| |
| |||||||
Log-Analyse und Auswertung: PUP.Optional.Forced.Extension in Google ChromeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.12.2022, 21:55
| #1 |
| |  PUP.Optional.Forced.Extension in Google Chrome Hallo liebes Trojanerboard, die Ausgangslage war wie hier beschrieben https://www.trojaner-board.de/205625-pup-optional-forced-extension-google-chrome.html Mittlerweile konnte ich mit viel Mühe das System zu einem Update überreden. Malwarebytes schlägt nun aber tatsächlich nicht mehr aus (hat die Probleme womöglich selbst beseitigt?). Da ich aber unsicher bin ob nun noch weitere Schritte nötig sind würde ich mich freuen wenn ihr nochmal einen Blick auf die FRST und Addition werfen könntet. Habt vielen Dank! FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2022
durchgeführt von thomz (Administrator) auf DESKTOP-9TV7NS2 (Dell Inc. G5 5587) (08-12-2022 21:24:35)
Gestartet von C:\Users\thomz\OneDrive\Desktop\FRST-OlderVersion
Geladene Profile: thomz
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe ->) (Jumping Bytes (Christoph Guentner) -> Jumping Bytes) C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncCheck.exe
(C:\Program Files (x86)\OnScreenKeys\OnScreenKeys.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(drivers\RivetNetworks\Killer\xTendUtilityService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (BonSoft) [Datei ist nicht signiert] C:\Program Files\ClocX\ClocX.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(explorer.exe ->) (Jumping Bytes (Christoph Guentner) -> Jumping Bytes) C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <14>
(explorer.exe ->) (Nenad Hrg -> Nenad Hrg SoftwareOK) C:\Users\thomz\Downloads\desktopok_x64\DesktopOK_x64.exe
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Peter Panisz -> WinTools.Info) C:\Users\thomz\Downloads\changesize.exe
(explorer.exe ->) (privat) [Datei ist nicht signiert] C:\Program Files (x86)\Wisterer HX\wistererhx.exe
(explorer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(explorer.exe ->) (Tom Weber -> tom weber software) C:\Program Files (x86)\OnScreenKeys\OnScreenKeys.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Noriyuki Miyazaki -> Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\FOXIT PDF READER\FoxitPDFReaderUpdateService.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_362cfac2b6e1097f\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_362cfac2b6e1097f\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_183917c66152901d\lib\SocketHeciServer.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fafb1d329fdfe2c6\aesm_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_54c680c07b6d4e2e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\WavesSysSvc64.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\thomz\AppData\Roaming\Telegram Desktop\Telegram.exe
(WhatsApp LLC -> WhatsApp) C:\Users\thomz\AppData\Local\WhatsApp\app-2.2245.9\WhatsApp.exe <7>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\WavesSvc64.exe [1224344 2018-06-22] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [590640 2022-05-03] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11209952 2022-11-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 ] (Flexera Software LLC -> Flexera Software LLC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [WistererHX] => C:\Program Files (x86)\Wisterer HX\WistererHX.exe [2658304 2009-01-19] (privat) [Datei ist nicht signiert]
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7117464 2018-05-02] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [45488 2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [BirthdayRemember6] => C:\Program Files (x86)\BirthdayRemember\BirthdayRemember.exe [2440704 2008-07-28] (BirthdayRemember) [Datei ist nicht signiert]
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\thomz\AppData\Local\WhatsApp\Update.exe [2254048 2022-11-28] (WhatsApp LLC -> )
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [DesktopOK] => C:\Users\thomz\Downloads\desktopok_x64\DesktopOK_x64.exe [628088 2021-04-11] (Nenad Hrg -> Nenad Hrg SoftwareOK)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626480 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [PureSync] => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe [1600208 2022-08-23] (Jumping Bytes (Christoph Guentner) -> Jumping Bytes)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [System Font Size Changer] => C:\Users\thomz\Downloads\changesize.exe [451408 2022-09-29] (Peter Panisz -> WinTools.Info)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [Opera Browser Assistant] => C:\Users\thomz\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4152776 2022-10-19] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [MicrosoftEdgeAutoLaunch_FF62703F05C22A79D79E93D5A162957F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3877288 2022-12-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [GoogleChromeAutoLaunch_91B95029A39C680EAA63AF1167C3D120] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3133720 2022-12-07] (Google LLC -> Google LLC)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Perfect PDF 9 Converter Print Processor: C:\Windows\System32\spool\prtprocs\x64\sx_p9_p.dll [264136 2020-10-11] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
HKLM\...\Print\Monitors\HP 5D12 Status Monitor: C:\Windows\system32\hpinksts5D12LM.dll [332176 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.98\Installer\chrmstp.exe [2022-12-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-09-22]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-10-23]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OnScreenKeys.lnk [2020-07-12]
ShortcutTarget: OnScreenKeys.lnk -> C:\Program Files (x86)\OnScreenKeys\OnScreenKeys.exe (Tom Weber -> tom weber software)
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {13BE69D5-0E93-42C9-9CC4-58F92C34DDFD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-911058088-4281732373-384214513-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {150C68A2-F4FD-4AD0-B818-06B4A8ADA719} - System32\Tasks\FaxArchive_VNBNM5N1FK => C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\FaxApplications.exe [6890912 2019-06-11] (HP Inc -> HP Inc.)
Task: {16BB3E5D-8099-4444-97EA-C3D6E4CCC002} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A5B85CA-CC20-43AF-BAC9-6CA32D971939} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [918960 2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
Task: {1F76A940-0186-40AD-9D62-E0E36355CFBE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2916FD3C-CBC9-4AA5-800C-F86E8D112EB0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B2102B8-9C1D-4217-9232-0258ADF67136} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D6E6684-8D7C-4B8A-B389-F6A69531DDF8} - System32\Tasks\JumpingBytes\PureSyncElvthomz => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncHelper.exe [240376 2021-12-28] (Jumping Bytes (Christoph Guentner) -> Jumping Bytes)
Task: {3227E06D-81A1-4838-8B68-0FA1ABCE9B2E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [664928 2022-11-29] (Dell Inc -> Dell Inc.)
Task: {3BEA1C63-9887-465C-A45E-407FA10F8D4F} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> Keine Datei <==== ACHTUNG
Task: {3C4C16C0-DC92-4231-9CB4-AF8805515029} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4D7A2D99-22E2-451A-BF50-C6E748462D6B} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [35424480 2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {5946EA7F-9B34-422B-9668-FD37A4F8886B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A02AF97-09A7-4440-A41E-A56DF7EB3163} - \Opera scheduled assistant Autoupdate 1567213495 -> Keine Datei <==== ACHTUNG
Task: {5A8C5E2D-9760-4269-9994-F66EEC4083F0} - System32\Tasks\Birthday Reminder => C:\Program Files (x86)\BirthdayRemember\BirthdayRemember.exe [2440704 2008-07-28] (BirthdayRemember) [Datei ist nicht signiert]
Task: {5E92AE8D-DE49-492C-8424-66644D3E30AA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F60CB5C-E589-4E62-8515-0A196C52F150} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1660112 2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {63C73691-F72D-43BF-BF25-5A1CBC4B2652} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {68E5AA73-8D6F-4627-8FBB-8F44BE87E79D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {6A85D3FE-8CF7-4874-97E2-ECA934723FB4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6C411BEA-EC6B-4387-93B4-9454946255B0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [66936 2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6FF108C9-42F4-4465-AC37-8955247DC3A9} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {6FF108C9-42F4-4465-AC37-8955247DC3A9} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {6FF108C9-42F4-4465-AC37-8955247DC3A9} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {77CAE9A8-8EEB-464D-88E9-B2581805D1A3} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [260400 2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {814AFDB9-CD64-46C0-A47C-537FB221E0DB} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {99BCC1CE-485F-41D2-A6EA-24C82CCDE7FC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [654784 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9AC4F19F-41C4-4069-A513-3201185B6899} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {9B06207F-B05D-4E91-9842-B46C9364E2FF} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B2C42E7-0D6E-4EB3-9716-F0E0540B057B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {AC500FCD-8632-41EB-AF22-8DB47746D855} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACEF3AB9-02B3-4304-87A4-B74FCF22BC75} - \AdwCleaner_onReboot -> Keine Datei <==== ACHTUNG
Task: {B163C31F-DCAF-4131-8017-D2D54A525837} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B69CB781-DBC5-4AC5-9EFF-170C7D510BA9} - System32\Tasks\Opera scheduled Autoupdate 1566176642 => C:\Users\thomz\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-12-01] (Opera Norway AS -> Opera Software)
Task: {BAFF4275-63BF-4018-9DD3-F3FE0FADF5CA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3297728 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C2D4E387-8EB5-4679-A154-2108E9D392DC} - System32\Tasks\FaxArchive_CN4798R33905RN => C:\Program Files\HP\HP Officejet 6600\Bin\FaxApplications.exe CN4798R33905RN:NW /app FaxArchive -archive -task (Keine Datei)
Task: {C30F9FDB-A7E6-472B-816D-11A7862C2E28} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {CEEF8617-867C-4607-B4A7-C4E9029DA9BF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D9B3BEE7-7053-4353-9A8B-957C24C035CA} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBD00843-6586-4356-96A7-8052076C92AC} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_183917c66152901d\lib\IntelPTTEKRecertification.exe [818000 2021-12-08] (Intel Corporation -> Intel(R) Corporation)
Task: {DEDD3AE3-2A89-4220-A36A-C4BAC433557F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E19C9500-E165-4A7B-86F7-BA0F1C0F0735} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {E87C4B24-5224-463C-ABB2-D8D9006B21E2} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {E9785083-F5A6-4118-A699-16FBA99C068C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EEA4B31D-B898-4F9F-B40B-14918A2D61C1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [999376 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2D9CB2B-59AD-45A1-B277-DE086E281871} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {FA23BD6C-E76A-440C-B61D-DF4F11424FEA} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {FA9FB502-C64B-43E2-AD9F-8FD6BA171EE5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {FCA3D96A-E34D-4A22-BDFD-34B7D82B763B} - System32\Tasks\CrystalDiskInfo => C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe [4003384 2019-10-10] (Noriyuki Miyazaki -> Crystal Dew World)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{481dcb25-44d2-4c56-8380-21c1c7d17d2b}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-08]
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Google Übersetzer) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-07-26]
Edge Extension: (Vergrößern für Microsoft Edge) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akclpjahoedloodjomjhnlmmblikemjj [2022-07-26]
Edge Extension: (Gismeteo) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bfegaehidkkcfaikpaijcdahnpikhobf [2022-07-26]
Edge Extension: (Avira Safe Shopping) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-07-26]
Edge Extension: (Dragon Weberweiterung) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2022-07-26]
Edge Extension: (Avira Password Manager) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2022-07-26]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-11-26]
Edge Extension: (IGRAAL : Cashback & Gutscheine) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hgfjoaookbahbhinopgfoiajfijfcdhm [2022-11-13]
Edge Extension: (Amazon Assistant) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2022-07-26]
Edge Extension: (Cool Uhr) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2022-07-26]
Edge Extension: (SearchPreview) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icnchjepcflcdmnnhbfgmekkcobkdpak [2022-07-26]
Edge Extension: (GMX MailCheck) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\idkbdpnofbfiaiecgobdcaddmfhabhec [2022-07-26]
Edge Extension: (Smallpdf - PDF komprimieren und konvertieren) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2022-07-26]
Edge Extension: (Hover Zoom+) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2022-11-28]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: U0qFopeb.default
FF ProfilePath: C:\Users\thomz\AppData\Roaming\Mozilla\Firefox\Profiles\kh4jibrf.default-release [2022-12-08]
FF Session Restore: Mozilla\Firefox\Profiles\kh4jibrf.default-release -> ist aktiviert.
FF Extension: (AdBlocker Ultimate) - C:\Users\thomz\AppData\Roaming\Mozilla\Firefox\Profiles\kh4jibrf.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-12-07]
FF ProfilePath: C:\Users\thomz\AppData\Roaming\Mozilla\Firefox\Profiles\U0qFopeb.default [2019-08-07]
FF Extension: (Avira Password Manager) - C:\Users\thomz\AppData\Roaming\Mozilla\Firefox\Profiles\U0qFopeb.default\Extensions\passwordmanager@avira.com [2019-08-07]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin: nuance.com/DgnRia2_x86_64 -> E:\Programme\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll [Keine Datei]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Keine Datei]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Keine Datei]
FF Plugin-x32: nuance.com/DgnRia2 -> E:\Programme\NaturallySpeaking13\Program\npDgnRia2.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-911058088-4281732373-384214513-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-911058088-4281732373-384214513-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-911058088-4281732373-384214513-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-911058088-4281732373-384214513-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default [2022-12-08]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://comedyrent.com; hxxps://drive.google.com; hxxps://informblurb.com; hxxps://lifeindigo.com; hxxps://outlook.live.com; hxxps://pdf.wondershare.com; hxxps://weihrauch.az-vitamins.com; hxxps://www.facebook.com; hxxps://www.lieferando.de; hxxps://www.wetteronline.de
CHR DefaultSearchURL: Default -> hxxps://www.google.de/search?source=hp&ei=FahKXdmCF866kwXM0I-YCg&q={searchTerms}&btnK=Google-Suche&oq=windows+passwortabfrage+ausstellen&gs_l=psy-ab.3..0i22i30l3.1101.1101..1540...0.0..0.150.288.0j2......0....2j1..gws-wiz.....0.f5Z4oEE0ZXI&ved=0ahUKEwiZ4YDaxvDjAhVO3aQKHUzoA6MQ4dUDCAc&uact=5
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Google Übersetzer) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-12]
CHR Extension: (Gismeteo) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfegaehidkkcfaikpaijcdahnpikhobf [2019-11-16]
CHR Extension: (Avira Password Manager) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-11-10]
CHR Extension: (GMX MailCheck) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2022-07-02]
CHR Extension: (Avira Safe Shopping) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-10-29]
CHR Extension: (Suchergebnissvorschau) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedcejfiniojnlhlfhcppenochinijfo [2022-12-08]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-12-08]
CHR Extension: (Dragon Weberweiterung) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2020-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-08]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-11-28]
CHR Extension: (Cool Uhr) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2019-08-20]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-11-19]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2021-04-30]
CHR Extension: (IGRAAL : Cashback & Gutscheine) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2022-12-08]
CHR Extension: (Vergrößern für Google Chrome) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2021-12-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Smallpdf - PDF komprimieren und konvertieren) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2022-07-19]
CHR Extension: (Amazon Assistant für Chrome) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-08-21]
CHR Extension: (Hover Zoom+) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2022-11-27]
CHR Extension: (Nielsen NetSight) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfbpdnjkepkfokdhnkbdnfdmhlnhhcgc [2020-09-11]
CHR Profile: C:\Users\thomz\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-03]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable [2022-12-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.de/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Avira Safe Shopping) - C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2021-09-11]
OPR Extension: (Rich Hints Agent) - C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-09-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-11]
OPR Extension: (Avira Password Manager) - C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2021-09-11]
OPR Extension: (Free Avira Phantom VPN – Entsperrt Webseiten) - C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2019-08-19]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [267096 2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [293816 2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-11-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313488 2020-01-05] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{92BC53F4-91E4-4995-9BF9-9E70698B7269} [21312 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-15] (Dell Inc -> Dell)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [151616 2014-11-04] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8789568 2022-11-22] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8789568 2022-11-22] (Avira Operations GmbH -> Avira Operations GmbH)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncHelper.exe [3476400 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\FoxitPDFReaderUpdateService.exe [2358800 2022-05-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2022-12-07] (HP Inc. -> HP Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73480 2021-03-24] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1775392 2021-03-24] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2663208 2021-03-24] (Rivet Networks LLC -> Rivet Networks)
S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73496 2021-03-24] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-11-27] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\OneDriveUpdaterService.exe [3843504 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [590640 2022-05-03] (geek software GmbH -> geek software GmbH)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2022-11-29] (Dell Inc -> Dell Inc.)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234824 2020-10-11] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15110968 2022-11-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73504 2021-03-24] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73504 2021-03-24] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_54c680c07b6d4e2e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_54c680c07b6d4e2e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 AMSElamDriver; C:\WINDOWS\System32\drivers\amselam.sys [21976 2019-12-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH & Co. KG)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [230520 2022-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cpuz143; C:\Users\thomz\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2022-12-08] (CPUID -> CPUID) <==== ACHTUNG
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2020-07-01] (Glarysoft LTD -> Glarysoft Ltd)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [184400 2021-03-24] (Rivet Networks LLC -> Rivet Networks, LLC.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [26624 2022-10-14] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH)
R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [224848 2022-11-17] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [219040 2022-11-17] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [61376 2022-10-14] (Avira Operations GmbH -> Avira Operations GmbH)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-12-08 21:15 - 2022-12-08 21:15 - 000003840 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2022-12-08 18:20 - 2022-12-08 18:20 - 002632256 _____ (Malwarebytes) C:\Users\thomz\Downloads\MBSetup.exe
2022-12-07 09:18 - 2022-12-08 20:52 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-07 01:43 - 2022-12-07 01:43 - 000025973 _____ C:\Users\thomz\Downloads\Vorsicht beim Kauf! Weihnachtsbäume können giftig sein __ Trump gedemütigt! Er soll ersetzt werden _.html
2022-12-07 01:21 - 2022-12-07 01:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-12-07 01:19 - 2022-12-07 01:19 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-12-07 01:17 - 2022-12-08 21:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-07 01:17 - 2022-12-07 02:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-12-07 01:17 - 2022-12-07 01:17 - 000003758 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-12-07 01:17 - 2022-12-07 01:17 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-12-07 01:17 - 2022-12-07 01:17 - 000003622 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1566176642
2022-12-07 01:17 - 2022-12-07 01:17 - 000003560 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-12-07 01:17 - 2022-12-07 01:17 - 000003534 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-12-07 01:17 - 2022-12-07 01:17 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-12-07 01:17 - 2022-12-07 01:17 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000003336 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-12-07 01:17 - 2022-12-07 01:17 - 000003322 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2022-12-07 01:17 - 2022-12-07 01:17 - 000003302 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2022-12-07 01:17 - 2022-12-07 01:17 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000003076 _____ C:\WINDOWS\system32\Tasks\FaxArchive_VNBNM5N1FK
2022-12-07 01:17 - 2022-12-07 01:17 - 000003064 _____ C:\WINDOWS\system32\Tasks\FaxArchive_CN4798R33905RN
2022-12-07 01:17 - 2022-12-07 01:17 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-911058088-4281732373-384214513-1001
2022-12-07 01:17 - 2022-12-07 01:17 - 000003016 _____ C:\WINDOWS\system32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000003016 _____ C:\WINDOWS\system32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000003016 _____ C:\WINDOWS\system32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000002956 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000002866 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2022-12-07 01:17 - 2022-12-07 01:17 - 000002838 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000002814 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-12-07 01:17 - 2022-12-07 01:17 - 000002748 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-12-07 01:17 - 2022-12-07 01:17 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-12-07 01:17 - 2022-12-07 01:17 - 000002608 _____ C:\WINDOWS\system32\Tasks\CrystalDiskInfo
2022-12-07 01:17 - 2022-12-07 01:17 - 000002596 _____ C:\WINDOWS\system32\Tasks\Birthday Reminder
2022-12-07 01:17 - 2022-12-07 01:17 - 000002222 _____ C:\WINDOWS\system32\Tasks\GU5SkipUAC
2022-12-07 01:17 - 2022-12-07 01:17 - 000002028 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-12-07 01:17 - 2022-12-07 01:17 - 000000020 ___SH C:\Users\thomz\ntuser.ini
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Vorlagen
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Startmenü
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Netzwerkumgebung
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Lokale Einstellungen
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Eigene Dateien
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Druckumgebung
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Anwendungsdaten
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Programme
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\ProgramData\Vorlagen
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\ProgramData\Startmenü
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\ProgramData\Dokumente
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Program Files\Gemeinsame Dateien
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Dokumente und Einstellungen
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-911058088-4281732373-384214513-1001
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\JumpingBytes
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2022-12-07 01:16 - 2022-12-07 01:17 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2022-12-07 01:16 - 2022-12-07 01:17 - 000007623 _____ C:\WINDOWS\diagerr.xml
2022-12-07 01:13 - 2022-12-08 21:23 - 001632230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-07 00:46 - 2022-12-07 01:17 - 000000000 ____D C:\Users\thomz
2022-12-07 00:46 - 2022-12-07 01:16 - 000000000 ____D C:\Users\thomz\OneDrive
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Vorlagen
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Startmenü
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Netzwerkumgebung
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Lokale Einstellungen
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Eigene Dateien
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Druckumgebung
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\AppData\Local\Verlauf
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\AppData\Local\Anwendungsdaten
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Anwendungsdaten
2022-12-07 00:44 - 2022-12-08 19:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-07 00:44 - 2022-12-07 00:44 - 000447600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-07 00:18 - 2022-12-07 00:20 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-12-07 00:17 - 2022-12-07 00:18 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-12-07 00:16 - 2022-12-07 00:16 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-12-07 00:13 - 2022-12-07 00:13 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-12-07 00:13 - 2022-12-07 00:13 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-06 23:07 - 2022-12-08 06:00 - 000000000 ___DC C:\WINDOWS\Panther
2022-12-06 22:53 - 2022-12-06 23:07 - 000000000 ____D C:\ESD
2022-12-06 22:49 - 2022-12-06 22:49 - 000000000 ___HD C:\$Windows.~WS
2022-12-06 22:30 - 2022-12-06 22:30 - 000000000 ___HD C:\$WinREAgent
2022-12-03 22:50 - 2022-12-03 22:50 - 001666901 _____ C:\Users\thomz\Downloads\20221203_154447.jpg.crdownload
2022-12-01 18:47 - 2022-12-01 18:47 - 000000039 _____ C:\Users\thomz\Downloads\Thomzab@gmx.de Firefox account recovery key.txt
2022-12-01 18:21 - 2022-12-08 18:21 - 000000000 ____D C:\Users\thomz\AppData\LocalLow\Mozilla
2022-12-01 18:21 - 2022-12-07 19:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-01 18:21 - 2022-12-07 01:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-01 18:21 - 2022-12-01 18:21 - 000002036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2022-12-01 18:21 - 2022-12-01 18:21 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-01 18:21 - 2022-12-01 18:21 - 000000000 ____D C:\Users\thomz\AppData\Local\Mozilla
2022-12-01 18:21 - 2022-12-01 18:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-01 18:15 - 2022-12-01 18:15 - 000350192 _____ (Mozilla) C:\Users\thomz\Downloads\Nicht bestätigt 957068.crdownload
2022-11-28 22:52 - 2022-12-08 21:24 - 000000000 ____D C:\FRST
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-11-17 09:53 - 2022-11-17 09:53 - 003331390 _____ C:\Users\thomz\Downloads\eflyer_Saturn_Verbund_1711 (1).pdf
2022-11-17 09:50 - 2022-11-17 09:50 - 003331390 _____ C:\Users\thomz\Downloads\eflyer_Saturn_Verbund_1711.pdf
2022-11-13 21:17 - 2022-11-13 21:17 - 000000000 ____D C:\Program Files\Google
2022-11-11 22:17 - 2022-11-11 22:17 - 000592322 _____ C:\Users\thomz\Downloads\Mutaflor-mite-Packungsbeilage.pdf
2022-11-11 21:04 - 2022-11-11 21:04 - 000000000 __SHD C:\Users\thomz\.dropbox_bi
2022-11-09 12:55 - 2022-11-09 12:55 - 000462160 _____ (WinTools.Info) C:\Users\thomz\Downloads\advchange.exe
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-12-08 21:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-08 21:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-08 21:23 - 2019-12-07 15:51 - 000708572 _____ C:\WINDOWS\system32\perfh007.dat
2022-12-08 21:23 - 2019-12-07 15:51 - 000142814 _____ C:\WINDOWS\system32\perfc007.dat
2022-12-08 21:21 - 2020-09-12 21:05 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Telegram Desktop
2022-12-08 21:17 - 2019-04-09 18:20 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-08 21:17 - 2019-03-25 12:35 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-08 21:16 - 2022-03-03 07:37 - 000000000 ____D C:\Users\thomz\AppData\Roaming\DropboxElectron
2022-12-08 21:16 - 2019-08-07 15:01 - 000000000 ____D C:\Users\thomz\AppData\Local\Dropbox
2022-12-08 21:16 - 2019-07-26 14:32 - 000000000 ____D C:\ProgramData\OnScreenKeys
2022-12-08 21:15 - 2020-09-17 18:03 - 000000000 ____D C:\Users\thomz\AppData\Roaming\WhatsApp
2022-12-08 21:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-08 21:15 - 2019-08-07 15:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-12-08 21:15 - 2019-04-09 18:17 - 000000000 __SHD C:\Users\thomz\IntelGraphicsProfiles
2022-12-08 21:15 - 2019-03-25 12:34 - 000000000 ___DC C:\Intel
2022-12-08 20:51 - 2022-06-03 21:07 - 004170032 _____ C:\WINDOWS\system32\rtp.db
2022-12-08 20:51 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-12-08 20:42 - 2019-08-07 14:16 - 000000000 ____D C:\Users\thomz\.rainlendar2
2022-12-08 14:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-08 09:15 - 2019-07-26 14:04 - 000000000 ____D C:\Users\thomz\AppData\Local\D3DSCache
2022-12-07 22:55 - 2022-07-21 21:14 - 000000000 _____ C:\Users\thomz\OneDrive\Dokumente\HPSmartPrintingPort
2022-12-07 22:32 - 2019-04-09 18:22 - 000002295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-07 09:44 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-07 08:46 - 2020-08-14 05:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-12-07 08:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-07 03:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-12-07 02:21 - 2021-05-13 14:59 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-12-07 01:33 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-12-07 01:33 - 2019-04-09 18:17 - 000000000 ____D C:\Users\thomz\AppData\Local\Packages
2022-12-07 01:21 - 2019-08-07 15:12 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-12-07 01:20 - 2019-04-09 18:19 - 000000000 ____D C:\Users\thomz\AppData\Local\PlaceholderTileLogoFolder
2022-12-07 01:20 - 2019-03-25 12:54 - 000000000 ____D C:\ProgramData\Packages
2022-12-07 01:18 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-12-07 01:17 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-12-07 01:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-12-07 01:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-12-07 01:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2022-12-07 01:17 - 2019-08-07 15:12 - 000001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-12-07 01:17 - 2019-08-07 15:12 - 000001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-12-07 01:17 - 2019-04-09 18:17 - 000000000 ___RD C:\Users\thomz\3D Objects
2022-12-07 01:17 - 2019-03-25 12:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-12-07 01:17 - 2019-03-25 12:27 - 000000000 ____D C:\Program Files\Intel
2022-12-07 01:11 - 2020-07-12 09:40 - 000027204 _____ C:\WINDOWS\system32\emptyregdb.dat
2022-12-07 01:11 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2022-12-07 01:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2022-12-07 00:46 - 2022-06-23 21:49 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2022-12-07 00:46 - 2022-05-10 15:55 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-12-07 00:46 - 2021-09-04 19:21 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2022-12-07 00:46 - 2021-03-02 03:15 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2022-12-07 00:46 - 2020-09-17 18:04 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2022-12-07 00:46 - 2020-09-12 21:05 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-12-07 00:45 - 2020-11-01 04:22 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-07 00:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-12-07 00:45 - 2019-03-25 12:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-12-07 00:45 - 2019-03-25 12:32 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-12-07 00:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-07 00:21 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-12-07 00:20 - 2022-09-11 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureSync
2022-12-07 00:20 - 2022-07-02 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2022-12-07 00:20 - 2022-05-05 08:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2022-12-07 00:20 - 2022-02-06 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-12-07 00:20 - 2021-10-15 21:05 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-12-07 00:20 - 2021-09-22 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-12-07 00:20 - 2021-09-22 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2022-12-07 00:20 - 2021-09-22 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2022-12-07 00:20 - 2020-12-04 02:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-12-07 00:20 - 2020-10-11 14:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking
2022-12-07 00:20 - 2020-07-29 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BirthdayRemember
2022-12-07 00:20 - 2020-07-18 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software
2022-12-07 00:20 - 2020-07-18 21:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2022-12-07 00:20 - 2020-06-22 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2022-12-07 00:20 - 2020-06-14 08:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2022-12-07 00:20 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-in
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-12-07 00:20 - 2019-11-08 19:11 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2022-12-07 00:20 - 2019-11-07 21:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2022-12-07 00:20 - 2019-10-22 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2022-12-07 00:20 - 2019-08-19 02:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2022-12-07 00:20 - 2019-08-17 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2022-12-07 00:20 - 2019-08-07 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MD Adressbuch 2018
2022-12-07 00:20 - 2019-08-07 13:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClocX
2022-12-07 00:20 - 2019-08-07 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skinny Clock
2022-12-07 00:20 - 2019-08-07 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2022-12-07 00:20 - 2019-07-26 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnScreenKeys
2022-12-07 00:20 - 2019-07-26 13:58 - 000000000 ____D C:\Program Files\UNP
2022-12-07 00:20 - 2019-03-25 12:37 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2022-12-07 00:20 - 2019-03-25 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-12-07 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-12-07 00:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-12-07 00:18 - 2020-10-11 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\soft Xpansion
2022-12-07 00:18 - 2019-10-08 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
2022-12-07 00:18 - 2019-08-15 15:13 - 000000000 ____D C:\WINDOWS\Firmware
2022-12-07 00:18 - 2019-03-25 12:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2022-12-07 00:18 - 2019-03-25 12:32 - 000000000 ____D C:\WINDOWS\system32\cAVS
2022-12-07 00:15 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-12-07 00:15 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-12-07 00:15 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-07 00:08 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-12-07 00:08 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-12-07 00:08 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-12-06 21:26 - 2019-08-07 15:18 - 000000000 ____D C:\Users\thomz\Eigene
2022-12-06 14:46 - 2020-08-01 18:16 - 000000000 ___HD C:\Users\thomz\Downloads\.opera
2022-12-06 14:46 - 2020-08-01 18:16 - 000000000 ___HD C:\Users\thomz\.opera
2022-12-03 23:35 - 2022-08-05 22:30 - 000001454 _____ C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2022-12-03 20:47 - 2019-08-07 15:18 - 000000000 ___RD C:\Users\thomz\Dropbox
2022-12-03 20:41 - 2019-08-27 17:24 - 000000000 ____D C:\Users\thomz\AppData\Local\CrashDumps
2022-12-01 18:21 - 2019-08-07 12:43 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Mozilla
2022-11-28 21:40 - 2019-08-07 15:19 - 000000000 ____D C:\Users\thomz\AppData\Roaming\TeamViewer
2022-11-28 20:48 - 2021-10-20 08:37 - 000000000 ____D C:\Users\thomz\AppData\Local\WhatsApp
2022-11-28 09:46 - 2019-08-07 12:42 - 000000000 ____D C:\ProgramData\Avira
2022-11-27 21:07 - 2021-04-23 03:47 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-11-27 21:07 - 2020-06-25 01:14 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-11-27 21:07 - 2020-06-25 01:14 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-27 21:06 - 2020-12-27 10:12 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-11-27 21:06 - 2020-06-25 01:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-27 21:06 - 2020-06-25 01:12 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-22 20:48 - 2022-10-22 22:07 - 000013281 _____ C:\Users\thomz\OneDrive\Dokumente\Nahrungsergänzungsmittel.xlsx
2022-11-21 12:29 - 2019-11-25 09:05 - 000000000 _____ C:\Users\thomz\OneDrive\Dokumente\HPLJM278-M281_Fax_Port
2022-11-19 08:46 - 2021-09-25 01:32 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-11-17 19:48 - 2021-09-22 22:04 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-17 11:54 - 2022-06-03 21:06 - 000224848 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys
2022-11-17 11:54 - 2022-06-03 21:06 - 000219040 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys
2022-11-15 22:40 - 2021-09-16 07:35 - 000000000 ____D C:\Program Files\Microsoft Office
2022-11-09 19:13 - 2019-08-07 13:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 19:05 - 2019-08-07 13:02 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-09 12:55 - 2022-09-29 07:43 - 000000000 ____D C:\Users\thomz\AppData\Local\WinTools.Info
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-10-04 22:34 - 2022-09-11 14:06 - 000041351 _____ () C:\Users\thomz\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2021-10-04 22:05 - 2021-10-04 22:05 - 000019286 _____ () C:\Users\thomz\AppData\Roaming\Durch Trennzeichen getrennte Werte.EML
2020-04-12 22:15 - 2020-04-12 22:15 - 000020480 _____ () C:\Users\thomz\AppData\Roaming\pushdata.sqlite
2020-10-11 14:38 - 2020-10-11 14:38 - 000001195 _____ () C:\Users\thomz\AppData\Roaming\SAS7_000.DAT
2019-07-26 14:33 - 2019-07-26 14:33 - 000007605 _____ () C:\Users\thomz\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
08.12.2022, 21:56
| #2 |
| | PUP.Optional.Forced.Extension in Google Chrome Addition
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-12-2022
durchgeführt von thomz (08-12-2022 21:26:23)
Gestartet von C:\Users\thomz\OneDrive\Desktop\FRST-OlderVersion
Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) (2022-12-07 00:17:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-911058088-4281732373-384214513-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-911058088-4281732373-384214513-503 - Limited - Disabled)
Gast (S-1-5-21-911058088-4281732373-384214513-501 - Limited - Disabled)
thomz (S-1-5-21-911058088-4281732373-384214513-1001 - Administrator - Enabled) => C:\Users\thomz
WDAGUtilityAccount (S-1-5-21-911058088-4281732373-384214513-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Total AV (Disabled - Out of date) {B185458D-38B3-A010-10F7-3D378DAA6032}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {76C0BF9F-9FD3-D249-DE2F-7A33A59B9258}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7+ Taskbar Tweaker v5.8 (HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\7 Taskbar Tweaker) (Version: 5.8 - RaMMicHaeL)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.14 - AnyDesk Software GmbH)
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.79.5 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.22.0.12 - Avira Operations GmbH) Hidden
BirthdayRemember 6.3.2 (HKLM-x32\...\BirthdayRemember_is1) (Version: - geburtstagsgeschenk-online.de)
ClocX (1.6.0) (HKLM-x32\...\ClocX) (Version: - )
CrystalDiskInfo 8.3.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.3.1 - Crystal Dew World)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.6.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{B5DCDCBD-BBB3-4A09-A496-E2FB05EC56CE}) (Version: 3.13.0.236 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{5B678BC6-D551-458B-893D-B442B21ECD21}) (Version: 5.5.4.16189 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{dc44ee3f-d6c1-444d-a660-b0f1ac90b51d}) (Version: 5.5.4.16189 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{03C35F56-A9AD-4B59-B061-B8CE41C4C22B}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{f4ee83d8-d901-4c1a-b5a2-288427598fe2}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{F68DA8E2-38B6-47A7-AB62-BFE8B740F792}) (Version: 4.7.0 - Dell Inc.)
DellRegistryManager (HKLM\...\{BAF6686A-36D9-40D1-8B04-B78BBE88C808}) (Version: 21.50.0.0 - Intel Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 162.4.5419 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.685.1 - Dropbox, Inc.) Hidden
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2206.2902 - Avira Operations GmbH & Co. KG) Hidden
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.0.2.12465 - Foxit Software Inc.)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - )
Glary Utilities PRO 5.144 (HKLM-x32\...\Glary Utilities 5) (Version: 5.144.0.170 - Glarysoft Ltd)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 2.1.33.300 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.98 - Google LLC)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HP Color LaserJet MFP M278-M281 Hilfe (HKLM-x32\...\{3DF29BF3-A40D-4BDC-BE5D-FA592999A767}) (Version: 0.00.0005 - HP)
HP ColorLaserJet MFP M278-M281 - Grundlegende Software für das Gerät (HKLM\...\{75714364-DBC5-4794-BB5D-4FDD146B9709}) (Version: 44.5.2693.19162 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{0A9CC01F-D879-4C38-9CAD-FE00069E52C0}) (Version: 44.5.501.81934 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{C81E4240-9280-4954-BC08-F95DE943EAA0}) (Version: 44.5.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{683CB3DB-AA1A-414C-82FC-EF1F2F1B49D0}) (Version: 44.5.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{A87DA792-B9B6-4367-BC9F-71CE6BF66491}) (Version: 44.5.501.81934 - HP)
HP OneDrive Plugin (HKLM-x32\...\{936D840F-D274-40DD-97DC-2024E18AAA9E}) (Version: 44.5.0.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{FFB85384-C54C-45C4-9515-78F9945A7945}) (Version: 44.5.0.0 - HP)
HP Unified IO (HKLM\...\{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}) (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (HKLM-x32\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S OCR (HKLM-x32\...\{C5E64A12-F3D8-4735-8A3B-F9B07C071AFE}) (Version: 15.2.10.1114 - HP Inc.)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Chipset Device Software (HKLM\...\{C844CC39-BC28-46CA-8239-3F37D8FE2A59}) (Version: 10.1.17541.8066 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{8A47F310-D3B6-4894-AE24-5E997B13999B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{D80FDFD4-0702-4950-A949-CC2AE3B36F23}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{434309ED-354E-460C-B241-0803232C7CC9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7262 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{6B487AA5-94E3-4B20-A1AF-2FA0CEA5BD13}) (Version: 17.5.9.1040 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.1 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{2D79E334-B178-45B9-A2A6-7A60A084C268}) (Version: 16.8.0.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{bce385e6-0b52-413b-b28e-3b9064ea6cde}) (Version: 20.120.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{8149291F-52C1-41CE-8F33-58A27E26547F}) (Version: 20.120.1.2939 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{87b96d86-07d6-4c0d-85b0-bcfb3a4550bb}) (Version: 21.70.0.6 - Intel Corporation) Hidden
IrfanView 4.53 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.53 - Irfan Skiljan)
KeePass Password Safe 2.42.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.42.1 - Dominik Reichl)
Malwarebytes version 4.5.18.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.18.226 - Malwarebytes)
MD Adressbuch 2018 (HKLM-x32\...\{3AA659C5-1438-4863-8732-8E551B01BC62}_is1) (Version: - Stefan Göppert Softwareentwicklung)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.9 (x64) (HKLM\...\{C30ABA3F-32C0-43D1-B3B8-9AEFD58A15D9}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.9 (x64) (HKLM\...\{FD10B803-97FD-4867-9753-8784BC35D2F8}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM\...\{0B4F742D-2D47-4E95-B756-402822D31C48}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM-x32\...\{67950e91-8f8f-4d75-9252-7cca68ccdacc}) (Version: 6.0.9.31619 - Microsoft Corporation)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.42 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.44 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{92418797-A53F-4B3E-A56A-F8B739B6F1FF}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{B12E6B2E-1E47-4D58-A45E-AA92A5F8F8FD}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.13.26020 (HKLM\...\{C5ECDB9A-D9B0-3107-BA85-1269998A5B3E}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.13.26020 (HKLM\...\{221D6DB4-46E2-333C-B09B-5F49351D0980}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (HKLM-x32\...\{213668DB-2263-4E2D-ABB8-487FD539130E}) (Version: 14.21.27702 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (HKLM-x32\...\{19F7E289-17B8-44EC-A099-927507B6F739}) (Version: 14.21.27702 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 107.0.1 (x64 de)) (Version: 107.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 107.0.1 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.3.3 - Notepad++ Team)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Grafiktreiber 462.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.31 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0628 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0628 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
OnScreenKeys 6.0.32 (HKLM-x32\...\E8T3A24E-304A-2274-5A2A-550GF09E4712_is1) (Version: - tom weber software)
Opera Stable 93.0.4585.37 (HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Opera 93.0.4585.37) (Version: 93.0.4585.37 - Opera Software)
PDF24 Creator 11.1.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.1.0 - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd)
PureSync (HKLM-x32\...\{0EFF5114-357B-45BB-ADAE-C51AE8C9B267}) (Version: 7.1.0 - Jumping Bytes)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: 2.14.2 - Rainy)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8551 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 6.0.0.1 - ASCOMP Software GmbH)
Skinny Clock v1.17 R2 (HKLM-x32\...\Skinny Clock_is1) (Version: - Ing. Tomas Koutny)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.36.9 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.4.1 - Telegram FZ-LLC)
teXXas (HKLM-x32\...\{F3DCD04C-BE9C-408C-BC8C-B77AF972DBC2}) (Version: 1.2.0.1 - metaspinner net GmbH)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
TreeSize Free V4.5.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.5.2 - JAM Software)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B652B695-C849-4EF2-B09A-72771C7AD2BA}) (Version: 2.71.0.0 - Microsoft Corporation)
WhatsApp (HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\WhatsApp) (Version: 2.2245.9 - WhatsApp)
Wisterer HX 4.2.32 (HKLM-x32\...\Wisterer HX_is1) (Version: - Michael Maier)
Zoom (HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\ZoomUMX) (Version: 5.9.6 (3799) - Zoom Video Communications, Inc.)
Packages:
=========
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_3.25.1156.0_x64__22t9g3sebte08 [2022-12-07] (AMZN Mobile LLC.) [Startup Task]
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.1.0_x64__htrsf667h5kn2 [2022-12-07] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.49.0_x64__htrsf667h5kn2 [2022-12-07] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2022-12-07] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.10.10.0_x64__htrsf667h5kn2 [2021-11-06] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.13.5.0_x64__htrsf667h5kn2 [2022-12-07] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.7.31.0_x86__htrsf667h5kn2 [2022-11-04] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-07] (HP Inc.)
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-12-07] (INTEL CORP) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2022-12-07] (LinkedIn)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-12-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-12-07] (Microsoft Corporation) [MS Ad]
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-12-07] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.0.30.0_x64__htrsf667h5kn2 [2022-12-07] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-07] (NVIDIA Corp.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1001.0_x64__rh07ty8m5nkag [2021-10-29] (Rivet Networks LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.11210.0_x64__8wekyb3d8bbwe [2022-12-07] (Microsoft Studios) [MS Ad]
Übersetzer -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2022-12-07] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2022-12-07] (Waves Audio)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-911058088-4281732373-384214513-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\thomz\Dropbox [2019-08-07 15:18]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [Datei ist nicht signiert] [Datei wird verwendet]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-08-21] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [PureSync] -> {D1079645-619B-4d0b-8FD5-1008B95134E1} => C:\Program Files (x86)\Jumping Bytes\PureSync\psshell64.dll [2010-12-21] (Jumping Bytes - Dipl.-Ing. Christoph Guentner -> Jumping Bytes)
ContextMenuHandlers1: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2021-02-07] (ASCOMP Software GmbH -> ASCOMP Software GmbH)
ContextMenuHandlers1: [SX_PDF9_STUDIO] -> {B1B49373-0A05-4160-96FE-AF71F235B445} => -> Keine Datei
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-11-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [PureSync] -> {D1079645-619B-4d0b-8FD5-1008B95134E1} => C:\Program Files (x86)\Jumping Bytes\PureSync\psshell64.dll [2010-12-21] (Jumping Bytes - Dipl.-Ing. Christoph Guentner -> Jumping Bytes)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-27] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [PureSync] -> {D1079645-619B-4d0b-8FD5-1008B95134E1} => C:\Program Files (x86)\Jumping Bytes\PureSync\psshell64.dll [2010-12-21] (Jumping Bytes - Dipl.-Ing. Christoph Guentner -> Jumping Bytes)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-11-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_54c680c07b6d4e2e\nvshext.dll [2021-07-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-11-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-27] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2021-02-07] (ASCOMP Software GmbH -> ASCOMP Software GmbH)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [msacm.pspgru] => C:\Windows\SysWOW64\pspgru.acm [401920 2010-03-22] (Philips Austria GmbH - Speech Processing) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\thomz\OneDrive\bilder sd-karte\ausgesuchte Fotos\Bilder\Eigene\Ordner _0001\Office.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ocdlmjhbenodhlknglojajgokahchlkk
ShortcutWithArgument: C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Office.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ocdlmjhbenodhlknglojajgokahchlkk
ShortcutWithArgument: C:\Users\thomz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e813d00e00d91983\Identity API Scope Approval UI.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ahjaciijnoiaklcomgnblndopackapon
ShortcutWithArgument: C:\Users\thomz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\83d8c4605d0771e8\Identity API Scope Approval UI.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=ahjaciijnoiaklcomgnblndopackapon --app-url
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2018-06-02 16:59 - 2018-06-02 16:59 - 005122048 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jumping Bytes\PureSync\VBCCR15.OCX
2019-04-09 19:55 - 2000-09-09 18:26 - 000048640 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Wisterer HX\di_MD5dll.dll
2022-12-08 01:24 - 2022-12-08 01:24 - 000773120 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LinqBridge\d95399e05834d6aded146f09c1c648c9\LinqBridge.ni.dll
2022-12-08 01:24 - 2022-12-08 01:24 - 001936896 _____ (Greenshot) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\GreenshotPlugin\640d702947a17bd64ce0d09ce4450679\GreenshotPlugin.ni.dll
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hpzjrd01.dll
2019-11-07 20:08 - 2019-06-11 17:25 - 007913472 _____ (HP Inc.) [Datei ist nicht signiert] C:\WINDOWS\system32\spool\DRIVERS\x64\3\HPLJM278-M281_FaxPCSendRenderPlugin.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\HPTcpMUI.dll
2018-03-08 06:18 - 2018-03-08 06:18 - 000015360 _____ (NHibernate community) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2020-11-11 19:57 - 2020-11-11 19:57 - 000537088 _____ (NHibernate.info) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\FluentNHibernate.dll
2018-02-06 16:25 - 2018-02-06 16:25 - 000176640 _____ (rubicon IT GmbH) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 11:10 - 2018-03-23 11:10 - 000028160 _____ (rubicon IT GmbH) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 03:19 - 2021-02-17 03:19 - 000124928 _____ (Stateless Contributors) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 04:45 - 2021-12-17 04:45 - 000258048 _____ (The Apache Software Foundation) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2022-12-08 01:24 - 2022-12-08 01:24 - 000740352 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\log4net\bef4167ac26334e37dfdd6779e0e721f\log4net.ni.dll
2016-12-18 07:55 - 2016-12-18 07:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [229]
AlternateDataStreams: C:\Users\thomz\Eigene:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\thomz\Eigene:com.dropbox.attrs [58]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKU\S-1-5-21-911058088-4281732373-384214513-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-911058088-4281732373-384214513-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-911058088-4281732373-384214513-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.texxas.de/start/
SearchScopes: HKLM -> {1F0C0E4A-72C8-4560-9612-27AD083921F1} URL = hxxp://webtip.ch/cgi-bin/amz_track/tracker_de.pl?loc=search&search={searchTerms}
SearchScopes: HKLM-x32 -> {1F0C0E4A-72C8-4560-9612-27AD083921F1} URL = hxxp://webtip.ch/cgi-bin/amz_track/tracker_de.pl?loc=search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-911058088-4281732373-384214513-1001 -> DefaultScope {9A516A52-1891-4893-BCBD-F505FFB3B049} URL =
SearchScopes: HKU\S-1-5-21-911058088-4281732373-384214513-1001 -> {9A516A52-1891-4893-BCBD-F505FFB3B049} URL =
BHO: Kein Name -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Kein Name -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> Keine Datei
BHO-x32: amazon -> {84B94901-3645-4D80-A6B7-4D0050B19455} -> C:\Program Files (x86)\teXXas\IEButtonAmazonInterface.dll [2009-08-20] () [Datei ist nicht signiert]
Toolbar: HKLM-x32 - Home Extension - {F090BE08-2E7E-4D60-8FAB-98ABFA425136} - C:\Program Files (x86)\teXXas\HomeExtension.dll [2007-03-26] () [Datei ist nicht signiert]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-07-26 14:00 - 2022-10-02 00:36 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "PDF24"
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{5A60080E-A0A6-4BFB-878F-07B3627B53B3}] => (Allow) C:\Users\thomz\AppData\Local\Programs\Opera\93.0.4585.37\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{62B0A89A-CF29-4784-94B0-160C1FDF316C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1A4EA03A-9D6A-4436-812E-694995B449B5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DC255097-A475-4C16-96DA-690C091C542D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EEC7A291-067D-4593-8742-17C523666222}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5997E127-DB6F-4C55-AF63-DE997C00C133}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{71EAB7C5-64FB-4CB7-A6F2-FCD466FFD58E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F5ED2CD4-EE40-4117-A8AE-85694770BA3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{125390FD-8106-4434-BFAB-1A991DCBC972}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3ADCAE83-B5F2-43B7-8302-D3287572A072}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D7116BC4-9600-4C55-B770-259163AA7A71}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B0021FC7-DB88-4FCA-8660-D2E17AE73B1B}] => (Allow) C:\Users\thomz\AppData\Local\Programs\Opera\92.0.4561.43\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{98961EFC-345A-4310-85B8-82F4BA862835}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{29511C11-EAA0-456C-9F51-8A886A0210B8}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6A4FBBB1-3279-4701-98F3-CF9F374C8506}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7F646EAD-85C7-4AD3-8E12-2B692A93BDFF}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{4B173730-C3F2-4AE1-9218-3DD005FC4773}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{5D1FC618-7AEE-4F64-92E8-FFDC50502D3E}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7C3CF462-4A14-4FD4-ACC4-EB3F0D2C7DE9}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{F4F85462-8D22-4AAD-8037-FEB73C0C4F3B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{4C2907ED-856C-4732-AAC3-6287B8E0FF9A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{B83CBD0C-1321-41C5-9E59-C635F7F24252}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{54557298-B3D7-48A6-AB6F-FC7405E29C47}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{709148B6-5E55-401D-A4F0-DAC129051924}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{72377AA1-4343-4048-9348-3BAC94A9EEEC}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{FDCB555D-3CC1-4968-99B9-5B6D9B885ED0}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [Datei ist nicht signiert]
FirewallRules: [{E321E110-D382-43C1-B8C4-B4A3376CC753}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [Datei ist nicht signiert]
FirewallRules: [{8F1BB90B-F274-4281-8945-8BA8EEB36B13}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14326.20348.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F8A595BF-B155-42D3-80B7-EE6D401D0FB3}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{0786E421-7528-4975-B4F5-894925266D0F}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7468667A-67AB-4EF9-A527-A0DF07956689}] => (Allow) C:\Users\thomz\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{21C3A311-E151-4951-BC54-082935F0676A}] => (Allow) C:\Users\thomz\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D3C4D8D6-B7F2-4066-859D-493D9F5D59E4}] => (Allow) C:\Users\thomz\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A336E231-D241-40FE-94F7-EE71F5A2166E}] => (Allow) LPort=51001
FirewallRules: [{7EFD88C5-27D5-4886-B765-A4F1BFD0ECD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7A1A75CC-2FDA-4133-A9D6-E5111FA18A84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CAFF759E-8D29-4158-84B3-8685CF641BFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5A1B1605-DFA9-4CC3-B35F-E88B272DAC6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9FFB9213-BA10-472C-A57C-8E383C648365}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{907C6CEB-FB5B-4ACC-BEE3-4938224EA1C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF42DCC1-E011-49D0-BA92-FFF32FB427DA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{9EA53DBC-1E1A-4B27-9C71-EC5B340534CF}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\EWSProxy.exe (HP Inc -> HP Inc.)
FirewallRules: [{9300C798-3F3A-4559-82A6-851061679EDF}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\FaxApplications.exe (HP Inc -> HP Inc.)
FirewallRules: [{3A8C1F21-F739-409C-957B-F584A2FFB3D5}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\DigitalWizards.exe (HP Inc -> HP Inc.)
FirewallRules: [{E15D865A-C54C-4D0B-AAEE-DF85CCC0DFD5}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\SendAFax.exe (HP Inc -> HP Inc.)
FirewallRules: [{6240F77D-4425-495A-8C20-3F2F5CEC5B6D}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\FaxPrinterUtility.exe (HP Inc -> HP Inc.)
FirewallRules: [{C9B28F86-96A7-47CC-88F8-39C84974BF4C}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\DeviceSetup.exe (HP Inc -> HP Inc.)
FirewallRules: [{246360A0-6EC6-42C4-AF62-8BC2B192A2AC}] => (Allow) LPort=5357
FirewallRules: [{99B7B20D-3DDA-4C86-9CBE-046C42A3CDF2}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.)
FirewallRules: [{D1AA3D00-51F7-4DD1-9954-0C1E84942A8C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{162A21C9-5F2C-4445-984E-8F9EB08F3B6A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5B9A1091-2140-4956-93B4-6E725D9EBBD9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9EC2B8CB-BA44-4896-B6FB-38886E2D3BC9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{72E9A90C-A358-4B34-AED8-901EFB45C967}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{2E6CC415-B055-4C6C-88F1-025675CC5687}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{DF2B302F-C518-46EA-9438-EF14AE0F7C8C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{E9289936-6286-4748-840C-B794963A8B0A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{30910229-BFFE-49B1-86F9-B285EDFC77E7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:101.66 GB) (Free:20.43 GB) (20%)
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (12/08/2022 08:51:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (12/08/2022 08:51:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (12/08/2022 08:51:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (12/08/2022 08:51:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (12/08/2022 08:51:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (12/08/2022 08:51:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (12/08/2022 08:51:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (12/08/2022 08:51:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Systemfehler:
=============
Error: (12/08/2022 08:51:34 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "BITS" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (12/08/2022 04:15:13 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (12/07/2022 09:18:08 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (12/07/2022 09:02:14 AM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: Vom folgenden Dienst wurde wiederholt nicht auf Dienststeuerungsanforderungen reagiert: Windows Search
Erkundigen Sie sich beim Diensthersteller oder beim Systemadministrator danach, ob der Dienst deaktiviert werden sollte, bis das Problem gefunden wurde.
Der Computer muss unter Umständen im abgesicherten Modus gestartet werden, um den Dienst deaktivieren zu können.
Error: (12/07/2022 09:02:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (12/07/2022 09:01:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Dragon Logger service" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Dienst konnte nicht gestartet werden.
Error: (12/07/2022 09:01:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Rivet AP Selector Service" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Dienst konnte nicht gestartet werden.
Error: (12/07/2022 09:01:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
CodeIntegrity:
===============
Date: 2022-12-08 21:18:35
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-12-08 21:15:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Dell Inc. 1.13.0 02/15/2020
Hauptplatine: Dell Inc. 03PVDF
Prozessor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 16178.28 MB
Verfügbarer physikalischer RAM: 7165.32 MB
Summe virtueller Speicher: 41778.28 MB
Verfügbarer virtueller Speicher: 31326.41 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:101.66 GB) (Free:20.43 GB) (Model: BC501 NVMe SK hynix 128GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:906.18 GB) (Model: WDC WD10SPZX-75Z10T2) NTFS
Drive i: (Conrad) (Fixed) (Total:931.51 GB) (Free:352.01 GB) (Model: WDC WD10 EAVS-00M4B0 USB Device) NTFS
Drive j: (WD1) (Fixed) (Total:1862.1 GB) (Free:1837.67 GB) (Model: WD Authorized HDD USB Device) FAT32
Drive k: (My Book) (Fixed) (Total:1862.98 GB) (Free:790.28 GB) (Model: WD My Book 1230 USB Device) NTFS
Drive l: (WD2) (Fixed) (Total:1862.1 GB) (Free:1847.45 GB) (Model: WD Authorized HDD USB Device) FAT32
Drive m: (WD3) (Fixed) (Total:1862.1 GB) (Free:1837.51 GB) (Model: WD Authorized HDD USB Device) FAT32
Drive n: (BUFFALO ) (Fixed) (Total:1101.26 GB) (Free:853.88 GB) (Model: WD My Book 1144 USB Device) NTFS
Drive o: (Volume) (Fixed) (Total:761.72 GB) (Free:606.87 GB) (Model: WD My Book 1144 USB Device) NTFS
\\?\Volume{26375a6a-1ed8-4bce-8656-f666d4005f7f}\ (WINRETOOLS) (Fixed) (Total:0.8 GB) (Free:0.14 GB) NTFS
\\?\Volume{3616beca-565f-44b4-a3c7-f21485ca96d0}\ (Image) (Fixed) (Total:14.81 GB) (Free:0.15 GB) NTFS
\\?\Volume{8fe4f734-65de-4271-8c77-163708b46c49}\ (DELLSUPPORT) (Fixed) (Total:1.2 GB) (Free:0.48 GB) NTFS
\\?\Volume{1836966d-0bdb-433d-97b4-80a249a12a4b}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 88524DD2)
Partition: GPT.
==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 8852576C)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B670B5E9)
Partition 1: (Not Active) - (Size=1101.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=761.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0B863F02)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 4 (Size: 1863 GB) (Disk ID: CA3747A8)
Partition 1: (Active) - (Size=1863 GB) - (Type=FAT32)
==========================================================
Disk: 6 (Size: 1863 GB) (Disk ID: 676E2E41)
Partition 1: (Active) - (Size=1863 GB) - (Type=FAT32)
==========================================================
Disk: 7 (Size: 1863 GB) (Disk ID: B29CCC1A)
Partition 1: (Active) - (Size=1863 GB) - (Type=FAT32)
==========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: ABCD30F1)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
10.12.2022, 21:41
| #3 |
| /// TB-Ausbilder   | PUP.Optional.Forced.Extension in Google Chrome Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen. Schritt 1 Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 2 Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 3
Bitte poste mit deiner nächsten Antwort:
|
|
15.12.2022, 21:00
| #4 |
| /// TB-Ausbilder | PUP.Optional.Forced.Extension in Google Chrome Fehlende Rückmeldung Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
|
| Themen zu PUP.Optional.Forced.Extension in Google Chrome |
| administrator, avira, converter, defender, geforce, google, internet, microsoft, mozilla, nvidia, opera, ordner, pdf, performance, programme, prozesse, realtek, registry, scan, security, services.exe, svchost.exe, system, temp, windows |
Linear-Darstellung
