| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis]Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.02.2023, 17:10
| #1 |
 | ![WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] - Standard](images/icons/icon1.gif){kind=icon} WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] Hallo an alle freiwilligen Helfer, bei mir lag lag eine Email der „Telekom“ in meinem Postfach nebst Anhang, die ich prompt geöffnet habe. Bisher habe ich gefühlt immer alles (!?) direkt gelöscht oder als Junk gekennzeichnet. Hier wurde ich von einer ausstehenden Zahlung von über 7.000€ geschockt; näheres würde in der Rechnung im Anhang, den ich aber nur mit meinem Telekom Passwort öffnen könnte. Da wir gar keinen Telekom Festnetz Anschluss mehr besitzen und ich nur von früher ein Passwort für den Login besitze habe ich dann abgebrochen. Auf Chip habe ich mich dann informiert und das Farbar Recovery Scan Tool über Download runtergeladen. Leider zusammen mit AVIRA. Beim Auslesen hat AVIRA dann einige Male geblockt und Dateien in die Quarantäne verschoben.Bsp: Opera 64 Bit – Chip-Installer.exe da es mit Win32:PUP-gen[PUP infiziert sei! Ich habe einige BankProgramme auf dem PC am Laufen. Meint Ihr die sind jetzt alle infiziert oder habe ich vielleicht nochmal Glück gehabt… Bis auf Mozilla und Thunderbird habe ich nichts mehr geöffnet. VG Petertotus WIN 10, Thunderbird 102.6.1 (32-BIT) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
durchgeführt von Ganz (Administrator) auf HP-ARBEITSZ (HP HP ProBook 450 G4) (10-02-2023 13:25:15)
Gestartet von C:\Users\Ganz\Downloads\FRST02
Geladene Profile: Ganz
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2486 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(BUSINESS CONVERS TRACK S.R.L. -> Business Convers Track S.R.L.) C:\Users\Ganz\AppData\Roaming\SEO\SEO.exe
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <13>
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe <7>
(C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe
(C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HPHotkeyNotification.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <4>
(explorer.exe ->) (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> ) C:\Windows\System32\EoAExperiences.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <25>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Chip Digital GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(services.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc.) [Datei ist nicht signiert] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Sony) [Datei ist nicht signiert] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\AuthManager\AuthManSvr.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(svchost.exe ->) (Synaptics Incorporated) [Datei ist nicht signiert] C:\Windows\System32\SynaMonApp.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(winlogon.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [215960 2022-12-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366960 2022-09-01] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [AnalyticsSrv] => C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe [2634344 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2971608 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [572376 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [InstallHelper] => C:\Program Files (x86)\Citrix\Citrix WorkSpace 2210\InstallHelper.exe [408496 2022-10-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\Installer\setup.exe [4022216 2023-02-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2018\AudialsNotifier.exe [4293016 2017-11-17] (Audials AG -> )
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1690704 2020-06-17] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-04-07] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [MicrosoftEdgeAutoLaunch_33AB6AD30668417CC16079428DBD5A47] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188576 2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.77\Installer\chrmstp.exe [2023-02-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{60f15951-e7ef-11ea-b28e-c4b301b9ed33}] -> C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\105.1.1.27\Installer\chrmstp.exe [2022-10-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-09-25]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2021-01-15]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server) [Datei ist nicht signiert]
Startup: C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SearchEngineOptimizer.lnk [2023-02-10]
ShortcutTarget: SearchEngineOptimizer.lnk -> C:\Users\Ganz\AppData\Roaming\SEO\SEO.exe (BUSINESS CONVERS TRACK S.R.L. -> Business Convers Track S.R.L.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {031142AB-E0CD-40B5-AE6F-1DBF51CB08DF} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe [843800 2016-06-02] (HP Inc. -> )
Task: {0AA8731D-9505-4A48-AB2B-324603F01AFE} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [35437192 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {0EA266EE-60D6-4DBF-B658-A6DADCF62227} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {15CA46FB-959D-4B51-BFE9-A0A7736FC8E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Keine Datei)
Task: {308E4E14-B172-4D77-A401-741F88A04E9F} - System32\Tasks\Opera scheduled Autoupdate 1512162865 => C:\Program Files\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software)
Task: {328CD258-5CE7-424F-861F-4D12D9A9A5A7} - System32\Tasks\Opera scheduled assistant Autoupdate 1581001615 => C:\Program Files\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {38910CEB-2644-4815-AD6B-21305847359D} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (Keine Datei)
Task: {3B6A539A-7259-4838-AC79-4E00939768F0} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {4244DBBB-0510-43B1-A719-35349B63C55F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {45BBC3E4-79A9-43C4-A2A7-78FECF002708} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-01-10] (HP Inc. -> HP Inc.)
Task: {4A5E2EF2-7F49-40E5-BEB8-8CB7EC24DFC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Keine Datei)
Task: {6354BAD4-1C76-4EE2-9870-9503CFA7B03C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149464 2023-01-10] (HP Inc. -> HP Inc.)
Task: {63841390-62C1-40C2-B2D7-484C3D5DA839} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560 2023-02-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {651235E9-621E-4DF1-993D-F3DD7613F7F0} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2018-10-30] (Synaptics Incorporated) [Datei ist nicht signiert]
Task: {6F2CBA99-EA07-4E03-81FD-CAC10ADEEBAB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "fad68a5b-a574-4065-95a6-e3cdaa5a95b9" --version "6.08.10255" --silent
Task: {728111F1-6845-4525-99D3-C8CFAFE3D1E6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2295192 2023-01-30] (Avast Software s.r.o. -> Avast Software)
Task: {74EF12D0-5FE7-41D0-8DDC-50E3FA325845} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe /scheduledcheck (Keine Datei)
Task: {7C693021-6500-4EBA-B005-0241B83C6A85} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe /scheduler (Keine Datei)
Task: {7D84682E-39A2-4B17-ACF7-35D5D5236A62} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\recordingmanager.exe /bgrecordaliveevent (Keine Datei)
Task: {82F2910F-7336-4652-8D05-44D0D8BB5714} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-13] (Google Inc -> Google Inc.)
Task: {86F709F4-7996-4A2B-9E2B-5FCDAF21CB3E} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [813008 2022-10-13] (Avast Software s.r.o. -> AVAST Software)
Task: {87E56F64-2579-4AC4-B49E-5EED09AFAB66} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {89726209-BECC-403E-8E42-457CC030FFC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-13] (Google Inc -> Google Inc.)
Task: {8ABAA2D4-89DB-49A2-A41A-6B7B065D6553} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {8ABAA2D4-89DB-49A2-A41A-6B7B065D6553} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {8ABAA2D4-89DB-49A2-A41A-6B7B065D6553} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {8CFFD35B-91A3-4FCB-8E0D-C3917ACA0D4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {A47605CC-7DCF-4E5A-8933-31BFDB9895DB} - System32\Tasks\CCleanerSkipUAC - Ganz => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B617CDDC-84C7-48AB-8194-554284D9C19C} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259872 2023-01-26] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {B9A4DEEB-E7D6-416C-B0EA-3FFE820F2971} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.)
Task: {B9B72517-C936-43EF-8068-65AFCD857926} - System32\Tasks\Avira_FallbackUpdater => C:\WINDOWS\system32\sc.exe start AviraFallbackUpdater Delayed=false
Task: {C17A5C4A-3731-4C95-A6B3-1F9D70DDB11F} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1695784 2023-01-26] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {D534D46F-5D40-498D-BD51-458945DCA8D3} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {F700ECBF-D13C-4A58-8998-B5CC5273A503} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe /logoncheck (Keine Datei)
Task: {FCF30AB3-2CB6-404F-AD97-3D8C9352D70C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4954008 2022-12-17] (Avast Software s.r.o. -> AVAST Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4aed77b6-c98c-4c8d-933f-4e428e37811f}: [DhcpNameServer] 172.18.1.1
Tcpip\..\Interfaces\{8474238d-b387-42a4-bfee-24a6197d0101}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a2900742-64c8-4bba-b955-4d097f46677e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d04cd47e-9a8a-4710-86a0-74aee1f8bafa}: [DhcpNameServer] 192.168.178.1
Edge:
=======
DownloadDir: C:\Users\Ganz\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-749038088-1968257971-3176724149-1005 -> about:tabs
Edge Notifications: HKU\S-1-5-21-749038088-1968257971-3176724149-1005 -> hxxps://www.hagebau.de
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ganz\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-19]
Edge Notifications: Default -> hxxps://www.hagebau.de
Edge HomePage: Default -> edge://newtab/
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: 27pb13jo.default-1579725056422
FF ProfilePath: C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422 [2023-02-10]
FF Notifications: Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422 -> hxxps://www.tui.com
FF Extension: (HTTPS Everywhere) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\https-everywhere@eff.org.xpi [2021-07-14]
FF Extension: (Privacy Badger) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-02-03]
FF Extension: (Startpage.com — Datenschutz-Suchmaschine) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-09-30]
FF Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2020-02-28] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (Video DownloadHelper) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-08]
FF Extension: (DownThemAll!) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2023-01-31]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => nicht gefunden
FF Plugin: @Citrix.com/npagee64,version=11.0.63.16 -> C:\Program Files\Citrix\Secure Access Client\npagee64.dll [2015-10-04] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Citrix.com/npagee,version=11.0.63.16 -> C:\Program Files\Citrix\Secure Access Client\npagee.dll [2015-10-04] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-749038088-1968257971-3176724149-1005: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Users\Ganz\AppData\Roaming\mozilla\plugins\npagee.dll [2017-10-02]
FF Plugin ProgramFiles/Appdata: C:\Users\Ganz\AppData\Roaming\mozilla\plugins\npagee64.dll [2017-10-02]
Chrome:
=======
CHR Profile: C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default [2023-02-10]
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&pc=COS2&ptag=D040721-N0640A74DCDF78DC&form=CONBDF&conlogo=CT3335043
CHR DefaultSearchKeyword: Default -> bing®
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab?pc=COS2&ptag=D040721-N0630A74DCDF78DC&form=CONMHP&conlogo=CT3335043
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (PriceTiger) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bolplfmefepdhhakjbdggjmocjdkjkgb [2021-12-20]
CHR Extension: (Cookie Raccoon) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipiciigpkfkldonnnjdjkldkfpmpack [2021-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-24]
CHR Profile: C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-22]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR Profile: C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable [2023-02-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-10]
OPR Extension: (Opera Wallet) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-16]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-23]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8553880 2022-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [597400 2022-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [597400 2022-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [5779160 2022-10-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-24] (Avast Software s.r.o. -> AVAST Software)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6529128 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3002640 2022-09-08] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [267096 2023-01-26] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [295920 2023-01-26] (Avira Operations GmbH -> Avira Operations GmbH)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2018-10-25] (Chip Digital GmbH) [Datei ist nicht signiert] <==== ACHTUNG
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [63408 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8930944 2023-01-31] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8930944 2023-01-31] (Avira Operations GmbH -> Avira Operations GmbH)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe [1561032 2022-10-12] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [892928 2016-06-02] (HP Inc.) [Datei ist nicht signiert]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [797640 2023-01-10] (HP Inc. -> HP Inc.)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [796616 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [459800 2016-06-02] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [793000 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [796584 2023-01-10] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe [606664 2022-10-12] (HP Inc. -> HP Inc.)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
S2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [35104 2017-03-02] (RealNetworks, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-04-07] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2575360 2020-06-17] (Sony) [Datei ist nicht signiert]
S3 CitrixEnterpriseBrowserElevationService; "C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\105.1.1.27\elevation_service.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31424 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229208 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391272 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267888 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555560 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80376 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695504 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318456 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [185704 2023-01-31] (NortonLifeLock Inc. -> BullGuard Ltd.)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [263000 2023-01-26] (Avira Operations GmbH -> Avira Operations GmbH)
R2 ctxusbm; C:\WINDOWS\system32\DRIVERS\ctxusbmon.sys [136680 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [124952 2022-10-13] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [112184 2023-01-21] (Avira Operations GmbH -> Avira Operations GmbH)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2017-11-17] (Audials AG -> Audials AG)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [25568 2023-01-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH)
R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [230408 2023-01-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [224512 2023-01-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [62632 2023-01-30] (Avira Operations GmbH -> Avira Operations GmbH)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [57648 2017-11-17] (Audials AG -> RapidSolution Software AG)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-02-10 13:19 - 2023-02-10 13:19 - 000000000 ___HD C:\$AV_ASW
2023-02-10 13:12 - 2023-02-10 13:25 - 000000000 ____D C:\FRST
2023-02-10 13:12 - 2023-02-10 13:19 - 000000000 ____D C:\Users\Ganz\Downloads\FRST02
2023-02-10 13:10 - 2023-02-10 13:10 - 003480536 _____ C:\Users\Ganz\Downloads\FRST02.zip
2023-02-10 13:10 - 2023-02-10 13:10 - 000001712 _____ C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SearchEngineOptimizer.lnk
2023-02-10 13:10 - 2023-02-10 13:10 - 000000000 ____D C:\Users\Ganz\AppData\Roaming\SEO
2023-02-10 13:08 - 2023-02-10 13:08 - 005331520 _____ (CHIP Digital GmbH) C:\Users\Ganz\Downloads\Farbar Recovery Scan Tool (HijackThis Alternative) - CHIP Installer _4SHHx.exe
2023-02-10 13:00 - 2023-02-10 13:00 - 000000000 ____D C:\Users\Public\Security Sessions
2023-02-10 12:58 - 2023-02-10 13:00 - 000000000 ____D C:\Users\Ganz\AppData\Local\Avira
2023-02-10 12:58 - 2023-02-10 12:58 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2023-02-10 12:58 - 2023-02-10 12:58 - 000000000 _____ C:\WINDOWS\system32\rtp.db
2023-02-10 12:58 - 2023-01-31 10:26 - 000185704 _____ (BullGuard Ltd.) C:\WINDOWS\system32\Drivers\BdNet.sys
2023-02-10 12:58 - 2023-01-30 15:23 - 000230408 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys
2023-02-10 12:58 - 2023-01-30 15:23 - 000224512 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys
2023-02-10 12:58 - 2023-01-30 15:23 - 000062632 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_traverse.sys
2023-02-10 12:58 - 2023-01-26 15:06 - 000263000 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\BdSentry.sys
2023-02-10 12:58 - 2023-01-21 10:46 - 000112184 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\netprotection_network_filter.sys
2023-02-10 12:57 - 2023-02-10 12:58 - 000000000 ____D C:\ProgramData\Avira
2023-02-10 12:57 - 2023-02-10 12:57 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2023-02-10 12:57 - 2023-02-10 12:57 - 000003768 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2023-02-10 12:57 - 2023-02-10 12:57 - 000003702 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater
2023-02-10 12:57 - 2023-02-10 12:57 - 000003476 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2023-02-10 12:57 - 2023-02-10 12:57 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2023-02-10 12:57 - 2023-02-10 12:57 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2023-02-10 12:57 - 2023-02-10 12:57 - 000001157 _____ C:\Users\Public\Desktop\Avira.lnk
2023-02-10 12:57 - 2023-02-10 12:57 - 000000000 ____D C:\Users\Public\Speedup Sessions
2023-02-10 12:57 - 2023-02-10 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2023-02-10 12:57 - 2023-02-10 12:57 - 000000000 ____D C:\Program Files\Avira
2023-02-10 12:57 - 2023-02-10 12:57 - 000000000 ____D C:\Program Files (x86)\Avira
2023-02-03 00:08 - 2023-02-10 12:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-03 00:08 - 2023-02-03 00:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-20 14:30 - 2023-01-20 19:07 - 000271360 _____ C:\Users\Ganz\Desktop\Outlook.pst
2023-01-20 14:29 - 2023-01-20 14:29 - 000000000 ____D C:\Users\Ganz\Documents\Outlook-Dateien
2023-01-20 14:28 - 2023-01-20 14:28 - 000002423 _____ C:\Users\Public\Desktop\Windows-Migrationsassistent.lnk
2023-01-20 14:27 - 2023-01-20 14:27 - 059884472 _____ (Apple Inc.) C:\Users\Ganz\Desktop\WindowsMigrationAssistantSetup.exe
2023-01-19 14:36 - 2023-01-19 14:36 - 000000000 ____D C:\Users\Ganz\Downloads\Flüchtling
2023-01-18 17:21 - 2023-01-18 17:21 - 000021233 _____ C:\Users\Ganz\Documents\00000000-MUSTER Matilda.dotm
2023-01-18 17:16 - 2023-01-18 17:16 - 000021267 _____ C:\Users\Ganz\Documents\00000000-MUSTER Moritz.dotm
2023-01-18 16:59 - 2023-01-18 16:59 - 000050869 _____ C:\Users\Ganz\Documents\00000000-MUSTER- Ari - Peter Anschreiben.dotm
2023-01-18 16:13 - 2023-01-18 16:22 - 000050615 _____ C:\Users\Ganz\Documents\00000000-MUSTER- Peter - Anschreiben Peter .dotm
2023-01-18 16:01 - 2023-01-18 16:01 - 000004096 ____H C:\Users\Ganz\AppData\Local\keyfile3.drm
2023-01-17 11:21 - 2023-02-05 17:17 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-14 03:37 - 2023-01-14 03:37 - 000002223 _____ C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2023-01-13 12:16 - 2023-01-13 12:16 - 000000000 ___HD C:\$WinREAgent
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-02-10 13:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-10 13:00 - 2017-10-13 15:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-10 12:58 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-10 12:18 - 2017-04-26 10:04 - 000000000 ____D C:\Users\Ganz\AppData\LocalLow\Mozilla
2023-02-10 11:52 - 2020-12-14 20:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-10 10:00 - 2017-03-10 22:44 - 000000000 ____D C:\Program Files\CCleaner
2023-02-10 09:57 - 2020-12-14 20:44 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-02-09 22:48 - 2022-09-22 10:37 - 000003046 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-09 22:48 - 2022-09-22 10:37 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-09 22:48 - 2021-12-13 16:48 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-749038088-1968257971-3176724149-1005
2023-02-09 22:48 - 2021-08-25 13:54 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Ganz
2023-02-09 22:48 - 2020-12-14 20:44 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-09 22:48 - 2020-12-14 20:44 - 000003560 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-02-09 22:48 - 2020-12-14 20:44 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-09 22:48 - 2020-12-14 20:44 - 000003336 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-02-09 22:48 - 2020-12-14 20:44 - 000003320 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1512162865
2023-02-09 22:48 - 2020-12-14 20:44 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-09 22:48 - 2020-12-14 20:44 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-749038088-1968257971-3176724149-1005
2023-02-09 22:35 - 2020-12-14 20:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-02-09 19:12 - 2017-10-13 15:06 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-09 13:43 - 2021-10-16 03:00 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2023-02-09 13:43 - 2017-12-01 22:14 - 000000000 ____D C:\Program Files\Opera
2023-02-09 09:22 - 2022-02-11 12:09 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-08 11:12 - 2018-09-16 14:17 - 000000000 ____D C:\Users\Ganz\AppData\Local\AVAST Software
2023-02-07 17:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-07 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-07 17:14 - 2016-09-25 05:12 - 000000000 ____D C:\ProgramData\HPQLOG
2023-02-05 17:26 - 2018-07-06 10:17 - 000000000 ____D C:\Users\Ganz\AppData\Local\D3DSCache
2023-02-05 17:17 - 2020-03-14 04:13 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-04 11:33 - 2020-12-14 20:41 - 001883076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-04 11:33 - 2019-12-07 15:51 - 000804906 _____ C:\WINDOWS\system32\perfh007.dat
2023-02-04 11:33 - 2019-12-07 15:51 - 000175844 _____ C:\WINDOWS\system32\perfc007.dat
2023-02-04 11:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-04 11:30 - 2021-07-29 18:31 - 000000000 ____D C:\Users\Ganz\AppData\Local\AvastAntiTrackPremium
2023-02-04 11:30 - 2017-06-19 09:07 - 000000000 ____D C:\ProgramData\Synaptics
2023-02-04 11:29 - 2020-12-14 20:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-04 11:29 - 2020-12-14 20:34 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-04 11:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-04 11:29 - 2018-09-16 14:15 - 000000000 ____D C:\ProgramData\AVAST Software
2023-02-04 11:29 - 2017-04-25 17:35 - 000000000 __SHD C:\Users\Ganz\IntelGraphicsProfiles
2023-02-04 11:29 - 2017-03-04 06:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-04 11:29 - 2016-09-25 04:40 - 000000000 ____D C:\Intel
2023-02-04 11:28 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-04 11:27 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-03 00:08 - 2017-03-04 06:51 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-02 11:19 - 2020-12-14 20:37 - 000002399 _____ C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-01 15:21 - 2018-09-16 14:16 - 000695504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-02-01 11:59 - 2018-09-23 15:06 - 000000000 ____D C:\Users\Ganz\AppData\Local\CrashDumps
2023-01-27 09:39 - 2020-10-02 12:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-20 14:28 - 2022-07-19 11:24 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows-Migrationsassistent.lnk
2023-01-19 09:41 - 2016-09-25 04:45 - 000000000 ____D C:\ProgramData\HP
2023-01-19 09:41 - 2016-08-22 03:00 - 000000000 ____D C:\Program Files\HP
2023-01-18 17:01 - 2020-03-20 10:10 - 000000000 ___RD C:\Users\Ganz\Documents\alles
2023-01-14 03:36 - 2022-12-21 23:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-01-14 03:36 - 2020-12-14 20:34 - 000705280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-14 03:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-14 03:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-14 03:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-14 03:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-13 12:21 - 2020-12-14 20:35 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-13 12:16 - 2017-03-03 15:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-13 12:11 - 2017-03-03 15:47 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2017-12-05 15:02 - 2017-12-05 15:02 - 039301064 _____ (Flash-Integro LLC ) C:\Program Files (x86)\video_editor_x32.exe
2017-12-05 15:02 - 2017-12-05 15:02 - 044416504 _____ (Flash-Integro LLC ) C:\Program Files (x86)\video_editor_x64.exe
2023-01-18 16:01 - 2023-01-18 16:01 - 000004096 ____H () C:\Users\Ganz\AppData\Local\keyfile3.drm
2017-12-08 21:59 - 2017-12-08 21:59 - 000002787 _____ () C:\Users\Ganz\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
|
|
13.02.2023, 17:15
| #2 |
| | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm- [ TEIL 2 - zusätzliches Untersuchungsergebnis]Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01
durchgeführt von Ganz (10-02-2023 13:26:32)
Gestartet von C:\Users\Ganz\Downloads\FRST02
Microsoft Windows 10 Pro Version 22H2 19045.2486 (X64) (2020-12-14 19:45:00)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-749038088-1968257971-3176724149-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-749038088-1968257971-3176724149-503 - Limited - Disabled)
Ganz (S-1-5-21-749038088-1968257971-3176724149-1005 - Administrator - Enabled) => C:\Users\Ganz
Gast (S-1-5-21-749038088-1968257971-3176724149-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-749038088-1968257971-3176724149-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {76C0BF9F-9FD3-D249-DE2F-7A33A59B9258}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4uKey for Android (HKLM-x32\...\{4uKeyforAndroid}_is1) (Version: 2.5.3.2 - Tenorshare, Inc.)
7-Zip 22.00 (HKLM-x32\...\{23170F69-40C1-2701-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
Apple Application Support (64-Bit) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{065D0CC8-C382-48AF-8A88-0DD3366EB26C}) (Version: 16.0.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Audials (HKLM-x32\...\{3C3F830F-50AF-41ED-A96A-1C8D6B7F7517}) (Version: 18.1.29300.0 - Audials AG)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast AntiTrack Premium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 3.3.983.1074 - Avast Software)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.12.6044 - Avast Software)
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.41.1.25731 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.83.5 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.24.0.14 - Avira Operations GmbH) Hidden
BCR Plug-in (HKLM-x32\...\{0C079D73-40B6-4A29-93F3-30617AAA335A}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
BlueJ (HKLM\...\{AF0BEA9E-1AB2-4613-A6B5-4ECC105A8A23}) (Version: 5.1.0 - BlueJ Team)
BlueJ (HKLM-x32\...\{92FD2477-5855-4863-B4C1-405C7853FD9F}) (Version: 4.1.2 - BlueJ Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-5490CN (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-L2720DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.8.1.1 - Chip Digital GmbH) <==== ACHTUNG
Citrix Authentication Manager (HKLM-x32\...\{0C490C5C-246A-4281-993E-831319A7655F}) (Version: 22.10.0.2 - Citrix Systems, Inc.) Hidden
Citrix Web Helper (HKLM-x32\...\{D958DC9B-9ED1-46AE-A84B-4679E5592538}) (Version: 22.10.0.13 - Citrix Systems, Inc.) Hidden
Citrix Workspace (DV) (HKLM-x32\...\{E2271D30-A77C-448D-AD6D-38ECBEBC2C26}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
Citrix Workspace (USB) (HKLM-x32\...\{9E24A88B-54AE-44E7-A2BD-BA5139E45ECD}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
Citrix Workspace 2210 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 22.10.0.21 - Citrix Systems, Inc.)
Citrix Workspace Inside (HKLM-x32\...\{19C8F1A9-2F50-49A6-9B81-2C4CE9845521}) (Version: 22.10.0.13 - Citrix Systems, Inc.) Hidden
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.239.70 - Conexant)
CRaccoon (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\CRaccoon) (Version: 1.5.0 - CRX) <==== ACHTUNG
CutOut 6.0 (HKLM\...\CutOut 6_is1) (Version: 6.0 - Franzis.de)
Desktopicon amazon.de (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - ) <==== ACHTUNG
Discover HP Touchpoint Manager (HKLM-x32\...\{480FA137-DB2E-4C1A-89EF-476E69E175ED}) (Version: 1.0.19.1 - HP)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2301.440 - Avira Operations GmbH & Co. KG) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Free HTML5 Video Player and Converter (HKLM-x32\...\Free HTML5 Video Player and Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.77 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP Battery Recall Utility (HKLM-x32\...\{26ACF49F-254F-491C-B08E-AAA0D5C982CF}) (Version: 1.3.0.5 - Hewlett-Packard) Hidden
HP Battery Recall Utility (HKLM-x32\...\{40770191-b457-4e92-9e2e-386a15408136}) (Version: 1.3.0.5 - HP Inc.)
HP Client Security Manager (HKLM\...\{B4A0B76D-EAE6-4717-AEB3-58C1BCD7B9E8}) (Version: 9.0.0.2116 - HP Inc.) Hidden
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.0.0.2116 - HP Inc.)
HP Device Access Manager (HKLM\...\{766ED263-4CA0-4D2F-9FA8-717827F718D6}) (Version: 8.3.16.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{872897C1-CDCD-4466-82AA-5483BCCF09C7}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{B0D5BCD0-8DFB-48A3-9BDF-4E183159E420}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{C0407127-4831-47CD-8A7A-E5ED7A2D398B}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{FC292FE3-B7B0-492C-BC2E-C0DFCA30FC92}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{39404020-C431-4331-9241-62956555DA49}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{3efaef38-ee9e-4421-bea3-e0a4d835d3f4}) (Version: 5.1.20088 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{C5AD7A64-6DDF-482A-8E7D-FA1DED0A201A}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.2.2 - HP)
HP JumpStart Bridge (HKLM-x32\...\{6B4A5299-4837-485A-B71D-7F1CE6F8F018}) (Version: 1.0.0.143 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}) (Version: 1.0.145.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP SoftPaq Download Manager (HKLM-x32\...\{92db00b4-c4ee-4893-bc4e-8be6548b2742}) (Version: 4.3.4.0 - HP)
HP Software Setup (HKLM-x32\...\{C968E860-054F-490F-95C6-C9A29601459E}) (Version: 9.2.2 - HP)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.26 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{E570B9C2-9A83-4938-BBD5-0A8C068083C1}) (Version: 1.2.3.1 - HP INC)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.11 - SunplusIT)
icofx 3.3 (HKLM-x32\...\icofx 3_is1) (Version: 3.3 - IcoFX Software S.R.L.)
Incomedia WebSite X5 v14 - Free (HKLM\...\{07FE2BFD-5423-4FB4-95C0-28634BEB0961}_is1) (Version: 14.0.2.1 - Incomedia s.r.l.)
Intel(R) Chipset Device Software (HKLM\...\{3AE6FD56-D431-4B53-94F0-95E844206ADF}) (Version: 10.1.1.32 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{00176A23-1A4E-4429-817E-44B40D9EF692}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0854C811-6DAD-441D-AB36-2F73631A04A1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{650FF4FD-69E7-4AA4-9F46-6B7DFC8489F7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{1535E647-D354-4775-9EE8-FD9E8ED0701A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.2.1044 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{AD29B896-0901-4B3E-9C2A-BD59B38A9568}) (Version: 15.0.2.1044 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel(R) Wireless Manageability Driver (HKLM\...\{28C2C4DE-AAF6-424D-B018-5142729E1C67}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Manageability Driver Extension (HKLM\...\{03C415A8-0861-4BB7-8857-27089E6C298A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed4a5da7-ac62-4aa5-9502-7b4de55e8cb5}) (Version: 20.20.2 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
iTunes (HKLM\...\{8402150E-474C-45D1-908F-E5989C71DDE9}) (Version: 12.12.5.8 - Apple Inc.)
LibreOffice 7.4.1.2 (HKLM\...\{2382F0CD-B06A-49B7-912F-A8BB1C7FD511}) (Version: 7.4.1.2 - The Document Foundation)
Meine CEWE FOTOWELT (HKLM-x32\...\Meine CEWE FOTOWELT) (Version: 6.3.1 - CEWE Stiftung u Co. KGaA)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (HKLM\...\{90140000-002A-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{2FAF2A80-5906-467E-8AD2-B83C94383600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F85F7FF0-5DFF-4BC0-9045-C9573D1BC11F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31823 (HKLM-x32\...\{ac8ae441-cfc2-41f2-bbca-7b6668740f8d}) (Version: 14.34.31823.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31823 (HKLM-x32\...\{485c6580-376a-450b-9a80-43c390b968a3}) (Version: 14.34.31823.3 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31823 (HKLM\...\{79DB9AFA-0B61-46EE-97F7-29D2A9C93702}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31823 (HKLM\...\{91974FA7-D8C0-4EBB-A37F-4E538C9C0B8B}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31823 (HKLM-x32\...\{EB6DFC76-FC58-4F00-811A-09FC83EDB02B}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31823 (HKLM-x32\...\{54AAF010-4412-441C-AFDF-5566370458AA}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 109.0.1 (x64 de)) (Version: 109.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 109.0.1.8427 - Mozilla)
Mozilla Thunderbird (x86 de) (HKLM-x32\...\Mozilla Thunderbird 102.6.1 (x86 de)) (Version: 102.6.1 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.9.0 - F.J. Wechselberger)
MZD-AIO-TI 2.8.4-1 (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\34093d1a-b79c-5bd0-8c69-6049d0980230) (Version: 2.8.4-1 - Trevelopment)
NetScaler Gateway Endpoint Analysis (HKLM\...\{58267A97-11B6-4182-A02E-54CF86F91807}) (Version: 11.0.63.16 - Citrix Systems, Inc.)
Online Plug-in (HKLM-x32\...\{29FB4818-23DC-4740-8F7E-AE2F59527F69}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
Opera Stable 95.0.4635.37 (HKLM-x32\...\Opera 95.0.4635.37) (Version: 95.0.4635.37 - Opera Software)
PDF24 Creator 11.3.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.3.0 - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.321.0 - Tracker Software Products Ltd)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PriceWatch (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\PriceWatch) (Version: - PriceWatch)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.131 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.)
Saturn Fotoservice (HKLM-x32\...\Saturn Fotoservice) (Version: 6.4.1 - CEWE Stiftung u Co. KGaA)
Self-Service Plug-in (HKLM-x32\...\{CE1601F3-E1A8-43F3-9330-0411F6EB6D5B}) (Version: 22.10.0.13 - Citrix Systems, Inc.) Hidden
SEO (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\SEO) (Version: 2.41 - Business Convers Track S.R.L.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{97099817-53F1-4CA1-ACEA-DA6D74371689}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{996096F8-956B-41C9-A7E3-9BA1E801014F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{D505EC85-885F-4BE3-8A89-3EFE4F855692}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.8.32 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{FE645EDA-C5B2-4CF3-B9E7-AFABD5710EEF}) (Version: 4.5.335.0 - Synaptics)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 11.5.0 - Universal Media Server)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VdhCoApp 1.4.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSDC Free Video Editor Version 7.1.13.433 (HKLM\...\VSDC Free Video Editor_is1) (Version: 7.1.13.433 - Flash-Integro LLC)
Web Companion (HKLM-x32\...\{537d2083-0df1-4a00-a539-c240ebced94d}) (Version: 7.0.2417.4248 - Lavasoft)
Windows-Migrationsassistent (HKLM-x32\...\{B2C74A62-5D4F-41AF-96EB-1189AE4E9936}) (Version: 2.4.2.0 - Apple Inc.)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
WunderBAR (HKLM\...\WunderBAR) (Version: 1.0 - WunderBAR)
Xperia Companion (HKLM-x32\...\{4C89779F-A2CD-4EF7-83F3-B84F9CB79422}) (Version: 2.10.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{cc171adc-ddf5-4459-9a2c-61b09746b2ff}) (Version: 2.10.2.0 - Sony)
Xperia Companion Service (HKLM\...\{170F2831-C087-4536-B3A5-3CF872F6BC0F}) (Version: 2.10.2.0 - Sony) Hidden
Packages:
=========
Discover HP Touchpoint Manager -> C:\Program Files\WindowsApps\AD2F1837.DiscoverHPTouchpointManager_1.0.15.1_x86__v10z8vjag6ke6 [2017-06-13] (HP Inc.)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2023-01-20] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.23.20.0_x64__v10z8vjag6ke6 [2023-01-19] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.29.0_x64__v10z8vjag6ke6 [2022-03-29] (HP Inc.)
Kluge Archive -> C:\Program Files\WindowsApps\49825WiseWidget.Wise2017_1.1.0.0_x86__z0nrqz0z5ajrj [2018-01-23] (Wise Widget)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_7.1.0.0_x86__h6adky7gbf63m [2023-02-03] (Gameloft SE)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-16] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.)
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2022.1020.2155.506_neutral__8wekyb3d8bbwe [2022-10-20] (Microsoft Corporation)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2023-01-20] (New Work SE)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-17] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Ganz\Downloads\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-02-03] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2023-01-26] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2023-01-26] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Ganz\Downloads\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-02-03] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-02-03] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Ganz\Downloads\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-17] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2017-07-12 19:55 - 2009-02-27 15:38 - 000139264 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-05-03 12:49 - 2005-04-22 12:36 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll
2022-04-25 14:15 - 2014-06-16 14:45 - 000137728 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2022-04-25 14:15 - 2014-06-16 15:03 - 000083968 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2022-04-25 14:15 - 2014-06-16 15:03 - 017955328 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2022-04-25 14:15 - 2014-06-16 15:03 - 000088064 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcLGer.dll
2017-07-12 19:55 - 2013-03-08 07:44 - 000087040 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll
2022-10-03 06:16 - 2022-10-03 06:16 - 000512000 _____ (Citrix Systems, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\Shims.dll
2021-10-01 01:19 - 2021-10-01 01:19 - 002548736 _____ (Citrix Systems, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Citrix\ICA Client\sslsdk_b.dll
2016-07-19 11:00 - 2016-07-19 11:00 - 000384512 _____ (Crossmatch, Inc.) [Datei ist nicht signiert] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2016-07-19 10:13 - 2016-07-19 10:13 - 000220160 _____ (RFIDeas) [Datei ist nicht signiert] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\pcProxAPI.dll
2021-06-08 04:12 - 2021-06-08 04:12 - 000180224 _____ (Software Security System) [Datei ist nicht signiert] C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekc3220.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-01-10] (HP Inc. -> HP Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-01-10] (HP Inc. -> HP Inc.)
Toolbar: HKLM - WunderBAR - {5EB1C9F4-44B6-4DE1-9C4D-CCEB6AFC6CF0} - C:\Users\Ganz\AppData\Roaming\WunderBAR\WunderBAR.dll [2021-12-20] (CHIP Communications GmbH -> )
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2019-01-04 13:02 - 000000938 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-12-19 21:04 - 2022-08-03 20:32 - 000000506 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
Network Binding:
=============
WLAN: RadioRip Filter Driver -> RrNetCapFilterDriver (enabled)
Ethernet: RadioRip Filter Driver -> RrNetCapFilterDriver (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Universal Media Server.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "BrMfcWnd"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_33AB6AD30668417CC16079428DBD5A47"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{8E00D7E5-0BB0-4177-95BE-01B3B185C0CA}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [{8A47E056-BFAF-42E3-9097-4BA7536B5FA5}] => (Allow) LPort=31931
FirewallRules: [{C1410BC5-E31A-4DA9-8EBD-091877247672}] => (Allow) LPort=14714
FirewallRules: [{42289722-13D8-4294-977F-C5D411A46239}] => (Allow) LPort=12972
FirewallRules: [{C5A768B6-7282-4B35-9D88-2BC2B97486AF}] => (Allow) C:\Program Files (x86)\Audials\Audials 2018\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [UDP Query User{213CC204-02CC-44BA-8D02-373B383A7B23}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{337225E1-CBB2-4C63-9970-49C6FB7A8567}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FD2DDB22-4B43-4794-864A-7140111999E2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8C35D5D5-D7EE-4A9E-9E40-4B5216B3CDEA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E40F5325-480D-4578-A907-F8A2DD1C7661}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C8D45BF8-D9DE-4DC2-BE8E-A0410B04D3DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0C00F326-B355-4381-B838-77AADE53A538}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{BBF76483-2E81-4138-9704-D6B88CA6148A}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{8091CB17-40DC-4C11-82CE-B7D85F42BAE3}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{D73AF4A9-F386-4883-AB9C-AA76B8E0595D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{3D3766D6-52D6-42F4-8366-6BEDB25D6113}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{4A8622E2-E9B2-4360-9CCA-2C68B012B6EC}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{96649238-ED31-46E8-9E34-140DE9A2049E}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{0CA547AD-CEB4-4426-96E2-4561392B7478}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{95BA13F9-BF24-4A39-8F79-733F73E9D7B7}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{5F3444C3-7244-4191-AA81-D6581E68EBEE}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{62872BD2-D582-4F40-8581-3679A347B212}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{1EA54552-7FAE-42E7-B722-6F9BDA63B080}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{C566B9FE-698B-47B5-BD7D-4C9892711EB1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A2456256-9F42-41F1-99DE-9F5039C2BE41}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D89971EB-81D7-4406-BF02-620E2881264C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{288A7309-33F8-4BC7-B7A2-B3BBEE107389}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A270345C-1234-49FE-90DB-4070135F2C7B}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{AD1C5FE3-D113-4A25-9275-6CEE93B2BAEF}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{7BE38158-9D47-4C8F-A105-3277680B7B5E}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{01CA72C1-71CC-4063-9C2A-6598BD50770D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6A6BB7A6-2036-4F7D-9A09-18B54C3CBC15}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{A9C12040-623C-4FC2-9765-BD1D440073EF}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{2865F3C7-BAAD-4747-B054-BA87C7F2D4EB}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{69C5226B-F423-4E28-8A69-6E0CE808DDDA}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{623DD88E-621D-4F62-9448-E33F4593CE6D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{E4435320-EF2B-4AD0-B695-18DF95BF9EA2}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{49168388-14CE-4DDA-86DA-94616718FC76}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{1DF8B103-846A-4D2A-BFFA-4D004850BC58}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CD426E35-4D56-4D7F-B400-8B71E24FC73A}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{BD8789DF-501B-427E-971E-BD2135B49FD1}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{A88D6C54-E21A-44FD-8406-BBB96B94BA05}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{C8391E8D-5C11-4A4A-B060-4C54713BEC4F}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6A9396D8-D90C-4724-A937-5A59E918EF46}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CA58FFF0-E451-4BE7-BC45-4D2A2C00B4E2}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{EDACBB0A-79DB-487F-9FC2-C45438C41A4D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{2AFB5B5F-BC98-42F3-B24E-6959DB0D80E6}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{07DB5E97-CE1A-4576-A0CF-8D9DDC5B9A98}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{38021E55-8D63-4826-B7F6-768EDF6305D1}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CBA54C41-9931-4047-8DC2-2EEA5AA739CA}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{5EEAADAE-BE94-4FAD-A164-BC8CEB4687A3}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CC69F2BB-2E5A-402C-8C18-78F4CD9DB6FA}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6CCA7C8D-3BA1-4DD5-A52E-16AE188CBCF5}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6AEE9EA7-E9C3-4896-8109-6F634206D0FE}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{C3E56817-8484-46C9-AAFC-96E2C966C883}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{157A6EA5-A100-4B9C-A16E-E6FEA2C230EE}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{F9AC027C-CA45-4025-B190-E45DAF2E66EB}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{2B3A7B0D-FC2E-4E8E-BCF7-A92830C337FC}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{A54A5162-3FDF-45C5-A594-4BDFDCA3308F}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{78986FF5-F01B-4A6C-B5F2-7BFA3B798F09}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{11F48B42-807C-47CD-BDCC-E184DB003408}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{82FCC592-1A91-4DA0-B744-AEC92CCBC4F3}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{6E63B20A-4553-459A-A885-682BF590AFF0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{531A2086-3D70-40B5-BA5B-E72F257C60D1}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{F71C7B97-D3BA-4719-9D6D-36FC6ADE3C2F}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{95D764D4-3A5F-4233-8E8F-AA1EB4810901}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{99061712-CA17-4944-ADA3-105EB60CF745}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{35217036-40ED-4A2F-AE66-86CAEA32A4BF}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{5BD4B18A-470C-4262-AA0B-7E62ED42FD59}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [TCP Query User{FA235490-E84C-4427-8CED-4E4EFCBD9970}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{DA957823-4A51-402E-AD3B-4ACA66C12A24}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{993B8542-D461-40EA-A3A9-209C7861E3FE}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE (Brother Industries, Ltd.) [Datei ist nicht signiert]
FirewallRules: [{6BD3370E-D2A3-4986-9701-822C4084CDDD}] => (Allow) LPort=54925
FirewallRules: [{37793D2D-3F22-4303-9C4C-07AD4322081D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ED4389CA-7F94-4502-969E-209DD7BF1BC4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4EB6CE50-8F3D-45C2-81EA-EFE1ABA5EE5D}] => (Allow) C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\CitrixEnterpriseBrowser.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{DAB23AE4-0432-4270-A32E-43F14F11FE17}] => (Allow) C:\Program Files (x86)\Universal Media Server\jre17\bin\java.exe
FirewallRules: [{09BAAD46-CE6A-4979-A734-486664855A3D}] => (Allow) C:\Program Files (x86)\Universal Media Server\jre17\bin\javaw.exe
FirewallRules: [{7C7AD387-2459-4968-BDA6-296FE3AD2888}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF68D1A6-D3AF-4D40-AF55-E728F693DD0C}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{81498BA0-C148-4F4A-ACC0-A2A391B7E5CB}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{68DF2471-568F-40C3-9302-C25E45F640EB}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{250F0D65-EB85-4D15-8413-828259527AD7}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{8C8A0FAE-31FE-46DA-83BF-BC6C44BA5A3C}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{931F82D7-62B5-41F5-95C9-991B7F944B76}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{2AEC3F89-A1F0-44FE-975E-8E16E3491D48}] => (Allow) C:\Program Files\Opera\94.0.4606.76\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{C3322346-ED1F-47C2-99B3-AF5DA4D637C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{08550FE3-90A2-41E1-8E99-C0365F9D3CD7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B45C0CA-4BFB-4690-99F3-3BF5C5798F4F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1926F93B-FEDE-4C1A-883B-7FA53F139956}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{40F3A9AB-E3A5-44B4-AAC5-B44E93CC5931}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D27F5456-B6E4-440E-BE60-6069C26BA36D}] => (Allow) C:\Program Files\Opera\95.0.4635.37\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{E84BCA26-B2E6-4B60-8C0D-F5B23D2C9544}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Wiederherstellungspunkte =========================
30-01-2023 18:32:17 Geplanter Prüfpunkt
04-02-2023 11:27:06 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/10/2023 12:58:46 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_ON.
Error: (02/10/2023 09:57:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DpHostW.exe, Version: 7.1.1.61, Zeitstempel: 0x578e6a1d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.2364, Zeitstempel: 0x5b7d4d22
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002cd29
ID des fehlerhaften Prozesses: 0x5044
Startzeit der fehlerhaften Anwendung: 0x01d93ce16b81c67e
Pfad der fehlerhaften Anwendung: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: c2f7cb14-725f-49d7-90e6-56a78539f86e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/10/2023 09:57:32 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: DpHostW.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: HpProtectTools.PTCommon.ChpqException
bei BIOSDomain.CXmlDPMGetCapabilities.DoInit()
bei BIOSDomain.CPTDomainPolicyManager_HP.GetCapabilities()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (02/09/2023 11:26:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname hp-ArbeitsZ.local already in use; will try hp-ArbeitsZ-2.local instead
Error: (02/09/2023 11:26:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 hp-ArbeitsZ.local. Addr 192.168.178.21
Error: (02/09/2023 11:26:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.21:5353 16 hp-ArbeitsZ.local. AAAA FD52:02F7:B2D4:4D9F:9B46:9119:25FA:3B96
Error: (02/09/2023 11:26:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 hp-ArbeitsZ.local. AAAA FE80:0000:0000:0000:475A:C5B6:B63F:03DD
Error: (02/09/2023 11:26:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.21:5353 16 hp-ArbeitsZ.local. AAAA FD52:02F7:B2D4:4D9F:9B46:9119:25FA:3B96
Systemfehler:
=============
Error: (02/10/2023 09:57:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 12 Mal passiert.
Error: (02/09/2023 10:30:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 11 Mal passiert.
Error: (02/09/2023 05:07:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 10 Mal passiert.
Error: (02/09/2023 08:58:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 9 Mal passiert.
Error: (02/08/2023 04:37:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 8 Mal passiert.
Error: (02/08/2023 10:27:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 7 Mal passiert.
Error: (02/07/2023 05:15:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 6 Mal passiert.
Error: (02/07/2023 12:03:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 5 Mal passiert.
CodeIntegrity:
===============
Date: 2023-02-10 13:02:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2023-02-10 13:02:41
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
BIOS: HP P85 Ver. 01.23 07/18/2018
Hauptplatine: HP 8231
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 73%
Installierter physikalischer RAM: 8087.75 MB
Verfügbarer physikalischer RAM: 2170.75 MB
Summe virtueller Speicher: 13928.41 MB
Verfügbarer virtueller Speicher: 2410.52 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:217.92 GB) (Free:56.24 GB) (Model: SanDisk SD8SNAT-256G-1006) NTFS
Drive d: (Recovery Image) (Fixed) (Total:17.11 GB) (Free:2.18 GB) (Model: SanDisk SD8SNAT-256G-1006) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) (Model: SanDisk SD8SNAT-256G-1006) FAT32
\\?\Volume{874a37b2-6db1-4ec8-a06c-233c67c77a06}\ () (Fixed) (Total:0.96 GB) (Free:0.16 GB) NTFS
\\?\Volume{19c3a624-b5ce-4ac2-8c4f-aa680a2739fa}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.25 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 86F4951B)
Partition: GPT.
==================== Ende von Addition.txt =======================
 |
|
13.02.2023, 19:52
| #3 |
| /// TB-Ausbilder   | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] Mein Name ist Matthias und ich werde dir bei der Analyse und Bereinigung deines Systems helfen. Ich habe deine beiden Themen zusammengefügt.  Mit Avira und Avast wirst du deine Infektion nicht los (sie konnten sie auch nicht verhindern), da sie ungeeignet sind und unsere Bereinigung nur stören. Daher müssen sie zuerst deinstalliert werden. Du musst allerdings keine Angst haben... der Windows Defender aktiviert sich anschließend automatisch. Zudem hast du jede Menge "Müll" über falsche Downloadseiten auf dein System geholt, daher eine kleine Info vorab. Eine kurze Information vorab:  Downloadquellen Die folgenden Seiten verteilen Software häufig mit einem sog. "Installer", mit dem Potentiell Unerwünschte Programme (PUP) oder Adware installiert werden können. Vereinzelt beinhalten diese "Installer" sogar Trojaner. Vermeide daher unbedingt die folgenden Seiten:
Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> chocolatey Paketmanager für Windows Wir empfehlen dringend, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein. Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch) Selbstverständlich darfst du auch Fragen zu chocolatey im o.g. Thread zu chocolatey stellen. Für den seltenen Fall, dass du das benötigte Programm nicht im repository von chocolatey findest: Lade diese Software immer direkt beim jeweiligen Hersteller / Entwickler. Schritt 1 Die folgenden Programme sind veraltet, stören die Bereinigung oder es handelt sich um Werbesoftware (Adware) bzw. Potentiell Unerwünschte Programme (PUP) und müssen entfernt werden.
Schritt 2
Bitte poste mit deiner nächsten Antwort:
|
|
15.02.2023, 21:11
| #4 |
| | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] Hallo Matthias, vorab einmal: ich heisse Peter Vielen Dank für Dein Engagement bei meinem Problem! Deine Tipps nehme ich mir zu Herzen. Ich bin ja schon unangenehm überrascht und ein wenig „traurig“ dass ausgerechnet auch die Seite von Chip nicht aufgesucht werden soll. Ich hatte bisher gedacht, dass ich mit deren Hilfe (Download – Empfehlungen) in der Vergangenheit, einige Fehler beheben konnte CRaccoon hat sich nicht deinstallieren lassen Chip erst im zweiten Anlauf. FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
durchgeführt von Ganz (Administrator) auf HP-ARBEITSZ (HP HP ProBook 450 G4) (15-02-2023 14:16:54)
Gestartet von C:\Users\Ganz\Downloads\FRST 02
Geladene Profile: Ganz
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HPHotkeyNotification.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> ) C:\Windows\System32\EoAExperiences.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc.) [Datei ist nicht signiert] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(services.exe ->) (Sony) [Datei ist nicht signiert] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(svchost.exe ->) (Synaptics Incorporated) [Datei ist nicht signiert] C:\Windows\System32\SynaMonApp.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(winlogon.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366960 2022-09-01] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [AnalyticsSrv] => C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe [2634344 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2971608 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [572376 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [InstallHelper] => C:\Program Files (x86)\Citrix\Citrix WorkSpace 2210\InstallHelper.exe [408496 2022-10-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2018\AudialsNotifier.exe [4293016 2017-11-17] (Audials AG -> )
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1690704 2020-06-17] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (Keine Datei)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [MicrosoftEdgeAutoLaunch_33AB6AD30668417CC16079428DBD5A47] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [] => [X]
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Policies\system: [shell] explorer.exe <==== ACHTUNG
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.77\Installer\chrmstp.exe [2023-02-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{60f15951-e7ef-11ea-b28e-c4b301b9ed33}] -> C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\105.1.1.27\Installer\chrmstp.exe [2022-10-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-09-25]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2021-01-15]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server) [Datei ist nicht signiert]
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {031142AB-E0CD-40B5-AE6F-1DBF51CB08DF} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe [843800 2016-06-02] (HP Inc. -> )
Task: {15CA46FB-959D-4B51-BFE9-A0A7736FC8E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Keine Datei)
Task: {308E4E14-B172-4D77-A401-741F88A04E9F} - System32\Tasks\Opera scheduled Autoupdate 1512162865 => C:\Program Files\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software)
Task: {328CD258-5CE7-424F-861F-4D12D9A9A5A7} - \Opera scheduled assistant Autoupdate 1581001615 -> Keine Datei <==== ACHTUNG
Task: {38910CEB-2644-4815-AD6B-21305847359D} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (Keine Datei)
Task: {3B6A539A-7259-4838-AC79-4E00939768F0} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {45BBC3E4-79A9-43C4-A2A7-78FECF002708} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-01-10] (HP Inc. -> HP Inc.)
Task: {4A5E2EF2-7F49-40E5-BEB8-8CB7EC24DFC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Keine Datei)
Task: {6354BAD4-1C76-4EE2-9870-9503CFA7B03C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149464 2023-01-10] (HP Inc. -> HP Inc.)
Task: {63841390-62C1-40C2-B2D7-484C3D5DA839} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560 2023-02-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {651235E9-621E-4DF1-993D-F3DD7613F7F0} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2018-10-30] (Synaptics Incorporated) [Datei ist nicht signiert]
Task: {6C68BBA0-F19A-4E22-A1A0-047606F2086F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {74EF12D0-5FE7-41D0-8DDC-50E3FA325845} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe /scheduledcheck (Keine Datei)
Task: {7C693021-6500-4EBA-B005-0241B83C6A85} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe /scheduler (Keine Datei)
Task: {7D84682E-39A2-4B17-ACF7-35D5D5236A62} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\recordingmanager.exe /bgrecordaliveevent (Keine Datei)
Task: {818830DB-239D-4BFB-A432-B9EE714B71DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82F2910F-7336-4652-8D05-44D0D8BB5714} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-13] (Google Inc -> Google Inc.)
Task: {87E56F64-2579-4AC4-B49E-5EED09AFAB66} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {89726209-BECC-403E-8E42-457CC030FFC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-13] (Google Inc -> Google Inc.)
Task: {8CFFD35B-91A3-4FCB-8E0D-C3917ACA0D4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {A47605CC-7DCF-4E5A-8933-31BFDB9895DB} - System32\Tasks\CCleanerSkipUAC - Ganz => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A4C71144-A91C-4AF2-89AA-EEA8E4E876D0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {AED56712-B61D-4FDB-A990-F8B7E5A80ED1} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "fad68a5b-a574-4065-95a6-e3cdaa5a95b9" --version "6.09.10300" --silent
Task: {B9A4DEEB-E7D6-416C-B0EA-3FFE820F2971} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.)
Task: {BE62C444-8F72-4E29-B749-DAFFF7D9D677} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D534D46F-5D40-498D-BD51-458945DCA8D3} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {DC2BC17A-0D00-4DFA-8DF5-7E8D60CE7ED0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F700ECBF-D13C-4A58-8998-B5CC5273A503} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe /logoncheck (Keine Datei)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4aed77b6-c98c-4c8d-933f-4e428e37811f}: [DhcpNameServer] 172.18.1.1
Tcpip\..\Interfaces\{8474238d-b387-42a4-bfee-24a6197d0101}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a2900742-64c8-4bba-b955-4d097f46677e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d04cd47e-9a8a-4710-86a0-74aee1f8bafa}: [DhcpNameServer] 192.168.178.1
Edge:
=======
DownloadDir: C:\Users\Ganz\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-749038088-1968257971-3176724149-1005 -> about:tabs
Edge Notifications: HKU\S-1-5-21-749038088-1968257971-3176724149-1005 -> hxxps://www.hagebau.de
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ganz\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-13]
Edge Notifications: Default -> hxxps://www.hagebau.de
Edge HomePage: Default -> edge://newtab/
Edge Extension: (Avira Safe Shopping) - C:\Users\Ganz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-02-12]
Edge Extension: (Avira Password Manager) - C:\Users\Ganz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-02-12]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: 27pb13jo.default-1579725056422
FF ProfilePath: C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422 [2023-02-15]
FF Notifications: Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422 -> hxxps://www.tui.com
FF Extension: (HTTPS Everywhere) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\https-everywhere@eff.org.xpi [2021-07-14]
FF Extension: (Privacy Badger) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-02-03]
FF Extension: (Startpage.com — Datenschutz-Suchmaschine) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-09-30]
FF Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2020-02-28] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (Video DownloadHelper) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-08]
FF Extension: (DownThemAll!) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2023-01-31]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => nicht gefunden
FF Plugin: @Citrix.com/npagee64,version=11.0.63.16 -> C:\Program Files\Citrix\Secure Access Client\npagee64.dll [2015-10-04] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Citrix.com/npagee,version=11.0.63.16 -> C:\Program Files\Citrix\Secure Access Client\npagee.dll [2015-10-04] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-749038088-1968257971-3176724149-1005: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Users\Ganz\AppData\Roaming\mozilla\plugins\npagee.dll [2017-10-02]
FF Plugin ProgramFiles/Appdata: C:\Users\Ganz\AppData\Roaming\mozilla\plugins\npagee64.dll [2017-10-02]
Chrome:
=======
CHR Profile: C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default [2023-02-10]
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&pc=COS2&ptag=D040721-N0640A74DCDF78DC&form=CONBDF&conlogo=CT3335043
CHR DefaultSearchKeyword: Default -> bing®
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab?pc=COS2&ptag=D040721-N0630A74DCDF78DC&form=CONMHP&conlogo=CT3335043
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (PriceTiger) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bolplfmefepdhhakjbdggjmocjdkjkgb [2021-12-20]
CHR Extension: (Cookie Raccoon) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipiciigpkfkldonnnjdjkldkfpmpack [2021-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-24]
CHR Profile: C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-22]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR Profile: C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable [2023-02-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-10]
OPR Extension: (Opera Wallet) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-16]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-23]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [63408 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe [1561032 2022-10-12] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [892928 2016-06-02] (HP Inc.) [Datei ist nicht signiert]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [797640 2023-01-10] (HP Inc. -> HP Inc.)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [796616 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [459800 2016-06-02] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [793000 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [796584 2023-01-10] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe [606664 2022-10-12] (HP Inc. -> HP Inc.)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [35104 2017-03-02] (RealNetworks, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2575360 2020-06-17] (Sony) [Datei ist nicht signiert]
S3 CitrixEnterpriseBrowserElevationService; "C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\105.1.1.27\elevation_service.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 ctxusbm; C:\WINDOWS\system32\DRIVERS\ctxusbmon.sys [136680 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsladd8bc02; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B9F55EA7-AC3E-4AE5-A728-FA4A92CC7CD4}\MpKslDrv.sys [214280 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2017-11-17] (Audials AG -> Audials AG)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [57648 2017-11-17] (Audials AG -> RapidSolution Software AG)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-02-15 13:34 - 2023-02-15 13:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2023-02-15 10:29 - 2023-02-15 10:29 - 000000000 ___HD C:\$WinREAgent
2023-02-12 17:37 - 2023-02-12 17:37 - 000000000 ____D C:\Users\Ganz\Downloads\FRST03
2023-02-12 17:27 - 2023-02-15 14:16 - 000000000 ____D C:\Users\Ganz\Downloads\FRST 02
2023-02-10 13:58 - 2023-02-10 13:58 - 000000000 ____D C:\Users\Ganz\AppData\Local\AviraWebView2Cache
2023-02-10 13:19 - 2023-02-10 13:27 - 000071523 _____ C:\Users\Ganz\Desktop\Addition.txt
2023-02-10 13:19 - 2023-02-10 13:19 - 000000000 ___HD C:\$AV_ASW
2023-02-10 13:15 - 2023-02-10 13:27 - 000058727 _____ C:\Users\Ganz\Desktop\FRST.txt
2023-02-10 13:12 - 2023-02-15 14:17 - 000000000 ____D C:\FRST
2023-02-10 13:12 - 2023-02-12 17:32 - 000000000 ____D C:\Users\Ganz\Downloads\FRST02
2023-02-10 13:10 - 2023-02-13 16:24 - 000000000 ____D C:\Users\Ganz\AppData\Roaming\SEO
2023-02-10 13:10 - 2023-02-10 13:10 - 003480536 _____ C:\Users\Ganz\Downloads\FRST02.zip
2023-02-10 13:10 - 2023-02-10 13:10 - 000001712 _____ C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SearchEngineOptimizer.lnk
2023-02-10 13:08 - 2023-02-10 13:08 - 005331520 _____ (CHIP Digital GmbH) C:\Users\Ganz\Downloads\Farbar Recovery Scan Tool (HijackThis Alternative) - CHIP Installer _4SHHx.exe
2023-02-10 13:00 - 2023-02-10 13:00 - 000000000 ____D C:\Users\Public\Security Sessions
2023-02-10 12:58 - 2023-02-10 13:00 - 000000000 ____D C:\Users\Ganz\AppData\Local\Avira
2023-02-10 12:58 - 2023-02-10 12:58 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2023-02-10 12:57 - 2023-02-15 13:39 - 000000000 ____D C:\Program Files (x86)\Avira
2023-02-10 12:57 - 2023-02-15 13:36 - 000000000 ____D C:\ProgramData\Avira
2023-02-03 00:08 - 2023-02-10 12:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-03 00:08 - 2023-02-03 00:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-20 14:30 - 2023-01-20 19:07 - 000271360 _____ C:\Users\Ganz\Desktop\Outlook.pst
2023-01-20 14:29 - 2023-01-20 14:29 - 000000000 ____D C:\Users\Ganz\Documents\Outlook-Dateien
2023-01-20 14:28 - 2023-01-20 14:28 - 000002423 _____ C:\Users\Public\Desktop\Windows-Migrationsassistent.lnk
2023-01-20 14:27 - 2023-01-20 14:27 - 059884472 _____ (Apple Inc.) C:\Users\Ganz\Desktop\WindowsMigrationAssistantSetup.exe
2023-01-19 14:36 - 2023-01-19 14:36 - 000000000 ____D C:\Users\Ganz\Downloads\Flüchtling
2023-01-18 17:21 - 2023-01-18 17:21 - 000021233 _____ C:\Users\Ganz\Documents\00000000-MUSTER Matilda.dotm
2023-01-18 17:16 - 2023-01-18 17:16 - 000021267 _____ C:\Users\Ganz\Documents\00000000-MUSTER Moritz.dotm
2023-01-18 16:59 - 2023-01-18 16:59 - 000050869 _____ C:\Users\Ganz\Documents\00000000-MUSTER- Ari - Peter Anschreiben.dotm
2023-01-18 16:13 - 2023-01-18 16:22 - 000050615 _____ C:\Users\Ganz\Documents\00000000-MUSTER- Peter - Anschreiben Peter .dotm
2023-01-18 16:01 - 2023-01-18 16:01 - 000004096 ____H C:\Users\Ganz\AppData\Local\keyfile3.drm
2023-01-17 11:21 - 2023-02-12 15:44 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-02-15 14:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-15 14:10 - 2017-10-13 15:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-15 14:05 - 2020-12-14 20:41 - 001883140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-15 14:05 - 2019-12-07 15:51 - 000804906 _____ C:\WINDOWS\system32\perfh007.dat
2023-02-15 14:05 - 2019-12-07 15:51 - 000175844 _____ C:\WINDOWS\system32\perfc007.dat
2023-02-15 14:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-15 14:04 - 2022-02-11 12:09 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-15 14:03 - 2017-04-26 10:04 - 000000000 ____D C:\Users\Ganz\AppData\LocalLow\Mozilla
2023-02-15 14:02 - 2017-03-10 22:44 - 000000000 ____D C:\Program Files\CCleaner
2023-02-15 14:00 - 2020-12-14 20:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-15 14:00 - 2020-12-14 20:34 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-15 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-15 14:00 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-15 14:00 - 2017-06-19 09:07 - 000000000 ____D C:\ProgramData\Synaptics
2023-02-15 14:00 - 2017-04-25 17:35 - 000000000 __SHD C:\Users\Ganz\IntelGraphicsProfiles
2023-02-15 14:00 - 2016-09-25 04:40 - 000000000 ____D C:\Intel
2023-02-15 13:57 - 2018-02-26 22:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-15 13:47 - 2017-03-03 15:48 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-02-15 13:46 - 2018-09-16 14:17 - 000000000 ____D C:\Users\Ganz\AppData\Local\AVAST Software
2023-02-15 13:46 - 2018-09-16 14:16 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2023-02-15 13:46 - 2018-09-16 14:15 - 000000000 ____D C:\ProgramData\AVAST Software
2023-02-15 13:44 - 2021-07-29 18:30 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2023-02-15 13:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-15 13:39 - 2022-09-22 10:37 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-15 13:39 - 2020-12-14 20:34 - 000705360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-15 13:37 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 13:34 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-15 13:12 - 2020-12-14 20:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-15 11:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-15 10:44 - 2022-09-22 10:37 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-15 10:44 - 2020-12-14 20:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-15 10:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 10:35 - 2020-12-14 20:35 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 10:28 - 2017-03-03 15:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 10:23 - 2017-03-03 15:47 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-13 16:23 - 2017-12-01 22:14 - 000000000 ____D C:\Program Files\Opera
2023-02-12 15:44 - 2020-03-14 04:13 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-10 14:18 - 2018-09-23 15:06 - 000000000 ____D C:\Users\Ganz\AppData\Local\CrashDumps
2023-02-10 14:00 - 2018-07-06 10:17 - 000000000 ____D C:\Users\Ganz\AppData\Local\D3DSCache
2023-02-09 22:48 - 2021-12-13 16:48 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-749038088-1968257971-3176724149-1005
2023-02-09 22:48 - 2021-08-25 13:54 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Ganz
2023-02-09 22:48 - 2020-12-14 20:44 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-09 22:48 - 2020-12-14 20:44 - 000003560 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-02-09 22:48 - 2020-12-14 20:44 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-09 22:48 - 2020-12-14 20:44 - 000003336 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-02-09 22:48 - 2020-12-14 20:44 - 000003320 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1512162865
2023-02-09 22:48 - 2020-12-14 20:44 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-749038088-1968257971-3176724149-1005
2023-02-09 19:12 - 2017-10-13 15:06 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-09 13:43 - 2021-10-16 03:00 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2023-02-07 17:14 - 2016-09-25 05:12 - 000000000 ____D C:\ProgramData\HPQLOG
2023-02-04 11:29 - 2017-03-04 06:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-03 00:08 - 2017-03-04 06:51 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-02 11:19 - 2020-12-14 20:37 - 000002399 _____ C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-27 09:39 - 2020-10-02 12:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-20 14:28 - 2022-07-19 11:24 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows-Migrationsassistent.lnk
2023-01-19 09:41 - 2016-09-25 04:45 - 000000000 ____D C:\ProgramData\HP
2023-01-19 09:41 - 2016-08-22 03:00 - 000000000 ____D C:\Program Files\HP
2023-01-18 17:01 - 2020-03-20 10:10 - 000000000 ___RD C:\Users\Ganz\Documents\alles
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2017-12-05 15:02 - 2017-12-05 15:02 - 039301064 _____ (Flash-Integro LLC ) C:\Program Files (x86)\video_editor_x32.exe
2017-12-05 15:02 - 2017-12-05 15:02 - 044416504 _____ (Flash-Integro LLC ) C:\Program Files (x86)\video_editor_x64.exe
2023-01-18 16:01 - 2023-01-18 16:01 - 000004096 ____H () C:\Users\Ganz\AppData\Local\keyfile3.drm
2017-12-08 21:59 - 2017-12-08 21:59 - 000002787 _____ () C:\Users\Ganz\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
durchgeführt von Ganz (Administrator) auf HP-ARBEITSZ (HP HP ProBook 450 G4) (15-02-2023 14:16:54)
Gestartet von C:\Users\Ganz\Downloads\FRST 02
Geladene Profile: Ganz
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HPHotkeyNotification.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> ) C:\Windows\System32\EoAExperiences.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc.) [Datei ist nicht signiert] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(services.exe ->) (Sony) [Datei ist nicht signiert] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(svchost.exe ->) (Synaptics Incorporated) [Datei ist nicht signiert] C:\Windows\System32\SynaMonApp.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(winlogon.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366960 2022-09-01] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [AnalyticsSrv] => C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe [2634344 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2971608 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [572376 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [InstallHelper] => C:\Program Files (x86)\Citrix\Citrix WorkSpace 2210\InstallHelper.exe [408496 2022-10-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2018\AudialsNotifier.exe [4293016 2017-11-17] (Audials AG -> )
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1690704 2020-06-17] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (Keine Datei)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [MicrosoftEdgeAutoLaunch_33AB6AD30668417CC16079428DBD5A47] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [] => [X]
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Policies\system: [shell] explorer.exe <==== ACHTUNG
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.77\Installer\chrmstp.exe [2023-02-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{60f15951-e7ef-11ea-b28e-c4b301b9ed33}] -> C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\105.1.1.27\Installer\chrmstp.exe [2022-10-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-09-25]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2021-01-15]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server) [Datei ist nicht signiert]
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {031142AB-E0CD-40B5-AE6F-1DBF51CB08DF} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe [843800 2016-06-02] (HP Inc. -> )
Task: {15CA46FB-959D-4B51-BFE9-A0A7736FC8E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Keine Datei)
Task: {308E4E14-B172-4D77-A401-741F88A04E9F} - System32\Tasks\Opera scheduled Autoupdate 1512162865 => C:\Program Files\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software)
Task: {328CD258-5CE7-424F-861F-4D12D9A9A5A7} - \Opera scheduled assistant Autoupdate 1581001615 -> Keine Datei <==== ACHTUNG
Task: {38910CEB-2644-4815-AD6B-21305847359D} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (Keine Datei)
Task: {3B6A539A-7259-4838-AC79-4E00939768F0} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {45BBC3E4-79A9-43C4-A2A7-78FECF002708} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-01-10] (HP Inc. -> HP Inc.)
Task: {4A5E2EF2-7F49-40E5-BEB8-8CB7EC24DFC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Keine Datei)
Task: {6354BAD4-1C76-4EE2-9870-9503CFA7B03C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149464 2023-01-10] (HP Inc. -> HP Inc.)
Task: {63841390-62C1-40C2-B2D7-484C3D5DA839} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560 2023-02-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {651235E9-621E-4DF1-993D-F3DD7613F7F0} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2018-10-30] (Synaptics Incorporated) [Datei ist nicht signiert]
Task: {6C68BBA0-F19A-4E22-A1A0-047606F2086F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {74EF12D0-5FE7-41D0-8DDC-50E3FA325845} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe /scheduledcheck (Keine Datei)
Task: {7C693021-6500-4EBA-B005-0241B83C6A85} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe /scheduler (Keine Datei)
Task: {7D84682E-39A2-4B17-ACF7-35D5D5236A62} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\recordingmanager.exe /bgrecordaliveevent (Keine Datei)
Task: {818830DB-239D-4BFB-A432-B9EE714B71DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82F2910F-7336-4652-8D05-44D0D8BB5714} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-13] (Google Inc -> Google Inc.)
Task: {87E56F64-2579-4AC4-B49E-5EED09AFAB66} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {89726209-BECC-403E-8E42-457CC030FFC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-13] (Google Inc -> Google Inc.)
Task: {8CFFD35B-91A3-4FCB-8E0D-C3917ACA0D4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {A47605CC-7DCF-4E5A-8933-31BFDB9895DB} - System32\Tasks\CCleanerSkipUAC - Ganz => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A4C71144-A91C-4AF2-89AA-EEA8E4E876D0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {AED56712-B61D-4FDB-A990-F8B7E5A80ED1} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "fad68a5b-a574-4065-95a6-e3cdaa5a95b9" --version "6.09.10300" --silent
Task: {B9A4DEEB-E7D6-416C-B0EA-3FFE820F2971} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.)
Task: {BE62C444-8F72-4E29-B749-DAFFF7D9D677} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D534D46F-5D40-498D-BD51-458945DCA8D3} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {DC2BC17A-0D00-4DFA-8DF5-7E8D60CE7ED0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F700ECBF-D13C-4A58-8998-B5CC5273A503} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe /logoncheck (Keine Datei)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4aed77b6-c98c-4c8d-933f-4e428e37811f}: [DhcpNameServer] 172.18.1.1
Tcpip\..\Interfaces\{8474238d-b387-42a4-bfee-24a6197d0101}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a2900742-64c8-4bba-b955-4d097f46677e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d04cd47e-9a8a-4710-86a0-74aee1f8bafa}: [DhcpNameServer] 192.168.178.1
Edge:
=======
DownloadDir: C:\Users\Ganz\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-749038088-1968257971-3176724149-1005 -> about:tabs
Edge Notifications: HKU\S-1-5-21-749038088-1968257971-3176724149-1005 -> hxxps://www.hagebau.de
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ganz\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-13]
Edge Notifications: Default -> hxxps://www.hagebau.de
Edge HomePage: Default -> edge://newtab/
Edge Extension: (Avira Safe Shopping) - C:\Users\Ganz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-02-12]
Edge Extension: (Avira Password Manager) - C:\Users\Ganz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-02-12]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: 27pb13jo.default-1579725056422
FF ProfilePath: C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422 [2023-02-15]
FF Notifications: Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422 -> hxxps://www.tui.com
FF Extension: (HTTPS Everywhere) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\https-everywhere@eff.org.xpi [2021-07-14]
FF Extension: (Privacy Badger) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-02-03]
FF Extension: (Startpage.com — Datenschutz-Suchmaschine) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-09-30]
FF Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2020-02-28] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (Video DownloadHelper) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-08]
FF Extension: (DownThemAll!) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2023-01-31]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => nicht gefunden
FF Plugin: @Citrix.com/npagee64,version=11.0.63.16 -> C:\Program Files\Citrix\Secure Access Client\npagee64.dll [2015-10-04] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Citrix.com/npagee,version=11.0.63.16 -> C:\Program Files\Citrix\Secure Access Client\npagee.dll [2015-10-04] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-749038088-1968257971-3176724149-1005: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Users\Ganz\AppData\Roaming\mozilla\plugins\npagee.dll [2017-10-02]
FF Plugin ProgramFiles/Appdata: C:\Users\Ganz\AppData\Roaming\mozilla\plugins\npagee64.dll [2017-10-02]
Chrome:
=======
CHR Profile: C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default [2023-02-10]
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&pc=COS2&ptag=D040721-N0640A74DCDF78DC&form=CONBDF&conlogo=CT3335043
CHR DefaultSearchKeyword: Default -> bing®
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab?pc=COS2&ptag=D040721-N0630A74DCDF78DC&form=CONMHP&conlogo=CT3335043
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (PriceTiger) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bolplfmefepdhhakjbdggjmocjdkjkgb [2021-12-20]
CHR Extension: (Cookie Raccoon) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipiciigpkfkldonnnjdjkldkfpmpack [2021-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-24]
CHR Profile: C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-22]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR Profile: C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable [2023-02-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-10]
OPR Extension: (Opera Wallet) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-16]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-23]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [63408 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe [1561032 2022-10-12] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [892928 2016-06-02] (HP Inc.) [Datei ist nicht signiert]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [797640 2023-01-10] (HP Inc. -> HP Inc.)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [796616 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [459800 2016-06-02] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [793000 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [796584 2023-01-10] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe [606664 2022-10-12] (HP Inc. -> HP Inc.)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [35104 2017-03-02] (RealNetworks, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2575360 2020-06-17] (Sony) [Datei ist nicht signiert]
S3 CitrixEnterpriseBrowserElevationService; "C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\105.1.1.27\elevation_service.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 ctxusbm; C:\WINDOWS\system32\DRIVERS\ctxusbmon.sys [136680 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsladd8bc02; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B9F55EA7-AC3E-4AE5-A728-FA4A92CC7CD4}\MpKslDrv.sys [214280 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2017-11-17] (Audials AG -> Audials AG)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [57648 2017-11-17] (Audials AG -> RapidSolution Software AG)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-02-15 13:34 - 2023-02-15 13:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2023-02-15 10:29 - 2023-02-15 10:29 - 000000000 ___HD C:\$WinREAgent
2023-02-12 17:37 - 2023-02-12 17:37 - 000000000 ____D C:\Users\Ganz\Downloads\FRST03
2023-02-12 17:27 - 2023-02-15 14:16 - 000000000 ____D C:\Users\Ganz\Downloads\FRST 02
2023-02-10 13:58 - 2023-02-10 13:58 - 000000000 ____D C:\Users\Ganz\AppData\Local\AviraWebView2Cache
2023-02-10 13:19 - 2023-02-10 13:27 - 000071523 _____ C:\Users\Ganz\Desktop\Addition.txt
2023-02-10 13:19 - 2023-02-10 13:19 - 000000000 ___HD C:\$AV_ASW
2023-02-10 13:15 - 2023-02-10 13:27 - 000058727 _____ C:\Users\Ganz\Desktop\FRST.txt
2023-02-10 13:12 - 2023-02-15 14:17 - 000000000 ____D C:\FRST
2023-02-10 13:12 - 2023-02-12 17:32 - 000000000 ____D C:\Users\Ganz\Downloads\FRST02
2023-02-10 13:10 - 2023-02-13 16:24 - 000000000 ____D C:\Users\Ganz\AppData\Roaming\SEO
2023-02-10 13:10 - 2023-02-10 13:10 - 003480536 _____ C:\Users\Ganz\Downloads\FRST02.zip
2023-02-10 13:10 - 2023-02-10 13:10 - 000001712 _____ C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SearchEngineOptimizer.lnk
2023-02-10 13:08 - 2023-02-10 13:08 - 005331520 _____ (CHIP Digital GmbH) C:\Users\Ganz\Downloads\Farbar Recovery Scan Tool (HijackThis Alternative) - CHIP Installer _4SHHx.exe
2023-02-10 13:00 - 2023-02-10 13:00 - 000000000 ____D C:\Users\Public\Security Sessions
2023-02-10 12:58 - 2023-02-10 13:00 - 000000000 ____D C:\Users\Ganz\AppData\Local\Avira
2023-02-10 12:58 - 2023-02-10 12:58 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2023-02-10 12:57 - 2023-02-15 13:39 - 000000000 ____D C:\Program Files (x86)\Avira
2023-02-10 12:57 - 2023-02-15 13:36 - 000000000 ____D C:\ProgramData\Avira
2023-02-03 00:08 - 2023-02-10 12:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-03 00:08 - 2023-02-03 00:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-20 14:30 - 2023-01-20 19:07 - 000271360 _____ C:\Users\Ganz\Desktop\Outlook.pst
2023-01-20 14:29 - 2023-01-20 14:29 - 000000000 ____D C:\Users\Ganz\Documents\Outlook-Dateien
2023-01-20 14:28 - 2023-01-20 14:28 - 000002423 _____ C:\Users\Public\Desktop\Windows-Migrationsassistent.lnk
2023-01-20 14:27 - 2023-01-20 14:27 - 059884472 _____ (Apple Inc.) C:\Users\Ganz\Desktop\WindowsMigrationAssistantSetup.exe
2023-01-19 14:36 - 2023-01-19 14:36 - 000000000 ____D C:\Users\Ganz\Downloads\Flüchtling
2023-01-18 17:21 - 2023-01-18 17:21 - 000021233 _____ C:\Users\Ganz\Documents\00000000-MUSTER Matilda.dotm
2023-01-18 17:16 - 2023-01-18 17:16 - 000021267 _____ C:\Users\Ganz\Documents\00000000-MUSTER Moritz.dotm
2023-01-18 16:59 - 2023-01-18 16:59 - 000050869 _____ C:\Users\Ganz\Documents\00000000-MUSTER- Ari - Peter Anschreiben.dotm
2023-01-18 16:13 - 2023-01-18 16:22 - 000050615 _____ C:\Users\Ganz\Documents\00000000-MUSTER- Peter - Anschreiben Peter .dotm
2023-01-18 16:01 - 2023-01-18 16:01 - 000004096 ____H C:\Users\Ganz\AppData\Local\keyfile3.drm
2023-01-17 11:21 - 2023-02-12 15:44 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-02-15 14:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-15 14:10 - 2017-10-13 15:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-15 14:05 - 2020-12-14 20:41 - 001883140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-15 14:05 - 2019-12-07 15:51 - 000804906 _____ C:\WINDOWS\system32\perfh007.dat
2023-02-15 14:05 - 2019-12-07 15:51 - 000175844 _____ C:\WINDOWS\system32\perfc007.dat
2023-02-15 14:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-15 14:04 - 2022-02-11 12:09 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-15 14:03 - 2017-04-26 10:04 - 000000000 ____D C:\Users\Ganz\AppData\LocalLow\Mozilla
2023-02-15 14:02 - 2017-03-10 22:44 - 000000000 ____D C:\Program Files\CCleaner
2023-02-15 14:00 - 2020-12-14 20:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-15 14:00 - 2020-12-14 20:34 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-15 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-15 14:00 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-15 14:00 - 2017-06-19 09:07 - 000000000 ____D C:\ProgramData\Synaptics
2023-02-15 14:00 - 2017-04-25 17:35 - 000000000 __SHD C:\Users\Ganz\IntelGraphicsProfiles
2023-02-15 14:00 - 2016-09-25 04:40 - 000000000 ____D C:\Intel
2023-02-15 13:57 - 2018-02-26 22:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-15 13:47 - 2017-03-03 15:48 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-02-15 13:46 - 2018-09-16 14:17 - 000000000 ____D C:\Users\Ganz\AppData\Local\AVAST Software
2023-02-15 13:46 - 2018-09-16 14:16 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2023-02-15 13:46 - 2018-09-16 14:15 - 000000000 ____D C:\ProgramData\AVAST Software
2023-02-15 13:44 - 2021-07-29 18:30 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2023-02-15 13:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-15 13:39 - 2022-09-22 10:37 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-15 13:39 - 2020-12-14 20:34 - 000705360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-15 13:37 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 13:34 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-15 13:12 - 2020-12-14 20:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-15 11:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-15 10:44 - 2022-09-22 10:37 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-15 10:44 - 2020-12-14 20:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-15 10:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 10:35 - 2020-12-14 20:35 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 10:28 - 2017-03-03 15:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 10:23 - 2017-03-03 15:47 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-13 16:23 - 2017-12-01 22:14 - 000000000 ____D C:\Program Files\Opera
2023-02-12 15:44 - 2020-03-14 04:13 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-10 14:18 - 2018-09-23 15:06 - 000000000 ____D C:\Users\Ganz\AppData\Local\CrashDumps
2023-02-10 14:00 - 2018-07-06 10:17 - 000000000 ____D C:\Users\Ganz\AppData\Local\D3DSCache
2023-02-09 22:48 - 2021-12-13 16:48 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-749038088-1968257971-3176724149-1005
2023-02-09 22:48 - 2021-08-25 13:54 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Ganz
2023-02-09 22:48 - 2020-12-14 20:44 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-09 22:48 - 2020-12-14 20:44 - 000003560 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-02-09 22:48 - 2020-12-14 20:44 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-09 22:48 - 2020-12-14 20:44 - 000003336 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-02-09 22:48 - 2020-12-14 20:44 - 000003320 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1512162865
2023-02-09 22:48 - 2020-12-14 20:44 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-749038088-1968257971-3176724149-1005
2023-02-09 19:12 - 2017-10-13 15:06 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-09 13:43 - 2021-10-16 03:00 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2023-02-07 17:14 - 2016-09-25 05:12 - 000000000 ____D C:\ProgramData\HPQLOG
2023-02-04 11:29 - 2017-03-04 06:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-03 00:08 - 2017-03-04 06:51 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-02 11:19 - 2020-12-14 20:37 - 000002399 _____ C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-27 09:39 - 2020-10-02 12:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-20 14:28 - 2022-07-19 11:24 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows-Migrationsassistent.lnk
2023-01-19 09:41 - 2016-09-25 04:45 - 000000000 ____D C:\ProgramData\HP
2023-01-19 09:41 - 2016-08-22 03:00 - 000000000 ____D C:\Program Files\HP
2023-01-18 17:01 - 2020-03-20 10:10 - 000000000 ___RD C:\Users\Ganz\Documents\alles
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2017-12-05 15:02 - 2017-12-05 15:02 - 039301064 _____ (Flash-Integro LLC ) C:\Program Files (x86)\video_editor_x32.exe
2017-12-05 15:02 - 2017-12-05 15:02 - 044416504 _____ (Flash-Integro LLC ) C:\Program Files (x86)\video_editor_x64.exe
2023-01-18 16:01 - 2023-01-18 16:01 - 000004096 ____H () C:\Users\Ganz\AppData\Local\keyfile3.drm
2017-12-08 21:59 - 2017-12-08 21:59 - 000002787 _____ () C:\Users\Ganz\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
15.02.2023, 21:17
| #5 |
| | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis]Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01
durchgeführt von Ganz (15-02-2023 14:20:34)
Gestartet von C:\Users\Ganz\Downloads\FRST 02
Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) (2020-12-14 19:45:00)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-749038088-1968257971-3176724149-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-749038088-1968257971-3176724149-503 - Limited - Disabled)
Ganz (S-1-5-21-749038088-1968257971-3176724149-1005 - Administrator - Enabled) => C:\Users\Ganz
Gast (S-1-5-21-749038088-1968257971-3176724149-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-749038088-1968257971-3176724149-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4uKey for Android (HKLM-x32\...\{4uKeyforAndroid}_is1) (Version: 2.5.3.2 - Tenorshare, Inc.)
7-Zip 22.00 (HKLM-x32\...\{23170F69-40C1-2701-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
Apple Application Support (64-Bit) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{065D0CC8-C382-48AF-8A88-0DD3366EB26C}) (Version: 16.0.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Audials (HKLM-x32\...\{3C3F830F-50AF-41ED-A96A-1C8D6B7F7517}) (Version: 18.1.29300.0 - Audials AG)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
BCR Plug-in (HKLM-x32\...\{0C079D73-40B6-4A29-93F3-30617AAA335A}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
BlueJ (HKLM\...\{AF0BEA9E-1AB2-4613-A6B5-4ECC105A8A23}) (Version: 5.1.0 - BlueJ Team)
BlueJ (HKLM-x32\...\{92FD2477-5855-4863-B4C1-405C7853FD9F}) (Version: 4.1.2 - BlueJ Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-5490CN (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-L2720DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Citrix Authentication Manager (HKLM-x32\...\{0C490C5C-246A-4281-993E-831319A7655F}) (Version: 22.10.0.2 - Citrix Systems, Inc.) Hidden
Citrix Web Helper (HKLM-x32\...\{D958DC9B-9ED1-46AE-A84B-4679E5592538}) (Version: 22.10.0.13 - Citrix Systems, Inc.) Hidden
Citrix Workspace (DV) (HKLM-x32\...\{E2271D30-A77C-448D-AD6D-38ECBEBC2C26}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
Citrix Workspace (USB) (HKLM-x32\...\{9E24A88B-54AE-44E7-A2BD-BA5139E45ECD}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
Citrix Workspace 2210 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 22.10.0.21 - Citrix Systems, Inc.)
Citrix Workspace Inside (HKLM-x32\...\{19C8F1A9-2F50-49A6-9B81-2C4CE9845521}) (Version: 22.10.0.13 - Citrix Systems, Inc.) Hidden
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.239.70 - Conexant)
CRaccoon (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\CRaccoon) (Version: 1.5.0 - CRX) <==== ACHTUNG
CutOut 6.0 (HKLM\...\CutOut 6_is1) (Version: 6.0 - Franzis.de)
Discover HP Touchpoint Manager (HKLM-x32\...\{480FA137-DB2E-4C1A-89EF-476E69E175ED}) (Version: 1.0.19.1 - HP)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Free HTML5 Video Player and Converter (HKLM-x32\...\Free HTML5 Video Player and Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.77 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP Battery Recall Utility (HKLM-x32\...\{26ACF49F-254F-491C-B08E-AAA0D5C982CF}) (Version: 1.3.0.5 - Hewlett-Packard) Hidden
HP Battery Recall Utility (HKLM-x32\...\{40770191-b457-4e92-9e2e-386a15408136}) (Version: 1.3.0.5 - HP Inc.)
HP Client Security Manager (HKLM\...\{B4A0B76D-EAE6-4717-AEB3-58C1BCD7B9E8}) (Version: 9.0.0.2116 - HP Inc.) Hidden
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.0.0.2116 - HP Inc.)
HP Device Access Manager (HKLM\...\{766ED263-4CA0-4D2F-9FA8-717827F718D6}) (Version: 8.3.16.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{872897C1-CDCD-4466-82AA-5483BCCF09C7}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{B0D5BCD0-8DFB-48A3-9BDF-4E183159E420}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{C0407127-4831-47CD-8A7A-E5ED7A2D398B}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{FC292FE3-B7B0-492C-BC2E-C0DFCA30FC92}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{39404020-C431-4331-9241-62956555DA49}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{3efaef38-ee9e-4421-bea3-e0a4d835d3f4}) (Version: 5.1.20088 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{C5AD7A64-6DDF-482A-8E7D-FA1DED0A201A}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.2.2 - HP)
HP JumpStart Bridge (HKLM-x32\...\{6B4A5299-4837-485A-B71D-7F1CE6F8F018}) (Version: 1.0.0.143 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}) (Version: 1.0.145.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP SoftPaq Download Manager (HKLM-x32\...\{92db00b4-c4ee-4893-bc4e-8be6548b2742}) (Version: 4.3.4.0 - HP)
HP Software Setup (HKLM-x32\...\{C968E860-054F-490F-95C6-C9A29601459E}) (Version: 9.2.2 - HP)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.26 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{E570B9C2-9A83-4938-BBD5-0A8C068083C1}) (Version: 1.2.3.1 - HP INC)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.11 - SunplusIT)
icofx 3.3 (HKLM-x32\...\icofx 3_is1) (Version: 3.3 - IcoFX Software S.R.L.)
Incomedia WebSite X5 v14 - Free (HKLM\...\{07FE2BFD-5423-4FB4-95C0-28634BEB0961}_is1) (Version: 14.0.2.1 - Incomedia s.r.l.)
Intel(R) Chipset Device Software (HKLM\...\{3AE6FD56-D431-4B53-94F0-95E844206ADF}) (Version: 10.1.1.32 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{00176A23-1A4E-4429-817E-44B40D9EF692}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0854C811-6DAD-441D-AB36-2F73631A04A1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{650FF4FD-69E7-4AA4-9F46-6B7DFC8489F7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{1535E647-D354-4775-9EE8-FD9E8ED0701A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.2.1044 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{AD29B896-0901-4B3E-9C2A-BD59B38A9568}) (Version: 15.0.2.1044 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel(R) Wireless Manageability Driver (HKLM\...\{28C2C4DE-AAF6-424D-B018-5142729E1C67}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Manageability Driver Extension (HKLM\...\{03C415A8-0861-4BB7-8857-27089E6C298A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed4a5da7-ac62-4aa5-9502-7b4de55e8cb5}) (Version: 20.20.2 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
iTunes (HKLM\...\{8402150E-474C-45D1-908F-E5989C71DDE9}) (Version: 12.12.5.8 - Apple Inc.)
LibreOffice 7.4.1.2 (HKLM\...\{2382F0CD-B06A-49B7-912F-A8BB1C7FD511}) (Version: 7.4.1.2 - The Document Foundation)
Meine CEWE FOTOWELT (HKLM-x32\...\Meine CEWE FOTOWELT) (Version: 6.3.1 - CEWE Stiftung u Co. KGaA)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.41 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (HKLM\...\{90140000-002A-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{2FAF2A80-5906-467E-8AD2-B83C94383600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F85F7FF0-5DFF-4BC0-9045-C9573D1BC11F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31823 (HKLM-x32\...\{ac8ae441-cfc2-41f2-bbca-7b6668740f8d}) (Version: 14.34.31823.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31823 (HKLM-x32\...\{485c6580-376a-450b-9a80-43c390b968a3}) (Version: 14.34.31823.3 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31823 (HKLM\...\{79DB9AFA-0B61-46EE-97F7-29D2A9C93702}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31823 (HKLM\...\{91974FA7-D8C0-4EBB-A37F-4E538C9C0B8B}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31823 (HKLM-x32\...\{EB6DFC76-FC58-4F00-811A-09FC83EDB02B}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31823 (HKLM-x32\...\{54AAF010-4412-441C-AFDF-5566370458AA}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 109.0.1 (x64 de)) (Version: 109.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 109.0.1.8427 - Mozilla)
Mozilla Thunderbird (x86 de) (HKLM-x32\...\Mozilla Thunderbird 102.6.1 (x86 de)) (Version: 102.6.1 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.9.0 - F.J. Wechselberger)
MZD-AIO-TI 2.8.4-1 (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\34093d1a-b79c-5bd0-8c69-6049d0980230) (Version: 2.8.4-1 - Trevelopment)
NetScaler Gateway Endpoint Analysis (HKLM\...\{58267A97-11B6-4182-A02E-54CF86F91807}) (Version: 11.0.63.16 - Citrix Systems, Inc.)
Online Plug-in (HKLM-x32\...\{29FB4818-23DC-4740-8F7E-AE2F59527F69}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
Opera Stable 95.0.4635.37 (HKLM-x32\...\Opera 95.0.4635.37) (Version: 95.0.4635.37 - Opera Software)
PDF24 Creator 11.3.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.3.0 - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.321.0 - Tracker Software Products Ltd)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PriceWatch (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\PriceWatch) (Version: - PriceWatch)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.131 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.)
Saturn Fotoservice (HKLM-x32\...\Saturn Fotoservice) (Version: 6.4.1 - CEWE Stiftung u Co. KGaA)
Self-Service Plug-in (HKLM-x32\...\{CE1601F3-E1A8-43F3-9330-0411F6EB6D5B}) (Version: 22.10.0.13 - Citrix Systems, Inc.) Hidden
SEO (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\SEO) (Version: 2.41 - Business Convers Track S.R.L.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{97099817-53F1-4CA1-ACEA-DA6D74371689}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{996096F8-956B-41C9-A7E3-9BA1E801014F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{D505EC85-885F-4BE3-8A89-3EFE4F855692}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.8.32 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{FE645EDA-C5B2-4CF3-B9E7-AFABD5710EEF}) (Version: 4.5.335.0 - Synaptics)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 11.5.0 - Universal Media Server)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VdhCoApp 1.4.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSDC Free Video Editor Version 7.1.13.433 (HKLM\...\VSDC Free Video Editor_is1) (Version: 7.1.13.433 - Flash-Integro LLC)
Windows-Migrationsassistent (HKLM-x32\...\{B2C74A62-5D4F-41AF-96EB-1189AE4E9936}) (Version: 2.4.2.0 - Apple Inc.)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
WunderBAR (HKLM\...\WunderBAR) (Version: 1.0 - WunderBAR)
Xperia Companion (HKLM-x32\...\{4C89779F-A2CD-4EF7-83F3-B84F9CB79422}) (Version: 2.10.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{cc171adc-ddf5-4459-9a2c-61b09746b2ff}) (Version: 2.10.2.0 - Sony)
Xperia Companion Service (HKLM\...\{170F2831-C087-4536-B3A5-3CF872F6BC0F}) (Version: 2.10.2.0 - Sony) Hidden
Packages:
=========
Discover HP Touchpoint Manager -> C:\Program Files\WindowsApps\AD2F1837.DiscoverHPTouchpointManager_1.0.15.1_x86__v10z8vjag6ke6 [2017-06-13] (HP Inc.)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2023-01-20] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.23.20.0_x64__v10z8vjag6ke6 [2023-01-19] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.29.0_x64__v10z8vjag6ke6 [2022-03-29] (HP Inc.)
Kluge Archive -> C:\Program Files\WindowsApps\49825WiseWidget.Wise2017_1.1.0.0_x86__z0nrqz0z5ajrj [2018-01-23] (Wise Widget)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_7.1.0.0_x86__h6adky7gbf63m [2023-02-03] (Gameloft SE)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-16] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.)
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2022.1020.2155.506_neutral__8wekyb3d8bbwe [2022-10-20] (Microsoft Corporation)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2023-01-20] (New Work SE)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Ganz\Downloads\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Ganz\Downloads\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Ganz\Downloads\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2017-07-12 19:55 - 2009-02-27 15:38 - 000139264 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2019-10-30 04:10 - 2019-10-30 04:10 - 000710656 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52\e_sqlite3.dll
2021-06-11 10:57 - 2021-06-11 10:57 - 038131712 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52\Xing.UWP.dll
2018-05-03 12:49 - 2005-04-22 12:36 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll
2022-04-25 14:15 - 2014-06-16 14:45 - 000137728 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2022-04-25 14:15 - 2014-06-16 15:03 - 000083968 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2022-04-25 14:15 - 2014-06-16 15:03 - 017955328 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2022-04-25 14:15 - 2014-06-16 15:03 - 000088064 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcLGer.dll
2017-07-12 19:55 - 2013-03-08 07:44 - 000087040 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll
2022-10-03 06:16 - 2022-10-03 06:16 - 000512000 _____ (Citrix Systems, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\Shims.dll
2021-10-01 01:19 - 2021-10-01 01:19 - 002548736 _____ (Citrix Systems, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Citrix\ICA Client\sslsdk_b.dll
2016-07-19 11:00 - 2016-07-19 11:00 - 000384512 _____ (Crossmatch, Inc.) [Datei ist nicht signiert] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2016-07-19 10:13 - 2016-07-19 10:13 - 000220160 _____ (RFIDeas) [Datei ist nicht signiert] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\pcProxAPI.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-01-10] (HP Inc. -> HP Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-01-10] (HP Inc. -> HP Inc.)
Toolbar: HKLM - WunderBAR - {5EB1C9F4-44B6-4DE1-9C4D-CCEB6AFC6CF0} - C:\Users\Ganz\AppData\Roaming\WunderBAR\WunderBAR.dll [2021-12-20] (CHIP Communications GmbH -> )
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2019-01-04 13:02 - 000000938 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-12-19 21:04 - 2022-08-03 20:32 - 000000506 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
Network Binding:
=============
WLAN: RadioRip Filter Driver -> RrNetCapFilterDriver (enabled)
Ethernet: RadioRip Filter Driver -> RrNetCapFilterDriver (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Universal Media Server.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "BrMfcWnd"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_33AB6AD30668417CC16079428DBD5A47"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{8E00D7E5-0BB0-4177-95BE-01B3B185C0CA}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [{8A47E056-BFAF-42E3-9097-4BA7536B5FA5}] => (Allow) LPort=31931
FirewallRules: [{C1410BC5-E31A-4DA9-8EBD-091877247672}] => (Allow) LPort=14714
FirewallRules: [{42289722-13D8-4294-977F-C5D411A46239}] => (Allow) LPort=12972
FirewallRules: [{C5A768B6-7282-4B35-9D88-2BC2B97486AF}] => (Allow) C:\Program Files (x86)\Audials\Audials 2018\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [UDP Query User{213CC204-02CC-44BA-8D02-373B383A7B23}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{337225E1-CBB2-4C63-9970-49C6FB7A8567}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FD2DDB22-4B43-4794-864A-7140111999E2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8C35D5D5-D7EE-4A9E-9E40-4B5216B3CDEA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E40F5325-480D-4578-A907-F8A2DD1C7661}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C8D45BF8-D9DE-4DC2-BE8E-A0410B04D3DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0C00F326-B355-4381-B838-77AADE53A538}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{BBF76483-2E81-4138-9704-D6B88CA6148A}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{8091CB17-40DC-4C11-82CE-B7D85F42BAE3}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{D73AF4A9-F386-4883-AB9C-AA76B8E0595D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{3D3766D6-52D6-42F4-8366-6BEDB25D6113}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{4A8622E2-E9B2-4360-9CCA-2C68B012B6EC}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{96649238-ED31-46E8-9E34-140DE9A2049E}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{0CA547AD-CEB4-4426-96E2-4561392B7478}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{95BA13F9-BF24-4A39-8F79-733F73E9D7B7}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{5F3444C3-7244-4191-AA81-D6581E68EBEE}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{62872BD2-D582-4F40-8581-3679A347B212}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{1EA54552-7FAE-42E7-B722-6F9BDA63B080}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{C566B9FE-698B-47B5-BD7D-4C9892711EB1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A2456256-9F42-41F1-99DE-9F5039C2BE41}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D89971EB-81D7-4406-BF02-620E2881264C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{288A7309-33F8-4BC7-B7A2-B3BBEE107389}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A270345C-1234-49FE-90DB-4070135F2C7B}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{AD1C5FE3-D113-4A25-9275-6CEE93B2BAEF}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{7BE38158-9D47-4C8F-A105-3277680B7B5E}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{01CA72C1-71CC-4063-9C2A-6598BD50770D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6A6BB7A6-2036-4F7D-9A09-18B54C3CBC15}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{A9C12040-623C-4FC2-9765-BD1D440073EF}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{2865F3C7-BAAD-4747-B054-BA87C7F2D4EB}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{69C5226B-F423-4E28-8A69-6E0CE808DDDA}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{623DD88E-621D-4F62-9448-E33F4593CE6D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{E4435320-EF2B-4AD0-B695-18DF95BF9EA2}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{49168388-14CE-4DDA-86DA-94616718FC76}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{1DF8B103-846A-4D2A-BFFA-4D004850BC58}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CD426E35-4D56-4D7F-B400-8B71E24FC73A}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{BD8789DF-501B-427E-971E-BD2135B49FD1}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{A88D6C54-E21A-44FD-8406-BBB96B94BA05}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{C8391E8D-5C11-4A4A-B060-4C54713BEC4F}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6A9396D8-D90C-4724-A937-5A59E918EF46}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CA58FFF0-E451-4BE7-BC45-4D2A2C00B4E2}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{EDACBB0A-79DB-487F-9FC2-C45438C41A4D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{2AFB5B5F-BC98-42F3-B24E-6959DB0D80E6}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{07DB5E97-CE1A-4576-A0CF-8D9DDC5B9A98}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{38021E55-8D63-4826-B7F6-768EDF6305D1}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CBA54C41-9931-4047-8DC2-2EEA5AA739CA}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{5EEAADAE-BE94-4FAD-A164-BC8CEB4687A3}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CC69F2BB-2E5A-402C-8C18-78F4CD9DB6FA}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6CCA7C8D-3BA1-4DD5-A52E-16AE188CBCF5}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6AEE9EA7-E9C3-4896-8109-6F634206D0FE}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{C3E56817-8484-46C9-AAFC-96E2C966C883}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{157A6EA5-A100-4B9C-A16E-E6FEA2C230EE}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{F9AC027C-CA45-4025-B190-E45DAF2E66EB}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{2B3A7B0D-FC2E-4E8E-BCF7-A92830C337FC}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{A54A5162-3FDF-45C5-A594-4BDFDCA3308F}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{78986FF5-F01B-4A6C-B5F2-7BFA3B798F09}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{11F48B42-807C-47CD-BDCC-E184DB003408}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{82FCC592-1A91-4DA0-B744-AEC92CCBC4F3}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{6E63B20A-4553-459A-A885-682BF590AFF0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{531A2086-3D70-40B5-BA5B-E72F257C60D1}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe => Keine Datei
FirewallRules: [UDP Query User{F71C7B97-D3BA-4719-9D6D-36FC6ADE3C2F}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe => Keine Datei
FirewallRules: [TCP Query User{FA235490-E84C-4427-8CED-4E4EFCBD9970}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{DA957823-4A51-402E-AD3B-4ACA66C12A24}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{993B8542-D461-40EA-A3A9-209C7861E3FE}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE (Brother Industries, Ltd.) [Datei ist nicht signiert]
FirewallRules: [{6BD3370E-D2A3-4986-9701-822C4084CDDD}] => (Allow) LPort=54925
FirewallRules: [{37793D2D-3F22-4303-9C4C-07AD4322081D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ED4389CA-7F94-4502-969E-209DD7BF1BC4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4EB6CE50-8F3D-45C2-81EA-EFE1ABA5EE5D}] => (Allow) C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\CitrixEnterpriseBrowser.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{DAB23AE4-0432-4270-A32E-43F14F11FE17}] => (Allow) C:\Program Files (x86)\Universal Media Server\jre17\bin\java.exe
FirewallRules: [{09BAAD46-CE6A-4979-A734-486664855A3D}] => (Allow) C:\Program Files (x86)\Universal Media Server\jre17\bin\javaw.exe
FirewallRules: [{7C7AD387-2459-4968-BDA6-296FE3AD2888}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF68D1A6-D3AF-4D40-AF55-E728F693DD0C}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{81498BA0-C148-4F4A-ACC0-A2A391B7E5CB}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{68DF2471-568F-40C3-9302-C25E45F640EB}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{250F0D65-EB85-4D15-8413-828259527AD7}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{8C8A0FAE-31FE-46DA-83BF-BC6C44BA5A3C}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{931F82D7-62B5-41F5-95C9-991B7F944B76}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{2AEC3F89-A1F0-44FE-975E-8E16E3491D48}] => (Allow) C:\Program Files\Opera\94.0.4606.76\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{40F3A9AB-E3A5-44B4-AAC5-B44E93CC5931}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D27F5456-B6E4-440E-BE60-6069C26BA36D}] => (Allow) C:\Program Files\Opera\95.0.4635.37\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{E84BCA26-B2E6-4B60-8C0D-F5B23D2C9544}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{749FFCB8-1F71-4CC6-82F4-894C0FDED474}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{28C41F1C-6EB6-4B3F-A329-26615455F8D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{980FED9E-204D-4AEB-8C11-1519C7D85831}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA26D30A-9DD5-4B87-BCC5-A8AFD368D8AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Wiederherstellungspunkte =========================
30-01-2023 18:32:17 Geplanter Prüfpunkt
04-02-2023 11:27:06 Windows Modules Installer
13-02-2023 17:32:02 Geplanter Prüfpunkt
15-02-2023 10:28:23 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/15/2023 02:02:45 PM) (Source: HPTouchpointAnalyticsService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at HP.TouchpointAnalyticsClient.Commons.Utils.HpsaUtils.get_HpsaVersion()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.DefaultAccountNameProvider.get_Hpsa()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.FindAccountName(IAccountNameProvider nameProvider)
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.CreateDefault()
at HP.TouchpointAnalyticsClient.Service.ClientScheduler..ctor()
at HP.TouchpointAnalyticsClient.Service.TouchpointAnalyticsClientService.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/15/2023 02:01:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname hp-ArbeitsZ.local already in use; will try hp-ArbeitsZ-2.local instead
Error: (02/15/2023 02:01:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 hp-ArbeitsZ.local. Addr 192.168.178.21
Error: (02/15/2023 02:01:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.21:5353 16 hp-ArbeitsZ.local. AAAA FD52:02F7:B2D4:4D9F:9B46:9119:25FA:3B96
Error: (02/15/2023 02:01:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 hp-ArbeitsZ.local. AAAA FE80:0000:0000:0000:475A:C5B6:B63F:03DD
Error: (02/15/2023 02:01:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.21:5353 16 hp-ArbeitsZ.local. AAAA FD52:02F7:B2D4:4D9F:9B46:9119:25FA:3B96
Error: (02/15/2023 02:01:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 hp-ArbeitsZ.local. AAAA 2A00:6020:B0B3:7A00:8135:EE34:E1D8:70BD
Error: (02/15/2023 02:01:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.21:5353 16 hp-ArbeitsZ.local. AAAA FD52:02F7:B2D4:4D9F:9B46:9119:25FA:3B96
Systemfehler:
=============
Error: (02/15/2023 02:01:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/15/2023 02:00:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) TPM Provisioning Service erreicht.
Error: (02/15/2023 01:47:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/15/2023 01:47:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) TPM Provisioning Service erreicht.
Error: (02/15/2023 01:39:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/15/2023 01:39:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) TPM Provisioning Service erreicht.
Error: (02/15/2023 01:37:17 PM) (Source: DCOM) (EventID: 10010) (User: HP-ARBEITSZ)
Description: Der Server "{60A90A2F-858D-42AF-8929-82BE9D99E8A1}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/15/2023 01:12:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 6 Mal passiert.
CodeIntegrity:
===============
Date: 2023-02-15 14:20:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-02-15 13:45:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-02-15 13:41:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2023-02-15 13:40:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: HP P85 Ver. 01.23 07/18/2018
Hauptplatine: HP 8231
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 8087.75 MB
Verfügbarer physikalischer RAM: 3890.58 MB
Summe virtueller Speicher: 12183.75 MB
Verfügbarer virtueller Speicher: 7978.83 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:217.92 GB) (Free:52.65 GB) (Model: SanDisk SD8SNAT-256G-1006) NTFS
Drive d: (Recovery Image) (Fixed) (Total:17.11 GB) (Free:2.18 GB) (Model: SanDisk SD8SNAT-256G-1006) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) (Model: SanDisk SD8SNAT-256G-1006) FAT32
\\?\Volume{874a37b2-6db1-4ec8-a06c-233c67c77a06}\ () (Fixed) (Total:0.96 GB) (Free:0.16 GB) NTFS
\\?\Volume{19c3a624-b5ce-4ac2-8c4f-aa680a2739fa}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.25 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 86F4951B)
Partition: GPT.
==================== Ende von Addition.txt =======================
Das System hat mich aufgefordert eine zweite Nachricht hochzuladen da es insgesammt zu groß sei! |
|
15.02.2023, 21:56
| #6 |
| /// TB-Ausbilder | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] Vielen Dank für die Logdateien.  Du hast alles richtig gemacht. Was kannst du mir zu dieser Software, die auf deinem System installiert ist, sagen? WunderBAR (HKLM\...\WunderBAR) (Version: 1.0 - WunderBAR) Wofür ist sie? Wir beginnen mit den ersten beiden Schritten der Bereinigung. Weitere Schritte folgen im Anschluss. Schritt 1 Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 2 Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Bitte poste mit deiner nächsten Antwort:
|
|
16.02.2023, 14:38
| #7 |
| | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] Hi, Ich glaube, dass ich WunderBAR vor langer Zeit mal runtergeladen habe (von Chip???). Was, wofür - keine Ahnung :-( Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 16.02.23
Scan-Zeit: 11:03
Protokolldatei: 272ddca0-ade1-11ed-bc4a-7cb0c29bfedc.json
-Softwaredaten-
Version: 4.5.22.236
Komponentenversion: 1.0.1915
Version des Aktualisierungspakets: 1.0.65766
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.2604)
CPU: x64
Dateisystem: NTFS
Benutzer: hp-ArbeitsZ\Ganz
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 335310
Erkannte Bedrohungen: 14
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 8 Min., 59 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 2
PUP.Optional.ChipDe, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\chip 1-click download service, Keine Aktion durch Benutzer, 584, 463412, 1.0.65766, , ame, , ,
PUP.Optional.ChipDe, HKLM\SYSTEM\SETUP\FIRSTBOOT\SERVICES\chip1click, Keine Aktion durch Benutzer, 584, 567244, 1.0.65766, , ame, , ,
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 12
PUP.Optional.SoftonicDownloader, C:\USERS\GANZ\APPDATA\ROAMING\PRICEWATCH\PRICEWATCH.EXE, Keine Aktion durch Benutzer, 11658, 1001426, 1.0.65766, , ame, , C65EFE254F514D4FE8C61FC171ECD711, 87ABD79E73E8258D52A018002FD6C581C58FBFF81058BABB6AA2947486F6E656
PUP.Optional.ChipDe, C:\USERS\GANZ\APPDATA\LOCAL\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}\CHIP INSTALLER.MSI, Keine Aktion durch Benutzer, 584, 594115, 1.0.65766, , ame, , 09592483D17F4F088723F4084EA94BD0, BC47ABA34B923C9C53F71928F1D57F6211D52EC020FA14DCC145B4919108F781
PUP.Optional.ChipDe, C:\WINDOWS\INSTALLER\E548A90.MSI, Keine Aktion durch Benutzer, 584, 594115, 1.0.65766, , ame, , B611022B10D24A0DEFC90AAFA7DDA4DA, 04D0380AE3F5F63DC514B46A65FE26114E69B2610F644F8BD9114D8460CBFEB8
PUP.Optional.ChipDe, C:\USERS\GANZ\DOWNLOADS\GIMP-2.8.22-SETUP - CHIP-INSTALLER.EXE, Keine Aktion durch Benutzer, 584, 562568, 1.0.65766, 276D5EE5933C8736F9BE342F, dds, 02170504, BA8D5225EFCFEAEB5928574214E60085, 77EAB412092799AE6EFC889F4B625960392ADCCFBD4F4D055478B07DD7DB8E1D
PUP.Optional.ChipDe, C:\USERS\GANZ\DOWNLOADS\FARBAR RECOVERY SCAN TOOL (HIJACKTHIS ALTERNATIVE) - CHIP INSTALLER _4SHHX.EXE, Keine Aktion durch Benutzer, 584, 562568, 1.0.65766, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
PUP.Optional.ChipDe, C:\USERS\GANZ\DOWNLOADS\PDF24 CREATOR - INSTALLER _LZP5.EXE, Keine Aktion durch Benutzer, 584, 562568, 1.0.65766, 33F62CC16775FAFA8046EEE0, dds, 02170504, B7A322611566AD49F16E5BB7DC0D2174, 592F1D871DF58D65C0E636142BFE0D55BE21470C6251AAEC6191ED3D4C5E6221
PUP.Optional.ChipDe, C:\USERS\GANZ\DOWNLOADS\ICOFX - CHIP-INSTALLER.EXE, Keine Aktion durch Benutzer, 584, 562568, 1.0.65766, 276D5EE5933C8736F9BE342F, dds, 02170504, B7C01E7816AFF5B0F471CC79C5EFC717, 783733D9E28BF52394BD4A0316A0DB9D74D8ACEE806C55ABBD1E56A510FC3D42
PUP.Optional.ChipDe, C:\USERS\GANZ\DOWNLOADS\SAMSUNG PC STUDIO - CHIP-INSTALLER.EXE, Keine Aktion durch Benutzer, 584, 562568, 1.0.65766, 276D5EE5933C8736F9BE342F, dds, 02170504, 424517A196169972932E8278AFBA048C, 4EA2537AD70F3EC0FC7BC49C863639B71D3A889C642F6F6B64FD7672EB7039FC
PUP.Optional.ChipDe, C:\USERS\GANZ\DOWNLOADS\7 ZIP 32 BIT - CHIP-INSTALLER.EXE, Keine Aktion durch Benutzer, 584, 562568, 1.0.65766, 276D5EE5933C8736F9BE342F, dds, 02170504, 6D1C5F82442482C03AA2310E1FB24B0F, EB7FD7BD94ABD5D05256A1E87B85FAA4F44CD19DEDBABC29463A3971563E8BDC
PUP.Optional.ChipDe, C:\USERS\GANZ\DOWNLOADS\DARKNET BROWSER - CHIP-INSTALLER VOM 12.06.2021 02230617E4F971CF12D236A3A64FE848.EXE, Keine Aktion durch Benutzer, 584, 557991, 1.0.65766, , ame, , 53EA1BA86FA87309A2F4CC82C1759892, FAC9606802AD2BFBD5B9C9D6CCC5577872650C16C49BFD23AFE4D460DA402426
PUP.Optional.ChipDe, C:\USERS\GANZ\DOWNLOADS\FREE HTML5 VIDEO PLAYER AND CONVERTER - CHIP-INSTALLER.EXE, Keine Aktion durch Benutzer, 584, 562568, 1.0.65766, 276D5EE5933C8736F9BE342F, dds, 02170504, 37539D88D34C01E3E5FB7030B28BCD21, B12DA278F0EF853A18F2B4A83BC60BA74A0C06D2172C35714CF9C60000012750
PUP.Optional.ChipDe, C:\USERS\GANZ\DOWNLOADS\DARKNET BROWSER - CHIP-INSTALLER.EXE, Keine Aktion durch Benutzer, 584, 562568, 1.0.65766, 276D5EE5933C8736F9BE342F, dds, 02170504, 009A37774CC31D95E501ED0E6BE630B5, DC43294377F022FADAA7C9EE0F65C59EA2521AB1BBB389615BB3C5AADCB0DD5E
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
# Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2022-10-10.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 02-16-2023 # Duration: 00:00:13 # OS: Windows 10 (Build 19045.2604) # Scanned: 32091 # Detected: 50 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.Chip C:\Users\Ganz\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754} PUP.Optional.Craccoon C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CRaccoon PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion ***** [ Files ] ***** PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\7 ZIP 32 BIT - CHIP-INSTALLER.EXE PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\DARKNET BROWSER - CHIP-INSTALLER.EXE PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\FREE HTML5 VIDEO PLAYER AND CONVERTER - CHIP-INSTALLER.EXE PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\GIMP-2.8.22-SETUP - CHIP-INSTALLER.EXE PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\ICOFX - CHIP-INSTALLER.EXE PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\SAMSUNG PC STUDIO - CHIP-INSTALLER.EXE ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Chip HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service PUP.Optional.Chip HKLM\System\Setup\FirstBoot\Services\chip1click PUP.Optional.Craccoon HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|CRaccoon PUP.Optional.Craccoon HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CRaccoon PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.HPJumpStartBridge Folder C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{031142AB-E0CD-40B5-AE6F-1DBF51CB08DF} Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartProvider Preinstalled.HPJumpStartBridge Task C:\Windows\System32\Tasks\HPJUMPSTARTPROVIDER Preinstalled.HPJumpStartLaunch Folder C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C} Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Users\Ganz\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2B5A1E68-6617-406D-B797-5DAB5B4630B8} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{39C8BE76-CF6A-466F-8618-0B52CC4CA0FC} Preinstalled.HPSureConnect Folder C:\Program Files (x86)\HP INC\HP SURE CONNECT Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6} Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F} Preinstalled.LenovoEasyCamera Registry HKLM\Software\Sunplus SPUVCb Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8 Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## [/CODE] |
|
16.02.2023, 15:08
| #8 | ||
| /// TB-Ausbilder | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis]Zitat:
Zitat:
Wenn ich mir die Logdateien so ansehen, sieht das nicht so aus.  |
|
16.02.2023, 17:11
| #9 |
| | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] Hmm, da habe ich wohl was falsch verstanden. Ich habe die beiden Programme heruntergeladen und ausgeführt und direkt die beide Logdateien gespeichert und an Dich weitergeleitet. Dabei habe ich eigentlich nix gelöscht... Ich schick das nochmal. Vielleicht hat da was nicht geklappt Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-16-2023
# Duration: 00:00:13
# OS: Windows 10 (Build 19045.2604)
# Scanned: 32091
# Detected: 50
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Chip C:\Users\Ganz\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}
PUP.Optional.Craccoon C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CRaccoon
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
***** [ Files ] *****
PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\7 ZIP 32 BIT - CHIP-INSTALLER.EXE
PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\DARKNET BROWSER - CHIP-INSTALLER.EXE
PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\FREE HTML5 VIDEO PLAYER AND CONVERTER - CHIP-INSTALLER.EXE
PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\GIMP-2.8.22-SETUP - CHIP-INSTALLER.EXE
PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\ICOFX - CHIP-INSTALLER.EXE
PUP.Optional.Chip C:\Users\Ganz\Desktop\..\Downloads\SAMSUNG PC STUDIO - CHIP-INSTALLER.EXE
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Chip HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
PUP.Optional.Chip HKLM\System\Setup\FirstBoot\Services\chip1click
PUP.Optional.Craccoon HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|CRaccoon
PUP.Optional.Craccoon HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CRaccoon
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.HPJumpStartBridge Folder C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{031142AB-E0CD-40B5-AE6F-1DBF51CB08DF}
Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartProvider
Preinstalled.HPJumpStartBridge Task C:\Windows\System32\Tasks\HPJUMPSTARTPROVIDER
Preinstalled.HPJumpStartLaunch Folder C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH
Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}
Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Ganz\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{39C8BE76-CF6A-466F-8618-0B52CC4CA0FC}
Preinstalled.HPSureConnect Folder C:\Program Files (x86)\HP INC\HP SURE CONNECT
Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Preinstalled.LenovoEasyCamera Registry HKLM\Software\Sunplus SPUVCb
Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Ich führe beides nochmals (korrekt) durch... |
|
16.02.2023, 17:15
| #10 | |
| /// TB-Ausbilder | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis]Zitat:
|
|
16.02.2023, 19:04
| #11 |
| | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] Hallo Matthias, jetzt sollte es korrekt sein: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 16.02.23
Scan-Zeit: 18:34
Protokolldatei: 20d6be00-ae20-11ed-a54c-7cb0c29bfedc.json
-Softwaredaten-
Version: 4.5.22.236
Komponentenversion: 1.0.1915
Version des Aktualisierungspakets: 1.0.65778
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.2604)
CPU: x64
Dateisystem: NTFS
Benutzer: hp-ArbeitsZ\Ganz
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 333287
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 8 Min., 52 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-16-2023
# Duration: 00:02:33
# OS: Windows 10 (Build 19045.2604)
# Cleaned: 50
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\Users\Ganz\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}
Deleted C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CRaccoon
***** [ Files ] *****
Deleted C:\Users\Ganz\Desktop\..\Downloads\7 ZIP 32 BIT - CHIP-INSTALLER.EXE
Deleted C:\Users\Ganz\Desktop\..\Downloads\DARKNET BROWSER - CHIP-INSTALLER.EXE
Deleted C:\Users\Ganz\Desktop\..\Downloads\FREE HTML5 VIDEO PLAYER AND CONVERTER - CHIP-INSTALLER.EXE
Deleted C:\Users\Ganz\Desktop\..\Downloads\GIMP-2.8.22-SETUP - CHIP-INSTALLER.EXE
Deleted C:\Users\Ganz\Desktop\..\Downloads\ICOFX - CHIP-INSTALLER.EXE
Deleted C:\Users\Ganz\Desktop\..\Downloads\SAMSUNG PC STUDIO - CHIP-INSTALLER.EXE
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|CRaccoon
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CRaccoon
Deleted HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\System\Setup\FirstBoot\Services\chip1click
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{031142AB-E0CD-40B5-AE6F-1DBF51CB08DF}
Deleted Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartProvider
Deleted Preinstalled.HPJumpStartBridge Task C:\Windows\System32\Tasks\HPJUMPSTARTPROVIDER
Deleted Preinstalled.HPJumpStartLaunch Folder C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH
Deleted Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Ganz\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{39C8BE76-CF6A-466F-8618-0B52CC4CA0FC}
Deleted Preinstalled.HPSureConnect Folder C:\Program Files (x86)\HP INC\HP SURE CONNECT
Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Deleted Preinstalled.LenovoEasyCamera Registry HKLM\Software\Sunplus SPUVCb
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Needs Reboot Preinstalled.HPJumpStartBridge Folder C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
*************************
AdwCleaner[S00].txt - [6998 octets] - [16/02/2023 14:33:13]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
|
|
16.02.2023, 20:22
| #12 |
| /// TB-Ausbilder | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] Sehr gut gemacht.  Es wurde eingies an unerwünschte Software und Adware entfernt. Nun bitte einen Kontrollsuchlauf mit FRST (Schritt 1) sowie eine Spezialsuche mit FRST (Schritt 2) ausführen. Schritt 1
Schritt 2
Bitte poste mit deiner nächsten Antwort:
|
|
16.02.2023, 23:09
| #13 |
| | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis]FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
durchgeführt von Ganz (Administrator) auf HP-ARBEITSZ (HP HP ProBook 450 G4) (16-02-2023 22:08:29)
Gestartet von C:\Users\Ganz\Desktop
Geladene Profile: Ganz
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe <7>
(C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HPHotkeyNotification.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> ) C:\Windows\System32\EoAExperiences.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Sony) [Datei ist nicht signiert] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\AuthManager\AuthManSvr.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Users\Ganz\Desktop\adwcleaner.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(svchost.exe ->) (Synaptics Incorporated) [Datei ist nicht signiert] C:\Windows\System32\SynaMonApp.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366960 2022-09-01] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [AnalyticsSrv] => C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe [2634344 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2971608 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [572376 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [InstallHelper] => C:\Program Files (x86)\Citrix\Citrix WorkSpace 2210\InstallHelper.exe [408496 2022-10-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2018\AudialsNotifier.exe [4293016 2017-11-17] (Audials AG -> )
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1690704 2020-06-17] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [MicrosoftEdgeAutoLaunch_33AB6AD30668417CC16079428DBD5A47] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-02-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Run: [] => [X]
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\Policies\system: [shell] explorer.exe <==== ACHTUNG
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.77\Installer\chrmstp.exe [2023-02-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{60f15951-e7ef-11ea-b28e-c4b301b9ed33}] -> C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\105.1.1.27\Installer\chrmstp.exe [2022-10-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-09-25]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2021-01-15]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server) [Datei ist nicht signiert]
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {15CA46FB-959D-4B51-BFE9-A0A7736FC8E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Keine Datei)
Task: {308E4E14-B172-4D77-A401-741F88A04E9F} - System32\Tasks\Opera scheduled Autoupdate 1512162865 => C:\Program Files\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software)
Task: {328CD258-5CE7-424F-861F-4D12D9A9A5A7} - \Opera scheduled assistant Autoupdate 1581001615 -> Keine Datei <==== ACHTUNG
Task: {38910CEB-2644-4815-AD6B-21305847359D} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (Keine Datei)
Task: {3B6A539A-7259-4838-AC79-4E00939768F0} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {45BBC3E4-79A9-43C4-A2A7-78FECF002708} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-01-10] (HP Inc. -> HP Inc.)
Task: {4A5E2EF2-7F49-40E5-BEB8-8CB7EC24DFC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Keine Datei)
Task: {6354BAD4-1C76-4EE2-9870-9503CFA7B03C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149464 2023-01-10] (HP Inc. -> HP Inc.)
Task: {63841390-62C1-40C2-B2D7-484C3D5DA839} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560 2023-02-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {651235E9-621E-4DF1-993D-F3DD7613F7F0} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2018-10-30] (Synaptics Incorporated) [Datei ist nicht signiert]
Task: {74EF12D0-5FE7-41D0-8DDC-50E3FA325845} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe /scheduledcheck (Keine Datei)
Task: {7C693021-6500-4EBA-B005-0241B83C6A85} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe /scheduler (Keine Datei)
Task: {7D84682E-39A2-4B17-ACF7-35D5D5236A62} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\recordingmanager.exe /bgrecordaliveevent (Keine Datei)
Task: {82F2910F-7336-4652-8D05-44D0D8BB5714} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-13] (Google Inc -> Google Inc.)
Task: {87E56F64-2579-4AC4-B49E-5EED09AFAB66} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {89726209-BECC-403E-8E42-457CC030FFC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-13] (Google Inc -> Google Inc.)
Task: {8CFFD35B-91A3-4FCB-8E0D-C3917ACA0D4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {A47605CC-7DCF-4E5A-8933-31BFDB9895DB} - System32\Tasks\CCleanerSkipUAC - Ganz => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A4C71144-A91C-4AF2-89AA-EEA8E4E876D0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {AED56712-B61D-4FDB-A990-F8B7E5A80ED1} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "fad68a5b-a574-4065-95a6-e3cdaa5a95b9" --version "6.09.10300" --silent
Task: {B9A4DEEB-E7D6-416C-B0EA-3FFE820F2971} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.)
Task: {D534D46F-5D40-498D-BD51-458945DCA8D3} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {F700ECBF-D13C-4A58-8998-B5CC5273A503} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-749038088-1968257971-3176724149-1002 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe /logoncheck (Keine Datei)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4aed77b6-c98c-4c8d-933f-4e428e37811f}: [DhcpNameServer] 172.18.1.1
Tcpip\..\Interfaces\{8474238d-b387-42a4-bfee-24a6197d0101}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a2900742-64c8-4bba-b955-4d097f46677e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d04cd47e-9a8a-4710-86a0-74aee1f8bafa}: [DhcpNameServer] 192.168.178.1
Edge:
=======
DownloadDir: C:\Users\Ganz\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-749038088-1968257971-3176724149-1005 -> about:tabs
Edge Notifications: HKU\S-1-5-21-749038088-1968257971-3176724149-1005 -> hxxps://www.hagebau.de
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ganz\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-13]
Edge Notifications: Default -> hxxps://www.hagebau.de
Edge HomePage: Default -> edge://newtab/
Edge Extension: (Avira Safe Shopping) - C:\Users\Ganz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-02-12]
Edge Extension: (Avira Password Manager) - C:\Users\Ganz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-02-12]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: 27pb13jo.default-1579725056422
FF ProfilePath: C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422 [2023-02-16]
FF Notifications: Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422 -> hxxps://www.tui.com
FF Extension: (HTTPS Everywhere) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\https-everywhere@eff.org.xpi [2021-07-14]
FF Extension: (Privacy Badger) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-02-03]
FF Extension: (Startpage.com — Datenschutz-Suchmaschine) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-09-30]
FF Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2020-02-28] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (Video DownloadHelper) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-08]
FF Extension: (DownThemAll!) - C:\Users\Ganz\AppData\Roaming\Mozilla\Firefox\Profiles\27pb13jo.default-1579725056422\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2023-01-31]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => nicht gefunden
FF Plugin: @Citrix.com/npagee64,version=11.0.63.16 -> C:\Program Files\Citrix\Secure Access Client\npagee64.dll [2015-10-04] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Citrix.com/npagee,version=11.0.63.16 -> C:\Program Files\Citrix\Secure Access Client\npagee.dll [2015-10-04] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-749038088-1968257971-3176724149-1005: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Users\Ganz\AppData\Roaming\mozilla\plugins\npagee.dll [2017-10-02]
FF Plugin ProgramFiles/Appdata: C:\Users\Ganz\AppData\Roaming\mozilla\plugins\npagee64.dll [2017-10-02]
Chrome:
=======
CHR Profile: C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default [2023-02-10]
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&pc=COS2&ptag=D040721-N0640A74DCDF78DC&form=CONBDF&conlogo=CT3335043
CHR DefaultSearchKeyword: Default -> bing®
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab?pc=COS2&ptag=D040721-N0630A74DCDF78DC&form=CONMHP&conlogo=CT3335043
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (PriceTiger) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bolplfmefepdhhakjbdggjmocjdkjkgb [2021-12-20]
CHR Extension: (Cookie Raccoon) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipiciigpkfkldonnnjdjkldkfpmpack [2021-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-24]
CHR Profile: C:\Users\Ganz\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-22]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable [2023-02-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-10]
OPR Extension: (Opera Wallet) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-16]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Ganz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-23]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [63408 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe [1561032 2022-10-12] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [797640 2023-01-10] (HP Inc. -> HP Inc.)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [796616 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [459800 2016-06-02] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [793000 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [796584 2023-01-10] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe [606664 2022-10-12] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8967840 2023-02-16] (Malwarebytes Inc. -> Malwarebytes)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
S2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [35104 2017-03-02] (RealNetworks, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2575360 2020-06-17] (Sony) [Datei ist nicht signiert]
S3 CitrixEnterpriseBrowserElevationService; "C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\105.1.1.27\elevation_service.exe" [X]
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 ctxusbm; C:\WINDOWS\system32\DRIVERS\ctxusbmon.sys [136680 2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198080 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-02-16] (Malwarebytes Inc. -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2017-11-17] (Audials AG -> Audials AG)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [57648 2017-11-17] (Audials AG -> RapidSolution Software AG)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-02-16 18:54 - 2023-02-16 18:54 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-02-16 18:54 - 2023-02-16 18:54 - 000000000 ____D C:\Users\Ganz\AppData\LocalLow\IGDump
2023-02-16 18:48 - 2023-02-16 18:48 - 000007368 _____ C:\Users\Ganz\Desktop\AdwCleaner[C00].txt
2023-02-16 18:47 - 2023-02-16 18:47 - 000001419 _____ C:\Users\Ganz\Desktop\MBAM.TXT-02.txt
2023-02-16 18:26 - 2023-02-16 18:26 - 000004776 _____ C:\Users\Ganz\Documents\Malwarebytes 4.5.22.txt
2023-02-16 14:32 - 2023-02-16 18:28 - 000000000 ____D C:\AdwCleaner
2023-02-16 14:31 - 2023-02-16 14:31 - 008791352 _____ (Malwarebytes) C:\Users\Ganz\Desktop\adwcleaner.exe
2023-02-16 11:18 - 2023-02-16 11:18 - 000004957 _____ C:\Users\Ganz\Desktop\Malwarebytes.txt
2023-02-16 10:50 - 2023-02-16 10:50 - 000000000 ____D C:\Users\Ganz\AppData\Local\mbam
2023-02-16 10:46 - 2023-02-16 10:46 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-02-16 10:46 - 2023-02-16 10:46 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-02-16 10:44 - 2023-02-16 10:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-02-16 10:44 - 2023-02-16 10:44 - 000000000 ____D C:\Program Files\Malwarebytes
2023-02-16 10:38 - 2023-02-16 10:38 - 002555248 _____ (Malwarebytes) C:\Users\Ganz\Desktop\MBSetup.exe
2023-02-15 13:34 - 2023-02-15 13:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2023-02-15 10:29 - 2023-02-15 10:29 - 000000000 ___HD C:\$WinREAgent
2023-02-12 17:37 - 2023-02-12 17:37 - 000000000 ____D C:\Users\Ganz\Downloads\FRST03
2023-02-12 17:27 - 2023-02-16 22:05 - 000000000 ____D C:\Users\Ganz\Downloads\FRST 02
2023-02-10 13:58 - 2023-02-10 13:58 - 000000000 ____D C:\Users\Ganz\AppData\Local\AviraWebView2Cache
2023-02-10 13:19 - 2023-02-10 13:27 - 000071523 _____ C:\Users\Ganz\Desktop\Addition.txt
2023-02-10 13:19 - 2023-02-10 13:19 - 000000000 ___HD C:\$AV_ASW
2023-02-10 13:15 - 2023-02-16 22:09 - 000035915 _____ C:\Users\Ganz\Desktop\FRST.txt
2023-02-10 13:12 - 2023-02-16 22:08 - 000000000 ____D C:\FRST
2023-02-10 13:12 - 2023-02-12 17:32 - 000000000 ____D C:\Users\Ganz\Downloads\FRST02
2023-02-10 13:10 - 2023-02-13 16:24 - 000000000 ____D C:\Users\Ganz\AppData\Roaming\SEO
2023-02-10 13:10 - 2023-02-10 13:10 - 003480536 _____ C:\Users\Ganz\Downloads\FRST02.zip
2023-02-10 13:10 - 2023-02-10 13:10 - 000001712 _____ C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SearchEngineOptimizer.lnk
2023-02-10 13:00 - 2023-02-10 13:00 - 000000000 ____D C:\Users\Public\Security Sessions
2023-02-10 12:58 - 2023-02-10 13:00 - 000000000 ____D C:\Users\Ganz\AppData\Local\Avira
2023-02-10 12:58 - 2023-02-10 12:58 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2023-02-10 12:57 - 2023-02-15 13:39 - 000000000 ____D C:\Program Files (x86)\Avira
2023-02-10 12:57 - 2023-02-15 13:36 - 000000000 ____D C:\ProgramData\Avira
2023-02-03 18:25 - 2023-02-12 17:33 - 002378240 _____ (Farbar) C:\Users\Ganz\Desktop\FRST64.exe
2023-02-03 00:08 - 2023-02-10 12:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-03 00:08 - 2023-02-03 00:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-20 14:30 - 2023-01-20 19:07 - 000271360 _____ C:\Users\Ganz\Desktop\Outlook.pst
2023-01-20 14:29 - 2023-01-20 14:29 - 000000000 ____D C:\Users\Ganz\Documents\Outlook-Dateien
2023-01-20 14:28 - 2023-01-20 14:28 - 000002423 _____ C:\Users\Public\Desktop\Windows-Migrationsassistent.lnk
2023-01-20 14:27 - 2023-01-20 14:27 - 059884472 _____ (Apple Inc.) C:\Users\Ganz\Desktop\WindowsMigrationAssistantSetup.exe
2023-01-19 14:36 - 2023-01-19 14:36 - 000000000 ____D C:\Users\Ganz\Downloads\Flüchtling
2023-01-18 17:21 - 2023-01-18 17:21 - 000021233 _____ C:\Users\Ganz\Documents\00000000-MUSTER Matilda.dotm
2023-01-18 17:16 - 2023-01-18 17:16 - 000021267 _____ C:\Users\Ganz\Documents\00000000-MUSTER Moritz.dotm
2023-01-18 16:59 - 2023-01-18 16:59 - 000050869 _____ C:\Users\Ganz\Documents\00000000-MUSTER- Ari - Peter Anschreiben.dotm
2023-01-18 16:13 - 2023-01-18 16:22 - 000050615 _____ C:\Users\Ganz\Documents\00000000-MUSTER- Peter - Anschreiben Peter .dotm
2023-01-18 16:01 - 2023-01-18 16:01 - 000004096 ____H C:\Users\Ganz\AppData\Local\keyfile3.drm
2023-01-17 11:21 - 2023-02-16 21:57 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-02-16 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-16 22:03 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-16 21:57 - 2020-03-14 04:13 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-16 21:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-16 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-16 21:57 - 2017-10-13 15:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-16 21:56 - 2020-12-14 20:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-16 19:01 - 2020-12-14 20:41 - 001883140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-16 19:01 - 2019-12-07 15:51 - 000804906 _____ C:\WINDOWS\system32\perfh007.dat
2023-02-16 19:01 - 2019-12-07 15:51 - 000175844 _____ C:\WINDOWS\system32\perfc007.dat
2023-02-16 19:01 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-16 18:58 - 2022-02-11 12:09 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-16 18:57 - 2017-04-26 10:04 - 000000000 ____D C:\Users\Ganz\AppData\LocalLow\Mozilla
2023-02-16 18:56 - 2017-03-10 22:44 - 000000000 ____D C:\Program Files\CCleaner
2023-02-16 18:54 - 2017-04-25 17:35 - 000000000 __SHD C:\Users\Ganz\IntelGraphicsProfiles
2023-02-16 18:53 - 2020-12-14 20:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-16 18:53 - 2020-12-14 20:34 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-16 18:53 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-16 18:53 - 2017-06-19 09:07 - 000000000 ____D C:\ProgramData\Synaptics
2023-02-16 18:53 - 2016-09-25 04:40 - 000000000 ____D C:\Intel
2023-02-16 18:31 - 2018-05-22 16:02 - 000000000 ____D C:\Users\Ganz\AppData\Roaming\Hewlett-Packard
2023-02-16 18:31 - 2017-06-19 09:07 - 000000000 ____D C:\Program Files (x86)\HP
2023-02-16 18:31 - 2016-09-25 04:45 - 000000000 ____D C:\ProgramData\HP
2023-02-16 18:31 - 2016-09-25 04:45 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2023-02-16 18:31 - 2016-08-22 03:00 - 000000000 ____D C:\Program Files (x86)\HP Inc
2023-02-16 18:31 - 2016-08-22 02:59 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2023-02-16 18:31 - 2016-08-19 02:31 - 000000000 _RSHD C:\hp
2023-02-16 18:28 - 2017-12-01 22:13 - 000000000 ____D C:\Users\Ganz\AppData\Local\Downloaded Installations
2023-02-16 18:28 - 2016-08-22 03:00 - 000000000 ____D C:\Program Files\HP
2023-02-16 18:24 - 2021-12-20 13:09 - 000000000 ____D C:\Users\Ganz\AppData\Roaming\PriceWatch
2023-02-16 10:45 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-15 15:46 - 2020-02-27 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2023-02-15 14:45 - 2020-03-20 10:10 - 000000000 ___RD C:\Users\Ganz\Documents\alles
2023-02-15 14:45 - 2017-04-25 17:35 - 000000000 ___RD C:\Users\Ganz\OneDrive
2023-02-15 13:57 - 2018-02-26 22:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-15 13:47 - 2017-03-03 15:48 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-02-15 13:46 - 2018-09-16 14:17 - 000000000 ____D C:\Users\Ganz\AppData\Local\AVAST Software
2023-02-15 13:46 - 2018-09-16 14:16 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2023-02-15 13:46 - 2018-09-16 14:15 - 000000000 ____D C:\ProgramData\AVAST Software
2023-02-15 13:44 - 2021-07-29 18:30 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2023-02-15 13:39 - 2022-09-22 10:37 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-15 13:39 - 2020-12-14 20:34 - 000705360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-15 13:37 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 10:44 - 2022-09-22 10:37 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-15 10:44 - 2020-12-14 20:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-15 10:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 10:35 - 2020-12-14 20:35 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 10:28 - 2017-03-03 15:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 10:23 - 2017-03-03 15:47 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-13 16:23 - 2017-12-01 22:14 - 000000000 ____D C:\Program Files\Opera
2023-02-10 14:18 - 2018-09-23 15:06 - 000000000 ____D C:\Users\Ganz\AppData\Local\CrashDumps
2023-02-10 14:00 - 2018-07-06 10:17 - 000000000 ____D C:\Users\Ganz\AppData\Local\D3DSCache
2023-02-09 22:48 - 2021-12-13 16:48 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-749038088-1968257971-3176724149-1005
2023-02-09 22:48 - 2021-08-25 13:54 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Ganz
2023-02-09 22:48 - 2020-12-14 20:44 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-09 22:48 - 2020-12-14 20:44 - 000003560 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-02-09 22:48 - 2020-12-14 20:44 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-09 22:48 - 2020-12-14 20:44 - 000003336 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-02-09 22:48 - 2020-12-14 20:44 - 000003320 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1512162865
2023-02-09 22:48 - 2020-12-14 20:44 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-749038088-1968257971-3176724149-1005
2023-02-09 19:12 - 2017-10-13 15:06 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-09 13:43 - 2021-10-16 03:00 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2023-02-07 17:14 - 2016-09-25 05:12 - 000000000 ____D C:\ProgramData\HPQLOG
2023-02-04 11:29 - 2017-03-04 06:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-03 00:08 - 2017-03-04 06:51 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-02 11:19 - 2020-12-14 20:37 - 000002399 _____ C:\Users\Ganz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-27 09:39 - 2020-10-02 12:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-20 14:28 - 2022-07-19 11:24 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows-Migrationsassistent.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2017-12-05 15:02 - 2017-12-05 15:02 - 039301064 _____ (Flash-Integro LLC ) C:\Program Files (x86)\video_editor_x32.exe
2017-12-05 15:02 - 2017-12-05 15:02 - 044416504 _____ (Flash-Integro LLC ) C:\Program Files (x86)\video_editor_x64.exe
2023-01-18 16:01 - 2023-01-18 16:01 - 000004096 ____H () C:\Users\Ganz\AppData\Local\keyfile3.drm
2017-12-08 21:59 - 2017-12-08 21:59 - 000002787 _____ () C:\Users\Ganz\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
17.02.2023, 16:29
| #14 |
| | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01
durchgeführt von Ganz (16-02-2023 22:09:48)
Gestartet von C:\Users\Ganz\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) (2020-12-14 19:45:00)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-749038088-1968257971-3176724149-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-749038088-1968257971-3176724149-503 - Limited - Disabled)
Ganz (S-1-5-21-749038088-1968257971-3176724149-1005 - Administrator - Enabled) => C:\Users\Ganz
Gast (S-1-5-21-749038088-1968257971-3176724149-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-749038088-1968257971-3176724149-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4uKey for Android (HKLM-x32\...\{4uKeyforAndroid}_is1) (Version: 2.5.3.2 - Tenorshare, Inc.)
7-Zip 22.00 (HKLM-x32\...\{23170F69-40C1-2701-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
Apple Application Support (64-Bit) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{065D0CC8-C382-48AF-8A88-0DD3366EB26C}) (Version: 16.0.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Audials (HKLM-x32\...\{3C3F830F-50AF-41ED-A96A-1C8D6B7F7517}) (Version: 18.1.29300.0 - Audials AG)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
BCR Plug-in (HKLM-x32\...\{0C079D73-40B6-4A29-93F3-30617AAA335A}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
BlueJ (HKLM\...\{AF0BEA9E-1AB2-4613-A6B5-4ECC105A8A23}) (Version: 5.1.0 - BlueJ Team)
BlueJ (HKLM-x32\...\{92FD2477-5855-4863-B4C1-405C7853FD9F}) (Version: 4.1.2 - BlueJ Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-5490CN (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-L2720DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Citrix Authentication Manager (HKLM-x32\...\{0C490C5C-246A-4281-993E-831319A7655F}) (Version: 22.10.0.2 - Citrix Systems, Inc.) Hidden
Citrix Web Helper (HKLM-x32\...\{D958DC9B-9ED1-46AE-A84B-4679E5592538}) (Version: 22.10.0.13 - Citrix Systems, Inc.) Hidden
Citrix Workspace (DV) (HKLM-x32\...\{E2271D30-A77C-448D-AD6D-38ECBEBC2C26}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
Citrix Workspace (USB) (HKLM-x32\...\{9E24A88B-54AE-44E7-A2BD-BA5139E45ECD}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
Citrix Workspace 2210 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 22.10.0.21 - Citrix Systems, Inc.)
Citrix Workspace Inside (HKLM-x32\...\{19C8F1A9-2F50-49A6-9B81-2C4CE9845521}) (Version: 22.10.0.13 - Citrix Systems, Inc.) Hidden
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.239.70 - Conexant)
CutOut 6.0 (HKLM\...\CutOut 6_is1) (Version: 6.0 - Franzis.de)
Discover HP Touchpoint Manager (HKLM-x32\...\{480FA137-DB2E-4C1A-89EF-476E69E175ED}) (Version: 1.0.19.1 - HP)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Free HTML5 Video Player and Converter (HKLM-x32\...\Free HTML5 Video Player and Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.77 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP Battery Recall Utility (HKLM-x32\...\{26ACF49F-254F-491C-B08E-AAA0D5C982CF}) (Version: 1.3.0.5 - Hewlett-Packard) Hidden
HP Battery Recall Utility (HKLM-x32\...\{40770191-b457-4e92-9e2e-386a15408136}) (Version: 1.3.0.5 - HP Inc.)
HP Client Security Manager (HKLM\...\{B4A0B76D-EAE6-4717-AEB3-58C1BCD7B9E8}) (Version: 9.0.0.2116 - HP Inc.) Hidden
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.0.0.2116 - HP Inc.)
HP Device Access Manager (HKLM\...\{766ED263-4CA0-4D2F-9FA8-717827F718D6}) (Version: 8.3.16.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{872897C1-CDCD-4466-82AA-5483BCCF09C7}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{B0D5BCD0-8DFB-48A3-9BDF-4E183159E420}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{C0407127-4831-47CD-8A7A-E5ED7A2D398B}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{FC292FE3-B7B0-492C-BC2E-C0DFCA30FC92}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{39404020-C431-4331-9241-62956555DA49}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{3efaef38-ee9e-4421-bea3-e0a4d835d3f4}) (Version: 5.1.20088 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{C5AD7A64-6DDF-482A-8E7D-FA1DED0A201A}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.2.2 - HP)
HP JumpStart Bridge (HKLM-x32\...\{6B4A5299-4837-485A-B71D-7F1CE6F8F018}) (Version: 1.0.0.143 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}) (Version: 1.0.145.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP SoftPaq Download Manager (HKLM-x32\...\{92db00b4-c4ee-4893-bc4e-8be6548b2742}) (Version: 4.3.4.0 - HP)
HP Software Setup (HKLM-x32\...\{C968E860-054F-490F-95C6-C9A29601459E}) (Version: 9.2.2 - HP)
HP System Default Settings (HKLM-x32\...\{E570B9C2-9A83-4938-BBD5-0A8C068083C1}) (Version: 1.2.3.1 - HP INC)
HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.11 - SunplusIT)
icofx 3.3 (HKLM-x32\...\icofx 3_is1) (Version: 3.3 - IcoFX Software S.R.L.)
Incomedia WebSite X5 v14 - Free (HKLM\...\{07FE2BFD-5423-4FB4-95C0-28634BEB0961}_is1) (Version: 14.0.2.1 - Incomedia s.r.l.)
Intel(R) Chipset Device Software (HKLM\...\{3AE6FD56-D431-4B53-94F0-95E844206ADF}) (Version: 10.1.1.32 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{00176A23-1A4E-4429-817E-44B40D9EF692}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0854C811-6DAD-441D-AB36-2F73631A04A1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{650FF4FD-69E7-4AA4-9F46-6B7DFC8489F7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{1535E647-D354-4775-9EE8-FD9E8ED0701A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.2.1044 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{AD29B896-0901-4B3E-9C2A-BD59B38A9568}) (Version: 15.0.2.1044 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel(R) Wireless Manageability Driver (HKLM\...\{28C2C4DE-AAF6-424D-B018-5142729E1C67}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Manageability Driver Extension (HKLM\...\{03C415A8-0861-4BB7-8857-27089E6C298A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed4a5da7-ac62-4aa5-9502-7b4de55e8cb5}) (Version: 20.20.2 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
iTunes (HKLM\...\{8402150E-474C-45D1-908F-E5989C71DDE9}) (Version: 12.12.5.8 - Apple Inc.)
LibreOffice 7.4.1.2 (HKLM\...\{2382F0CD-B06A-49B7-912F-A8BB1C7FD511}) (Version: 7.4.1.2 - The Document Foundation)
Malwarebytes version 4.5.22.236 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.22.236 - Malwarebytes)
Meine CEWE FOTOWELT (HKLM-x32\...\Meine CEWE FOTOWELT) (Version: 6.3.1 - CEWE Stiftung u Co. KGaA)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.46 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (HKLM\...\{90140000-002A-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{2FAF2A80-5906-467E-8AD2-B83C94383600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F85F7FF0-5DFF-4BC0-9045-C9573D1BC11F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31823 (HKLM-x32\...\{ac8ae441-cfc2-41f2-bbca-7b6668740f8d}) (Version: 14.34.31823.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31823 (HKLM-x32\...\{485c6580-376a-450b-9a80-43c390b968a3}) (Version: 14.34.31823.3 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31823 (HKLM\...\{79DB9AFA-0B61-46EE-97F7-29D2A9C93702}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31823 (HKLM\...\{91974FA7-D8C0-4EBB-A37F-4E538C9C0B8B}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31823 (HKLM-x32\...\{EB6DFC76-FC58-4F00-811A-09FC83EDB02B}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31823 (HKLM-x32\...\{54AAF010-4412-441C-AFDF-5566370458AA}) (Version: 14.34.31823 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 109.0.1 (x64 de)) (Version: 109.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 109.0.1.8427 - Mozilla)
Mozilla Thunderbird (x86 de) (HKLM-x32\...\Mozilla Thunderbird 102.6.1 (x86 de)) (Version: 102.6.1 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.9.0 - F.J. Wechselberger)
MZD-AIO-TI 2.8.4-1 (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\34093d1a-b79c-5bd0-8c69-6049d0980230) (Version: 2.8.4-1 - Trevelopment)
NetScaler Gateway Endpoint Analysis (HKLM\...\{58267A97-11B6-4182-A02E-54CF86F91807}) (Version: 11.0.63.16 - Citrix Systems, Inc.)
Online Plug-in (HKLM-x32\...\{29FB4818-23DC-4740-8F7E-AE2F59527F69}) (Version: 22.10.0.15 - Citrix Systems, Inc.) Hidden
Opera Stable 95.0.4635.37 (HKLM-x32\...\Opera 95.0.4635.37) (Version: 95.0.4635.37 - Opera Software)
PDF24 Creator 11.3.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.3.0 - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.321.0 - Tracker Software Products Ltd)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PriceWatch (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\PriceWatch) (Version: - PriceWatch)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.131 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.)
Saturn Fotoservice (HKLM-x32\...\Saturn Fotoservice) (Version: 6.4.1 - CEWE Stiftung u Co. KGaA)
Self-Service Plug-in (HKLM-x32\...\{CE1601F3-E1A8-43F3-9330-0411F6EB6D5B}) (Version: 22.10.0.13 - Citrix Systems, Inc.) Hidden
SEO (HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\SEO) (Version: 2.41 - Business Convers Track S.R.L.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{97099817-53F1-4CA1-ACEA-DA6D74371689}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{996096F8-956B-41C9-A7E3-9BA1E801014F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{D505EC85-885F-4BE3-8A89-3EFE4F855692}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.8.32 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{FE645EDA-C5B2-4CF3-B9E7-AFABD5710EEF}) (Version: 4.5.335.0 - Synaptics)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 11.5.0 - Universal Media Server)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VdhCoApp 1.4.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSDC Free Video Editor Version 7.1.13.433 (HKLM\...\VSDC Free Video Editor_is1) (Version: 7.1.13.433 - Flash-Integro LLC)
Windows-Migrationsassistent (HKLM-x32\...\{B2C74A62-5D4F-41AF-96EB-1189AE4E9936}) (Version: 2.4.2.0 - Apple Inc.)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
WunderBAR (HKLM\...\WunderBAR) (Version: 1.0 - WunderBAR)
Xperia Companion (HKLM-x32\...\{4C89779F-A2CD-4EF7-83F3-B84F9CB79422}) (Version: 2.10.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{cc171adc-ddf5-4459-9a2c-61b09746b2ff}) (Version: 2.10.2.0 - Sony)
Xperia Companion Service (HKLM\...\{170F2831-C087-4536-B3A5-3CF872F6BC0F}) (Version: 2.10.2.0 - Sony) Hidden
Packages:
=========
Discover HP Touchpoint Manager -> C:\Program Files\WindowsApps\AD2F1837.DiscoverHPTouchpointManager_1.0.15.1_x86__v10z8vjag6ke6 [2017-06-13] (HP Inc.)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2023-01-20] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.23.20.0_x64__v10z8vjag6ke6 [2023-01-19] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.29.0_x64__v10z8vjag6ke6 [2022-03-29] (HP Inc.)
Kluge Archive -> C:\Program Files\WindowsApps\49825WiseWidget.Wise2017_1.1.0.0_x86__z0nrqz0z5ajrj [2018-01-23] (Wise Widget)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_7.1.0.0_x86__h6adky7gbf63m [2023-02-03] (Gameloft SE)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-16] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.)
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2022.1020.2155.506_neutral__8wekyb3d8bbwe [2022-10-20] (Microsoft Corporation)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2023-01-20] (New Work SE)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Ganz\Downloads\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Ganz\Downloads\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Ganz\Downloads\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-16] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2017-07-12 19:55 - 2009-02-27 15:38 - 000139264 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2023-02-16 17:20 - 2023-02-16 17:20 - 000122368 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\d21de71c6b23dca8cde6b4ef0c0cfee0\BRIDGECommon.ni.dll
2023-02-16 17:20 - 2023-02-16 17:20 - 000113152 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\6f6f48149a6aeb8f3bb750891bd1f77b\BridgeExtension.ni.dll
2018-05-03 12:49 - 2005-04-22 12:36 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll
2022-04-25 14:15 - 2014-06-16 14:45 - 000137728 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2022-04-25 14:15 - 2014-06-16 15:03 - 000083968 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2022-04-25 14:15 - 2014-06-16 15:03 - 017955328 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2022-04-25 14:15 - 2014-06-16 15:03 - 000088064 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcLGer.dll
2017-07-12 19:55 - 2013-03-08 07:44 - 000087040 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll
2022-10-03 06:16 - 2022-10-03 06:16 - 000512000 _____ (Citrix Systems, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\Shims.dll
2021-10-01 01:19 - 2021-10-01 01:19 - 002548736 _____ (Citrix Systems, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Citrix\ICA Client\sslsdk_b.dll
2016-07-19 11:00 - 2016-07-19 11:00 - 000384512 _____ (Crossmatch, Inc.) [Datei ist nicht signiert] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2022-07-15 18:00 - 2022-07-15 18:00 - 000094720 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Users\Ganz\Downloads\7-Zip\7-zip.dll
2016-07-19 10:13 - 2016-07-19 10:13 - 000220160 _____ (RFIDeas) [Datei ist nicht signiert] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\pcProxAPI.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - WunderBAR - {5EB1C9F4-44B6-4DE1-9C4D-CCEB6AFC6CF0} - C:\Users\Ganz\AppData\Roaming\WunderBAR\WunderBAR.dll [2021-12-20] (CHIP Communications GmbH -> )
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-10-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2019-01-04 13:02 - 000000938 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-12-19 21:04 - 2022-08-03 20:32 - 000000506 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
Network Binding:
=============
WLAN: RadioRip Filter Driver -> RrNetCapFilterDriver (enabled)
Ethernet: RadioRip Filter Driver -> RrNetCapFilterDriver (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Universal Media Server.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "BrMfcWnd"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-749038088-1968257971-3176724149-1005\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_33AB6AD30668417CC16079428DBD5A47"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{8E00D7E5-0BB0-4177-95BE-01B3B185C0CA}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [{8A47E056-BFAF-42E3-9097-4BA7536B5FA5}] => (Allow) LPort=31931
FirewallRules: [{C1410BC5-E31A-4DA9-8EBD-091877247672}] => (Allow) LPort=14714
FirewallRules: [{42289722-13D8-4294-977F-C5D411A46239}] => (Allow) LPort=12972
FirewallRules: [{C5A768B6-7282-4B35-9D88-2BC2B97486AF}] => (Allow) C:\Program Files (x86)\Audials\Audials 2018\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [UDP Query User{213CC204-02CC-44BA-8D02-373B383A7B23}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{337225E1-CBB2-4C63-9970-49C6FB7A8567}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FD2DDB22-4B43-4794-864A-7140111999E2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8C35D5D5-D7EE-4A9E-9E40-4B5216B3CDEA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E40F5325-480D-4578-A907-F8A2DD1C7661}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C8D45BF8-D9DE-4DC2-BE8E-A0410B04D3DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0C00F326-B355-4381-B838-77AADE53A538}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{BBF76483-2E81-4138-9704-D6B88CA6148A}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{8091CB17-40DC-4C11-82CE-B7D85F42BAE3}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{D73AF4A9-F386-4883-AB9C-AA76B8E0595D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{3D3766D6-52D6-42F4-8366-6BEDB25D6113}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{4A8622E2-E9B2-4360-9CCA-2C68B012B6EC}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{96649238-ED31-46E8-9E34-140DE9A2049E}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{0CA547AD-CEB4-4426-96E2-4561392B7478}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{95BA13F9-BF24-4A39-8F79-733F73E9D7B7}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{5F3444C3-7244-4191-AA81-D6581E68EBEE}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{62872BD2-D582-4F40-8581-3679A347B212}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{1EA54552-7FAE-42E7-B722-6F9BDA63B080}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{C566B9FE-698B-47B5-BD7D-4C9892711EB1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A2456256-9F42-41F1-99DE-9F5039C2BE41}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D89971EB-81D7-4406-BF02-620E2881264C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{288A7309-33F8-4BC7-B7A2-B3BBEE107389}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A270345C-1234-49FE-90DB-4070135F2C7B}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{AD1C5FE3-D113-4A25-9275-6CEE93B2BAEF}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{7BE38158-9D47-4C8F-A105-3277680B7B5E}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{01CA72C1-71CC-4063-9C2A-6598BD50770D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6A6BB7A6-2036-4F7D-9A09-18B54C3CBC15}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{A9C12040-623C-4FC2-9765-BD1D440073EF}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{2865F3C7-BAAD-4747-B054-BA87C7F2D4EB}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{69C5226B-F423-4E28-8A69-6E0CE808DDDA}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{623DD88E-621D-4F62-9448-E33F4593CE6D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{E4435320-EF2B-4AD0-B695-18DF95BF9EA2}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{49168388-14CE-4DDA-86DA-94616718FC76}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{1DF8B103-846A-4D2A-BFFA-4D004850BC58}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CD426E35-4D56-4D7F-B400-8B71E24FC73A}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{BD8789DF-501B-427E-971E-BD2135B49FD1}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{A88D6C54-E21A-44FD-8406-BBB96B94BA05}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{C8391E8D-5C11-4A4A-B060-4C54713BEC4F}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6A9396D8-D90C-4724-A937-5A59E918EF46}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CA58FFF0-E451-4BE7-BC45-4D2A2C00B4E2}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{EDACBB0A-79DB-487F-9FC2-C45438C41A4D}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{2AFB5B5F-BC98-42F3-B24E-6959DB0D80E6}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{07DB5E97-CE1A-4576-A0CF-8D9DDC5B9A98}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{38021E55-8D63-4826-B7F6-768EDF6305D1}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CBA54C41-9931-4047-8DC2-2EEA5AA739CA}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{5EEAADAE-BE94-4FAD-A164-BC8CEB4687A3}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{CC69F2BB-2E5A-402C-8C18-78F4CD9DB6FA}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6CCA7C8D-3BA1-4DD5-A52E-16AE188CBCF5}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{6AEE9EA7-E9C3-4896-8109-6F634206D0FE}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{C3E56817-8484-46C9-AAFC-96E2C966C883}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{157A6EA5-A100-4B9C-A16E-E6FEA2C230EE}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{F9AC027C-CA45-4025-B190-E45DAF2E66EB}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{2B3A7B0D-FC2E-4E8E-BCF7-A92830C337FC}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{A54A5162-3FDF-45C5-A594-4BDFDCA3308F}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{78986FF5-F01B-4A6C-B5F2-7BFA3B798F09}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{11F48B42-807C-47CD-BDCC-E184DB003408}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{82FCC592-1A91-4DA0-B744-AEC92CCBC4F3}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{6E63B20A-4553-459A-A885-682BF590AFF0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{531A2086-3D70-40B5-BA5B-E72F257C60D1}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe => Keine Datei
FirewallRules: [UDP Query User{F71C7B97-D3BA-4719-9D6D-36FC6ADE3C2F}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe => Keine Datei
FirewallRules: [TCP Query User{FA235490-E84C-4427-8CED-4E4EFCBD9970}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{DA957823-4A51-402E-AD3B-4ACA66C12A24}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{993B8542-D461-40EA-A3A9-209C7861E3FE}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE (Brother Industries, Ltd.) [Datei ist nicht signiert]
FirewallRules: [{6BD3370E-D2A3-4986-9701-822C4084CDDD}] => (Allow) LPort=54925
FirewallRules: [{37793D2D-3F22-4303-9C4C-07AD4322081D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ED4389CA-7F94-4502-969E-209DD7BF1BC4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4EB6CE50-8F3D-45C2-81EA-EFE1ABA5EE5D}] => (Allow) C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\CitrixEnterpriseBrowser.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{DAB23AE4-0432-4270-A32E-43F14F11FE17}] => (Allow) C:\Program Files (x86)\Universal Media Server\jre17\bin\java.exe
FirewallRules: [{09BAAD46-CE6A-4979-A734-486664855A3D}] => (Allow) C:\Program Files (x86)\Universal Media Server\jre17\bin\javaw.exe
FirewallRules: [{7C7AD387-2459-4968-BDA6-296FE3AD2888}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF68D1A6-D3AF-4D40-AF55-E728F693DD0C}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{81498BA0-C148-4F4A-ACC0-A2A391B7E5CB}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{68DF2471-568F-40C3-9302-C25E45F640EB}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{250F0D65-EB85-4D15-8413-828259527AD7}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{8C8A0FAE-31FE-46DA-83BF-BC6C44BA5A3C}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{931F82D7-62B5-41F5-95C9-991B7F944B76}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{2AEC3F89-A1F0-44FE-975E-8E16E3491D48}] => (Allow) C:\Program Files\Opera\94.0.4606.76\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{40F3A9AB-E3A5-44B4-AAC5-B44E93CC5931}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D27F5456-B6E4-440E-BE60-6069C26BA36D}] => (Allow) C:\Program Files\Opera\95.0.4635.37\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{E84BCA26-B2E6-4B60-8C0D-F5B23D2C9544}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2860ADB5-C664-42DD-9D98-8A0FA0A91D1C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8E4C8527-A70A-444B-A65F-01EB88E1B4F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{05FD0C27-6F9D-4C0E-856D-8832A9D5F1E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1527D3AE-1967-4DBB-B524-DA3E96AABD5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Wiederherstellungspunkte =========================
30-01-2023 18:32:17 Geplanter Prüfpunkt
04-02-2023 11:27:06 Windows Modules Installer
13-02-2023 17:32:02 Geplanter Prüfpunkt
15-02-2023 10:28:23 Windows Modules Installer
16-02-2023 18:28:18 AdwCleaner_BeforeCleaning_16/02/2023_18:28:18
16-02-2023 18:52:59 AdwCleaner_BeforeCleaning_16/02/2023_18:52:58
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/16/2023 07:24:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RealPlayerUpdateSvc.exe, Version: 0.0.0.0, Zeitstempel: 0x58b90516
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.2364, Zeitstempel: 0xea5711f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009097a
ID des fehlerhaften Prozesses: 0x12c0
Startzeit der fehlerhaften Anwendung: 0x01d9422fa7fcf4db
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: afb05d14-93b9-4097-a8d5-4c7fb2528208
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/16/2023 06:55:14 PM) (Source: MsiInstaller) (EventID: 11706) (User: HP-ARBEITSZ)
Description: Product: HP JumpStart Launch -- Error 1706. An installation package for the product HP JumpStart Launch cannot be found. Try the installation again using a valid copy of the installation package 'SetupHPJumpStartLaunch.msi'.
Error: (02/16/2023 06:54:48 PM) (Source: CertEnroll) (EventID: 87) (User: NT-AUTORITÄT)
Description: Fehler bei der SCEP-Zertifikatregistrierung für WORKGROUP\HP-ARBEITSZ$ über https://IFX-KeyId-9c7df5a91c3d49bbe7378d4aba12ff8e78a2d75c.microsoftaik.azure.net/templates/Aik/scep:
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Thu, 16 Feb 2023 17:54:45 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7c07274e-deba-4ba8-ad50-f310b75fd8bc
Methode: POST(11078ms)
Phase: SubmitDone
Ungültige Anforderung (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (02/16/2023 06:54:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DpHostW.exe, Version: 7.1.1.61, Zeitstempel: 0x578e6a1d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.2546, Zeitstempel: 0xe8e9ac9b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002cd29
ID des fehlerhaften Prozesses: 0x1128
Startzeit der fehlerhaften Anwendung: 0x01d9422fa7e11c29
Pfad der fehlerhaften Anwendung: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 4dca960e-45e7-46e3-8b0d-565d4574f995
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/16/2023 06:54:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: DpHostW.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: HpProtectTools.PTCommon.ChpqException
bei BIOSDomain.CXmlDPMGetCapabilities.DoInit()
bei BIOSDomain.CPTDomainPolicyManager_HP.GetCapabilities()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (02/16/2023 06:33:18 PM) (Source: MsiInstaller) (EventID: 11706) (User: HP-ARBEITSZ)
Description: Product: HP JumpStart Launch -- Error 1706. An installation package for the product HP JumpStart Launch cannot be found. Try the installation again using a valid copy of the installation package 'SetupHPJumpStartLaunch.msi'.
Error: (02/16/2023 06:32:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DpHostW.exe, Version: 7.1.1.61, Zeitstempel: 0x578e6a1d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.2546, Zeitstempel: 0xe8e9ac9b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002cd29
ID des fehlerhaften Prozesses: 0x1150
Startzeit der fehlerhaften Anwendung: 0x01d9422c9ae7a9c0
Pfad der fehlerhaften Anwendung: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 4051598a-379f-4863-9ffd-ee3803da6f6f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/16/2023 06:32:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: DpHostW.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: HpProtectTools.PTCommon.ChpqException
bei BIOSDomain.CXmlDPMGetCapabilities.DoInit()
bei BIOSDomain.CPTDomainPolicyManager_HP.GetCapabilities()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Systemfehler:
=============
Error: (02/16/2023 07:24:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RealPlayer Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/16/2023 06:56:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP Touchpoint Analytics" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (02/16/2023 06:56:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP Support Solutions Framework Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (02/16/2023 06:56:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP Comm Recovery" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (02/16/2023 06:54:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DigitalPersona Authentifizierungsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/16/2023 06:54:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) TPM Provisioning Service erreicht.
Error: (02/16/2023 06:53:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Citrix Workspace Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/16/2023 06:53:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP System Info HSA Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Windows Defender:
================
Date: 2023-02-15 15:46:07
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849&enterprise=0
Name: Misleading:Win32/Lodi
Schweregrad: Hoch
Kategorie: Adware
Pfad: file:_C:\Program Files (x86)\DVDVideoSoft\Free HTML5 Video Player and Converter\FreeHTML5VideoPlayerAndConverter.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free HTML5 Video Player and Converter.lnk; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free HTML5 Video Player and Converter.lnk
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
Sicherheitsversion: AV: 1.383.19.0, AS: 1.383.19.0, NIS: 1.383.19.0
Modulversion: AM: 1.1.20000.2, NIS: 1.1.20000.2
Date: 2023-02-15 15:45:39
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849&enterprise=0
Name: Misleading:Win32/Lodi
Schweregrad: Hoch
Kategorie: Adware
Pfad: file:_C:\Program Files (x86)\DVDVideoSoft\Free HTML5 Video Player and Converter\FreeHTML5VideoPlayerAndConverter.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
Sicherheitsversion: AV: 1.383.19.0, AS: 1.383.19.0, NIS: 1.383.19.0
Modulversion: AM: 1.1.20000.2, NIS: 1.1.20000.2
Date: 2023-02-15 15:01:06
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {CCEC71EC-637E-4180-8852-67D72D93D2FF}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-02-15 14:22:13
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {FB586A29-D19E-44FF-B15C-3FD45E843C76}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
CodeIntegrity:
===============
Date: 2023-02-16 10:50:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2023-02-15 14:20:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-02-15 13:45:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-02-15 13:41:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2023-02-15 13:40:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: HP P85 Ver. 01.23 07/18/2018
Hauptplatine: HP 8231
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 8087.75 MB
Verfügbarer physikalischer RAM: 3642.86 MB
Summe virtueller Speicher: 12183.75 MB
Verfügbarer virtueller Speicher: 7368.46 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:217.92 GB) (Free:48.27 GB) (Model: SanDisk SD8SNAT-256G-1006) NTFS
Drive d: (Recovery Image) (Fixed) (Total:17.11 GB) (Free:2.18 GB) (Model: SanDisk SD8SNAT-256G-1006) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) (Model: SanDisk SD8SNAT-256G-1006) FAT32
\\?\Volume{874a37b2-6db1-4ec8-a06c-233c67c77a06}\ () (Fixed) (Total:0.96 GB) (Free:0.16 GB) NTFS
\\?\Volume{19c3a624-b5ce-4ac2-8c4f-aa680a2739fa}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.25 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 86F4951B)
Partition: GPT.
==================== Ende von Addition.txt =======================
Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01
durchgeführt von Ganz (16-02-2023 22:43:49)
Gestartet von C:\Users\Ganz\Desktop
Start-Modus: Normal
================== Datei-Suche: "Search Al: WunderBAR;PRICEWATCH;CRaccoon;WebCompanion;WebCompanion" =============
====== Ende von Suche ==
[/CODE] Hallo Matthias, das ist der Stand jetzt. Adware ist wohl zu einem recht umfangreichen Teil entfernt....? Wie sieht es mit etwaiger Spyware aus? Haben wir da auch schon was entdeckt und wenn ja zerstört...? |
|
17.02.2023, 21:28
| #15 | |
| /// TB-Ausbilder | WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] Einen Teil der Adware und PUP haben wir entfernt. Leider musst du Schritt 2 nochmal ausführen, weil der Code nicht richtig eingefügt wurde: Zitat:
Du musst nur die Zeile kopieren und in FRST einfügen. Schritt 2
|
|
| Themen zu WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis] |
| .com, .dll, administrator, antivirus, avast, avira, bonjour, browser, converter, cpu, defender, desktop, email, excel, firefox, google, helper, hijack, hijackthis, homepage, installation, internet, internet explorer, monitor, mozilla, prozesse, registry, scan, security, server, services.exe, software, svchost.exe, system, tcp, udp, usb, windows, winlogon.exe |
![WIN 10 Anhang geöffnet: Telekom Rechnung…pdf.htm - [TEIL 1 - Farbar Untersuchungsergebnis]](iconimages/plagegeister-aller-art-deren-bekaempfung/win-10-anhang-geoeffnet-telekom-rechnung-pdf-htm-teil-1-farbar-untersuchungsergebnis_ltr.gif)
Linear-Darstellung
