Trojaner-Board - [Neuinstallation nötig] Scamming durch angeblichen Microsoft-Support

Hier sind die Log-Files. Die personenbezogenen Daten wie Name, E-Mail habe ich zensiert.

FRST:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2023

durchgeführt von A (Administrator) auf DESKTOP-EG9UPRA (ASUSTeK COMPUTER INC. UX31A) (25-02-2023 13:27:32)

Gestartet von C:\Users\A\Desktop\Neuer Ordner

Geladene Profile: A

Plattform: Microsoft Windows 10 Home Version 21H1 19043.1766 (X64) Sprache: Deutsch (Deutschland)

Standard-Browser: FF

Start-Modus: Normal
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe

(C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe ->) (Synology Inc. -> Synology Inc.) C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe

(C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe ->) (Synology Inc. -> Synology Inc.) C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>

(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe

(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe

(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe

(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(services.exe ->) (DUC FABULOUS CO.,LTD -> ) C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe

(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe

(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe

(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe

(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe

(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe

(Synology Inc. -> Synology Inc.) C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-02-18] (Dropbox, Inc -> Dropbox, Inc.)

HKU\S-1-5-21-837521269-1077034933-2323434603-1001\...\MountPoints2: {53054f5f-6cd1-11ed-860f-c4850810e239} - "E:\ting.exe" 

Startup: C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Backup.lnk [2023-02-24]

ShortcutTarget: Synology Cloud Station Backup.lnk -> C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe (Synology Inc. -> Synology Inc.)

GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {03B9B054-8954-4517-BB01-D51B4ECDB582} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [375232 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)

Task: {0616F65A-9134-4DD1-9090-9A34002E191E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (Keine Datei)

Task: {092220A6-11D2-4B6D-B710-EBB97DBDAC70} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {14D0C8B9-701A-45EC-9801-CF871F95CA95} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)

Task: {20487AFB-0CC5-4470-B714-B9CB7377E5EE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716192 2023-02-20] (Mozilla Corporation -> Mozilla Foundation)

Task: {256BF2D6-6A37-42E5-AC2F-B2DA43670D3E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

Task: {3059786A-7C57-442B-8AB6-540DC6CCFD33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {3633F172-A6CE-48C7-A5CF-D88AA6F4CDF5} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)

Task: {372EC941-217F-4AC4-BAC5-D93A8E1B244A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-02-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate

Task: {45ECFDCE-E5EF-4AAC-8CF0-7F3B6CF3424E} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe (Keine Datei)

Task: {5808D870-51A7-47A3-B096-68083EF9AB63} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [375232 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)

Task: {6B96C578-EAC5-4599-B912-D76B1E9FB487} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}

Task: {8C7932EE-922B-4DDC-86CA-9946CCB47881} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-vorname.nachname@zensiert.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Task: {96854067-5702-4B4B-994F-5F70F621E31B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)

Task: {9BA09726-82FC-4E76-AE12-3EDCC06C58A0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

Task: {A63DB849-75FB-44FF-9D48-4E22A999463B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

Task: {BB768AF3-3997-44F3-98FD-EDA9333BBD9F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)

Task: {C0872FB2-32BE-46F7-B93F-D28D61DC99BD} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /AECBYLISTENTOSTATUS (Keine Datei)

Task: {CB50E0D8-06E5-4340-9CEB-E576971E75FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {D77AACF3-7BA1-4C4B-A314-96252E2FEFB6} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {F36BB83A-E3C7-4ED8-8362-8B222F7CCA58} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe (Keine Datei)

Task: {F5113EC3-F19B-4088-BC96-061A47ABF383} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{c01d9121-7448-40c7-95db-e6c57b68b9f8}: [DhcpNameServer] 192.168.178.1
 

Edge: 

=======

Edge Notifications: HKU\S-1-5-21-837521269-1077034933-2323434603-1001 -> hxxps://web.skype.com

Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]

Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]

Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]

Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]

Edge Profile: C:\Users\A\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-22]

Edge StartupUrls: Default -> "hxxps://google.de/"
 

FireFox:

========

FF DefaultProfile: jkrzr0xq.default

FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\jkrzr0xq.default [2023-02-24]

FF Session Restore: Mozilla\Firefox\Profiles\jkrzr0xq.default -> ist aktiviert.

FF Notifications: Mozilla\Firefox\Profiles\jkrzr0xq.default -> hxxps://www.lieferando.de

FF Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\jkrzr0xq.default\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2023-02-24]

FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\jkrzr0xq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-02-12]

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-26] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2019-04-26] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
 

Opera: 

=======

OPR Profile: C:\Users\A\AppData\Roaming\Opera Software\Opera Stable [2019-04-26]

OPR Extension: (Avira Browserschutz) - C:\Users\A\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2019-04-26]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3729888 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054520 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)

R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [357336 2019-08-02] (Synology Inc. -> )

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-02-18] (Dropbox, Inc -> Dropbox, Inc.)

R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe [2363000 2021-09-24] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)

R2 UltraViewService; C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe [230736 2022-11-12] (DUC FABULOUS CO.,LTD -> )

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)

R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)

S3 MpKsl605e0c05; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6ED8A289-353C-4754-B4BC-ED75A62484A7}\MpKslDrv.sys [214280 2023-02-24] (Microsoft Windows -> Microsoft Corporation)

S3 MpKsl84256f3b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6ED8A289-353C-4754-B4BC-ED75A62484A7}\MpKslDrv.sys [214280 2023-02-24] (Microsoft Windows -> Microsoft Corporation)

S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-20] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-20] (Microsoft Windows -> Microsoft Corporation)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2023-02-25 13:26 - 2023-02-25 13:27 - 000000000 ____D C:\FRST

2023-02-24 22:41 - 2023-02-24 22:41 - 001105356 _____ C:\WINDOWS\Minidump\022423-35468-01.dmp

2023-02-24 21:50 - 2023-02-24 22:23 - 000003190 _____ C:\Users\A\AppData\Roaming\ConEmu.xml

2023-02-24 14:44 - 2023-02-25 13:27 - 000000000 ____D C:\Users\A\Desktop\Neuer Ordner

2023-02-24 14:44 - 2023-02-24 14:44 - 000002304 _____ C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Global service dienst (2).lnk

2023-02-24 14:43 - 2023-02-24 14:43 - 000000000 _____ C:\WINDOWS\UV_LastPW.ini

2023-02-24 14:17 - 2023-02-24 14:18 - 000000000 ____D C:\Users\A\AppData\Roaming\UltraViewer

2023-02-24 14:17 - 2023-02-24 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraViewer

2023-02-24 14:16 - 2023-02-24 14:17 - 000000000 ____D C:\Program Files (x86)\UltraViewer

2023-02-24 14:15 - 2023-02-24 14:15 - 003843368 _____ (DucFabulous ) C:\Users\A\Downloads\UltraViewer_setup_6.6_en.exe

2023-02-24 14:14 - 2023-02-24 14:14 - 002421096 _____ (LogMeIn, Inc.) C:\Users\A\Downloads\Support-LogMeInRescue.exe

2023-02-24 14:14 - 2023-02-24 14:14 - 000002304 _____ C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Global service dienst.lnk

2023-02-24 14:14 - 2023-02-24 14:14 - 000000000 ____D C:\Users\A\AppData\Local\LogMeIn Rescue Applet

2023-02-24 11:53 - 2023-02-24 11:53 - 000000000 ___HD C:\$WinREAgent

2023-02-23 17:45 - 2023-02-23 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2023-02-22 13:55 - 2023-02-22 15:58 - 000011207 _____ C:\Users\A\Desktop\Preisvergleich unverpackt.xlsx

2023-02-20 11:21 - 2023-02-20 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Start 2022

2023-02-20 10:36 - 2023-02-20 10:38 - 640886184 _____ C:\Users\A\Downloads\WISOSteuersoftware2022.exe

2023-02-20 10:13 - 2023-02-20 11:11 - 000308312 _____ C:\WINDOWS\system32\rtp.db

2023-02-19 16:52 - 2023-02-20 10:13 - 000014784 _____ C:\WINDOWS\system32\.tmp

2023-02-18 22:59 - 2023-02-18 22:59 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

2023-02-16 11:01 - 2023-02-16 11:01 - 000043222 _____ C:\Users\A\Desktop\PayPalzahlung Stickeralben.pdf

2023-02-12 11:25 - 2023-02-12 11:27 - 000000949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager.lnk

2023-02-12 11:25 - 2023-02-12 11:27 - 000000000 ____D C:\Program Files\tiptoi® Manager

2023-02-12 11:25 - 2023-02-12 11:25 - 000000000 ____D C:\Users\A\AppData\LocalLow\Ravensburger AG

2023-02-12 11:24 - 2023-02-12 11:24 - 034690408 _____ (Ravensburger AG ) C:\Users\A\Downloads\tiptoi_Manager_Installer.exe

2023-02-02 22:09 - 2023-02-02 22:09 - 001516165 _____ C:\Users\A\Downloads\5883926_Autokindersitze_test-06-2022.pdf

2023-02-02 22:04 - 2023-02-02 22:04 - 000536767 _____ C:\Users\A\Downloads\5923072_Babyphones-test-10-2022.pdf

2023-01-31 20:31 - 2023-02-20 10:25 - 000000000 ____D C:\Program Files\Mozilla Firefox

2023-01-26 11:08 - 2023-01-26 11:08 - 000000000 ____D C:\Users\A\AppData\Local\CEWE

2023-01-26 11:08 - 2023-01-26 11:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm-Fotowelt

2023-01-26 11:00 - 2023-01-26 11:00 - 000000000 ____D C:\Users\A\AppData\Roaming\hps-install
 

==================== Ein Monat (geänderte) ==================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2023-02-25 13:26 - 2020-11-26 15:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2023-02-25 13:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2023-02-25 13:13 - 2019-04-18 10:32 - 000000000 ____D C:\Users\A\AppData\LocalLow\Mozilla

2023-02-25 13:13 - 2019-04-18 10:29 - 000000000 ____D C:\Users\A\AppData\Local\Adobe

2023-02-24 23:51 - 2022-03-03 10:14 - 000000000 ____D C:\Users\A\AppData\Roaming\DropboxElectron

2023-02-24 23:50 - 2020-07-31 14:06 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture

2023-02-24 23:50 - 2019-04-17 16:24 - 000000000 __SHD C:\Users\A\IntelGraphicsProfiles

2023-02-24 23:42 - 2020-11-26 15:20 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2023-02-24 23:42 - 2019-12-07 15:50 - 000746440 _____ C:\WINDOWS\system32\perfh007.dat

2023-02-24 23:42 - 2019-12-07 15:50 - 000150810 _____ C:\WINDOWS\system32\perfc007.dat

2023-02-24 23:42 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF

2023-02-24 23:37 - 2020-11-26 15:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2023-02-24 23:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState

2023-02-24 22:50 - 2022-02-15 22:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38

2023-02-24 22:42 - 2021-11-19 22:00 - 000000000 ____D C:\WINDOWS\Minidump

2023-02-24 22:41 - 2020-11-26 15:18 - 000000000 ____D C:\Users\A

2023-02-24 21:19 - 2020-04-07 20:32 - 000000000 ____D C:\Users\A\AppData\Local\CloudStationBackup

2023-02-24 14:43 - 2019-04-27 10:02 - 000001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job

2023-02-24 14:43 - 2019-04-27 10:02 - 000001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

2023-02-24 14:12 - 2022-11-22 12:28 - 000000000 ____D C:\Users\A\AppData\Local\CrashDumps

2023-02-24 13:13 - 2019-04-18 17:40 - 000000000 ____D C:\Users\A\AppData\Roaming\vlc

2023-02-24 12:27 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp

2023-02-24 10:08 - 2019-10-09 14:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData

2023-02-24 08:37 - 2019-04-27 10:02 - 000000000 ____D C:\Users\A\AppData\Local\Dropbox

2023-02-23 17:45 - 2019-04-27 10:02 - 000000000 ____D C:\Program Files (x86)\Dropbox

2023-02-23 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness

2023-02-23 17:42 - 2020-11-26 15:27 - 000004296 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA

2023-02-23 17:42 - 2020-11-26 15:27 - 000004064 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore

2023-02-22 11:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps

2023-02-22 10:15 - 2019-04-26 21:12 - 000000000 ____D C:\Users\A\Desktop\ebay-nebenan

2023-02-22 09:46 - 2019-04-26 20:46 - 000000000 ____D C:\Program Files\Microsoft Office 15

2023-02-20 11:23 - 2019-05-12 11:46 - 000000000 ____D C:\Users\A\Documents\steuer

2023-02-20 11:21 - 2019-05-12 11:38 - 000000000 ____D C:\Users\A\AppData\Local\Buhl

2023-02-20 11:21 - 2019-05-12 11:37 - 000000000 ____D C:\Program Files (x86)\WISO

2023-02-20 11:21 - 2019-04-26 20:35 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2023-02-20 11:18 - 2019-05-12 11:35 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH

2023-02-20 11:15 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2023-02-20 11:13 - 2021-04-17 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2023-02-20 11:13 - 2019-04-26 21:24 - 000000000 ____D C:\ProgramData\Avira

2023-02-20 11:12 - 2019-04-17 16:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2023-02-20 11:11 - 2022-06-04 20:44 - 000000000 ____D C:\Program Files\Avira

2023-02-20 11:11 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2023-02-20 10:40 - 2020-11-26 15:27 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task

2023-02-20 10:40 - 2019-04-26 21:24 - 000000000 ____D C:\ProgramData\Package Cache

2023-02-20 10:39 - 2022-11-05 22:35 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk

2023-02-20 10:22 - 2021-10-12 20:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla

2023-02-20 10:22 - 2019-04-18 10:32 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2023-02-20 10:22 - 2019-04-18 10:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2023-02-20 10:22 - 2019-04-17 16:32 - 000000000 ____D C:\WINDOWS\system32\MRT

2023-02-20 10:15 - 2019-04-17 16:32 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2023-02-20 10:05 - 2022-09-17 14:50 - 000000000 ____D C:\Users\A\Desktop\Kinds Listen

2023-02-19 16:48 - 2020-06-27 08:34 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2023-02-12 11:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2023-02-10 11:07 - 2019-04-27 10:07 - 000000000 ___RD C:\Users\A\Dropbox

2023-02-06 22:01 - 2020-11-26 15:27 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2023-02-06 22:01 - 2020-11-26 15:27 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2023-02-06 13:25 - 2020-11-26 15:27 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0

2023-02-01 09:33 - 2023-01-19 09:58 - 000000000 ____D C:\Program Files\Mozilla Firefox.bak

2023-01-31 14:22 - 2022-07-08 09:39 - 000000000 ____D C:\Users\A\Desktop\Unterlagen ALG

2023-01-28 22:14 - 2020-10-01 13:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

2023-01-26 11:20 - 2022-01-25 23:21 - 000000000 ____D C:\Users\A\Desktop\Bilder dm

2023-01-26 11:08 - 2020-11-18 15:50 - 000000000 ____D C:\ProgramData\hps

2023-01-26 11:00 - 2020-11-18 15:50 - 000000000 ____D C:\ProgramData\tmp
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
 

2023-02-24 21:50 - 2023-02-24 22:23 - 000003190 _____ () C:\Users\A\AppData\Roaming\ConEmu.xml

2019-04-28 12:40 - 2019-04-28 12:40 - 000000410 _____ () C:\Users\A\AppData\Local\oobelibMkey.log
 

==================== SigCheck ============================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

==================== Ende von FRST.txt ========================

Addition:

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-02-2023

durchgeführt von A (25-02-2023 13:29:29)

Gestartet von C:\Users\A\Desktop\Neuer Ordner

Microsoft Windows 10 Home Version 21H1 19043.1766 (X64) (2020-11-26 14:27:39)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

A (S-1-5-21-837521269-1077034933-2323434603-1001 - Administrator - Enabled) => C:\Users\A

Administrator (S-1-5-21-837521269-1077034933-2323434603-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-837521269-1077034933-2323434603-503 - Limited - Disabled)

Gast (S-1-5-21-837521269-1077034933-2323434603-501 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-837521269-1077034933-2323434603-504 - Limited - Disabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)

Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)

Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.2.0.18 - Adobe Inc.)

Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.14 - Adobe Systems Incorporated)

Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden

ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

dm-Fotowelt (HKLM\...\dm-Fotowelt) (Version: 7.3.1 - CEWE Stiftung u Co. KGaA)

Dropbox (HKLM-x32\...\Dropbox) (Version: 168.4.4802 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.727.1 - Dropbox, Inc.) Hidden

Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.1.0.52543 - Foxit Software Inc.)

IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.50 - Microsoft Corporation)

Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.50 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.5529.1000 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation)

Microsoft Visual C++ 2019 X64 Additional Runtime - 14.23.27820 (HKLM\...\{9CA7111B-263D-45DE-B898-61FAD30B3237}) (Version: 14.23.27820 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.23.27820 (HKLM\...\{A94EC1B2-932B-49D7-8AF2-4FBD29FF314B}) (Version: 14.23.27820 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)

Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 110.0 (x64 de)) (Version: 110.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)

MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden

MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)

NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.31.0 - Nikon Corporation)

Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.5529.1000 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.5529.1000 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0407-1000-0000000FF1CE}) (Version: 15.0.5529.1000 - Microsoft Corporation) Hidden

PDFsam Basic (HKLM\...\{7F18B231-F783-4FBB-9AA7-C40C6A48907C}) (Version: 4.1.4.0 - Sober Lemur S.a.s. di Vacondio Andrea)

Photo Common (HKLM-x32\...\{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)

Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)

Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.3.2.4450 - Synology, Inc.)

tiptoi® Manager 5.0.2 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 5.0.2 - Ravensburger AG)

UltraViewer version 6.6.19 (HKLM-x32\...\{E0FABD74-083B-47F4-AC5B-CA4237BF8913}_is1) (Version: 6.6.19 - DucFabulous)

Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)

VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)

Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\{66233218-CA57-4AB2-BA43-A97AA4635960}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (HKLM-x32\...\{FC071B45-4A5F-408F-92F8-4D9D693E866F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)

WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)

WinRAR 5.70 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

WISO steuer:Start 2017 (HKLM-x32\...\{2D7767DD-518D-4BD6-B18C-954AC81AD827}) (Version: 24.00.1375 - Buhl Data Service GmbH)

WISO steuer:Start 2018 (HKLM-x32\...\{7031ECE0-1120-42F1-8001-9EB964EC165F}) (Version: 25.10.1912 - Buhl Data Service GmbH)

WISO steuer:Start 2019 (HKLM-x32\...\{A52E46FC-463A-4C4B-BAE6-A0723ABB6063}) (Version: 26.00.1588 - Buhl Data Service GmbH)

WISO steuer:Start 2020 (HKLM-x32\...\{E0DEDFB6-07BC-40FF-86E1-3FC7D00FFFA2}) (Version: 27.09.2092 - Buhl Data Service GmbH)

WISO Steuer-Start 2021 (HKLM-x32\...\{F73AD0A8-A033-4D75-A23F-8F3A3F52DE54}) (Version: 28.00.1410 - Buhl Data Service GmbH)

WISO Steuer-Start 2022 (HKLM-x32\...\{7C01F189-7A21-4749-B1D6-B0BDFAF40516}) (Version: 29.12.3720 - Buhl Data Service GmbH)

Zoom (HKU\S-1-5-21-837521269-1077034933-2323434603-1001\...\ZoomUMX) (Version: 5.12.6 (10137) - Zoom Video Communications, Inc.)
 

Packages:

=========

Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-17] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-17] (Microsoft Corporation) [MS Ad]

Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.90.6411.0_x64__8wekyb3d8bbwe [2023-02-22] (Microsoft Corporation) [Startup Task]

Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.40041.0_x64__8wekyb3d8bbwe [2023-01-19] (Microsoft Corporation)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\A\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64\FileSyncShell64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\A\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\A\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\A\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\A\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64\FileSyncShell64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\A\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64\FileSyncShell64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\A\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\A\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\A\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\A\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Keine Datei

CustomCLSID: HKU\S-1-5-21-837521269-1077034933-2323434603-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\A\Dropbox [2019-04-27 10:07]

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2022-02-15] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2022-02-15] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2022-02-15] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2022-02-15] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2022-02-15] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2022-02-15] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei

ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.60.0.dll [2023-02-07] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1_S-1-5-21-837521269-1077034933-2323434603-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\A\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll -> Keine Datei

ContextMenuHandlers6_S-1-5-21-837521269-1077034933-2323434603-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\A\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll -> Keine Datei
 

==================== Codecs (Nicht auf der Ausnahmeliste) ====================
 

==================== Verknüpfungen & WMI ========================
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
 

2020-11-25 09:25 - 2020-11-25 09:25 - 021790171 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\icudt53.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 003506395 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuin53.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 002223218 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuuc53.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000033280 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qgif.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000043008 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qicns.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000032768 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qico.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000507904 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjp2.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000239104 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjpeg.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000430080 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qtiff.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000834555 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\libcurl-4.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000121524 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\libgcc_s_dw2-1.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 003331103 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\libsqlite3-0.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 001547595 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\libstdc++-6.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000691712 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\platforms\qwindows.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000124430 _____ () [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\zlib1.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 004620288 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\Qt5Core.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 003921408 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\Qt5Gui.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 001448448 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\Qt5Network.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 006133760 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\Qt5Widgets.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000065629 _____ (MingW-W64 Project. All rights reserved.) [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\libwinpthread-1.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 002781303 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\LIBEAY32.dll

2020-11-25 09:25 - 2020-11-25 09:25 - 000809896 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Users\A\AppData\Local\CloudStationBackup\CloudStation.app\bin\SSLEAY32.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
 

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
 

HKU\S-1-5-21-837521269-1077034933-2323434603-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://access.gaspool.de/vpn/index.html

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2022-02-15] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2022-02-15] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2019-04-26] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
 

==================== Hosts Inhalt: =========================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2019-03-13 17:42 - 2019-03-13 17:41 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 

==================== Andere Bereiche ===========================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-837521269-1077034933-2323434603-1001\Control Panel\Desktop\\Wallpaper -> F:\Eigene Bilder\kalender\kalender 2011\landscape\11.jpg

DNS Servers: Datenträger ist nicht mit dem Internet verbunden.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

 ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [UDP Query User{321B15CF-8795-4CDA-84D6-1708E148D086}C:\users\a\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-ui.exe] => (Block) C:\users\a\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-ui.exe (Synology Inc. -> Synology Inc.)

FirewallRules: [TCP Query User{8FAA98FA-AA9F-461C-AB0D-C0229560F902}C:\users\a\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-ui.exe] => (Block) C:\users\a\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-ui.exe (Synology Inc. -> Synology Inc.)

FirewallRules: [{D4CA4E0F-9DA4-40D0-AECE-C0FDD0F1C393}] => (Allow) C:\Users\A\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{28EB12B6-A671-43F4-9A21-E63CBE121792}] => (Allow) C:\Users\A\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [UDP Query User{23EDC51D-844E-452A-A8CC-C5279E3ACA8C}C:\users\a\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-ui.exe] => (Allow) C:\users\a\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-ui.exe (Synology Inc. -> Synology Inc.)

FirewallRules: [TCP Query User{F5FCA4FC-0158-4570-95A2-DA100C74C008}C:\users\a\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-ui.exe] => (Allow) C:\users\a\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-ui.exe (Synology Inc. -> Synology Inc.)

FirewallRules: [{C9555D5A-6631-460B-911A-27F8ABA86559}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{C9C2CA6C-C907-43C8-86C5-6F05EC20A423}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{F21665DC-F4EB-4B92-8571-572C9F91F1D1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{A68E9FEC-D4C5-4297-B256-E2CADB4E8197}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D68CC6BA-F830-4658-9A76-11D78C71F85D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{B563716A-64AF-43A8-A453-3AC58FBECCA9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{B784732E-B4D0-4597-BE98-9F6BF26D946D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{551E8D3F-EE31-4C67-8479-DDB0945720B9}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)

FirewallRules: [UDP Query User{5C2A4991-E2AB-4541-AD05-094230BAFCA1}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)

FirewallRules: [{B94F03A5-3BEB-47C4-A02E-7C2EBDD96F22}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{1FC5F288-DD22-4BBE-BF2C-5AF897BDAB32}] => (Allow) LPort=2869

FirewallRules: [{026FB115-ED4A-4F23-B592-E63F6B034686}] => (Allow) LPort=1900

FirewallRules: [TCP Query User{7D2B896B-4F5B-4E7A-A40F-506D6EF15E2A}C:\users\a\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\a\appdata\local\microsoft\teams\current\teams.exe => Keine Datei

FirewallRules: [UDP Query User{E8B78459-8D61-47F8-9921-354EA89AAAB0}C:\users\a\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\a\appdata\local\microsoft\teams\current\teams.exe => Keine Datei

FirewallRules: [{68B20362-04B6-4239-A796-C9B431F851FA}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei

FirewallRules: [{6DC6D219-2451-4A60-B670-2B2CF84EC2BB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei

FirewallRules: [{970880EA-1831-436B-B319-81EA296A7726}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei

FirewallRules: [TCP Query User{8CFB9536-909D-4011-8CB4-7C9D1DF41419}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [UDP Query User{3D256E3A-78BE-44F9-B629-6E643B0F97D1}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{E5CB7358-6389-4CB7-9004-3A2327B66B4C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3422.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{EFF9EF70-8F32-4EAC-A0E8-B514406D7722}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3422.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{5C31E38C-6FEB-4457-AC46-D56780773602}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3422.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{02182F60-3657-45AE-8D4D-4033F31C0E7C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3422.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{23222EE7-70DB-4AFC-AA7A-F78D1AD7D1F9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{1EA165A9-1354-413E-AA3E-ADCC10799DC9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [TCP Query User{354990D3-6373-40D5-8D57-35B87E832B92}C:\users\a\appdata\local\logmein rescue applet\lmir0c847001.tmp\lmi_rescue_srv.exe] => (Allow) C:\users\a\appdata\local\logmein rescue applet\lmir0c847001.tmp\lmi_rescue_srv.exe (LogMeIn, Inc. -> LogMeIn, Inc.)

FirewallRules: [UDP Query User{49897BC7-F528-44C2-A168-358FFD08E999}C:\users\a\appdata\local\logmein rescue applet\lmir0c847001.tmp\lmi_rescue_srv.exe] => (Allow) C:\users\a\appdata\local\logmein rescue applet\lmir0c847001.tmp\lmi_rescue_srv.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
 

==================== Wiederherstellungspunkte =========================
 

ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:97.76 GB) (Free:9.45 GB) (10%)
 

==================== Fehlerhafte Geräte im Gerätemanager ============
 
 

==================== Fehlereinträge in der Ereignisanzeige: ========================
 

Applikationsfehler:

==================

Error: (02/25/2023 01:13:37 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )

Description: Event-ID 12007
 

Error: (02/25/2023 01:13:37 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )

Description: Event-ID 0
 

Error: (02/25/2023 01:10:37 PM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 48773088 ms
 

DPTF Build Version:  8.3.10207.5567

DPTF Build Date:  Nov  2 2017 14:28:00

Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 194

Executing Function:  ConfigTdpPolicy::onDomainPowerControlCapabilityChanged

Message:  Expected binary data size mismatch. (PPSS)

Participant:  TCPU [6]

Domain:  PKG [0]

Policy:  ConfigTDP Policy [0]
 

Error: (02/25/2023 01:10:37 PM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 48773076 ms
 

DPTF Build Version:  8.3.10207.5567

DPTF Build Date:  Nov  2 2017 14:28:00

Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 155

Executing Function:  ConfigTdpPolicy::onBindDomain

Message:  Expected binary data size mismatch. (PPSS)

Participant:  TCPU [6]

Domain:  PKG [0]

Policy:  ConfigTDP Policy [0]
 

Error: (02/25/2023 03:28:26 AM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 13838381 ms
 

DPTF Build Version:  8.3.10207.5567

DPTF Build Date:  Nov  2 2017 14:28:00

Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 194

Executing Function:  ConfigTdpPolicy::onDomainPowerControlCapabilityChanged

Message:  Expected binary data size mismatch. (PPSS)

Participant:  TCPU [6]

Domain:  PKG [0]

Policy:  ConfigTDP Policy [0]
 

Error: (02/25/2023 03:28:26 AM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 13838356 ms
 

DPTF Build Version:  8.3.10207.5567

DPTF Build Date:  Nov  2 2017 14:28:00

Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 155

Executing Function:  ConfigTdpPolicy::onBindDomain

Message:  Expected binary data size mismatch. (PPSS)

Participant:  TCPU [6]

Domain:  PKG [0]

Policy:  ConfigTDP Policy [0]
 

Error: (02/24/2023 09:19:12 PM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 23753096 ms
 

DPTF Build Version:  8.3.10207.5567

DPTF Build Date:  Nov  2 2017 14:28:00

Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 194

Executing Function:  ConfigTdpPolicy::onDomainPowerControlCapabilityChanged

Message:  Expected binary data size mismatch. (PPSS)

Participant:  TCPU [6]

Domain:  PKG [0]

Policy:  ConfigTDP Policy [0]
 

Error: (02/24/2023 09:19:11 PM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 23753078 ms
 

DPTF Build Version:  8.3.10207.5567

DPTF Build Date:  Nov  2 2017 14:28:00

Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 155

Executing Function:  ConfigTdpPolicy::onBindDomain

Message:  Expected binary data size mismatch. (PPSS)

Participant:  TCPU [6]

Domain:  PKG [0]

Policy:  ConfigTDP Policy [0]
 
 

Systemfehler:

=============

Error: (02/24/2023 11:37:50 PM) (Source: volmgr) (EventID: 161) (User: )

Description: Erstellung einer Abbilddatei aufgrund eines Fehlers beim Erstellen der Abbildkopie fehlgeschlagen.
 

Error: (02/24/2023 11:37:54 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎24.‎02.‎2023 um 23:05:24 unerwartet heruntergefahren.
 

Error: (02/24/2023 11:22:29 PM) (Source: disk) (EventID: 7) (User: )

Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 

Error: (02/24/2023 11:22:28 PM) (Source: disk) (EventID: 7) (User: )

Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 

Error: (02/24/2023 11:22:28 PM) (Source: disk) (EventID: 7) (User: )

Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 

Error: (02/24/2023 11:22:27 PM) (Source: disk) (EventID: 7) (User: )

Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 

Error: (02/24/2023 11:22:27 PM) (Source: disk) (EventID: 7) (User: )

Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 

Error: (02/24/2023 11:22:27 PM) (Source: disk) (EventID: 7) (User: )

Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 
 

Windows Defender:

================

Date: 2023-02-24 23:10:33

Description: 

Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.

Überprüfungs-ID: {F64E7594-4696-4B14-9DAD-32480059FE26}

Überprüfungstyp: Antimalware

Überprüfungsparameter: Schnellüberprüfung

Benutzer: NT-AUTORITÄT\SYSTEM
 

Date: 2023-02-24 23:02:03

Description: 

Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.

Überprüfungs-ID: {26D09ECA-4289-4A52-9AFA-84B9C9D8DD9F}

Überprüfungstyp: Antimalware

Überprüfungsparameter: Benutzerdefinierte Überprüfung

Benutzer: DESKTOP-EG9UPRA\A
 

Date: 2023-02-24 12:50:33

Description: 

Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.

Überprüfungs-ID: {E70AD87D-1D4A-4C69-9BEB-B6543255F7DA}

Überprüfungstyp: Antimalware

Überprüfungsparameter: Schnellüberprüfung

Benutzer: NT-AUTORITÄT\SYSTEM
 

Date: 2023-02-24 12:20:40

Description: 

Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.

Überprüfungs-ID: {4E2FA7C1-536A-4370-A720-46D6727D4C28}

Überprüfungstyp: Antimalware

Überprüfungsparameter: Schnellüberprüfung

Benutzer: NT-AUTORITÄT\SYSTEM
 

Date: 2023-02-24 09:36:10

Description: 

Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.

Überprüfungs-ID: {69907F62-ECE0-4273-90AA-9889D7543862}

Überprüfungstyp: Antimalware

Überprüfungsparameter: Schnellüberprüfung

Benutzer: NT-AUTORITÄT\SYSTEM



CodeIntegrity:

===============

Date: 2023-02-20 11:11:13

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BdNet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

Date: 2023-02-20 11:10:34

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 

==================== Speicherinformationen =========================== 
 

BIOS: American Megatrends Inc. UX31A.215 10/02/2012

Hauptplatine: ASUSTeK COMPUTER INC. UX31A

Prozessor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz

Prozentuale Nutzung des RAM: 75%

Installierter physikalischer RAM: 3981.71 MB

Verfügbarer physikalischer RAM: 987.49 MB

Summe virtueller Speicher: 9357.71 MB

Verfügbarer virtueller Speicher: 6238.69 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:97.76 GB) (Free:9.45 GB) (Model: ADATA XM11 256GB) NTFS

Drive d: (DATA) (Fixed) (Total:135.61 GB) (Free:72.62 GB) (Model: ADATA XM11 256GB) NTFS
 

\\?\Volume{c190ab52-f91c-4bce-81a7-cc53093a4b1c}\ () (Fixed) (Total:0.79 GB) (Free:0.29 GB) NTFS

\\?\Volume{b6f4a044-715d-4930-a889-3ecb279e6335}\ () (Fixed) (Total:0.19 GB) (Free:0.17 GB) FAT32
 

==================== MBR & Partitionstabelle ====================
 

==========================================================

Disk: 0 (Size: 238.5 GB) (Disk ID: 75267921)
 

Partition: GPT.
 

==================== Ende von Addition.txt =======================