Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows Defender meldet Bedrohung durch Vigua.A und Creprote.A (https://www.trojaner-board.de/207760-windows-defender-meldet-bedrohung-vigua-a-creprote-a.html)

chance0 07.11.2023 13:33
Windows Defender meldet Bedrohung durch Vigua.A und Creprote.A
 
Hallo,
Windows Defender meldet folgendes:
Code:
"Aktuelle Bedrohungen
Bedrohungen gefunden. Starten Sie die empfohlenen Aktionen.
PUA•Win32/Vigua.A
Niedrig
08.08.2023 20:36 (Aktiv)
PUA•Win32/Vigua.A
Niedrig
08.08.2023 20:36 (Aktiv)
PUA•Win32/Vigua.A
Niedrig
08.08.2023 20:36 (Aktiv)
PIJA:Win32/Creprote.A
Niedrig
05.07.2022 17:24 (Aktiv)"
Was ist jetzt sinnvoll, zu tun?
Danke im Voraus für eine eventuelle Unterstützung.

Hier das FRST-Logfile:

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
durchgeführt von User (Administrator) auf HAUF22 (Gigabyte Technology Co., Ltd. B560M DS3H V2) (07-11-2023 12:44:58)
Gestartet von C:\Users\User\Desktop\FRST64.exe
Geladene Profile: User
Plattform: Microsoft Windows 10 Home Version 22H2 19045.3570 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe ->) (Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersHelper.exe
(C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe ->) (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.Plugins.PluginsService.exe
(C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe ->) (The CefSharp Authors) [Datei ist nicht signiert] C:\Program Files\Copernic\DesktopSearch\CefSharp.BrowserSubprocess.exe <3>
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Users\User\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe ->) (The CefSharp Authors) [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.exe <5>
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe
(DeepL SE -> DeepL SE) C:\Users\User\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxEMN.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) () [Datei ist nicht signiert] D:\ToolsHH\AutoHotkey\AutoHotkey.exe <3>
(explorer.exe ->) (Comfort Software Group -> Comfort Software Group) C:\Program Files (x86)\Tools\FreeAlarmClock\FreeAlarmClock.exe
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Tools\Greenshot\Greenshot.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\User\AppData\Local\Programs\signal-desktop\Signal.exe <4>
(explorer.exe ->) (Telekom Deutschland GmbH -> Deutsche Telekom AG) C:\Program Files\MagentaCLOUD\magentacloud.exe
(explorer.exe ->) (Tonalio GmbH -> Sandboxie-Plus.com) F:\SandboxieProgramm\SbieCtrl.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) D:\ToolsHH\WinCmd\TotalCmd.EXE <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <22>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\Pdf\PDF24\pdf24.exe <2>
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9d19662e01abea6b\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0797c0ea8580ae89\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Tonalio GmbH -> Sandboxie-Plus.com) F:\SandboxieProgramm\SbieSvc.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe [1231864 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1687616 2022-02-21] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2264704 2022-05-20] (voidtools -> voidtools)
HKLM\...\Run: [PDF24] => C:\Program Files\Pdf\PDF24\pdf24.exe [592608 2022-06-29] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\Sicherheit\KeePass\KeePass.exe [3245968 2023-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [Greenshot] => C:\Program Files\Tools\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM-x32\...\Run: [CanonQuickToolbox] => C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe [2289616 2021-11-16] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11561184 2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2589712 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [FreeAC] => C:\Program Files (x86)\Tools\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group -> Comfort Software Group)
HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\User\AppData\Local\Programs\signal-desktop\Signal.exe [163654880 2023-10-25] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [SandboxieControl] => f:\SandboxieProgramm\SbieCtrl.exe [3397584 2023-02-27] (Tonalio GmbH -> Sandboxie-Plus.com)
HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [MagentaCLOUD] => C:\Program Files\MagentaCLOUD\magentacloud.exe [6458080 2023-02-17] (Telekom Deutschland GmbH -> Deutsche Telekom AG)
HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [Copernic Desktop Search] => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe [751008 2023-10-16] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891768 2023-11-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MB5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDD2.DLL [30720 2023-07-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MX870 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA7.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MB5100 series: C:\Windows\system32\CNCALD2.DLL [254464 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB5100 series: C:\Windows\system32\CNMLMD2.DLL [436736 2023-07-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX870 series: C:\Windows\system32\CNMLMA7.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX870 series XPS: C:\Windows\system32\CNMXLMA7.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [337920 2009-10-09] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Canon MP FAX Language Monitor MX870 series: C:\Windows\system32\CNCF2Lm.DLL [343552 2009-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Canon Inc.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [953600 2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\118.0.5993.120\Installer\chrmstp.exe [2023-11-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{296985B0-9E7B-49B0-9C65-7847A6489C4D}] -> C:\Program Files (x86)\Tools\ASAP Utilities\Add_ASAP_Utilities_to_the_Excel_menu.exe [2022-03-24] (A Must in Every Office B.V. -> A Must in Every Office BV)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2022-07-09]
ShortcutTarget: DeepL auto-start.lnk -> C:\Users\User\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [Datei ist nicht signiert]
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StartHotkey.ahk.lnk [2014-12-14]
ShortcutTarget: StartHotkey.ahk.lnk -> D:\ToolsHH\AutoHotkey\Scripte\StartHotkey.ahk () [Datei ist nicht signiert]
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SzDownloadPruefung - Verknüpfung.lnk [2014-12-15]
ShortcutTarget: SzDownloadPruefung - Verknüpfung.lnk -> D:\ToolsHH\AutoHotkey\Scripte\KonMenu\SzDownloadPruefung.ahk () [Datei ist nicht signiert]

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {7C16F9CD-972E-499E-A93A-920C425DCA4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {92973833-E6B3-4F79-B589-CFB7F22E48E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-09-21] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5F903DD9-1533-4FCE-892E-54C48BBF0BF3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-09-21] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1C4318F6-2CB6-4C77-9736-B676812CD587} - System32\Tasks\GoogleUpdateTaskMachineCore{4565DBCC-481A-42F2-BB19-058DC8DEDE40} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-06] (Google LLC -> Google LLC)
Task: {8BEEAF0A-7F33-4093-B4D5-3AF141CD93A0} - System32\Tasks\GoogleUpdateTaskMachineUA{C2894CD8-C040-4E45-B5C0-79044176DBCD} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-06] (Google LLC -> Google LLC)
Task: {FCDB6C69-1E19-48EB-AAFD-F9C94D9BE88A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {9186A765-C1F2-4CAA-A3B5-3949BCFBEECF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E95BE918-F3E9-475D-AADC-8D92E1DA6723} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218080 2023-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {671DCFFC-9F45-41E1-BD23-2AADDD0034BD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218080 2023-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EB34DB4-233A-4097-83F8-71396CE91FAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2F21C6B-401D-4ABD-823B-7B376B7D07F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BEFB27AD-D8F7-4DD0-929C-BA6D39F16B7C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22169F2E-35F1-4C3A-80D6-4A775B947D37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EFFE9DEC-E886-449F-91B6-A901F846016E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [723872 2023-10-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {8DD76058-C9BB-43C5-BB11-BF8A54D9C80A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130848 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FEFF221-6CB5-4D34-84A4-AD48C7A6AA5C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2359011715-3956498778-3170841144-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130848 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ba1293da-f410-4b5d-b555-6489e9bb8b17}: [DhcpNameServer] 192.168.178.1

Edge:
=======
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-07]
Edge Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-24]
Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-24]

FireFox:
========
FF DefaultProfile: 6tp8ngdm.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\6tp8ngdm.default [2022-07-01]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release [2023-11-07]
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\user.js [2016-03-04]
FF DownloadDir: D:\Download
FF Homepage: Mozilla\Firefox\Profiles\k3bdhuwe.default-release -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\k3bdhuwe.default-release -> hxxps://www.medimops.de; hxxps://mail.yahoo.com
FF Extension: (Nervenschoner) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\bidev@ingenit.com.xpi [2023-02-21]
FF Extension: (OneNote Web Clipper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\Clipper@OneNote.com.xpi [2022-12-19]
FF Extension: (Reverso - Übersetzung, Wörterbuch) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\context@reverso.net.xpi [2022-03-25]
FF Extension: (German Dictionary, extended for Austria) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\de-AT@dictionaries.addons.mozilla.org.xpi [2022-11-24]
FF Extension: (German Dictionary (Switzerland)) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\de-CH@dictionaries.addons.mozilla.org.xpi [2022-11-24]
FF Extension: (German Dictionary) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\de-DE@dictionaries.addons.mozilla.org.xpi [2022-11-24]
FF Extension: (OneTab) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\extension@one-tab.com.xpi [2023-10-03]
FF Extension: (FoxyTab) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\foxytab@eros.man.xpi [2019-07-04]
FF Extension: (Language: Deutsch (German)) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\langpack-de@firefox.mozilla.org.xpi [2023-11-06]
FF Extension: (Dict.cc Übersetzung) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\searchdictcc@roughael.xpi [2022-03-20]
FF Extension: (Session Sync) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\session-sync@gabrielivanica.com.xpi [2019-07-12]
FF Extension: (Tile Tabs WE) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\tiletabs-we@DW-dev.xpi [2020-08-04]
FF Extension: (lyricist - Lyrics for Youtube) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{0c4ad04f-c27f-416f-9165-6839dc884e2c}.xpi [2020-08-09]
FF Extension: (Startpage.com — Datenschutz-Suchmaschine) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-10]
FF Extension: (ePub Reader) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{323353ee-cfbd-4178-9676-85566d98c8b1}.xpi [2021-05-15]
FF Extension: (YouTube lyrics) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{44586611-e754-4018-ade4-190167bbe45f}.xpi [2020-08-09]
FF Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2021-02-09] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (Selenium IDE) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2022-02-10]
FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-26]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-20]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\searchplugins\startpage-ssl.xml [2014-12-30]
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\Multimedia\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2359011715-3956498778-3170841144-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2359011715-3956498778-3170841144-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2359011715-3956498778-3170841144-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2023-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-06]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe [1092656 2022-03-16] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12876472 2023-11-03] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-09-21] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-09-21] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46824 2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
R2 Everything; C:\Program Files\Everything\Everything.exe [2264704 2022-05-20] (voidtools -> voidtools)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncHelper.exe [3505696 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.209.1008.0002\OneDriveUpdaterService.exe [3842064 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\Pdf\PDF24\pdf24.exe [592608 2022-06-29] (geek software GmbH -> geek software GmbH)
R2 SbieSvc; f:\SandboxieProgramm\SbieSvc.exe [371152 2023-02-27] (Tonalio GmbH -> Sandboxie-Plus.com)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14610864 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [805224 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcxHdAudio; C:\Windows\System32\drivers\AcxHdAudio.sys [526848 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [172928 2022-07-09] (AOMEI International Network Limited -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [32176 2022-07-09] (AOMEI International Network Limited -> )
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation)
R3 MpKslf0c43ee6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DF55C01B-560D-4858-87E5-976338AC4815}\MpKslDrv.sys [263560 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 SbieDrv; f:\SandboxieProgramm\SbieDrv.sys [235576 2023-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Sandboxie-Plus.com)
R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [254632 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [265504 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1060880 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [817672 2022-07-08] (Microsoft Windows Hardware Compatibility Publisher -> IDRIX)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-11-07 12:44 - 2023-11-07 12:45 - 000034229 _____ C:\Users\User\Desktop\FRST.txt
2023-11-07 12:44 - 2023-11-07 12:31 - 002383872 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2023-11-07 12:38 - 2023-11-07 12:45 - 000000000 ____D C:\FRST
2023-11-06 16:01 - 2023-11-06 16:13 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-06 16:01 - 2023-11-06 16:13 - 000002192 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-11-06 16:01 - 2023-11-06 16:01 - 000000000 ____D C:\Users\User\AppData\Local\Google
2023-11-06 16:00 - 2023-11-07 12:20 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-06 16:00 - 2023-11-06 16:06 - 000004002 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{C2894CD8-C040-4E45-B5C0-79044176DBCD}
2023-11-06 16:00 - 2023-11-06 16:06 - 000003878 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{4565DBCC-481A-42F2-BB19-058DC8DEDE40}
2023-11-06 16:00 - 2023-11-06 16:00 - 000000000 ____D C:\Program Files\Google
2023-11-02 09:27 - 2023-11-02 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-10-31 12:19 - 2023-10-31 12:19 - 000046824 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2023-10-24 20:13 - 2023-10-24 20:13 - 000117515 _____ C:\Users\User\Documents\IMG_20231024_0004.pdf
2023-10-24 20:13 - 2023-10-24 20:13 - 000107813 _____ C:\Users\User\Documents\IMG_20231024_0003.pdf
2023-10-24 20:06 - 2023-10-24 20:06 - 000060680 _____ C:\Users\User\Documents\IMG_20231024_0001.pdf
2023-10-24 20:06 - 2023-10-24 20:06 - 000058960 _____ C:\Users\User\Documents\IMG_20231024_0002.pdf
2023-10-22 20:55 - 2023-10-22 20:55 - 000001298 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reverso.lnk
2023-10-22 20:55 - 2023-10-22 20:55 - 000001290 _____ C:\Users\User\Desktop\Reverso.lnk
2023-10-18 17:28 - 2023-10-18 17:28 - 000002158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copernic Desktop Search.lnk
2023-10-18 17:28 - 2023-10-18 17:28 - 000002146 _____ C:\Users\Public\Desktop\Copernic Desktop Search.lnk
2023-10-18 17:28 - 2023-10-18 17:28 - 000000000 ____D C:\Program Files\Copernic
2023-10-17 20:22 - 2023-10-17 20:22 - 000000000 ____D C:\Users\User\AppData\Local\Captura
2023-10-17 17:35 - 2023-10-17 21:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Captura
2023-10-17 17:35 - 2023-10-17 17:35 - 000001259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Captura.lnk
2023-10-17 17:35 - 2023-10-17 17:35 - 000000000 ____D C:\Users\User\Documents\Captura
2023-10-17 16:15 - 2023-10-17 16:15 - 000000000 ____D C:\Users\User\AppData\Local\Backup
2023-10-12 18:31 - 2023-10-12 18:31 - 000000000 ____D C:\ProgramData\PLUG
2023-10-12 14:31 - 2023-10-12 14:31 - 000000000 ____D C:\Program Files\RUXIM
2023-10-11 17:42 - 2023-10-11 17:42 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-10-11 17:38 - 2023-10-11 17:38 - 000000000 ___HD C:\$WinREAgent

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-11-07 12:39 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-11-07 12:20 - 2022-06-24 17:05 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-11-07 12:20 - 2022-06-24 11:26 - 000000000 ____D C:\Windows\SystemTemp
2023-11-07 12:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-07 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-11-06 23:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-06 22:49 - 2022-08-04 11:39 - 000000000 ____D C:\Users\User\AppData\Roaming\XnView
2023-11-06 22:48 - 2022-07-07 13:31 - 000000000 ____D C:\Users\User\AppData\Roaming\Everything
2023-11-06 22:25 - 2022-07-04 11:19 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Excel
2023-11-06 22:25 - 2022-07-04 11:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Word
2023-11-06 22:24 - 2022-07-04 20:43 - 000000000 ____D C:\Users\User\AppData\Roaming\KeePass
2023-11-06 18:26 - 2022-06-24 17:04 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-06 16:03 - 2022-06-24 11:18 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2023-11-06 15:27 - 2022-07-01 21:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-05 20:44 - 2022-08-10 13:54 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Access
2023-11-04 23:22 - 2022-07-20 17:18 - 000000000 _____ C:\Users\User\AppData\Roaming\leotemp.txt
2023-11-04 22:49 - 2023-09-29 19:57 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2023-11-04 16:30 - 2023-09-02 11:18 - 000000000 ____D C:\Users\User\AppData\Roaming\ALFBanCo9
2023-11-04 16:30 - 2023-09-02 11:18 - 000000000 ____D C:\ProgramData\AlfBanCo9
2023-11-04 15:57 - 2023-01-17 11:26 - 000002308 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-11-04 15:57 - 2022-07-04 14:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-11-04 15:57 - 2022-06-24 17:05 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-03 11:50 - 2022-06-24 17:07 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2023-11-02 22:26 - 2022-07-09 15:06 - 000000000 ____D C:\Users\User\.mediathek3
2023-11-02 21:58 - 2022-07-09 15:16 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2023-11-02 17:18 - 2022-12-20 20:59 - 000000000 ____D C:\Users\User\AppData\Roaming\Signal
2023-11-02 09:27 - 2023-09-21 12:07 - 000000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2023-11-02 09:27 - 2023-09-21 12:07 - 000000000 ____D C:\Users\User\AppData\Local\Dropbox
2023-11-02 09:27 - 2023-09-21 12:06 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-11-01 20:40 - 2022-06-24 11:15 - 001732248 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-01 20:40 - 2019-12-07 15:50 - 000747552 _____ C:\Windows\system32\perfh007.dat
2023-11-01 20:40 - 2019-12-07 15:50 - 000151418 _____ C:\Windows\system32\perfc007.dat
2023-11-01 20:33 - 2022-08-18 22:08 - 000000000 ____D C:\Program Files\TeamViewer
2023-11-01 20:33 - 2022-07-09 11:59 - 000000208 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2023-11-01 20:33 - 2022-07-09 11:56 - 000000432 _____ C:\Windows\SysWOW64\winsevr.dat
2023-11-01 20:33 - 2022-07-07 12:28 - 000000000 ____D C:\Users\User\AppData\Local\LogiBolt
2023-11-01 20:33 - 2022-06-24 17:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-11-01 20:33 - 2022-06-24 17:04 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-01 20:33 - 2022-06-24 11:14 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2023-11-01 20:33 - 2022-06-24 11:14 - 000000000 ____D C:\Intel
2023-11-01 20:33 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-11-01 20:32 - 2023-07-26 09:26 - 000000000 ____D C:\Users\User\AppData\Roaming\MagentaCLOUD
2023-11-01 20:32 - 2022-07-07 13:31 - 000000000 ____D C:\Users\User\AppData\Local\Everything
2023-11-01 11:18 - 2022-07-06 15:46 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Outlook
2023-10-31 23:02 - 2022-07-04 11:15 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Office
2023-10-30 22:45 - 2022-07-06 19:02 - 000000000 ____D C:\Temp
2023-10-30 21:04 - 2022-07-04 20:51 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-10-30 21:04 - 2022-07-01 21:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-10-30 21:04 - 2022-07-01 21:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-10-29 23:43 - 2022-07-04 10:32 - 000000000 ____D C:\InstallierteProgramme
2023-10-29 21:34 - 2022-06-24 17:07 - 000000000 ___SD C:\Users\User\AppData\Roaming\Microsoft\Credentials
2023-10-29 11:10 - 2022-06-27 07:03 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2023-10-28 22:39 - 2022-07-04 07:48 - 000000000 ____D C:\ProgramsPortable
2023-10-28 16:12 - 2023-03-03 13:48 - 000000000 ____D C:\Users\User\AppData\Roaming\DeepL_SE
2023-10-27 21:12 - 2022-07-04 10:35 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-10-27 21:12 - 2022-07-04 10:35 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-27 21:12 - 2022-06-24 11:12 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2359011715-3956498778-3170841144-1001
2023-10-27 20:54 - 2022-07-01 21:41 - 000001039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-10-27 12:20 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-10-27 11:17 - 2022-06-24 17:05 - 000003754 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-27 11:17 - 2022-06-24 17:05 - 000003630 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-26 22:01 - 2022-07-09 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediathekView
2023-10-20 11:22 - 2022-08-14 12:49 - 000000000 ____D C:\Users\User\Documents\My Digital Editions
2023-10-18 11:57 - 2023-09-02 11:18 - 000000000 ____D C:\Program Files (x86)\ALFBanCo9
2023-10-17 21:28 - 2022-07-09 13:25 - 000000000 ____D C:\Users\User\AppData\Roaming\draw.io
2023-10-17 17:35 - 2022-10-13 15:41 - 000002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-10-17 17:35 - 2022-10-13 15:41 - 000002055 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-10-17 17:35 - 2022-07-15 21:39 - 000000000 ____D C:\Program Files (x86)\Multimedia
2023-10-17 17:35 - 2022-06-24 11:35 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-10-16 19:35 - 2022-09-29 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2023-10-16 19:35 - 2022-07-09 15:47 - 000002039 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2023-10-16 16:52 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-10-16 16:50 - 2022-06-24 17:04 - 000440128 _____ C:\Windows\system32\FNTCACHE.DAT
2023-10-16 16:49 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-16 16:49 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-16 16:49 - 2019-12-07 15:50 - 000000000 ____D C:\Windows\SysWOW64\de
2023-10-16 16:49 - 2019-12-07 15:50 - 000000000 ____D C:\Windows\system32\de
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-16 16:49 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-10-15 20:45 - 2022-07-09 12:52 - 000000000 ____D C:\Users\User\Calibre-Bibliothek
2023-10-15 20:45 - 2022-07-09 12:51 - 000000000 ____D C:\Users\User\AppData\Roaming\calibre
2023-10-11 17:45 - 2019-12-07 15:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-10-11 17:45 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-10-11 17:45 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-10-11 17:42 - 2022-06-24 17:08 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-10-11 17:34 - 2022-06-24 11:19 - 000000000 ____D C:\Windows\system32\MRT
2023-10-11 17:32 - 2022-06-24 11:19 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2022-12-19 21:48 - 2022-12-19 21:48 - 000052223 _____ () C:\Users\User\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2022-07-20 17:18 - 2023-11-04 23:22 - 000000000 _____ () C:\Users\User\AppData\Roaming\leotemp.txt
2022-10-14 21:14 - 2022-10-14 21:14 - 000005632 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
durchgeführt von User (07-11-2023 12:45:37)
Gestartet von C:\Users\User\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3570 (X64) (2022-06-24 16:06:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2359011715-3956498778-3170841144-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2359011715-3956498778-3170841144-503 - Limited - Disabled)
Gast (S-1-5-21-2359011715-3956498778-3170841144-501 - Limited - Disabled)
User (S-1-5-21-2359011715-3956498778-3170841144-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2359011715-3956498778-3170841144-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.006.20360 - Adobe)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ALF-BanCo 8 (HKLM-x32\...\Alf-BanCo8_is1) (Version: 8.3.5 - ALF AG)
ALF-BanCo 9 (HKLM-x32\...\Alf-BanCo9_is1) (Version: 9.0.8 - ALF AG)
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 6.9.2 - AOMEI International Network Limited.)
ASAP*Utilities (HKLM-x32\...\ASAP Utilities_is1) (Version: 8.0.2 - A Must in Every Office BV - Bastien Mensink)
AutoHotkey 1.1.33.10 (HKLM-x32\...\AutoHotkey) (Version: 1.1.33.10 - Lexikos)
Avidemux VC++ 64bits (HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\{1a7934be-b952-4a64-845c-8ec73ab3de11}) (Version: 2.7.6 - Mean)
Beyond Compare 4.4.2 (HKLM\...\BeyondCompare4_is1) (Version: 4.4.2.26348 - Scooter Software)
calibre (HKLM-x32\...\{D3CF17E8-ECE2-4B16-86D3-1C6B2F94BF8C}) (Version: 5.44.0 - Kovid Goyal)
Canon Calibration Tool (HKLM-x32\...\CanonCalibrationTool) (Version: 1.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.2.0.18 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version:  - )
Canon Kurzwahlprogramm2 (HKLM-x32\...\Speed Dial Utility2) (Version: 2.2.1 - Canon Inc.)
Canon MB5100 series Benutzerregistrierung (HKLM-x32\...\Canon MB5100 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MB5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB5100_series) (Version: 1.02 - Canon Inc.)
Canon MB5100 series On-screen Manual (HKLM-x32\...\Canon MB5100 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX870 series Benutzerregistrierung (HKLM-x32\...\Canon MX870 series Benutzerregistrierung) (Version:  - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version:  - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Utility Toolbox (HKLM-x32\...\Quick Toolbox) (Version: 2.5.0 - Canon Inc.)
Canon Wi-Fi Connection Assistant (HKLM-x32\...\Wi-Fi Connection Assistant) (Version: 1.30.0 - Canon Inc.)
Captura v8.0.0 (HKLM-x32\...\{C1670C5E-5042-4300-9491-6BFFF963823F}_is1) (Version: 8.0.0 - Mathew Sachin)
ClipGrab 3.9.7 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - The ClipGrab Project)
Copernic Desktop Search (HKLM\...\CopernicDesktopSearch8) (Version: 8.2.3.16420 - Copernic)
DB Browser for SQLite (HKLM\...\{5211034D-495B-4A5E-9B8D-8961BBB2B9E2}) (Version: 3.12.2 - DB Browser for SQLite Team)
DeepL (HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version:  - )
draw.io 22.0.2 (HKLM\...\27a75bf3-be48-5c35-934f-8491cf108abe) (Version: 22.0.2 - JGraph)
Dropbox (HKLM-x32\...\Dropbox) (Version: 186.4.6207 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.817.1 - Dropbox, Inc.) Hidden
Everything 1.4.1.1017 (x64) (HKLM\...\Everything) (Version: 1.4.1.1017 - voidtools)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 118.0.5993.120 - Google LLC)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.56.1) (Version: 9.56.1 - Artifex Software Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.56.1) (Version: 9.56.1 - Artifex Software Inc.)
GPS Track Editor (HKLM-x32\...\GpsTrackEditor) (Version: 1.15 (build 141) - MapSphere)
GPS-Track-Analyse.NET 6.0 (HKLM-x32\...\GPS-Track-Analyse.NET 6.0_is1) (Version:  - )
GPXSee (x64) (HKLM\...\GPXSee) (Version: 11.9 - Martin Tůma)
Greenfish Icon Editor Pro 3.6 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version:  - Greenfish Corporation)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson)
IrfanView 4.60 (64-bit) (HKLM\...\IrfanView64) (Version: 4.60 - Irfan Skiljan)
Java 8 Update 381 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180381F0}) (Version: 8.0.3810.9 - Oracle Corporation)
KeePass Password Safe 2.53 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.53 - Dominik Reichl)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.60.87 - Logitech)
MagentaCLOUD (HKLM\...\{1369654A-24FD-4D83-B45A-222E19EAD9A1}) (Version: 3.6.7.20230217 - Deutsche Telekom AG)
MediaHuman YouTube to MP3 Converter 3.9.9.81 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.81 - MediaHuman)
MediathekView 14.0.0 (HKLM\...\1927-5045-2127-3394) (Version: 14.0.0 - MediathekView Team)
Microsoft .NET Host - 6.0.9 (x64) (HKLM\...\{C30ABA3F-32C0-43D1-B3B8-9AEFD58A15D9}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.9 (x64) (HKLM\...\{FD10B803-97FD-4867-9753-8784BC35D2F8}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM\...\{0B4F742D-2D47-4E95-B756-402822D31C48}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.44 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.44 - Microsoft Corporation)
Microsoft Garage Mouse without Borders (HKLM-x32\...\{D3BC954F-D661-474C-B367-30EB6E56542E}) (Version: 2.1.8.105 - Microsoft Garage)
Microsoft Office Professional 2019 - de-de (HKLM\...\Professional2019Retail - de-de) (Version: 16.0.16924.20124 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.209.1008.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.9 (x64) (HKLM\...\{C1CD2FC1-92E6-4DE2-89D8-6D309881856F}) (Version: 48.39.47171 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.9 (x64) (HKLM-x32\...\{569b351b-451b-48db-a2c7-7beb63411666}) (Version: 6.0.9.31620 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 119.0 (x64 en-US)) (Version: 119.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.0 - Mozilla)
Mp3tag v3.16 (HKLM\...\Mp3tag) (Version: 3.16 - Florian Heidenreich)
MPC-BE x64 1.6.8.5 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.6.8.5 - MPC-BE Team)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 2.1 - F.J. Wechselberger)
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16924.20088 - Microsoft Corporation) Hidden
Office RibbonX Editor (HKLM\...\{414e2267-764a-4e61-aa5e-f25f407dfafd}_is1) (Version: 1.9.0.1056 - Fernando Andreu)
Oracle VM VirtualBox 7.0.4 (HKLM\...\{1CEDDF58-8D2F-407F-BF34-877EAAFF3C40}) (Version: 7.0.4 - Oracle and/or its affiliates)
paint.net (HKLM\...\{31D05AC5-4242-433C-A002-9DB22D740F8C}) (Version: 4.3.11 - dotPDN LLC)
PDF24 Creator 11.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.2.0 - PDF24.org)
PDF-XChange Editor (HKLM\...\{1DE89B26-390D-4262-B7BD-788427632263}) (Version: 9.5.366.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{e563cf57-fc77-4977-83d0-56532d421d33}) (Version: 9.5.366.0 - Tracker Software Products (Canada) Ltd.)
Reverso (HKLM-x32\...\{C0D4BC23-E512-47C3-AA47-04A76B4172C1}) (Version: 2.11.0.734 - Reverso)
Samsung NVM Express Driver (HKLM-x32\...\{ff94c273-58d5-40b5-b03a-9bd41d5cff1e}) (Version: 3.3.0.2003 - Samsung Electronics)
Samsung NVM Express Driver 3.3.0.2003 (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: 3.3.0.2003 - Samsung Electronics Co., Ltd) Hidden
Sandboxie 5.63.0 (64-bit) (HKLM\...\Sandboxie) (Version: 5.63.0 - sandboxie-plus.com)
Signal 6.36.0 (HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.36.0 - Signal Messenger, LLC)
Support- und Wiederherstellungs-Assistent von Microsoft (HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\a1a734b8150c1d83) (Version: 17.0.8640.17 - Microsoft Corporation)
tax 2020 (HKLM-x32\...\{911206AE-A132-4258-8DE2-E2A76971EFE6}) (Version: 27.14.2810 - Buhl Data Service GmbH)
tax 2021 (HKLM-x32\...\{1B029679-D87C-44BC-B894-D579FD7CA963}) (Version: 28.10.2720 - Buhl Data Service GmbH)
tax 2022 (HKLM-x32\...\{B25B40FF-36D8-4AF3-AFB8-491AB11B658B}) (Version: 29.08.3260 - Buhl Data Service GmbH)
tax 2023 (HKLM-x32\...\{D7897BE5-064E-4776-818C-5BCD1FC1C385}) (Version: 30.00.3010 - Buhl Data Service GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.26.4 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 11.01 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.25.9 - IDRIX)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
XnView 2.51.0 (HKLM-x32\...\XnView_is1) (Version: 2.51.0 - Gougelet Pierre-e)
Z-Cron (HKLM-x32\...\{FD57FF4D-7225-4DAC-B15D-9BAE3E8A0E2B}) (Version: 6.1.0.1 - IMU Andreas Baumann)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-10-17] ()
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-07-04] (Canon Inc.)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2023-11-02] (Dropbox Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.21.0_neutral__8xx8rvfyw5nnt [2023-10-29] (Instagram)
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-13] (INTEL CORP) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-04] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2022-07-04] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0 [2023-10-13] (Spotify AB) [Startup Task]

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{47726565-6e73-686f-7400-000000000000}\localserver32 -> "C:\Program Files\Grafik\Greenshot\Greenshot.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{6FF9B5B6-389F-444A-9FDD-A286C36EA079}\InprocServer32 -> C:\Program Files\MagentaCLOUD\CfApiShellExtensions.dll () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\User\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe (DeepL SE -> DeepL SE)
CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{c1be91f2-446f-4f6e-bf58-da4a82669b3c} -> [MagentaCLOUD] => F:\MagentaCloudLoc [2023-07-26 09:33]
CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => F:\Dropbox [2023-09-21 12:21]
ShellIconOverlayIdentifiers: [                OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                MagentaCLOUDError] -> {21A727D8-DF75-47AC-9B23-98CA9941E764} => C:\Windows\System32\shellext\NCOverlays.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [                MagentaCLOUDOK] -> {5FB43024-D810-463E-8298-25AC18B4D657} => C:\Windows\System32\shellext\NCOverlays.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [                MagentaCLOUDOKShared] -> {207E0D58-A4D2-4BEA-B23F-74B275067FF4} => C:\Windows\System32\shellext\NCOverlays.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [                MagentaCLOUDSync] -> {B7E41BEC-A46C-4536-A3B8-F20322BC4538} => C:\Windows\System32\shellext\NCOverlays.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [                MagentaCLOUDWarning] -> {EC74FC2C-CC25-4FF8-B860-8F98CB200CCE} => C:\Windows\System32\shellext\NCOverlays.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [                OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\ToolsHH\Notepad++\NppShell_06.dll [2022-05-29] (Notepad++ -> )
ContextMenuHandlers1: [CirrusShellEx] -> {57FA2D12-D22D-490A-805A-5CB48E84F12A} => C:\Program Files\Tools\BeyondCompare4\BCShellEx64.dll [2022-03-15] (Scooter Software Inc -> Scooter Software)
ContextMenuHandlers1: [CopernicFileShellContextMenuExtension] -> {5e8dc0ce-ae15-3dcc-9daf-50487dd495a8} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2023-10-16] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Open Source Developer, Brice Lambson -> Brice Lambson)
ContextMenuHandlers1-x32: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\Multimedia\XnView\ShellEx\XnViewShellExt.dll [2022-05-31] (Pierre GOUGELET -> )
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Musik\Mp3tag\Mp3tagShell64.dll [2022-05-30] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files\Fairphone\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Pdf\XChangeEditor\Shell Extensions\XCShellMenu.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers2: [CopernicFolderShellContextMenuExtension] -> {bd0a3985-fb0d-3758-a64b-253131d8fe70} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2023-10-16] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Musik\Mp3tag\Mp3tagShell64.dll [2022-05-30] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers3: [MagentaCLOUDContextMenuHandler] -> {C475B1E0-655A-4080-9D13-C3F0905740CF} => C:\Windows\System32\shellext\NCContextMenu.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [CirrusShellEx] -> {57FA2D12-D22D-490A-805A-5CB48E84F12A} => C:\Program Files\Tools\BeyondCompare4\BCShellEx64.dll [2022-03-15] (Scooter Software Inc -> Scooter Software)
ContextMenuHandlers4: [CopernicFolderShellContextMenuExtension] -> {bd0a3985-fb0d-3758-a64b-253131d8fe70} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2023-10-16] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Musik\Mp3tag\Mp3tagShell64.dll [2022-05-30] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [CopernicFolderShellContextMenuExtension] -> {bd0a3985-fb0d-3758-a64b-253131d8fe70} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2023-10-16] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [CirrusShellEx] -> {57FA2D12-D22D-490A-805A-5CB48E84F12A} => C:\Program Files\Tools\BeyondCompare4\BCShellEx64.dll [2022-03-15] (Scooter Software Inc -> Scooter Software)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\User\Desktop\Ruhezustand SZ-Down.lnk -> D:\ToolsHH\AutoHotkey\Scripte\KonMenu\RuhezustandMitSzDownloadprüfung.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2023-01-16 00:34 - 2023-01-16 00:34 - 001160704 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Copernic\DesktopSearch\CefSharp.BrowserSubprocess.Core.dll
2023-01-16 00:34 - 2023-01-16 00:34 - 001783808 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Copernic\DesktopSearch\CefSharp.Core.Runtime.dll
2022-11-21 16:36 - 2022-08-21 02:44 - 001160192 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll
2023-10-25 20:19 - 2023-10-25 02:15 - 000524800 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@nodert-win10-rs4\windows.data.xml.dom\build\Release\binding.node
2023-10-25 20:19 - 2023-10-25 02:15 - 000678400 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@nodert-win10-rs4\windows.ui.notifications\build\Release\binding.node
2023-10-25 20:19 - 2023-10-25 02:15 - 004708864 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\better-sqlite3\build\Release\better_sqlite3.node
2023-10-25 20:19 - 2023-10-25 02:15 - 004972544 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\libsignal-client\prebuilds\win32-x64\node.napi.node
2023-10-25 20:19 - 2023-10-25 02:15 - 010869760 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\ringrtc\build\win32\libringrtc-x64.node
2023-10-25 20:19 - 2023-10-25 02:15 - 000098304 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\windows-dummy-keystroke\build\Release\NativeExtension.node
2023-01-13 10:19 - 2023-01-13 10:19 - 194953728 _____ () [Datei ist nicht signiert] C:\Program Files\Copernic\DesktopSearch\libcef.dll
2023-02-17 15:32 - 2023-02-17 15:32 - 000130560 _____ () [Datei ist nicht signiert] C:\Program Files\MagentaCLOUD\magentacloudsync_vfs_cfapi.dll
2023-02-17 15:32 - 2023-02-17 15:32 - 000031232 _____ () [Datei ist nicht signiert] C:\Program Files\MagentaCLOUD\magentacloudsync_vfs_suffix.dll
2022-11-21 16:37 - 2022-08-19 08:38 - 175591424 _____ () [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll
2022-11-21 16:37 - 2022-08-19 07:11 - 000442880 _____ () [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll
2022-11-21 16:37 - 2022-08-19 07:10 - 006480384 _____ () [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll
2022-11-21 16:37 - 2022-08-19 07:07 - 004077568 _____ () [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll
2022-11-21 16:37 - 2022-08-19 07:10 - 000828928 _____ () [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll
2023-10-17 17:58 - 2023-10-17 17:58 - 000773120 _____ () [Datei ist nicht signiert] C:\Windows\assembly\NativeImages_v4.0.30319_64\LinqBridge\07da31ae08c97a25b82430b8a50afff0\LinqBridge.ni.dll
2022-12-06 18:17 - 2015-09-15 16:07 - 000318464 _____ (CANON INC) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2022-12-06 18:17 - 2015-09-01 18:11 - 000194560 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2022-12-06 18:17 - 2015-06-17 16:01 - 000008704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_DEU.DLL
2022-12-06 18:17 - 2015-06-17 16:00 - 000104960 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2022-12-06 18:17 - 2015-05-26 09:44 - 000141312 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnwidsd.dll
2022-11-28 19:02 - 2021-11-16 12:39 - 000131072 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnalmmod.dll
2022-11-28 19:02 - 2021-11-16 12:37 - 000016384 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\de\cnqtbres.dll
2022-07-07 21:31 - 2009-10-09 07:01 - 000337920 _____ (CANON INC.) [Datei ist nicht signiert] C:\Windows\System32\CNMN6PPM.DLL
2010-03-30 18:32 - 2010-03-30 18:32 - 000073728 _____ (F.J. Wechselberger) [Datei ist nicht signiert] C:\Program Files\Fairphone\MyPhoneExplorer\DLL\ShellMgr.dll
2023-10-17 17:58 - 2023-10-17 17:58 - 001938432 _____ (Greenshot) [Datei ist nicht signiert] C:\Windows\assembly\NativeImages_v4.0.30319_64\GreenshotPlugin\539f6eac1f6bb05e939ab410f34de918\GreenshotPlugin.ni.dll
2022-07-09 13:35 - 2022-07-09 13:35 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Windows\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2\vcomp.dll
2022-07-04 14:37 - 2022-07-04 14:37 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2022-07-04 14:37 - 2022-07-04 14:37 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2023-06-16 09:55 - 2023-06-16 09:55 - 015921152 _____ (ORPALIS) [Datei ist nicht signiert] C:\Program Files\Copernic\DesktopSearch\GdPicture.NET.14.image.gdimgplug.64.dll
2023-10-17 17:58 - 2023-10-17 17:58 - 000740352 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\b076a29ae3269908f0bbbfc97a84c7ec\log4net.ni.dll
2023-01-13 08:21 - 2023-01-13 08:21 - 001412608 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\Copernic\DesktopSearch\chrome_elf.dll
2022-11-21 16:37 - 2022-08-19 07:16 - 001231872 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll
2022-07-18 14:18 - 2014-12-22 13:54 - 000110207 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Tools\FreeAlarmClock\bass.dll
2022-07-18 14:18 - 2014-11-28 14:54 - 000021772 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Tools\FreeAlarmClock\bassflac.dll
2022-07-18 14:18 - 2014-10-20 14:08 - 000017733 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Tools\FreeAlarmClock\basswma.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\gs\gs9.56.1\bin;C:\Program Files\gs\gs9.56.1\bin;C:\Program Files\dotnet\
HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
 ist aktiviert.

Network Binding:
=============
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{CD98FCCD-8D10-429B-8ECD-24A1CE761E3A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CC086E83-486E-44C9-A91B-C660AEC514B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{330DBDBF-9357-4D61-88BF-7729CBEB696F}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{7221F3B4-B5F1-490B-BD9E-B44B2563D218}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [UDP Query User{CE421990-379B-430D-964E-E3AAE87A3B04}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [{F015BD45-5BFD-4FC9-A90A-3373B7721AE1}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{D3F97336-39A6-430D-89EE-A920D153BFAE}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [TCP Query User{2221E2C3-CFD8-43C1-948E-21C1DDC4293C}C:\program files\fairphone\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\fairphone\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{19F25556-A107-46E2-BDD5-D8DAB36218D5}C:\program files\fairphone\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\fairphone\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{7D25F8F7-31A6-4859-992F-113C0F1FEDC2}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [UDP Query User{8E223554-68B7-4FAE-9D92-A9B9E420AFCD}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [{77BC55A2-9B6D-48E0-BDE7-C64EAFD0F0E9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CCF958E6-0404-44DF-A2C4-F1C732BEF6DA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0B2FAFE-0542-4C8B-B43C-9C421E8BBB38}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4B1FC9BC-4E49-4EE0-B644-3EC3694821BC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D091F4F9-1048-4285-9E79-05DD41FB8CFD}] => (Allow) C:\Program Files\Fairphone\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{337A929C-C596-42F2-B716-9E6D54749DC7}] => (Allow) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe (Microsoft Corporation -> Microsoft)
FirewallRules: [{8CBF5940-44DF-4B5B-8E17-A2336DF5E29D}] => (Allow) C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{9B8F7CFE-2F65-43B3-8359-D9B2954D36DC}] => (Allow) C:\Program Files (x86)\Canon\Wi-Fi Connection Assistant\cnwidadr2.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{3F23DD10-3046-4393-9DCC-8909E5E81692}] => (Allow) C:\Program Files (x86)\Canon\Wi-Fi Connection Assistant\cnwiddsu\cnwiddsu2.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{2676E89E-7FFA-4C9E-AE3F-7640BCA63004}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4417017F-36D4-4822-9BD9-16C78EE3A7C5}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{7BC7ABFE-3DC4-4462-8E86-213ACFCFC246}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{FB65CF3F-484F-4E24-9DC5-8B9747E09D0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2DD2F7B9-C33B-489C-A484-C0EB0662BC99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5B154C2A-2B72-428B-B9CB-33A1AD536A59}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{56F0D740-CA37-4A4B-B837-5945DCF06EDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E19F83DD-6D62-4C3F-8A09-5D6FC1F02F4E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0DBE4A4C-FD49-4DA6-842C-5B180A405832}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{010FC7A7-6E3D-4CBB-BD7A-9CDCE4912959}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8F0C6DFE-676A-4D94-9DB9-5715C5EEBEE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7A1CB0F-8E0E-495B-AD5C-A74EF1E1E33F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3429B54D-2145-4574-84C2-9AE5BBC9EA15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4878F4F9-BE39-4E4B-8F3B-282329BCEC48}] => (Allow) C:\Program Files\Fairphone\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{F80D9C6B-40D2-45B4-ACFF-8D053BF7DD7C}] => (Allow) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
FirewallRules: [{4B63070F-46B7-4967-BA93-7BF3F57889AD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{6D7E696C-7E9B-4FDF-B390-D9C3ACA612D1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{7C1510B2-34B2-4BB8-BC29-2DFE7D7AE6F6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38E4C763-56EC-43C0-B9B6-103CA468916D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DF4483DF-FB3F-44EB-B608-BF1EF2DD2552}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45BA7E8A-2A5B-4DB8-BE0D-27DC54361D05}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9EC08F06-7654-470C-8F2B-2B5A98D6ABE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1CF1EBED-BA97-4BA2-87CF-622D06397DA9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Wiederherstellungspunkte =========================

22-10-2023 20:54:58 Installed Reverso
27-10-2023 12:20:29 Windows Modules Installer
05-11-2023 18:55:12 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (11/07/2023 12:19:51 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (11/06/2023 11:03:39 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/06/2023 10:00:53 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (11/06/2023 03:25:24 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (11/06/2023 01:30:47 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (11/06/2023 09:44:43 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/06/2023 09:41:45 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (11/05/2023 08:43:22 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.


Systemfehler:
=============
Error: (11/06/2023 06:26:23 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/06/2023 03:20:16 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/06/2023 10:29:26 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/05/2023 07:34:15 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/05/2023 05:21:55 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/05/2023 04:25:46 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/04/2023 06:07:51 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/03/2023 07:42:57 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


Windows Defender:
================
Date: 2023-11-07 12:22:23
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Vigua.A&threatid=232714&enterprise=0
Name: PUA:Win32/Vigua.A
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_D:\Download\zaSetup_92_058_000_de.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer:
Prozessname: D:\ToolsHH\WinCmd\TotalCmd.EXE
Sicherheitsversion: AV: 1.401.226.0, AS: 1.401.226.0, NIS: 1.401.226.0
Modulversion: AM: 1.1.23100.2009, NIS: 1.1.23100.2009

Date: 2023-11-06 14:49:00
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {0BD430EF-AA52-4C4D-9D45-ED768EE02553}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-11-05 14:53:07
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {33AF3E0A-EF84-4D44-806A-287524663CD8}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-11-04 16:52:23
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {ECEF5F57-6D72-4072-9224-5E900EB710A5}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-11-03 19:02:35
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {31011015-A828-4693-9D09-E70D9706BFF1}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===============
Date: 2023-11-07 12:45:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0797c0ea8580ae89\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends International, LLC. F7 03/25/2022
Hauptplatine: Gigabyte Technology Co., Ltd. B560M DS3H V2
Prozessor: 11th Gen Intel(R) Core(TM) i5-11600K @ 3.90GHz
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 16181.3 MB
Verfügbarer physikalischer RAM: 7490.05 MB
Summe virtueller Speicher: 18613.3 MB
Verfügbarer virtueller Speicher: 7271.14 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.13 GB) (Free:354.6 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS
Drive d: (Volume) (Fixed) (Total:1562 GB) (Free:818.39 GB) (Model: WDC WD20EZBX-00AYRA0) NTFS
Drive e: (Volume) (Fixed) (Total:301 GB) (Free:247.62 GB) (Model: WDC WD20EZBX-00AYRA0) NTFS
Drive f: (Volume) (Fixed) (Total:931.51 GB) (Free:368.61 GB) (Model: SAMSUNG HD103SJ) NTFS

\\?\Volume{45b75c4d-3f48-4674-b346-3677b392e7b4}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{189c2cda-4921-449e-b996-bc03d80ac4e8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 67F514A4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

cosinus 07.11.2023 14:30
Zitat:
Kategorie: Potenziell unerwünschte Software
Pfad: file:_D:\Download\zaSetup_92_058_000_de.exe
Das ist doch bloß irgendein Schrott-Setup mit irgendeiner Werbekacke dadrin.


adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner bitte wiederholen falls es Funde gab.

chance0 07.11.2023 17:40
Vielen Dank für die schnelle Antwort. AdwCleaner meldet keine Funde. Windows Defender zeigt immer noch die gleiche Meldung, wie in meinem Beitrag #1. Wenn ich von Euch nichts mehr höre, werde ich die Datei "D:\Download\zaSetup_92_058_000_de.exe" (siehe #2) löschen.


Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-07-2023
# Duration: 00:00:27
# OS:      Windows 10 (Build 19045.3570)
# Scanned:  32092
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1406 octets] - [07/11/2023 17:13:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

M-K-D-B 09.11.2023 16:05
Entfernung der verwendeten Tools
Führe KpRm gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.





Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. :daumenhoc

Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:
Vielleicht möchtest du das Forum mit einer kleinen Spende https://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:





Zum Schluss bitte unbedingt die Sicherheitsmaßnahmen lesen und umsetzen:

Lesestoff:
Anleitung: Maßnahmen zur Absicherung des Rechners



Hinweis:
Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

M-K-D-B 09.11.2023 16:05
Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:29 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131