers\WdfLdr.winsecurity
2023-05-09 23:12 - 2020-10-29 14:48 - 000000000 ____D C:\Program Files (x86)\Steam
2023-05-09 23:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-09 23:03 - 2020-06-15 08:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-05-09 22:42 - 2021-11-01 18:16 - 000000068 ___SH C:\Windows\system32\Drivers\WppRecorder.winsecurity
2023-05-09 19:07 - 2020-10-29 15:32 - 000000000 ____D C:\Users\do83h\Knuddels-Stapp
2023-05-09 19:07 - 2020-10-29 13:58 - 000000000 ____D C:\Users\do83h
2023-05-09 19:03 - 2020-10-29 14:46 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-09 19:03 - 2020-10-29 14:46 - 000002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-05-08 19:56 - 2020-10-31 17:15 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Microsoft\Word
2023-05-08 19:47 - 2020-10-29 21:37 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Microsoft\Excel
2023-05-08 19:40 - 2020-10-29 15:00 - 000000000 ____D C:\Users\do83h\AppData\Local\D3DSCache
2023-05-08 19:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-05-07 15:33 - 2020-10-29 17:28 - 000000000 ____D C:\Users\do83h\OneDrive\Dokumente\eigene dateien
2023-05-07 12:37 - 2022-01-06 16:39 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-584500284-1391629960-3397962802-1005
2023-05-07 12:37 - 2021-08-26 13:18 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-05-07 12:37 - 2021-07-14 11:35 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-05-07 12:37 - 2021-07-14 11:35 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-07 12:35 - 2020-07-02 09:15 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-07 12:35 - 2020-07-02 09:15 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-07 12:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-07 12:32 - 2021-01-22 19:56 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-04 12:37 - 2020-06-15 08:59 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-05-01 23:51 - 2020-10-29 14:03 - 000000000 ____D C:\Users\do83h\AppData\Local\Packages
2023-04-27 21:47 - 2020-07-02 08:37 - 000747396 _____ C:\Windows\system32\perfh007.dat
2023-04-27 21:47 - 2020-07-02 08:37 - 000151262 _____ C:\Windows\system32\perfc007.dat
2023-04-27 21:47 - 2020-06-15 09:07 - 001731656 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-27 21:47 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-27 21:42 - 2020-11-06 16:40 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Lavasoft
2023-04-27 21:42 - 2020-11-06 16:40 - 000000000 ____D C:\Users\do83h\AppData\Local\Lavasoft
2023-04-27 21:42 - 2020-11-06 16:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-04-27 21:42 - 2020-11-06 16:40 - 000000000 ____D C:\ProgramData\Lavasoft
2023-04-27 21:42 - 2020-11-06 16:40 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-04-27 21:42 - 2020-10-29 15:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-27 21:42 - 2020-06-15 08:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-27 21:42 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-04-26 20:05 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-26 18:54 - 2021-09-22 18:18 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-04-26 18:54 - 2021-09-22 18:18 - 000001903 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-04-26 18:54 - 2021-09-22 18:18 - 000001903 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-04-26 18:54 - 2021-09-22 18:18 - 000001891 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-04-26 18:51 - 2020-10-29 15:01 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-24 19:17 - 2020-10-29 14:44 - 000003926 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-04-24 19:17 - 2020-10-29 14:44 - 000003802 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-04-24 10:54 - 2020-12-20 15:00 - 000000000 ____D C:\Users\do83h\AppData\Local\CrashDumps
2023-04-24 10:54 - 2020-11-04 16:07 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-04-24 10:29 - 2021-02-18 14:56 - 000000666 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005.job
2023-04-24 10:29 - 2021-02-18 14:56 - 000000570 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005.job
2023-04-24 10:29 - 2020-11-14 16:05 - 000000000 ____D C:\ProgramData\AVG
2023-04-24 10:29 - 2020-06-15 08:59 - 000600912 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-24 10:23 - 2020-10-30 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-04-24 10:22 - 2020-10-30 16:26 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-04-24 10:21 - 2020-07-02 09:22 - 000000000 ____D C:\Program Files\Microsoft Office
2023-04-24 10:20 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-04-24 10:19 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-04-24 10:19 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-04-24 10:17 - 2021-06-09 00:33 - 000000000 ____D C:\Users\do83h\AppData\Local\AVG
2023-04-24 10:17 - 2020-11-14 16:10 - 000000000 ____D C:\Users\do83h\AppData\Roaming\AVG
2023-04-23 14:50 - 2023-04-05 23:43 - 000002678 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2023-04-23 14:50 - 2021-03-08 16:10 - 000003042 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2023-04-23 14:50 - 2021-03-05 20:47 - 000002970 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2023-04-23 14:50 - 2021-03-05 20:47 - 000002604 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2023-04-23 14:50 - 2021-02-18 14:56 - 000003260 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005
2023-04-23 14:50 - 2021-02-18 14:56 - 000003164 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005
2023-04-23 14:50 - 2020-11-15 20:07 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2023-04-23 14:50 - 2020-11-14 16:10 - 000003624 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1605363011
2023-04-23 14:50 - 2020-11-11 15:09 - 000002718 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Photosmart 7520 series
2023-04-23 14:50 - 2020-11-01 15:12 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-04-23 14:50 - 2020-07-02 09:15 - 000003684 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-23 14:50 - 2020-07-02 09:15 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-04-22 19:22 - 2021-12-19 00:44 - 000000000 ____D C:\Windows\SystemTemp
2023-04-18 18:23 - 2020-10-29 15:01 - 000000000 ____D C:\Users\do83h\AppData\LocalLow\Mozilla
2023-04-17 09:44 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-15 16:17 - 2020-06-15 09:01 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-15 16:13 - 2022-10-11 16:18 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-04-15 16:13 - 2022-10-11 16:18 - 000002128 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-04-15 16:08 - 2020-11-01 17:21 - 000000000 ____D C:\Windows\system32\MRT
2023-04-15 16:05 - 2020-07-02 09:13 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-12-30 00:50 - 2020-12-30 00:50 - 000000457 _____ () C:\Program Files (x86)\INSTALL.LOG
2021-07-14 16:13 - 2022-07-20 00:01 - 000030049 _____ () C:\Users\do83h\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2020-10-30 15:19 - 2021-06-30 15:53 - 000022399 _____ () C:\Users\do83h\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2020-10-29 21:51 - 2021-01-06 19:19 - 000000081 _____ () C:\Users\do83h\AppData\Local\.bidstack.fault
2021-03-14 22:46 - 2021-03-14 22:46 - 000000950 _____ () C:\Users\do83h\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

dommymaster · 10.05.2023, 19:14

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-05-2023
durchgeführt von do83h (10-05-2023 20:08:38)
Gestartet von C:\Users\do83h\OneDrive\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2020-08-27 06:57:47)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-584500284-1391629960-3397962802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-584500284-1391629960-3397962802-503 - Limited - Disabled)
do83h (S-1-5-21-584500284-1391629960-3397962802-1005 - Administrator - Enabled) => C:\Users\do83h
Gast (S-1-5-21-584500284-1391629960-3397962802-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-584500284-1391629960-3397962802-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat Reader - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 23.001.20143 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AutoCAD 2021 - Deutsch (German) (HKLM\...\{28B89EEF-4101-0407-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 - Deutsch (German) (HKLM\...\AutoCAD 2021 - Deutsch (German)) (Version: 24.0.47.0 - Autodesk)
Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.21.17 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
BCR Plug-in (HKLM-x32\...\{FFC7EBF7-F91B-4FB6-98CD-A8828C5A87BA}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version:  - Cheat Engine)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.03104 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{A4076314-DE10-4FEB-A977-A3AF859B4073}) (Version: 4.10.03104 - Cisco Systems, Inc.) Hidden
Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.15.2.0 - Swiss Academic Software)
Citrix Authentication Manager (HKLM-x32\...\{05050F9C-B6C7-446C-B2B9-4C03DB2E79E2}) (Version: 23.3.0.5 - Cloud Software Group, Inc.) Hidden
Citrix Web Helper (HKLM-x32\...\{6D00D7E5-31A3-4122-82E8-32791FF475A3}) (Version: 23.2.0.21 - Cloud Software Group, Inc.) Hidden
Citrix Workspace (DV) (HKLM-x32\...\{8DBE26D1-262A-42AE-9894-F4D67A25E5E8}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden
Citrix Workspace (USB) (HKLM-x32\...\{78457B01-3E7D-4565-96B5-00B7D9B58750}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden
Citrix Workspace 2302 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 23.2.0.38 - Cloud Software Group, Inc.)
Citrix Workspace Inside (HKLM-x32\...\{ABAB33DE-1F6B-431A-B72B-0E1E31AD1E2A}) (Version: 23.2.0.15 - Citrix Systems, Inc.) Hidden
CodeMeter Runtime Kit v7.30a (HKLM\...\{9B600D30-C133-4D53-BDE1-CBDC9783E657}) (Version: 7.30.4820.501 - WIBU-SYSTEMS AG)
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.8922 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.8922 - CyberLink Corp.)
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.51.0 (HKLM-x32\...\FileZilla Client) (Version: 3.51.0 - Tim Kosse)
Funkyplot 1.1.0-pre1 (HKLM-x32\...\Funkyplot_is1) (Version:  - LOGICIEL)
FUSSBALL MANAGER 11 (HKLM-x32\...\FUSSBALL MANAGER 11) (Version:  - Electronic Arts)
GGU-SOFTWARE COMPLETE PACK (HKLM-x32\...\{B2A0B907-6666-4ADD-817D-173678BAD83E}) (Version: 20.21.023 - Civilserve GmbH)
GIMP 2.10.22 (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 112.0.5615.140 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 74.0.3.0 - Google LLC)
GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version:  - )
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 7520 series - Grundlegende Software für das Gerät (HKLM\...\{62883BA5-32F6-44D0-AF9D-9CBED778F36F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Hilfe (HKLM-x32\...\{2230C40A-ADE0-4231-98EC-7AAFC14BC7F3}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
In Autodesk Web & Mobile speichern (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Intel Driver && Support Assistant (HKLM-x32\...\{91672422-9B98-4606-A6D7-E164D7037B06}) (Version: 23.1.9.7 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{318C30A1-C7AF-414E-890F-6345E6E0FD33}) (Version: 2.4.09084 - Intel Corporation)
Intel(R) SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{a532c7c7-1594-49bb-a186-f44c52c9509e}) (Version: 23.1.9.7 - Intel)
Knuddels Standalone App (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft 365 Apps for Business - de-de (HKLM\...\O365BusinessRetail - de-de) (Version: 16.0.16130.20394 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{3196C85D-CFB0-3E5B-A592-0322692C2140}) (Version: 113.0.1774.35 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.35 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.081.0416.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Teams) (Version: 1.4.00.18264 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.63 - mIRC Co. Ltd.)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 112.0.2 (x64 de)) (Version: 112.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20394 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{E4FE6BEF-21A1-49E2-B3C8-56752D626893}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden
OpenOffice 4.1.7 (HKLM-x32\...\{81D7585D-3E44-4984-B99B-911492419D3E}) (Version: 4.17.9800 - Apache Software Foundation)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
QGIS 3.28.1 'Firenze' (HKLM\...\{7EC18ED8-729C-1014-BC9F-C7938B569609}) (Version: 3.28.1 - QGIS.org)
RuckZuck Demo (HKLM-x32\...\{E7EB9C2F-4270-435E-93C3-3BC734234A75}) (Version: 6.0.22 - MURSOFT)
Self-Service Plug-in (HKLM-x32\...\{E8019414-F222-40FF-8131-B02FC64BC67D}) (Version: 23.2.0.21 - Cloud Software Group, Inc.) Hidden
SmartTools Office DDE-Fix (HKLM-x32\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Stahlbau (HKLM-x32\...\{41C5E1CA-3507-49CE-87D4-9939AE5D3521}) (Version: 1.1.1 - Schneider Bautabellen)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Photosmart 7520 series Produkten (HKLM\...\{D662A279-973A-42A0-8D4B-8747C56C0501}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
SupportAPP (HKLM\...\{0000A0AB-3A12-1EF4-A21C-9ADE1843AB04}) (Version: 1.1 - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
Verfügbare Autodesk-Apps 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\ZoomUMX) (Version: 5.13.5 (12053) - Zoom Video Communications, Inc.)

Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2201.1.0_x64__6bk20wvc8rfx2 [2022-12-30] (Hauke Hasselberg)
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2020-10-29] (Adobe Systems Incorporated)
Aldi Angebote -> C:\Program Files\WindowsApps\MEDION.AldiAngebote_1.1.4.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION)
Aldi Foto -> C:\Program Files\WindowsApps\MEDION.AldiFoto_1.1.46.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION)
ALDI life -> C:\Program Files\WindowsApps\MEDION.ALDIlife_1.1.5.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION)
AldiTalk -> C:\Program Files\WindowsApps\MEDION.AldiTalk_1.1.28.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.28.0_x64__ffd303wmbhcjt [2023-04-30] (BreeZip)
Dropbox für S Modus -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_23.4.16.0_x64__xbfy0k16fey96 [2023-04-15] (Dropbox Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_144.1.1068.0_x64__v10z8vjag6ke6 [2023-04-07] (HP Inc.)
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-04-15] (INTEL CORP) [Startup Task]
Internet-Security -> C:\Program Files\WindowsApps\MEDION.Internet-Security_1.1.26.0_x64__eqf9tz77ft5w8 [2020-10-30] (MEDION)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-16] (Microsoft Corporation)
MEDION -> C:\Program Files\WindowsApps\MEDION.MEDION_1.1.18.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-23] (Microsoft Corporation) [MS Ad]
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Corporation)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2023-03-07] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.259.0_x64__dt26b99r8h8gj [2022-02-04] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0 [2023-04-27] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.6.0_x64__cv1g1gvanyjgm [2023-04-23] (WhatsApp Inc.) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-02] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{04271989-C4D2-3B08-EDAD-DFB9128A2A49} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\do83h\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel)
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\do83h\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\do83h\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\de-DE\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\do83h\OneDrive\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2022-08-09 15:02 - 2022-08-09 15:02 - 005998080 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll
2023-05-10 20:06 - 2023-05-10 20:06 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_ctypes.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_elementtree.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_hashlib.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_multiprocessing.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_psutil_windows.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_socket.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 002825216 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_ssl.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_yappi.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\bz2.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\common.time34.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\hashobjs_ext.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\PIL._imaging.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\pyexpat.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\pysqlite2._sqlite.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\pythoncom27.dll
2023-05-10 20:06 - 2023-05-10 20:06 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\pywintypes27.dll
2023-05-10 20:06 - 2023-05-10 20:06 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\select.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\thumbnails_ext.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\unicodedata.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\usb_ext.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32api.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32com.shell.shell.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32crypt.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32event.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32file.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32gui.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32inet.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32pdh.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32pipe.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32process.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32profile.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32security.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32ts.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\windows.conditional.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\windows.connectivity.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\windows.device_monitor.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\windows.volumes.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\windows.winwrap.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._controls_.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._core_.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._gdi_.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._html2.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._misc_.pyd
2023-05-10 20:06 - 2023-05-10 20:06 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._windows_.pyd
2023-02-07 00:23 - 2023-02-07 00:23 - 000512000 _____ (Cloud Software Group, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\Shims.dll
2023-05-10 20:06 - 2023-05-10 20:06 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\python27.dll
2023-02-24 23:02 - 2023-02-24 23:02 - 001600512 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2023-02-24 23:02 - 2023-02-24 23:02 - 002165760 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2021-09-29 07:30 - 2021-09-29 07:30 - 000218624 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.lDe
2021-09-29 07:30 - 2021-09-29 07:30 - 000056320 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\Windows\SYSTEM32\WIBUCM64.lDe
2023-05-10 20:06 - 2023-05-10 20:06 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxbase30u_net_vc90_x64.dll
2023-05-10 20:06 - 2023-05-10 20:06 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxbase30u_vc90_x64.dll
2023-05-10 20:06 - 2023-05-10 20:06 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxmsw30u_adv_vc90_x64.dll
2023-05-10 20:06 - 2023-05-10 20:06 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxmsw30u_core_vc90_x64.dll
2023-05-10 20:06 - 2023-05-10 20:06 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxmsw30u_html_vc90_x64.dll
2023-05-10 20:06 - 2023-05-10 20:06 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:CM_460d012b145979dbf37dc3b0d01ccb88c0d32947f35d43424efdd9b5dd3d14d5 [74]
AlternateDataStreams: C:\Windows:CM_663b0d0a539d6165560218efcbd7453ad718e66208ff706cc3a31c7a8e4b9b0e [74]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-584500284-1391629960-3397962802-1005\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

SearchScopes: HKU\S-1-5-21-584500284-1391629960-3397962802-1005 -> DefaultScope {4226AE2E-DA9C-4FEC-ADD0-2938E5D206C9} URL = 
SearchScopes: HKU\S-1-5-21-584500284-1391629960-3397962802-1005 -> {4226AE2E-DA9C-4FEC-ADD0-2938E5D206C9} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\x64\SwissAcademic.Citavi.IEPicker.DLL [2023-03-23] (Swiss Academic Software -> Swiss Academic Software)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\SwissAcademic.Citavi.IEPicker.DLL [2023-03-23] (Swiss Academic Software -> Swiss Academic Software)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\localhost -> localhost

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-584500284-1391629960-3397962802-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\do83h\OneDrive\Bilder\20201203_232012.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "GoogleDriveFS"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{1A83EFA7-0542-46E5-9787-595031A07EB6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5731ADC6-7E60-4ED0-8B37-E2980C4408E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C992071C-F4BA-461C-8494-4EB8CA948F98}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4269E496-7B7B-49DE-A2C6-85BA6181F15A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{07AD66A0-7A75-4700-AD0B-447D1CCA7173}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C5A75EDE-55BF-4D8E-B211-90421381FEDD}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AB9924EC-BE8D-4050-896F-F7B061682528}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C9FBF2F2-D244-4EFD-BBDB-D359A5DCA33D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{2B4D694B-B65E-492B-AA68-6EFD9C6D7478}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{78965097-61FD-4ED1-B0DB-E0E4554F5C8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{4961590A-E9C8-413A-B8B3-422F32EA911F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{2DE5F4C7-FEFE-45FA-9DD2-774EFF9C0594}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [Datei ist nicht signiert]
FirewallRules: [{B983BDC8-9219-4CDB-BADE-2C1207477073}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [Datei ist nicht signiert]
FirewallRules: [{27A009E9-D942-4FDB-9E04-A943590297D0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => Keine Datei
FirewallRules: [{4804A448-841A-4375-A3E1-31A216F373B3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => Keine Datei
FirewallRules: [{D22BF529-B605-4B6B-9980-DB6EF6631A6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8168CAFE-BEF4-4770-94FF-9C165B5BA5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{6076706E-C7C9-4EDA-AC8C-AE97ACD9F30B}D:\germanfunscript\mirc.exe] => (Allow) D:\germanfunscript\mirc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [UDP Query User{4B855A4A-6C2C-460C-A9BC-F2B422E04D5C}D:\germanfunscript\mirc.exe] => (Allow) D:\germanfunscript\mirc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{077F70C1-2CEA-4C12-9779-4A83A7C367C5}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7DCFF239-148D-47FA-97BF-6F199139BB76}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A4EED48E-BFCB-4021-BF6F-C17CC386549B}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0E839BF7-3245-48F4-888B-01F936DFBA5E}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C3AC304C-3C8E-426C-9B83-93608B27420C}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{19EA0D33-EDB7-4A72-ACC7-3CEC33B7A378}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3261CB5D-DFC2-48EF-8B1C-BC07CB075042}] => (Allow) C:\Users\do83h\AppData\Local\Temp\7zS3462\HP.EasyStart.exe => Keine Datei
FirewallRules: [{3016874C-B080-4FE8-A159-09C8CEA3257C}] => (Allow) C:\Users\do83h\AppData\Local\Temp\7zS355A\HP.EasyStart.exe => Keine Datei
FirewallRules: [{B576C5F3-E56F-41C7-94AA-1B681CE44758}] => (Allow) C:\Programme\ftp-uploader\FTPUploader.exe => Keine Datei
FirewallRules: [{58D2599F-700D-4DC0-B034-E98317FCC896}] => (Allow) C:\Programme\ftp-uploader\FTPUploader.exe => Keine Datei
FirewallRules: [{2F7F35B0-8DEB-4112-8305-7A9C9DF86471}] => (Allow) C:\Users\do83h\AppData\Local\Programs\Opera\67.0.3575.53\opera.exe => Keine Datei
FirewallRules: [TCP Query User{52DE1D0B-80DE-48E7-B07A-8C2621FB460A}C:\program files (x86)\icq\icq.exe] => (Allow) C:\program files (x86)\icq\icq.exe => Keine Datei
FirewallRules: [UDP Query User{4CE88939-DF7E-4732-BD99-82EA33DF945C}C:\program files (x86)\icq\icq.exe] => (Allow) C:\program files (x86)\icq\icq.exe => Keine Datei
FirewallRules: [{0BD76F22-3A76-4AE8-B85E-0D5F0EC682C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [{2763FA1C-BCFD-4FD6-9A0C-6CD2044D5F03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [{AD42407A-317B-4BC1-A57D-58DDE7C30BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021 Touch\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [{397D6737-1738-496D-A5F3-4620080DB974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021 Touch\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{04634F77-68BA-44D0-96FA-2E269400C92D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{D90C5E21-9D34-4BD3-95D8-5A90EF934BDF}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{CA9EF035-44A2-4023-994E-F06C7267A2AE}G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe] => (Allow) G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B5384481-8A52-49BE-B452-E9FEB687C5A8}G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe] => (Allow) G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{9C266B58-5837-4F14-8ED3-55850FEFCB9B}C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F970D8C5-A9BB-4BB5-BBD7-4E2CA061E2B0}C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E996BBA-E521-4C0C-BFB2-44006CEAA027}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C62A528F-9005-4B14-9645-9CBF11A2211A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0AE8D691-C774-4DDE-A3B5-DB93D95520CC}C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe] => (Allow) C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe (TEAMDEV LTD. -> The Chromium Authors)
FirewallRules: [UDP Query User{6E56B611-983C-45E7-B9A0-126D0B1BA121}C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe] => (Allow) C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe (TEAMDEV LTD. -> The Chromium Authors)
FirewallRules: [TCP Query User{48BAD51C-6E9D-4ADA-ABC3-2C293FCB7F60}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{A490F037-01AD-4740-8428-4901A593DD1A}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{1D3A27B8-E90E-403D-B14D-75762255F683}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B9C33F69-B4CF-4E27-A100-1AF8A5EFD605}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe (mIRC Co. Ltd.) [Datei ist nicht signiert]
FirewallRules: [{F9257276-5D95-48B2-8D94-4D0F314FF9FE}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{2BED97C3-C9F1-4838-BEFF-3CD10A8440AF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{FC85DFCD-E50E-44EF-BFE8-E156210BA8E6}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{1BAF5D6E-30B7-459F-A220-967CFF7AE31D}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{F31317B2-5019-43F3-9CA8-BCA6B81B6ACB}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{97250A55-32AB-44E1-A35E-7AFE8E944E57}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{C038A0F9-7DC6-45EA-8BF0-F66054BDB1CF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{7B1E9BE0-D757-428A-9801-08F57E63BB0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [{D28CC963-9B82-4191-B5B5-F36DA1B1CD8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [Datei ist nicht signiert]
FirewallRules: [{44D08B88-985A-4679-A942-15FAA5F1690B}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{6DDAAEFE-A5CA-465F-9E56-C7F6003988E6}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{426DF6BA-7EAC-425F-9A41-10ACC7575050}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{349A9509-0562-4E8C-8E1B-82DEE374ECD1}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{4599150E-EE6C-4BFF-A54F-BD8BFB9E134A}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{8368168C-9629-4E62-B484-F6751CCFDFB1}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{0FB0B6C2-558C-4190-BBF8-F827086F1E41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA5256F6-44D3-4BFF-8493-F6C83BE6090B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDFE08D6-2D12-4A59-9FAD-A152E840314B}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{2ADFBFE8-7C9B-4C67-9D30-9E1EED70CDE0}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{35C59D83-368A-44D8-96E3-5D8FF9B76E2C}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{01ED5F99-B8B6-4A96-867A-BD094B93ABCF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{54BA204B-45EC-4DF4-8B49-F560AF474F0A}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{DBF7FC75-387B-47BC-AC24-DAD807426B46}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{AD6006F8-04D0-410B-93DA-A762A8F9FB24}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{AD2982F0-2F42-418F-8C47-DF460B9CFE35}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{9F5714B7-3E5A-472A-8377-23CDF8D6163C}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{C2E89D23-C8A0-4EF5-BAB4-E5F5CEFD7C39}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{6FAFF0E4-0B0A-4471-B6E0-228380983555}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{B2FB0A4E-C7FE-4163-982B-F0B688CDF303}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{2ED68962-F905-4924-A4CF-56B83F88AF14}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{30339956-8C4F-4735-8CC8-2EC3A5A534CF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei
FirewallRules: [{DE86BE77-8AA1-46EA-9B88-CEA7785648C4}] => (Allow) C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\CitrixEnterpriseBrowser.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{1550DA8F-6ECA-42BB-A215-D8055EE73786}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{EF1F8A95-A410-4418-BEE2-B9EAE245AEA9}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{1140C0D0-5214-41F2-B9F1-55C49F529AF7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F00A2095-7BE0-4F1F-B87A-8DA54E1ABD05}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{56952FB3-7E5A-44F2-B11D-ABEA53B11A81}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C512E20-D088-4E83-A59C-536B6789BC14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C07974BA-AFC9-470B-A91B-AAAA45BFD28B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E67DE364-B9A0-44F9-8661-40684E277B38}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C305CACD-8139-4B6A-B8F9-B6A5E4711C0C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2CB24F62-6FF7-47DC-93E8-E9212AE90E85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1CEEC802-B50B-4501-B23C-664B7F8FF334}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{42C372B2-DB30-4854-8F27-70D31A5CBA80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7432A2D-EBE4-4510-8418-207C9AF2E8BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1D714636-9B9C-491B-AF08-A7C0DA206A49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1049144B-6E03-491C-969B-29B88E8B4230}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{287B2C80-D956-4631-9183-9F2C0A97A4D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{69651D4A-0D7A-4018-A651-E14990499673}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B4C43F0-6F70-41E7-911B-87C5846B6AAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{19067314-787B-472B-94CD-5913B6B34794}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0D81A5E6-4E21-424D-A6E0-F427304AE4F5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.35\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2BBDAAA-DCB4-4B38-9279-6058F1B6BCD1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Wiederherstellungspunkte =========================

21-04-2023 18:56:53 Geplanter Prüfpunkt
24-04-2023 10:20:23 Removed Microsoft Office Professional Plus 2010
01-05-2023 23:03:09 Installed Citavi 6.

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (05/07/2023 06:23:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf HDDRIVE2GO (G:) nicht abschließen. Grund: Dieser Vorgang wird auf diesem Dateisystem nicht unterstützt. (0x89000020)

Error: (04/30/2023 12:49:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf HDDRIVE2GO (G:) nicht abschließen. Grund: Dieser Vorgang wird auf diesem Dateisystem nicht unterstützt. (0x89000020)

Error: (04/30/2023 12:03:29 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/27/2023 09:47:43 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-V3T0UTA)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (04/24/2023 10:53:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SecurityService.exe, Version: 5.18.284.0, Zeitstempel: 0x609c79ed
Name des fehlerhaften Moduls: coreclr.dll, Version: 4.700.21.26205, Zeitstempel: 0x609c3176
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001b17ff
ID des fehlerhaften Prozesses: 0x3ed4
Startzeit der fehlerhaften Anwendung: 0x01d9768a36ae576d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\TotalAV\SecurityService.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\TotalAV\coreclr.dll
Berichtskennung: e2da7630-3277-444a-aee6-1f673710de4d
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/24/2023 10:53:47 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: SecurityService.exe
CoreCLR Version: 4.700.21.26205
.NET Core Version: 3.1.16
Description: The process was terminated due to an internal error in the .NET Runtime at IP 6E8517FF (6E6A0000) with exit code c0000005.

Error: (04/24/2023 10:53:47 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Das Sicherheitscenter konnte den Aufrufer nicht überprüfen. Der Fehler %1 ist aufgetreten.

Error: (04/24/2023 10:35:53 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


Systemfehler:
=============
Error: (05/07/2023 12:35:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (05/06/2023 12:25:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-V3T0UTA)
Description: Der Server "Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/06/2023 12:25:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-V3T0UTA)
Description: Der Server "Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/02/2023 05:44:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (04/30/2023 12:02:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/30/2023 12:02:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (04/29/2023 10:54:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/28/2023 02:58:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


Windows Defender:
================
Date: 2023-05-10 20:07:55
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/FusionCore.C&threatid=266656&enterprise=0
Name: PUA:Win32/FusionCore.C
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\do83h\Downloads\CheatEngine72.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-V3T0UTA\do83h
Prozessname: C:\Users\do83h\OneDrive\Desktop\FRST64.exe
Sicherheitsversion: AV: 1.389.612.0, AS: 1.389.612.0, NIS: 1.389.612.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-07 18:08:46
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {3C49945B-11BC-4C86-AD23-02BA94B1CE7C}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-05-01 18:05:05
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {C45254D8-AE4F-42FD-9CA6-D768C4D1DEA1}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-04-30 12:44:24
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {4E29DF5B-2E28-4135-A6B1-34D28D1CEF38}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-04-28 16:15:00
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A5FC0905-6946-48B7-8930-838695B977B9}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]:

Date: 2023-03-18 11:58:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.327.879.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 

Date: 2023-03-18 11:58:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.327.879.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 

Date: 2023-03-18 11:58:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.327.879.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 

Date: 2023-03-18 11:58:49
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.385.384.0
%Vorherige Version der Sicherheitsinformationen: 1.327.879.0
Update Source: Benutzer
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 1.1.20100.6
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 

Date: 2023-03-18 11:58:49
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.385.384.0
%Vorherige Version der Sicherheitsinformationen: 1.327.879.0
Update Source: Benutzer
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 1.1.20100.6
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 

CodeIntegrity:
===============
Date: 2023-05-10 20:09:23
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-05-07 18:07:42
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 360H4W0X.116 02/25/2020
Hauptplatine: MEDION B360H4-EM
Prozessor: Intel(R) Core(TM) i5-9400 CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 16237.52 MB
Verfügbarer physikalischer RAM: 9387.63 MB
Summe virtueller Speicher: 18669.52 MB
Verfügbarer virtueller Speicher: 11496.59 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:449.85 GB) (Free:35.95 GB) (Model: E12-512G-PHISON-SSD-B16-BB1) NTFS
Drive d: (Recover) (Fixed) (Total:25 GB) (Free:7.09 GB) (Model: E12-512G-PHISON-SSD-B16-BB1) NTFS
Drive g: (HDDRIVE2GO) (Fixed) (Total:931.47 GB) (Free:432.02 GB) (Model: ASMT 2115 SCSI Disk Device) FAT32

\\?\Volume{b319fff4-b23e-42fe-b98d-753bae4dd40c}\ () (Fixed) (Total:0.98 GB) (Free:0.38 GB) NTFS
\\?\Volume{63a434ab-a066-44ea-8fb0-0e21ce378da4}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==================== Ende von Addition.txt =======================

27.04.2023, 09:42	#7
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner bitte wiederholen falls es Funde gab. __________________ Logfiles bitte immer in CODE-Tags posten

02.05.2023, 08:19	#9
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Hast du meinen Post komplett gelesen? Was ist zu tun, wenn adwCleaner Funde hatte? __________________ Logfiles bitte immer in CODE-Tags posten

07.05.2023, 15:53	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Thread ist wieder offen. __________________ Logfiles bitte immer in CODE-Tags posten

07.05.2023, 18:28	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Dann jetzt bitte neue FRST-Logs. __________________ Logfiles bitte immer in CODE-Tags posten

Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen?

Log-Analyse und Auswertung: Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen?