| |
| |||||||
Log-Analyse und Auswertung: PUP.Optional.Forced.Extension in Google ChromeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
08.12.2022, 21:55
| #1 |
| |  PUP.Optional.Forced.Extension in Google Chrome Hallo liebes Trojanerboard, die Ausgangslage war wie hier beschrieben https://www.trojaner-board.de/205625-pup-optional-forced-extension-google-chrome.html Mittlerweile konnte ich mit viel Mühe das System zu einem Update überreden. Malwarebytes schlägt nun aber tatsächlich nicht mehr aus (hat die Probleme womöglich selbst beseitigt?). Da ich aber unsicher bin ob nun noch weitere Schritte nötig sind würde ich mich freuen wenn ihr nochmal einen Blick auf die FRST und Addition werfen könntet. Habt vielen Dank! FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2022
durchgeführt von thomz (Administrator) auf DESKTOP-9TV7NS2 (Dell Inc. G5 5587) (08-12-2022 21:24:35)
Gestartet von C:\Users\thomz\OneDrive\Desktop\FRST-OlderVersion
Geladene Profile: thomz
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe ->) (Jumping Bytes (Christoph Guentner) -> Jumping Bytes) C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncCheck.exe
(C:\Program Files (x86)\OnScreenKeys\OnScreenKeys.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(drivers\RivetNetworks\Killer\xTendUtilityService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (BonSoft) [Datei ist nicht signiert] C:\Program Files\ClocX\ClocX.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(explorer.exe ->) (Jumping Bytes (Christoph Guentner) -> Jumping Bytes) C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <14>
(explorer.exe ->) (Nenad Hrg -> Nenad Hrg SoftwareOK) C:\Users\thomz\Downloads\desktopok_x64\DesktopOK_x64.exe
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Peter Panisz -> WinTools.Info) C:\Users\thomz\Downloads\changesize.exe
(explorer.exe ->) (privat) [Datei ist nicht signiert] C:\Program Files (x86)\Wisterer HX\wistererhx.exe
(explorer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(explorer.exe ->) (Tom Weber -> tom weber software) C:\Program Files (x86)\OnScreenKeys\OnScreenKeys.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Noriyuki Miyazaki -> Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\FOXIT PDF READER\FoxitPDFReaderUpdateService.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_362cfac2b6e1097f\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_362cfac2b6e1097f\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_183917c66152901d\lib\SocketHeciServer.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fafb1d329fdfe2c6\aesm_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_54c680c07b6d4e2e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\WavesSysSvc64.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\thomz\AppData\Roaming\Telegram Desktop\Telegram.exe
(WhatsApp LLC -> WhatsApp) C:\Users\thomz\AppData\Local\WhatsApp\app-2.2245.9\WhatsApp.exe <7>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\WavesSvc64.exe [1224344 2018-06-22] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [590640 2022-05-03] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11209952 2022-11-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 ] (Flexera Software LLC -> Flexera Software LLC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [WistererHX] => C:\Program Files (x86)\Wisterer HX\WistererHX.exe [2658304 2009-01-19] (privat) [Datei ist nicht signiert]
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7117464 2018-05-02] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [45488 2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [BirthdayRemember6] => C:\Program Files (x86)\BirthdayRemember\BirthdayRemember.exe [2440704 2008-07-28] (BirthdayRemember) [Datei ist nicht signiert]
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\thomz\AppData\Local\WhatsApp\Update.exe [2254048 2022-11-28] (WhatsApp LLC -> )
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [DesktopOK] => C:\Users\thomz\Downloads\desktopok_x64\DesktopOK_x64.exe [628088 2021-04-11] (Nenad Hrg -> Nenad Hrg SoftwareOK)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626480 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [PureSync] => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe [1600208 2022-08-23] (Jumping Bytes (Christoph Guentner) -> Jumping Bytes)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [System Font Size Changer] => C:\Users\thomz\Downloads\changesize.exe [451408 2022-09-29] (Peter Panisz -> WinTools.Info)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [Opera Browser Assistant] => C:\Users\thomz\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4152776 2022-10-19] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [MicrosoftEdgeAutoLaunch_FF62703F05C22A79D79E93D5A162957F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3877288 2022-12-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\...\Run: [GoogleChromeAutoLaunch_91B95029A39C680EAA63AF1167C3D120] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3133720 2022-12-07] (Google LLC -> Google LLC)
HKU\S-1-5-21-911058088-4281732373-384214513-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Perfect PDF 9 Converter Print Processor: C:\Windows\System32\spool\prtprocs\x64\sx_p9_p.dll [264136 2020-10-11] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
HKLM\...\Print\Monitors\HP 5D12 Status Monitor: C:\Windows\system32\hpinksts5D12LM.dll [332176 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.98\Installer\chrmstp.exe [2022-12-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-09-22]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-10-23]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OnScreenKeys.lnk [2020-07-12]
ShortcutTarget: OnScreenKeys.lnk -> C:\Program Files (x86)\OnScreenKeys\OnScreenKeys.exe (Tom Weber -> tom weber software)
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {13BE69D5-0E93-42C9-9CC4-58F92C34DDFD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-911058088-4281732373-384214513-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {150C68A2-F4FD-4AD0-B818-06B4A8ADA719} - System32\Tasks\FaxArchive_VNBNM5N1FK => C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\FaxApplications.exe [6890912 2019-06-11] (HP Inc -> HP Inc.)
Task: {16BB3E5D-8099-4444-97EA-C3D6E4CCC002} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A5B85CA-CC20-43AF-BAC9-6CA32D971939} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [918960 2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
Task: {1F76A940-0186-40AD-9D62-E0E36355CFBE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2916FD3C-CBC9-4AA5-800C-F86E8D112EB0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B2102B8-9C1D-4217-9232-0258ADF67136} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D6E6684-8D7C-4B8A-B389-F6A69531DDF8} - System32\Tasks\JumpingBytes\PureSyncElvthomz => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncHelper.exe [240376 2021-12-28] (Jumping Bytes (Christoph Guentner) -> Jumping Bytes)
Task: {3227E06D-81A1-4838-8B68-0FA1ABCE9B2E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [664928 2022-11-29] (Dell Inc -> Dell Inc.)
Task: {3BEA1C63-9887-465C-A45E-407FA10F8D4F} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> Keine Datei <==== ACHTUNG
Task: {3C4C16C0-DC92-4231-9CB4-AF8805515029} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4D7A2D99-22E2-451A-BF50-C6E748462D6B} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [35424480 2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {5946EA7F-9B34-422B-9668-FD37A4F8886B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A02AF97-09A7-4440-A41E-A56DF7EB3163} - \Opera scheduled assistant Autoupdate 1567213495 -> Keine Datei <==== ACHTUNG
Task: {5A8C5E2D-9760-4269-9994-F66EEC4083F0} - System32\Tasks\Birthday Reminder => C:\Program Files (x86)\BirthdayRemember\BirthdayRemember.exe [2440704 2008-07-28] (BirthdayRemember) [Datei ist nicht signiert]
Task: {5E92AE8D-DE49-492C-8424-66644D3E30AA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F60CB5C-E589-4E62-8515-0A196C52F150} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1660112 2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {63C73691-F72D-43BF-BF25-5A1CBC4B2652} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {68E5AA73-8D6F-4627-8FBB-8F44BE87E79D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {6A85D3FE-8CF7-4874-97E2-ECA934723FB4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6C411BEA-EC6B-4387-93B4-9454946255B0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [66936 2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6FF108C9-42F4-4465-AC37-8955247DC3A9} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {6FF108C9-42F4-4465-AC37-8955247DC3A9} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {6FF108C9-42F4-4465-AC37-8955247DC3A9} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {77CAE9A8-8EEB-464D-88E9-B2581805D1A3} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [260400 2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {814AFDB9-CD64-46C0-A47C-537FB221E0DB} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {99BCC1CE-485F-41D2-A6EA-24C82CCDE7FC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [654784 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9AC4F19F-41C4-4069-A513-3201185B6899} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {9B06207F-B05D-4E91-9842-B46C9364E2FF} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B2C42E7-0D6E-4EB3-9716-F0E0540B057B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {AC500FCD-8632-41EB-AF22-8DB47746D855} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACEF3AB9-02B3-4304-87A4-B74FCF22BC75} - \AdwCleaner_onReboot -> Keine Datei <==== ACHTUNG
Task: {B163C31F-DCAF-4131-8017-D2D54A525837} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B69CB781-DBC5-4AC5-9EFF-170C7D510BA9} - System32\Tasks\Opera scheduled Autoupdate 1566176642 => C:\Users\thomz\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-12-01] (Opera Norway AS -> Opera Software)
Task: {BAFF4275-63BF-4018-9DD3-F3FE0FADF5CA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3297728 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C2D4E387-8EB5-4679-A154-2108E9D392DC} - System32\Tasks\FaxArchive_CN4798R33905RN => C:\Program Files\HP\HP Officejet 6600\Bin\FaxApplications.exe CN4798R33905RN:NW /app FaxArchive -archive -task (Keine Datei)
Task: {C30F9FDB-A7E6-472B-816D-11A7862C2E28} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {CEEF8617-867C-4607-B4A7-C4E9029DA9BF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D9B3BEE7-7053-4353-9A8B-957C24C035CA} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBD00843-6586-4356-96A7-8052076C92AC} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_183917c66152901d\lib\IntelPTTEKRecertification.exe [818000 2021-12-08] (Intel Corporation -> Intel(R) Corporation)
Task: {DEDD3AE3-2A89-4220-A36A-C4BAC433557F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E19C9500-E165-4A7B-86F7-BA0F1C0F0735} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {E87C4B24-5224-463C-ABB2-D8D9006B21E2} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {E9785083-F5A6-4118-A699-16FBA99C068C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EEA4B31D-B898-4F9F-B40B-14918A2D61C1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [999376 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2D9CB2B-59AD-45A1-B277-DE086E281871} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {FA23BD6C-E76A-440C-B61D-DF4F11424FEA} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {FA9FB502-C64B-43E2-AD9F-8FD6BA171EE5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {FCA3D96A-E34D-4A22-BDFD-34B7D82B763B} - System32\Tasks\CrystalDiskInfo => C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe [4003384 2019-10-10] (Noriyuki Miyazaki -> Crystal Dew World)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{481dcb25-44d2-4c56-8380-21c1c7d17d2b}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-08]
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Google Übersetzer) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-07-26]
Edge Extension: (Vergrößern für Microsoft Edge) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akclpjahoedloodjomjhnlmmblikemjj [2022-07-26]
Edge Extension: (Gismeteo) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bfegaehidkkcfaikpaijcdahnpikhobf [2022-07-26]
Edge Extension: (Avira Safe Shopping) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-07-26]
Edge Extension: (Dragon Weberweiterung) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2022-07-26]
Edge Extension: (Avira Password Manager) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2022-07-26]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-11-26]
Edge Extension: (IGRAAL : Cashback & Gutscheine) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hgfjoaookbahbhinopgfoiajfijfcdhm [2022-11-13]
Edge Extension: (Amazon Assistant) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2022-07-26]
Edge Extension: (Cool Uhr) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2022-07-26]
Edge Extension: (SearchPreview) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icnchjepcflcdmnnhbfgmekkcobkdpak [2022-07-26]
Edge Extension: (GMX MailCheck) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\idkbdpnofbfiaiecgobdcaddmfhabhec [2022-07-26]
Edge Extension: (Smallpdf - PDF komprimieren und konvertieren) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2022-07-26]
Edge Extension: (Hover Zoom+) - C:\Users\thomz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2022-11-28]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: U0qFopeb.default
FF ProfilePath: C:\Users\thomz\AppData\Roaming\Mozilla\Firefox\Profiles\kh4jibrf.default-release [2022-12-08]
FF Session Restore: Mozilla\Firefox\Profiles\kh4jibrf.default-release -> ist aktiviert.
FF Extension: (AdBlocker Ultimate) - C:\Users\thomz\AppData\Roaming\Mozilla\Firefox\Profiles\kh4jibrf.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-12-07]
FF ProfilePath: C:\Users\thomz\AppData\Roaming\Mozilla\Firefox\Profiles\U0qFopeb.default [2019-08-07]
FF Extension: (Avira Password Manager) - C:\Users\thomz\AppData\Roaming\Mozilla\Firefox\Profiles\U0qFopeb.default\Extensions\passwordmanager@avira.com [2019-08-07]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin: nuance.com/DgnRia2_x86_64 -> E:\Programme\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll [Keine Datei]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Keine Datei]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Keine Datei]
FF Plugin-x32: nuance.com/DgnRia2 -> E:\Programme\NaturallySpeaking13\Program\npDgnRia2.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-911058088-4281732373-384214513-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-911058088-4281732373-384214513-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-911058088-4281732373-384214513-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-911058088-4281732373-384214513-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default [2022-12-08]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://comedyrent.com; hxxps://drive.google.com; hxxps://informblurb.com; hxxps://lifeindigo.com; hxxps://outlook.live.com; hxxps://pdf.wondershare.com; hxxps://weihrauch.az-vitamins.com; hxxps://www.facebook.com; hxxps://www.lieferando.de; hxxps://www.wetteronline.de
CHR DefaultSearchURL: Default -> hxxps://www.google.de/search?source=hp&ei=FahKXdmCF866kwXM0I-YCg&q={searchTerms}&btnK=Google-Suche&oq=windows+passwortabfrage+ausstellen&gs_l=psy-ab.3..0i22i30l3.1101.1101..1540...0.0..0.150.288.0j2......0....2j1..gws-wiz.....0.f5Z4oEE0ZXI&ved=0ahUKEwiZ4YDaxvDjAhVO3aQKHUzoA6MQ4dUDCAc&uact=5
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Google Übersetzer) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-12]
CHR Extension: (Gismeteo) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfegaehidkkcfaikpaijcdahnpikhobf [2019-11-16]
CHR Extension: (Avira Password Manager) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-11-10]
CHR Extension: (GMX MailCheck) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2022-07-02]
CHR Extension: (Avira Safe Shopping) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-10-29]
CHR Extension: (Suchergebnissvorschau) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedcejfiniojnlhlfhcppenochinijfo [2022-12-08]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-12-08]
CHR Extension: (Dragon Weberweiterung) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2020-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-08]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-11-28]
CHR Extension: (Cool Uhr) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2019-08-20]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-11-19]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2021-04-30]
CHR Extension: (IGRAAL : Cashback & Gutscheine) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2022-12-08]
CHR Extension: (Vergrößern für Google Chrome) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2021-12-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Smallpdf - PDF komprimieren und konvertieren) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2022-07-19]
CHR Extension: (Amazon Assistant für Chrome) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-08-21]
CHR Extension: (Hover Zoom+) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2022-11-27]
CHR Extension: (Nielsen NetSight) - C:\Users\thomz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfbpdnjkepkfokdhnkbdnfdmhlnhhcgc [2020-09-11]
CHR Profile: C:\Users\thomz\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-03]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable [2022-12-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.de/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Avira Safe Shopping) - C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2021-09-11]
OPR Extension: (Rich Hints Agent) - C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-09-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-11]
OPR Extension: (Avira Password Manager) - C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2021-09-11]
OPR Extension: (Free Avira Phantom VPN – Entsperrt Webseiten) - C:\Users\thomz\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2019-08-19]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [267096 2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [293816 2022-11-30] (Avira Operations GmbH -> Avira Operations GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-11-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313488 2020-01-05] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{92BC53F4-91E4-4995-9BF9-9E70698B7269} [21312 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-15] (Dell Inc -> Dell)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [151616 2014-11-04] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8789568 2022-11-22] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8789568 2022-11-22] (Avira Operations GmbH -> Avira Operations GmbH)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncHelper.exe [3476400 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\FoxitPDFReaderUpdateService.exe [2358800 2022-05-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2022-12-07] (HP Inc. -> HP Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73480 2021-03-24] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1775392 2021-03-24] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2663208 2021-03-24] (Rivet Networks LLC -> Rivet Networks)
S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73496 2021-03-24] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-11-27] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\OneDriveUpdaterService.exe [3843504 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [590640 2022-05-03] (geek software GmbH -> geek software GmbH)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2022-11-29] (Dell Inc -> Dell Inc.)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234824 2020-10-11] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15110968 2022-11-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73504 2021-03-24] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73504 2021-03-24] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_54c680c07b6d4e2e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_54c680c07b6d4e2e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 AMSElamDriver; C:\WINDOWS\System32\drivers\amselam.sys [21976 2019-12-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH & Co. KG)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [230520 2022-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cpuz143; C:\Users\thomz\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2022-12-08] (CPUID -> CPUID) <==== ACHTUNG
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2020-07-01] (Glarysoft LTD -> Glarysoft Ltd)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [184400 2021-03-24] (Rivet Networks LLC -> Rivet Networks, LLC.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [26624 2022-10-14] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH)
R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [224848 2022-11-17] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [219040 2022-11-17] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [61376 2022-10-14] (Avira Operations GmbH -> Avira Operations GmbH)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-12-08 21:15 - 2022-12-08 21:15 - 000003840 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2022-12-08 18:20 - 2022-12-08 18:20 - 002632256 _____ (Malwarebytes) C:\Users\thomz\Downloads\MBSetup.exe
2022-12-07 09:18 - 2022-12-08 20:52 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-07 01:43 - 2022-12-07 01:43 - 000025973 _____ C:\Users\thomz\Downloads\Vorsicht beim Kauf! Weihnachtsbäume können giftig sein __ Trump gedemütigt! Er soll ersetzt werden _.html
2022-12-07 01:21 - 2022-12-07 01:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-12-07 01:19 - 2022-12-07 01:19 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-12-07 01:17 - 2022-12-08 21:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-07 01:17 - 2022-12-07 02:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-12-07 01:17 - 2022-12-07 01:17 - 000003758 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-12-07 01:17 - 2022-12-07 01:17 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-12-07 01:17 - 2022-12-07 01:17 - 000003622 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1566176642
2022-12-07 01:17 - 2022-12-07 01:17 - 000003560 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-12-07 01:17 - 2022-12-07 01:17 - 000003534 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-12-07 01:17 - 2022-12-07 01:17 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-12-07 01:17 - 2022-12-07 01:17 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000003336 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-12-07 01:17 - 2022-12-07 01:17 - 000003322 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2022-12-07 01:17 - 2022-12-07 01:17 - 000003302 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2022-12-07 01:17 - 2022-12-07 01:17 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000003076 _____ C:\WINDOWS\system32\Tasks\FaxArchive_VNBNM5N1FK
2022-12-07 01:17 - 2022-12-07 01:17 - 000003064 _____ C:\WINDOWS\system32\Tasks\FaxArchive_CN4798R33905RN
2022-12-07 01:17 - 2022-12-07 01:17 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-911058088-4281732373-384214513-1001
2022-12-07 01:17 - 2022-12-07 01:17 - 000003016 _____ C:\WINDOWS\system32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000003016 _____ C:\WINDOWS\system32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000003016 _____ C:\WINDOWS\system32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000002956 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000002866 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2022-12-07 01:17 - 2022-12-07 01:17 - 000002838 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000002814 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-12-07 01:17 - 2022-12-07 01:17 - 000002748 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-12-07 01:17 - 2022-12-07 01:17 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-07 01:17 - 2022-12-07 01:17 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-12-07 01:17 - 2022-12-07 01:17 - 000002608 _____ C:\WINDOWS\system32\Tasks\CrystalDiskInfo
2022-12-07 01:17 - 2022-12-07 01:17 - 000002596 _____ C:\WINDOWS\system32\Tasks\Birthday Reminder
2022-12-07 01:17 - 2022-12-07 01:17 - 000002222 _____ C:\WINDOWS\system32\Tasks\GU5SkipUAC
2022-12-07 01:17 - 2022-12-07 01:17 - 000002028 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-12-07 01:17 - 2022-12-07 01:17 - 000000020 ___SH C:\Users\thomz\ntuser.ini
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Vorlagen
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Startmenü
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Netzwerkumgebung
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Lokale Einstellungen
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Eigene Dateien
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Druckumgebung
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Users\Default\Anwendungsdaten
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Programme
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\ProgramData\Vorlagen
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\ProgramData\Startmenü
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\ProgramData\Dokumente
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Program Files\Gemeinsame Dateien
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 _SHDL C:\Dokumente und Einstellungen
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-911058088-4281732373-384214513-1001
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\JumpingBytes
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-12-07 01:17 - 2022-12-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2022-12-07 01:16 - 2022-12-07 01:17 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2022-12-07 01:16 - 2022-12-07 01:17 - 000007623 _____ C:\WINDOWS\diagerr.xml
2022-12-07 01:13 - 2022-12-08 21:23 - 001632230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-07 00:46 - 2022-12-07 01:17 - 000000000 ____D C:\Users\thomz
2022-12-07 00:46 - 2022-12-07 01:16 - 000000000 ____D C:\Users\thomz\OneDrive
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Vorlagen
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Startmenü
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Netzwerkumgebung
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Lokale Einstellungen
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Eigene Dateien
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Druckumgebung
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\AppData\Local\Verlauf
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\AppData\Local\Anwendungsdaten
2022-12-07 00:46 - 2022-12-07 00:46 - 000000000 _SHDL C:\Users\thomz\Anwendungsdaten
2022-12-07 00:44 - 2022-12-08 19:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-07 00:44 - 2022-12-07 00:44 - 000447600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-07 00:18 - 2022-12-07 00:20 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-12-07 00:17 - 2022-12-07 00:18 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-12-07 00:16 - 2022-12-07 00:16 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-12-07 00:13 - 2022-12-07 00:13 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-12-07 00:13 - 2022-12-07 00:13 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-12-07 00:13 - 2022-12-07 00:13 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-06 23:07 - 2022-12-08 06:00 - 000000000 ___DC C:\WINDOWS\Panther
2022-12-06 22:53 - 2022-12-06 23:07 - 000000000 ____D C:\ESD
2022-12-06 22:49 - 2022-12-06 22:49 - 000000000 ___HD C:\$Windows.~WS
2022-12-06 22:30 - 2022-12-06 22:30 - 000000000 ___HD C:\$WinREAgent
2022-12-03 22:50 - 2022-12-03 22:50 - 001666901 _____ C:\Users\thomz\Downloads\20221203_154447.jpg.crdownload
2022-12-01 18:47 - 2022-12-01 18:47 - 000000039 _____ C:\Users\thomz\Downloads\Thomzab@gmx.de Firefox account recovery key.txt
2022-12-01 18:21 - 2022-12-08 18:21 - 000000000 ____D C:\Users\thomz\AppData\LocalLow\Mozilla
2022-12-01 18:21 - 2022-12-07 19:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-01 18:21 - 2022-12-07 01:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-01 18:21 - 2022-12-01 18:21 - 000002036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2022-12-01 18:21 - 2022-12-01 18:21 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-01 18:21 - 2022-12-01 18:21 - 000000000 ____D C:\Users\thomz\AppData\Local\Mozilla
2022-12-01 18:21 - 2022-12-01 18:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-01 18:15 - 2022-12-01 18:15 - 000350192 _____ (Mozilla) C:\Users\thomz\Downloads\Nicht bestätigt 957068.crdownload
2022-11-28 22:52 - 2022-12-08 21:24 - 000000000 ____D C:\FRST
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-11-17 09:53 - 2022-11-17 09:53 - 003331390 _____ C:\Users\thomz\Downloads\eflyer_Saturn_Verbund_1711 (1).pdf
2022-11-17 09:50 - 2022-11-17 09:50 - 003331390 _____ C:\Users\thomz\Downloads\eflyer_Saturn_Verbund_1711.pdf
2022-11-13 21:17 - 2022-11-13 21:17 - 000000000 ____D C:\Program Files\Google
2022-11-11 22:17 - 2022-11-11 22:17 - 000592322 _____ C:\Users\thomz\Downloads\Mutaflor-mite-Packungsbeilage.pdf
2022-11-11 21:04 - 2022-11-11 21:04 - 000000000 __SHD C:\Users\thomz\.dropbox_bi
2022-11-09 12:55 - 2022-11-09 12:55 - 000462160 _____ (WinTools.Info) C:\Users\thomz\Downloads\advchange.exe
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-12-08 21:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-08 21:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-08 21:23 - 2019-12-07 15:51 - 000708572 _____ C:\WINDOWS\system32\perfh007.dat
2022-12-08 21:23 - 2019-12-07 15:51 - 000142814 _____ C:\WINDOWS\system32\perfc007.dat
2022-12-08 21:21 - 2020-09-12 21:05 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Telegram Desktop
2022-12-08 21:17 - 2019-04-09 18:20 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-08 21:17 - 2019-03-25 12:35 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-08 21:16 - 2022-03-03 07:37 - 000000000 ____D C:\Users\thomz\AppData\Roaming\DropboxElectron
2022-12-08 21:16 - 2019-08-07 15:01 - 000000000 ____D C:\Users\thomz\AppData\Local\Dropbox
2022-12-08 21:16 - 2019-07-26 14:32 - 000000000 ____D C:\ProgramData\OnScreenKeys
2022-12-08 21:15 - 2020-09-17 18:03 - 000000000 ____D C:\Users\thomz\AppData\Roaming\WhatsApp
2022-12-08 21:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-08 21:15 - 2019-08-07 15:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-12-08 21:15 - 2019-04-09 18:17 - 000000000 __SHD C:\Users\thomz\IntelGraphicsProfiles
2022-12-08 21:15 - 2019-03-25 12:34 - 000000000 ___DC C:\Intel
2022-12-08 20:51 - 2022-06-03 21:07 - 004170032 _____ C:\WINDOWS\system32\rtp.db
2022-12-08 20:51 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-12-08 20:42 - 2019-08-07 14:16 - 000000000 ____D C:\Users\thomz\.rainlendar2
2022-12-08 14:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-08 09:15 - 2019-07-26 14:04 - 000000000 ____D C:\Users\thomz\AppData\Local\D3DSCache
2022-12-07 22:55 - 2022-07-21 21:14 - 000000000 _____ C:\Users\thomz\OneDrive\Dokumente\HPSmartPrintingPort
2022-12-07 22:32 - 2019-04-09 18:22 - 000002295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-07 09:44 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-07 08:46 - 2020-08-14 05:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-12-07 08:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-07 03:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-12-07 02:21 - 2021-05-13 14:59 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-12-07 01:33 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-12-07 01:33 - 2019-04-09 18:17 - 000000000 ____D C:\Users\thomz\AppData\Local\Packages
2022-12-07 01:21 - 2019-08-07 15:12 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-12-07 01:20 - 2019-04-09 18:19 - 000000000 ____D C:\Users\thomz\AppData\Local\PlaceholderTileLogoFolder
2022-12-07 01:20 - 2019-03-25 12:54 - 000000000 ____D C:\ProgramData\Packages
2022-12-07 01:18 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-12-07 01:17 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-12-07 01:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-12-07 01:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-12-07 01:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2022-12-07 01:17 - 2019-08-07 15:12 - 000001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-12-07 01:17 - 2019-08-07 15:12 - 000001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-12-07 01:17 - 2019-04-09 18:17 - 000000000 ___RD C:\Users\thomz\3D Objects
2022-12-07 01:17 - 2019-03-25 12:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-12-07 01:17 - 2019-03-25 12:27 - 000000000 ____D C:\Program Files\Intel
2022-12-07 01:11 - 2020-07-12 09:40 - 000027204 _____ C:\WINDOWS\system32\emptyregdb.dat
2022-12-07 01:11 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2022-12-07 01:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2022-12-07 00:46 - 2022-06-23 21:49 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2022-12-07 00:46 - 2022-05-10 15:55 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-12-07 00:46 - 2021-09-04 19:21 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2022-12-07 00:46 - 2021-03-02 03:15 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2022-12-07 00:46 - 2020-09-17 18:04 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2022-12-07 00:46 - 2020-09-12 21:05 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-12-07 00:45 - 2020-11-01 04:22 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-07 00:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-12-07 00:45 - 2019-03-25 12:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-12-07 00:45 - 2019-03-25 12:32 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-12-07 00:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-07 00:21 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-12-07 00:20 - 2022-09-11 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureSync
2022-12-07 00:20 - 2022-07-02 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2022-12-07 00:20 - 2022-05-05 08:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2022-12-07 00:20 - 2022-02-06 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-12-07 00:20 - 2021-10-15 21:05 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-12-07 00:20 - 2021-09-22 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-12-07 00:20 - 2021-09-22 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2022-12-07 00:20 - 2021-09-22 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2022-12-07 00:20 - 2020-12-04 02:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-12-07 00:20 - 2020-10-11 14:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking
2022-12-07 00:20 - 2020-07-29 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BirthdayRemember
2022-12-07 00:20 - 2020-07-18 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software
2022-12-07 00:20 - 2020-07-18 21:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2022-12-07 00:20 - 2020-06-22 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2022-12-07 00:20 - 2020-06-14 08:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2022-12-07 00:20 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-in
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2022-12-07 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-12-07 00:20 - 2019-11-08 19:11 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2022-12-07 00:20 - 2019-11-07 21:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2022-12-07 00:20 - 2019-10-22 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2022-12-07 00:20 - 2019-08-19 02:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2022-12-07 00:20 - 2019-08-17 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2022-12-07 00:20 - 2019-08-07 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MD Adressbuch 2018
2022-12-07 00:20 - 2019-08-07 13:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClocX
2022-12-07 00:20 - 2019-08-07 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skinny Clock
2022-12-07 00:20 - 2019-08-07 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2022-12-07 00:20 - 2019-07-26 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnScreenKeys
2022-12-07 00:20 - 2019-07-26 13:58 - 000000000 ____D C:\Program Files\UNP
2022-12-07 00:20 - 2019-03-25 12:37 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2022-12-07 00:20 - 2019-03-25 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-12-07 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-12-07 00:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-12-07 00:18 - 2020-10-11 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\soft Xpansion
2022-12-07 00:18 - 2019-10-08 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
2022-12-07 00:18 - 2019-08-15 15:13 - 000000000 ____D C:\WINDOWS\Firmware
2022-12-07 00:18 - 2019-03-25 12:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2022-12-07 00:18 - 2019-03-25 12:32 - 000000000 ____D C:\WINDOWS\system32\cAVS
2022-12-07 00:15 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-12-07 00:15 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-12-07 00:15 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-12-07 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-07 00:08 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-12-07 00:08 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-12-07 00:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-12-07 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-12-07 00:08 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-12-06 21:26 - 2019-08-07 15:18 - 000000000 ____D C:\Users\thomz\Eigene
2022-12-06 14:46 - 2020-08-01 18:16 - 000000000 ___HD C:\Users\thomz\Downloads\.opera
2022-12-06 14:46 - 2020-08-01 18:16 - 000000000 ___HD C:\Users\thomz\.opera
2022-12-03 23:35 - 2022-08-05 22:30 - 000001454 _____ C:\Users\thomz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2022-12-03 20:47 - 2019-08-07 15:18 - 000000000 ___RD C:\Users\thomz\Dropbox
2022-12-03 20:41 - 2019-08-27 17:24 - 000000000 ____D C:\Users\thomz\AppData\Local\CrashDumps
2022-12-01 18:21 - 2019-08-07 12:43 - 000000000 ____D C:\Users\thomz\AppData\Roaming\Mozilla
2022-11-28 21:40 - 2019-08-07 15:19 - 000000000 ____D C:\Users\thomz\AppData\Roaming\TeamViewer
2022-11-28 20:48 - 2021-10-20 08:37 - 000000000 ____D C:\Users\thomz\AppData\Local\WhatsApp
2022-11-28 09:46 - 2019-08-07 12:42 - 000000000 ____D C:\ProgramData\Avira
2022-11-27 21:07 - 2021-04-23 03:47 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-11-27 21:07 - 2020-06-25 01:14 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-11-27 21:07 - 2020-06-25 01:14 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-27 21:06 - 2020-12-27 10:12 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-11-27 21:06 - 2020-06-25 01:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-27 21:06 - 2020-06-25 01:12 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-22 20:48 - 2022-10-22 22:07 - 000013281 _____ C:\Users\thomz\OneDrive\Dokumente\Nahrungsergänzungsmittel.xlsx
2022-11-21 12:29 - 2019-11-25 09:05 - 000000000 _____ C:\Users\thomz\OneDrive\Dokumente\HPLJM278-M281_Fax_Port
2022-11-19 08:46 - 2021-09-25 01:32 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-11-17 19:48 - 2021-09-22 22:04 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-17 11:54 - 2022-06-03 21:06 - 000224848 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys
2022-11-17 11:54 - 2022-06-03 21:06 - 000219040 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys
2022-11-15 22:40 - 2021-09-16 07:35 - 000000000 ____D C:\Program Files\Microsoft Office
2022-11-09 19:13 - 2019-08-07 13:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 19:05 - 2019-08-07 13:02 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-09 12:55 - 2022-09-29 07:43 - 000000000 ____D C:\Users\thomz\AppData\Local\WinTools.Info
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-10-04 22:34 - 2022-09-11 14:06 - 000041351 _____ () C:\Users\thomz\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2021-10-04 22:05 - 2021-10-04 22:05 - 000019286 _____ () C:\Users\thomz\AppData\Roaming\Durch Trennzeichen getrennte Werte.EML
2020-04-12 22:15 - 2020-04-12 22:15 - 000020480 _____ () C:\Users\thomz\AppData\Roaming\pushdata.sqlite
2020-10-11 14:38 - 2020-10-11 14:38 - 000001195 _____ () C:\Users\thomz\AppData\Roaming\SAS7_000.DAT
2019-07-26 14:33 - 2019-07-26 14:33 - 000007605 _____ () C:\Users\thomz\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu PUP.Optional.Forced.Extension in Google Chrome |
| administrator, avira, converter, defender, geforce, google, internet, microsoft, mozilla, nvidia, opera, ordner, pdf, performance, programme, prozesse, realtek, registry, scan, security, services.exe, svchost.exe, system, temp, windows |
Baum-Darstellung