"Virus: Win32.Trojan.PSE.IUKE9I (Engine B)" durch Antivirusprogramm GData gefunden.

LesGrossman · 04.08.2023, 20:02

Hallo liebes Trojaner-Board-Team,

mein Antivirus-Programm GData hat heute in einem Scan folgenden Virus gefunden:

Virus: Win32.Trojan.PSE.IUKE9I (Engine B)

Dieser wurde durch das Programm nun in Quarantäne verschoben.
Handelt es sich dabei überhaupt um ein Virus und bin ich soweit "sicher"?

Schon einmal vielen Dank für Eure Hilfe!

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-08-2023
durchgeführt von ***** (Administrator) auf PC-NEU (Micro-Star International Co., Ltd. MS-7B33) (04-08-2023 20:44:24)
Gestartet von C:\Users\*****\OneDrive\Desktop\FRST64 (1).exe
Geladene Profile: *****
Plattform: Microsoft Windows 10 Home Version 22H2 19045.3208 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Common Files\G Data\AVKProxy\DnsCloudClient.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(C:\Program Files (x86)\Common Files\G Data\AVKProxy\DnsCloudClient.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe ->) (G DATA CyberDefense AG -> G Data CyberDefense AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\DnsCloudClient.exe
(C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe ->) (G DATA CyberDefense AG -> G DATA CyberDefense AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe ->) (G DATA Software AG -> G DATA CyberDefense AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe ->) (G DATA CyberDefense AG -> G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\atieclxx.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <36>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\*****\AppData\Local\Microsoft\OneDrive\23.147.0716.0001\Microsoft.SharePoint.exe
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\ElevationService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (G DATA CyberDefense AG -> G DATA CyberDefense AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(services.exe ->) (G DATA CyberDefense AG -> G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(services.exe ->) (G DATA CyberDefense AG -> G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(services.exe ->) (G DATA CyberDefense AG -> G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(services.exe ->) (Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe <2>
(services.exe ->) (ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe <2>

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-02-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-07-29] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [479368 2020-01-23] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\RunOnce: [AVKSig] => cmd /c "start "" "C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVK.exe" /VirUpdt:B" (Keine Datei)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37073360 2023-08-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\Run: [MicrosoftEdgeAutoLaunch_4673EA686870A11B2CD74C228BB15D2C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\*****\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\*****\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\RunOnce: [Uninstall 23.142.0709.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\*****\AppData\Local\Microsoft\OneDrive\23.142.0709.0001"
HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG6200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAU.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6200 series: C:\WINDOWS\system32\CNMLMAU.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\115.0.5790.111\Installer\chrmstp.exe [2023-08-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MTWSAndroidAppHelper.lnk [2021-03-26]
ShortcutTarget: MTWSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\WSAndroidAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MTWSAppHelper.lnk [2021-03-26]
ShortcutTarget: MTWSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\WSAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {B619E52E-BBA1-4222-8C0D-02B74DB732A9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {DE7DA460-F259-4AC3-9BE7-F11EC1E23BB2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {38223745-A75C-40DA-84C2-811072C8B3E5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BB70E0C0-8A39-422F-BE0B-28FD6C8B7427} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-15] (Google LLC -> Google LLC)
Task: {44D9BFC9-1B99-4962-9AAE-211B42F383CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-15] (Google LLC -> Google LLC)
Task: {611973EA-D614-4F57-8242-10DE838956C7} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [6438536 2017-04-06] (Hewlett Packard -> HP Inc.)
Task: {8D182FB8-F495-4593-88D6-4096F417A9BC} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {634A634C-9FBF-4FB1-967E-0D234372945A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656136 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {D03CD18B-38B2-446C-8BA7-89D2025AA2E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656136 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4480FCCE-341E-47C3-9768-D0A064AEFFDF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158576 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {1CEBC0CB-41B4-46A7-873E-865079D711B3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158576 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB548569-5101-41DC-A297-9D3DDEBAC187} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {839D8750-8591-4B8C-9BEF-FF8529B3B2E4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1192856 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3259073-04B2-49F8-B271-BA7B195423A6} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-07-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B31AA0F0-030D-4342-A76E-415846D55BFF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-13] (Mozilla Corporation -> Mozilla Foundation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{73757a0c-d8fa-4e09-9005-13d63c471211}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e2b39a3a-e851-4c33-b662-102aa3b33467}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge Profile: C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-04]
Edge Extension: (Edge relevant text changes) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-25]
Edge Extension: (G DATA WebProtection) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pehnahjhohlhchmcpcjcfnafkebenbgn [2023-04-24]
Edge HKLM\...\Edge\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2022-10-21]
Edge HKLM-x32\...\Edge\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2022-10-21]

FireFox:
========
FF DefaultProfile: sbf7z375.default
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\sbf7z375.default [2019-05-29]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i4cqklss.default-release [2023-07-18]
FF Notifications: Mozilla\Firefox\Profiles\i4cqklss.default-release -> hxxps://www.n-tv.de
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2023-07-25]
CHR Extension: (Präsentationen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-15]
CHR Extension: (Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-15]
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-11]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-15]
CHR Extension: (Tabellen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-15]
CHR Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-11]
CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-11]
CHR HKLM\...\Chrome\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2022-10-21]
CHR HKLM-x32\...\Chrome\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2022-10-21]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [7704824 2023-07-11] (G DATA CyberDefense AG -> G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3859712 2023-07-11] (G DATA CyberDefense AG -> G DATA CyberDefense AG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878376 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
S3 ComboCleaner.Guard; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe [143488 2021-11-05] (RCS LT, UAB -> RCS LT)
S3 ComboCleaner.WinService; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe [151168 2021-11-05] (RCS LT, UAB -> RCS LT)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-07-29] (Dropbox, Inc -> Dropbox, Inc.)
R2 ElevationService; C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\ElevationService.exe [913408 2021-01-08] () [Datei ist nicht signiert]
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [7072000 2023-07-11] (G DATA CyberDefense AG -> G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2124528 2023-07-11] (G DATA CyberDefense AG -> G DATA Software AG)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [479368 2020-01-23] (Geek Software GmbH -> Geek Software GmbH)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 GDBackupSvc; "C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\amdkmdag.sys [94467928 2023-04-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 ampa; C:\windows\system32\ampa.sys [17008 2013-11-29] (ChengDu AoMei Tech Co., Ltd -> ) [Datei ist nicht signiert]
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [278504 2023-07-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> G DATA CyberDefense AG)
R3 GDKBB; C:\windows\system32\drivers\GDKBB64.sys [36264 2023-08-04] (Microsoft Windows Hardware Compatibility Publisher -> G DATA CyberDefense AG)
R3 GDKBFlt; C:\windows\system32\drivers\GDKBFlt64.sys [38984 2023-08-04] (G DATA Software AG -> G DATA Software AG)
R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [896424 2022-10-23] (Microsoft Windows Hardware Compatibility Publisher -> G DATA CyberDefense AG)
R3 GDNetflt; C:\WINDOWS\System32\DRIVERS\gdnetflt.sys [147880 2020-09-03] (G DATA Software AG -> G DATA Software AG)
R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [313768 2023-08-04] (Microsoft Windows Hardware Compatibility Publisher -> G DATA CyberDefense AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [78760 2023-08-04] (Microsoft Windows Hardware Compatibility Publisher -> G DATA Software AG)
R3 GRD; C:\windows\system32\drivers\GRD.sys [125640 2023-08-04] (G DATA Software AG -> G Data Software)
S3 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [327104 2022-10-23] (Microsoft Windows Hardware Compatibility Publisher -> G DATA CyberDefense AG)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-10-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [455968 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-28] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-08-04 20:43 - 2023-08-04 20:44 - 000000000 ____D C:\FRST
2023-08-04 20:43 - 2023-08-04 20:43 - 000002005 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2023-08-04 20:40 - 2023-08-04 20:40 - 002700800 _____ (Farbar) C:\Users\*****\Downloads\Nicht bestätigt 543888.crdownload
2023-08-04 20:39 - 2023-08-04 20:39 - 002700800 _____ (Farbar) C:\Users\*****\Downloads\FRST64 (1).exe
2023-08-04 20:38 - 2023-08-04 20:38 - 002700800 _____ (Farbar) C:\Users\*****\Downloads\Nicht bestätigt 210843.crdownload
2023-08-04 20:27 - 2023-08-04 20:27 - 008791352 _____ (Malwarebytes) C:\Users\*****\Downloads\adwcleaner (1).exe
2023-08-02 18:27 - 2023-08-02 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-07-29 23:20 - 2023-07-29 23:20 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-07-21 23:17 - 2023-07-21 23:17 - 015430037 _____ C:\Users\*****\Downloads\2022 Annual Report and Form 10-K (1).pdf
2023-07-21 23:16 - 2023-07-21 23:17 - 022085354 _____ C:\Users\*****\Downloads\2022_Sustainability_Report.pdf
2023-07-19 17:19 - 2023-07-19 17:19 - 000193053 _____ C:\Users\*****\Downloads\A52420.pdf
2023-07-14 11:54 - 2023-07-14 11:54 - 000000000 ___HD C:\$WinREAgent
2023-07-13 13:48 - 2023-07-14 11:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-12 13:46 - 2023-07-12 13:46 - 000027392 _____ (G DATA CyberDefense AG) C:\WINDOWS\SysWOW64\GDScrSv.de.dll
2023-07-11 19:14 - 2023-07-11 19:14 - 004758016 _____ (G DATA CyberDefense AG) C:\WINDOWS\SysWOW64\GdScrSv.scr
2023-07-10 18:50 - 2023-07-10 18:50 - 000127928 ____N (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdnetflt.sys.gdtmp

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-08-04 20:43 - 2020-10-21 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2023-08-04 20:43 - 2019-05-29 20:52 - 000000000 ____D C:\ProgramData\G Data
2023-08-04 20:42 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-04 20:42 - 2019-05-29 20:55 - 000078760 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2023-08-04 20:42 - 2019-05-29 20:55 - 000038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2023-08-04 20:42 - 2019-05-29 20:55 - 000036264 _____ (G DATA CyberDefense AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2023-08-04 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-04 20:15 - 2020-09-10 12:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-04 19:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-04 19:53 - 2021-12-16 23:30 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-04 19:53 - 2020-05-15 20:59 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-04 19:39 - 2019-05-29 20:45 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2023-08-04 19:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-04 19:04 - 2019-05-29 21:11 - 000000000 ____D C:\Program Files\Microsoft Office
2023-08-04 18:56 - 2019-05-30 21:27 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2023-08-04 18:55 - 2021-03-29 18:46 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Outlook-Dateien
2023-08-04 18:55 - 2019-05-29 21:20 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Excel
2023-08-04 18:54 - 2020-05-15 20:59 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-04 18:51 - 2020-09-10 13:00 - 001888328 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-04 18:51 - 2019-12-07 16:50 - 000785596 _____ C:\WINDOWS\system32\perfh007.dat
2023-08-04 18:51 - 2019-12-07 16:50 - 000167710 _____ C:\WINDOWS\system32\perfc007.dat
2023-08-04 18:51 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-04 18:50 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-08-04 18:48 - 2021-12-12 21:18 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2524069750-3988961185-1916270713-1005
2023-08-04 18:48 - 2020-09-10 12:59 - 000003926 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-04 18:48 - 2020-09-10 12:59 - 000003802 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-08-04 18:48 - 2020-09-10 12:59 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2524069750-3988961185-1916270713-1005
2023-08-04 18:48 - 2020-09-10 12:53 - 000002406 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-04 18:46 - 2019-11-03 18:11 - 000000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2023-08-04 18:46 - 2019-11-03 18:10 - 000000000 ____D C:\Users\*****\AppData\Local\Dropbox
2023-08-04 18:44 - 2020-09-10 12:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-04 18:44 - 2020-09-10 12:52 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-03 15:17 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-03 15:17 - 2019-05-24 15:28 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-08-02 18:27 - 2019-11-03 18:10 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-08-02 18:25 - 2019-11-03 18:12 - 000000000 ___RD C:\Users\*****\Dropbox
2023-07-30 07:56 - 2021-04-14 19:58 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2023-07-29 13:44 - 2022-10-26 20:47 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-21 17:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-07-20 22:25 - 2020-08-13 15:07 - 000000000 ____D C:\Users\*****\AppData\Local\EpicGamesLauncher
2023-07-19 22:04 - 2020-08-05 18:59 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Teams
2023-07-19 18:15 - 2020-09-10 12:52 - 000642896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-19 18:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-19 18:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-19 18:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-19 18:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-19 18:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-19 18:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-19 18:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-18 20:58 - 2022-02-10 13:55 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-17 17:49 - 2019-06-22 14:31 - 000000000 ____D C:\Users\*****\AppData\Roaming\Sky Go
2023-07-14 12:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-14 11:58 - 2020-09-10 12:54 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-07-14 11:39 - 2019-05-30 08:05 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Word
2023-07-14 11:32 - 2019-05-29 23:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-13 14:39 - 2019-05-31 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-13 14:37 - 2019-05-31 18:34 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-12 20:47 - 2019-05-29 21:20 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Office
2023-07-11 14:30 - 2022-10-14 18:25 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-07-11 14:30 - 2020-09-10 12:59 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-07-06 10:01 - 2020-09-10 12:59 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-06 10:01 - 2020-09-10 12:59 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2019-05-29 20:55 - 2019-05-29 20:55 - 000000000 _____ () C:\Users\*****\AppData\Roaming\gdfw.log
2019-05-29 20:55 - 2019-05-29 20:55 - 000000779 _____ () C:\Users\*****\AppData\Roaming\gdscan.log
2021-04-08 07:39 - 2021-04-08 07:39 - 000000000 _____ () C:\Users\*****\AppData\Local\{9CD2F8CE-70F7-4D5B-81F6-29DE9ABF7127}

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-08-2023
durchgeführt von ***** (04-08-2023 20:46:57)
Gestartet von C:\Users\*****\OneDrive\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3208 (X64) (2020-09-10 10:59:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2524069750-3988961185-1916270713-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2524069750-3988961185-1916270713-503 - Limited - Disabled)
Gast (S-1-5-21-2524069750-3988961185-1916270713-501 - Limited - Disabled)
***** (S-1-5-21-2524069750-3988961185-1916270713-1005 - Administrator - Enabled) => C:\Users\*****
WDAGUtilityAccount (S-1-5-21-2524069750-3988961185-1916270713-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Disabled - Up to date) {306EF9D4-90EF-3FB7-151E-73C2982F8C0E}
AV: G DATA INTERNET SECURITY (Disabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {9A031196-8C4F-6B12-1520-CC6F3EA1D298}
AV: G DATA INTERNET SECURITY (Disabled - Up to date) {162CBBAC-D872-54E2-BCED-EF0F44D2D699}
FW: G DATA INTERNET SECURITY (Disabled) {085578F1-DA80-3EEF-3E41-DAF766FCCB75}
FW: G DATA INTERNET SECURITY (Enabled) {A23890B3-C620-6A4A-3E7F-655AC07295E3}
FW: G DATA INTERNET SECURITY (Disabled) {2E173A89-921D-55BA-97B2-463ABA0191E2}
FW: G DATA INTERNET SECURITY (Disabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.003.20244 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.5.1 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
ClickCharts Flussdiagramm-Software (HKLM-x32\...\ClickCharts) (Version: 6.64 - NCH Software)
Combo Cleaner (HKLM\...\{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT) Hidden
Combo Cleaner (HKLM-x32\...\InstallShield_{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT)
CoolUtils Outlook Viewer (HKLM-x32\...\CoolUtils Outlook Viewer_is1) (Version: 2.5 - Softplicity, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 179.4.4985 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.761.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{2D833785-910B-4E02-9A6B-51BD3D2F2FCE}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Excel (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.5.16.125 - G DATA CyberDefense AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.111 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{1E18E86D-632C-48B5-962C-B60C2E53A478}) (Version: 36.0.41.58587 - HP)
HP ENVY 4520 series - Grundlegende Software für das Gerät (HKLM\...\{634CB8C9-392E-4DDD-ADD9-4350B5117FA6}) (Version: 40.11.1122.1796 - HP Inc.)
HP ENVY 4520 series Hilfe (HKLM-x32\...\{AC3A5663-59A5-4421-9A4C-7309A4FEC06D}) (Version: 36.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{039DDA62-50CC-4E7F-9D54-7CF032A2D362}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
iCareFone for WhatsApp Transfer 3.0.2.182 (HKLM-x32\...\{Tenorshare iCareFone for WhatsApp Transfer}_is1) (Version: 3.0.2.182 - Tenorshare, Inc.)
iCloud Outlook (HKLM\...\{BC06C9EA-78BE-4B52-BA89-E6FAAFBF3CB0}) (Version: 12.2.0.10 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{19D17223-0F9C-4155-8057-AA6F49A26E69}) (Version: 10.1.17861.8101 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1842.12.0.1168 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{729EDC54-AD3F-415F-B075-EFF12200F7E8}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{ADDD241F-86F9-47E5-80F2-6A2BAE7D7D49}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{13598D46-EA89-45DD-8E29-EE4479665F99}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.0.1009 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{8B93CAC3-6008-4C17-9FB0-B4F6F90FF316}) (Version: 17.2.0.1009 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{fcfc894b-0d54-4d39-826f-dcb39ce5dde7}) (Version: 10.1.17861.8101 - Intel(R) Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.2.4.1 (HKLM-x32\...\{2929EE31-369A-4BA4-9A58-1D038B91B765}) (Version: 7.2.4.1 - The Document Foundation)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.16626.20156 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\Teams) (Version: 1.6.00.11166 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{7AE98414-C8A5-47D4-BEA7-EBD4A2C57A77}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{798627BD-2A12-4C07-A39B-6D0537295702}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 115.0.2 (x64 de)) (Version: 115.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16626.20156 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.122.52971 - Electronic Arts, Inc.)
Outlook (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
PDF24 Creator 9.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PowerPoint (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Pulse Application Launcher (HKLM-x32\...\{E63082ED-21FB-42D6-B36D-894C1A3C93B3}) (Version: 22.3.18209 - Ivanti, Inc.)
Pulse Secure Host Checker (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\PulseSecure_Host_Checker) (Version: 9.1.18.23345 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\Pulse_Setup_Client) (Version: 22.3.1.18209 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC)
Pulse Secure Terminal Services Client (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\Pulse_Term_Services) (Version: 9.1.18.23345 - Pulse Secure, LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8470 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
Sky Go 23.5.1.0 (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\com.bskyb.skygoplayer_is1) (Version: 23.5.1.0 - Sky)
Sky Ticket 6.6.0.0 (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\com.bskyb.skyticket_is1) (Version: 6.6.0.0 - Sky Ticket)
Skype Version 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
SMS Manager (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\SmsManager) (Version: 1.5.0 - 1und1 Mail and Media GmbH)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP ENVY 4520 series (HKLM\...\{D40CE8B6-DA4E-45B5-8AFE-028947BF24FD}) (Version: 40.11.1122.1796 - HP Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/27/2012 7.0.0000.00004) (HKLM\...\D43FD4059F47ACA9539247D6CF690AAEA503AF2D) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd.  (dg_ssudbus) USB  (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd.  (ssudmdm) Modem  (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd.  (WinUSB) AndroidUsbDeviceClass  (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Wondershare MobileTrans ( Version 2.1.6 ) (HKLM-x32\...\{72289023-823E-4AF7-A65F-C608481758AC}_is1) (Version: 2.1.6 - Wondershare)
Word (HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_147.1.1079.0_x64__v10z8vjag6ke6 [2023-07-14] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa [2023-07-27] (Apple Inc.) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-05] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2307.24001.0_x64__8wekyb3d8bbwe [2023-08-04] (Microsoft Corporation) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-03-28] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-20] (Microsoft Studios) [MS Ad]

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2524069750-3988961185-1916270713-1005_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23089.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2524069750-3988961185-1916270713-1005_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20107.1\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2524069750-3988961185-1916270713-1005_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\*****\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2524069750-3988961185-1916270713-1005_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\*****\Dropbox [2019-11-03 18:12]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2022-03-15] (G DATA CyberDefense AG -> G DATA Software AG)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2022-03-15] (G DATA CyberDefense AG -> G DATA Software AG)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> Keine Datei
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2022-03-15] (G DATA CyberDefense AG -> G DATA Software AG)
ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2022-03-15] (G DATA CyberDefense AG -> G DATA Software AG)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2020-10-31 22:28 - 2020-10-31 22:28 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-12-18 17:05 - 2020-10-31 22:28 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2020-12-18 17:05 - 2020-10-31 22:28 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2023-03-14 21:42 - 2020-10-31 22:28 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2023-03-14 21:42 - 2020-10-31 22:28 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2023-03-14 21:42 - 2020-10-31 22:28 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2023-03-14 21:42 - 2020-10-31 22:28 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2023-03-14 21:42 - 2020-10-31 22:28 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2023-03-14 21:42 - 2020-10-31 22:28 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mifcom.de/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-04-06 21:28 - 2021-04-06 21:28 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2524069750-3988961185-1916270713-1005\Control Panel\Desktop\\Wallpaper -> c:\users\*****\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\winterfell-game-of-thrones-20412685-1920-1080.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{097C1630-2E12-4516-B588-1A7820658AE7}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS254C\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{37A86AEB-62EA-4C82-9E49-3E455F1DD679}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS254C\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{8A76D9FB-D4ED-4B92-B988-EEFB8672ABDA}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS24F0\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{3302A5D4-868E-4847-855F-9DF0F7F3E064}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS24F0\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{2DD7F8A7-9301-4DCB-A18F-D88CEFDDA133}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F14BE406-9068-4D93-A3F7-A97648178ABB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8A1EB5EC-4CB9-4D97-9E2C-96A065B3AEA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => Keine Datei
FirewallRules: [{EDAC096F-FD6A-4C10-9F8E-9EEC4CE60760}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => Keine Datei
FirewallRules: [{37A50267-99E8-49F1-9F69-A44A69DCBFCE}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS01BD\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{8CEE4D5E-23EF-4F4D-A287-741BF39605EB}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS01BD\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{351A7659-F4F6-40F0-A32B-A41EB363793E}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS7F57\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{DC271EF5-8EFD-4B35-9C9C-7A28973657FA}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS7F57\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{1862435F-200D-4B36-B569-30264CFBE0FF}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS7E3B\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{4345B20F-A7A8-4157-B0A3-F70C5AF925BD}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS7E3B\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{BFD0CE77-645D-4DAB-A8F5-566FA2013677}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{099FF24F-B19C-4FD7-998C-FA6A77EDAEDC}] => (Allow) LPort=5357
FirewallRules: [{65C7EEFB-2FD6-4C24-B349-087DCB35F7DB}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{B0B879FA-A4A5-437F-838A-D0FDB0265E49}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS3A6C\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{90EDC32A-79DF-4856-8C1B-47E99548A558}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS3A6C\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{FEFC2CBA-5E47-4121-882A-15643DF08A5F}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS33DA\HP.EasyStart.exe => Keine Datei
FirewallRules: [{3C32EE7A-97B9-4A16-ABCB-CD5F6D1A442C}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS31A5\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{0AE873D2-EF5F-465E-AFBF-8D23FF3BFF62}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS31A5\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{C825F033-8640-41A5-A297-D6F8421BD408}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS3436\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{AF0E10CF-C437-4ED1-8F44-62A41EA51FD9}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS3436\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{A9145B7E-E7E9-469F-B990-9284CB4150F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0220D2AB-89D9-4A7A-BEC8-7F25862F7B8A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5A881792-564A-4416-A354-D11A5EBCECF6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{9DB0509A-BD79-455C-A662-685E7E32E417}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{DAFED0EF-FD4D-40FB-835B-FCE8FB7731D0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{ECE784C3-AB31-424F-AEF6-2DF27351808B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{86A661F5-12B6-489F-8154-94B4ECFB047C}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS1655\HP.EasyStart.exe => Keine Datei
FirewallRules: [{E269BF26-3383-4FE2-A03E-01F625E60583}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0BF484F4-6827-418D-85D7-9B6D27B2EACC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F4C6FD0C-FE04-446B-8E74-D49D57D9EC63}] => (Allow) C:\Users\Administrator\Desktop\X13\Apps\MadShaders\GLSLHacker.exe => Keine Datei
FirewallRules: [{C51EC4C0-AF50-4914-81B9-C8E3F44143C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => Keine Datei
FirewallRules: [{54D0534A-D4FA-4430-8028-F9F19BFCFA3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => Keine Datei
FirewallRules: [{D3DF7225-C95C-4F0B-8B5C-54B7B45B69CB}] => (Allow) C:\Users\*****\OneDrive\Desktop\whatsapp-transfer.exe => Keine Datei
FirewallRules: [{D5393ED1-7816-4215-A6B0-FF3F6C8430C3}] => (Allow) C:\Users\*****\OneDrive\Desktop\whatsapp-transfer.exe => Keine Datei
FirewallRules: [{09AC0997-8C55-4C07-AA4E-0B5E4141B339}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => Keine Datei
FirewallRules: [{2531A1AF-B911-417F-8A70-0A2C478F1551}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => Keine Datei
FirewallRules: [{6EEBA252-26D5-4457-BF34-8CCB2436E2D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe => Keine Datei
FirewallRules: [{5344C431-376F-4259-AF8B-818913995633}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe => Keine Datei
FirewallRules: [{072CE54F-2DF5-481E-AD88-14A26710CF60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe => Keine Datei
FirewallRules: [{3B30E94E-41F5-45AC-9ADE-18386690F856}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe => Keine Datei
FirewallRules: [{877147CD-709B-4C97-BC8E-BECA92777E7B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5BB12C7F-86B5-4192-BFD2-6FA19C97F128}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (Creative Assembly Ltd) [Datei ist nicht signiert]
FirewallRules: [{2945F0AC-4553-431B-9CCA-500359F95CAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (Creative Assembly Ltd) [Datei ist nicht signiert]
FirewallRules: [{77586B1F-54F8-4F44-BE35-690B0F3FFE66}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3F6D580-6C46-42D0-BCCE-840BD899D40C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF9FB532-8B1C-482E-B614-2B90889DBE10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DEA92FD8-1E12-4A66-B845-FC7BE7A8567E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53F53AA6-E585-42D1-88C5-46DF7474E43F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{398BF309-324F-47DC-AF31-7397A7408BC4}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{BD1B48AB-3AA2-4B93-B727-BCB8403B3C07}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{F87709EB-52D2-4A6D-9DEB-945A01DCF788}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Wiederherstellungspunkte =========================

23-07-2023 17:13:08 Geplanter Prüfpunkt
04-08-2023 19:48:25 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (08/04/2023 06:47:10 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Der Windows-Sicherheitscenterdienst konnte keine Instanzen von FirewallProduct aus dem Datastore laden.

Error: (08/02/2023 06:27:35 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (08/02/2023 06:27:34 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (08/02/2023 06:27:19 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Der Windows-Sicherheitscenterdienst konnte keine Instanzen von FirewallProduct aus dem Datastore laden.

Error: (08/02/2023 06:26:37 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (08/02/2023 06:26:37 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (07/30/2023 08:24:59 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Der Windows-Sicherheitscenterdienst konnte keine Instanzen von FirewallProduct aus dem Datastore laden.

Error: (07/30/2023 05:32:41 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Der Windows-Sicherheitscenterdienst konnte keine Instanzen von FirewallProduct aus dem Datastore laden.


Systemfehler:
=============
Error: (08/04/2023 06:44:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LMS" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (08/03/2023 03:17:25 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "SecurityHealthService" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (08/03/2023 03:17:15 PM) (Source: DCOM) (EventID: 10010) (User: PC-NEU)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/03/2023 03:15:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LMS" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (08/02/2023 06:29:11 PM) (Source: DCOM) (EventID: 10010) (User: PC-NEU)
Description: Der Server "Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/02/2023 06:29:10 PM) (Source: DCOM) (EventID: 10010) (User: PC-NEU)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/02/2023 06:25:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LMS" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/30/2023 11:04:04 PM) (Source: DCOM) (EventID: 10010) (User: PC-NEU)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================Event[0]:

Date: 2022-10-28 08:57:07
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.303.25.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.16400.2
Fehlercode: 0x8007045b
Fehlerbeschreibung: Der Computer wird heruntergefahren. 

CodeIntegrity:
===============
Date: 2023-08-04 20:43:34
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-08-04 20:43:33
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\G DATA\InternetSecurity\AVK\avkwscpe.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-08-04 20:43:33
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\AVKProxy\GDAMSIx64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 1.80 03/28/2019
Hauptplatine: Micro-Star International Co., Ltd. H310M PRO-VD (MS-7B33)
Prozessor: Intel(R) Core(TM) i3-8100 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 75%
Installierter physikalischer RAM: 8126.61 MB
Verfügbarer physikalischer RAM: 1951 MB
Summe virtueller Speicher: 18878.61 MB
Verfügbarer virtueller Speicher: 9305.82 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:411.36 GB) (Free:129.31 GB) (Model: Samsung SSD 860 EVO 500GB) NTFS
Drive d: (Volume) (Fixed) (Total:50 GB) (Free:35.28 GB) (Model: Samsung SSD 860 EVO 500GB) NTFS

\\?\Volume{57ba182c-c93a-473b-bf67-1b3e1ad8fe82}\ (Recovery) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{6cb23ae9-643b-42ae-9812-a6a1e003b80c}\ (EFI) (Fixed) (Total:1.46 GB) (Free:1.43 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 45FE2001)

Partition: GPT.

==================== Ende von Addition.txt =======================

GData-Protokoll:

Code:

ATTFilter

Startzeit	Art	Titel	Status
2023-08-04 18:56:03	Virenprüfung		Fertig

Virenprüfung mit G DATA INTERNET SECURITY
Version 25.5.12.833 (16.03.2022)
Virensignaturen vom 04.08.2023
Startzeit: 04.08.2023 18:56:03
Engine(s): Engine A (AVA 25.36317), Engine B (GD 27.32661)
Heuristik: Ein
Archive: Ein
Systembereiche: Ein
RootKits prüfen: Ein

Prüfung der Systembereiche...
Prüfung aller im Speicher befindlichen Prozesse und Verweise im Autostart...
Prüfung auf RootKits...
Prüfung aller lokalen Festplatten...
Analyse vollständig durchgeführt: 04.08.2023 19:38:17
    708881 Dateien überprüft
    1 infizierte Dateien gefunden
    0 verdächtige Dateien gefunden


Objekt: get_win8key.exe
	Pfad: C:\Recovery\OEM
	Status: Datei in Quarantäne verschoben
	Virus: Win32.Trojan.PSE.IUKE9I (Engine B)

Der Zugriff auf die folgenden Dateien wurde verweigert:
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
C:\System Volume Information\{efb60abc-2969-11ee-8d67-40b076581e00}{3808876b-c176-4e48-b7ae-04046e6cc752}
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\ApplePhotoStreams-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\APSDaemon-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\iCloudChrome.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\GameBarElevatedFT_Alias.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\iCloudCKKS-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\iCloudDrive-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\iCloudFirefox.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\iCloudPasswords-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\iCloudPhotos-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\iCloudPasswordsExtensionHelper.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\iCloudPhotoViewer-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\iCloudServices-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\iCloudPrefs-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\MediaPlayer.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\MicrosoftEdge.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\python.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\python3.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\Skype.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\WindowsPackageManagerServer.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\winget.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\ApplePhotoStreams-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\APSDaemon-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\eReporter-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\iCloudChrome.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\iCloudCKKS-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\iCloudDrive-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\iCloudFirefox.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\iCloudPasswords-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\iCloudPasswordsExtensionHelper.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\iCloudPhotos-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\iCloudPhotoViewer-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\iCloudPrefs-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\AppleInc.iCloud_nzyj5cx40ttqa\iCloudServices-AppX.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\python.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\python3.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\WindowsPackageManagerServer.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\winget.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\Microsoft.SkypeApp_kzf8qxf38zg5c\Skype.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\GameBarElevatedFT_Alias.exe
C:\Users\*****\AppData\Local\Microsoft\WindowsApps\Microsoft.ZuneMusic_8wekyb3d8bbwe\MediaPlayer.exe

Die folgenden Dateien sind Passwortgeschützt:
C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\Library\iTunes_Control_ios10.zip
C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\Library\iTunes_Control_ios11.zip
C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\Library\iTunes_Control_ios12.zip
C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\Library\iTunes_Control_ios13.zip
C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\Library\iTunes_Control_ios14.zip
C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\Library\iTunes_Control_ios5.zip
C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\Library\iTunes_Control_ios6.zip
C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\Library\iTunes_Control_ios7.zip
C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\Library\iTunes_Control_ios8.zip
C:\Program Files (x86)\Wondershare\MobileTrans (Deutsch)(CPC)\Library\iTunes_Control_ios9.zip
C:\$Recycle.Bin\S-1-5-21-2524069750-3988961185-1916270713-1005\$RCH6XD7\*****\Vorlesungsunterlagen\Betriebliche Steuerlehre 2.pdf
C:\$Recycle.Bin\S-1-5-21-2524069750-3988961185-1916270713-1005\$RCH6XD7\*****\Vorlesungsunterlagen\MdG&WS14_Übungsklausur 20142015.pdf
C:\$Recycle.Bin\S-1-5-21-2524069750-3988961185-1916270713-1005\$RCH6XD7\*****\Vorlesungsunterlagen\MdG&WS15\MdG_WS1516_Kap.1.1.pdf
C:\$Recycle.Bin\S-1-5-21-2524069750-3988961185-1916270713-1005\$RCH6XD7\*****\Vorlesungsunterlagen\MdG&WS15\MdG_WS1516_Kap.1.2_1.3.pdf
C:\$Recycle.Bin\S-1-5-21-2524069750-3988961185-1916270713-1005\$RCH6XD7\*****\Vorlesungsunterlagen\MdG&WS15\MdG_WS1516_Kap.2.1.pdf
C:\$Recycle.Bin\S-1-5-21-2524069750-3988961185-1916270713-1005\$RRBYB9X\Bank-Ordner\ING-Depot\Allgemeines\Direkt-Depot_Unterlagen_0300_B359852119.pdf
C:\Users\*****\OneDrive\Desktop\Investments\Depot\ING\Direkt-Depot_Unterlagen_0300_B356333442.pdf
C:\Users\Public\Documents\Wondershare\mobiletrans_full6746.exe
D:\*****\#Archiv\Investments_alt\Depot\ING\Direkt-Depot_Unterlagen_0300_B356333442.pdf
D:\*****\Investments\Depot\ING\Direkt-Depot_Unterlagen_0300_B356333442.pdf
D:\Sicherung Dropbox\Archiv\*****\Vorlesungsunterlagen\Betriebliche Steuerlehre 2.pdf
D:\Sicherung Dropbox\Archiv\*****\Vorlesungsunterlagen\MdG&WS14_Übungsklausur 20142015.pdf
D:\Sicherung Dropbox\Archiv\*****\Vorlesungsunterlagen\MdG&WS15\MdG_WS1516_Kap.1.1.pdf
D:\Sicherung Dropbox\Archiv\*****\Vorlesungsunterlagen\MdG&WS15\MdG_WS1516_Kap.1.2_1.3.pdf
D:\Sicherung Dropbox\Archiv\*****\Vorlesungsunterlagen\MdG&WS15\MdG_WS1516_Kap.2.1.pdf

"Virus: Win32.Trojan.PSE.IUKE9I (Engine B)" durch Antivirusprogramm GData gefunden.

Log-Analyse und Auswertung: "Virus: Win32.Trojan.PSE.IUKE9I (Engine B)" durch Antivirusprogramm GData gefunden.

"Virus: Win32.Trojan.PSE.IUKE9I (Engine B)" durch Antivirusprogramm GData gefunden.

Ähnliche Themen: "Virus: Win32.Trojan.PSE.IUKE9I (Engine B)" durch Antivirusprogramm GData gefunden.