Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Thema geschlossen
Alt 20.04.2023, 18:02   #16
fbin41
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



... hier die Fortsetzung zu Malwarebytes:

Code:
ATTFilter
Datei: 379
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{009D793E-019A-408D-80FC-1111E8D601C0}\cpmjhjbibbnfpijpdmckekeefncliambmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , C7CF03D144A68F04E29F78F914B531B2, 953C67195EA7F91F3042A8C1F00127A43772376F03681228A4329C411AC5CF65
PUP.Optional.DownloadProtect, C:\Windows\Installer\{009D793E-019A-408D-80FC-1111E8D601C0}\xpmjhjbibbnfpijpdmckekeefncliambmml, In Quarantäne, 238, 237878, , , , , D601DDCEDFB4DAAFD22DA36D2DDA5028, C6EAB4EB63B0A55FB412125AFCA6ADDC6E394B838133F9B2668AB4E2B2521584
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{04D98D49-CA61-4E93-A0B2-8F52460BA992}\cffmkpjeimkbaifnaddmemkgjopiooegkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , AB59744AADB1A882B2F77C4F259B9411, EC9F1C6F710CE6D4E67CC855E8E6F70FDD5F07A10CAFEDFADA8F2DE4005D149B
PUP.Optional.DownloadProtect, C:\Windows\Installer\{04D98D49-CA61-4E93-A0B2-8F52460BA992}\xffmkpjeimkbaifnaddmemkgjopiooegkml, In Quarantäne, 238, 237878, , , , , CB58D3A454A5B6F399E73BB84C15EBD1, 761FBE004B7C54016B93C867ABA0B0B796F85B36798268A7864F89A3C055C2C5
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{081D22D9-F646-41C7-B020-7AABCC6475A0}\cnnipndfdfpijonaophjaiojhohbdmgdhrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 019E2E6ACD90DED345A340217D6DA437, 5510E735F9D53069BD17E11FC91A17A6B79B24F2AC45ABC9D46D35395E75E609
PUP.Optional.DownloadProtect, C:\Windows\Installer\{081D22D9-F646-41C7-B020-7AABCC6475A0}\xnnipndfdfpijonaophjaiojhohbdmgdhml, In Quarantäne, 238, 237878, , , , , 82462BEE7BCB21FFD09F1D0E520AF0BA, 3C24C11D80B326F7DA2FFD6E86534C22FE760ED4997721AE29CA649C9D45A5A1
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{0D638A90-07C1-4DD8-A9BB-6637984CAE12}\ckmldjfkhkdcdlbegomilejgpagjgogbjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 865C5D7608B87DD01704C52F5BB49A7D, 58EBB44D939277BA2CA1BD04448B87706ACDC80D973DC67A7BF8B4697CFC4D97
PUP.Optional.DownloadProtect, C:\Windows\Installer\{0D638A90-07C1-4DD8-A9BB-6637984CAE12}\xkmldjfkhkdcdlbegomilejgpagjgogbjml, In Quarantäne, 238, 237878, , , , , C23F5019B42D85C3FF4EF0663C1E26F4, FCC4C5A878CC2B997FC418076728DD56EA5BF0FE2532C854088427B44E0FCF77
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{130770CA-2F23-4E0C-AFE6-25313FA9F129}\chfdpafmibhgakmjipedhpgaohfegfcdbrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , DBEE1156C372BDAF36259B286065CD5F, 17CF80D6DFA62DE3D9C84AD41F36EBD67DFF48A985617F36BF23F0BAB9F71B22
PUP.Optional.DownloadProtect, C:\Windows\Installer\{130770CA-2F23-4E0C-AFE6-25313FA9F129}\xhfdpafmibhgakmjipedhpgaohfegfcdbml, In Quarantäne, 238, 237878, , , , , D6834E131C9C209B41194B86D81DBB0B, F10FA79B6B2667532C830E2FCC905C85C361DDB38893E262B78B41FEFB533382
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1463AADD-E96C-452C-BD36-F5F1E9BFFE60}\chbcmeomjnnokcakdihbnlakjjojehknorx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 9F48A02F910127A7096FF8013C6DA3D0, DEA674C82AD5354A16538736F56D36333BF9C82ADD0E3E03FC5BE9F302ACF63C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{1463AADD-E96C-452C-BD36-F5F1E9BFFE60}\xhbcmeomjnnokcakdihbnlakjjojehknoml, In Quarantäne, 238, 237878, , , , , F9F59C9241045B86961571430F5E5EED, 7C5D2F82F0D8E73406EBF8C1CBE5F046B532E257949CDD0BAED04036DF0A13CB
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{17F4F09D-34E2-474A-9700-1B740B3ED9EB}\ccgdijopecdljnfmgjkjbnpkmnnmiifdkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 00849685ED6F300C32A41FEEDFA6580B, EA93E92B49B5996331E312F5BC592AF542A6DF0485F6B4E50D89FCC729F96504
PUP.Optional.DownloadProtect, C:\Windows\Installer\{17F4F09D-34E2-474A-9700-1B740B3ED9EB}\xcgdijopecdljnfmgjkjbnpkmnnmiifdkml, In Quarantäne, 238, 237878, , , , , 8A887ACF41F50A26348BBDB78051FF2F, 507ECE6D7891111241A41E1CC1141DAF1A18A7627AEFC0A454CD706F967BDD78
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{18A56E8E-D29F-43FF-9353-2B9E9423EC4D}\cnmhanhpkpekmpgmffdnkbhpidpnanplbrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 4BEEEB55F74A2BCE0D0689FCE935E491, EE999228C170A3DBA109332F4B67EEB20344E4A9CCBFE24EAE4F5B30D4B72F35
PUP.Optional.DownloadProtect, C:\Windows\Installer\{18A56E8E-D29F-43FF-9353-2B9E9423EC4D}\xnmhanhpkpekmpgmffdnkbhpidpnanplbml, In Quarantäne, 238, 237878, , , , , A61BC1870503912974C070604352FFE7, D17303576F3CA153F48691D0358F0A6D99C843CD2E6E315324FBBBC4939975C5
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{18A8E9B3-5D73-4F90-BAF7-A948103658DD}\cgbeonaeechkajgbgfbpgcjbggncgmkgorx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , E96ED4F3BAC2E2EE711B4C9FC911F9CA, A8BB3CEA51BBDAA64A2489F8EEDD658187BC55EFE6A5ABC95F14C290F42B3C6E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{18A8E9B3-5D73-4F90-BAF7-A948103658DD}\xgbeonaeechkajgbgfbpgcjbggncgmkgoml, In Quarantäne, 238, 237878, , , , , BAD39A78BEF42F068E33F58A93B314A2, 701687F456F727A3029FE44F0B14FC8263761DDA9E2A0419BE9B4A9AC5265493
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1937F795-B549-401B-87A2-53C2F7EBF45A}\cmjnolomggldpocaiaphgelgbiiggahlnrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , F0206BCB95F29FEE3C8B4F584A763A11, 275462E76E100A9B451298928C06F5703A9134856B69D488D32C894462284938
PUP.Optional.DownloadProtect, C:\Windows\Installer\{1937F795-B549-401B-87A2-53C2F7EBF45A}\xmjnolomggldpocaiaphgelgbiiggahlnml, In Quarantäne, 238, 237878, , , , , 9F1F67F4513107ED0F8D59659FC75127, 88B419066892A3B66E8E4338B04DB8364B15EA7CA832A9914CCBE8B21BE063BF
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1B07856D-A262-465C-B4AE-DB8AD9FF2108}\caoaonehogplomipgjbdnmkccocmggbkgrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 5470D5DFABAB8172EC3EA22883A1419C, AC710CB47D58FB0C1044766A05A3D4F5559F16CC5B51CA0D4543FD55D3DA1E4E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{1B07856D-A262-465C-B4AE-DB8AD9FF2108}\xaoaonehogplomipgjbdnmkccocmggbkgml, In Quarantäne, 238, 237878, , , , , AF3314F045748E99196B83253FEE8D4B, DEA2C8DD0613DCD13ED5D2B9E81FE80AEB261968591514F7C68E64F46B07C4F8
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1C96EF96-4C8D-4D9C-8003-7383AAF809E5}\cohhcolhfmfcoegngicggdebcmccnahairx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , F842A0B33E49C74F38B83877468D0638, E387BC078D5C55BAA684148B19893C8890FE977A155844875DA1E32EEFA5D1BE
PUP.Optional.DownloadProtect, C:\Windows\Installer\{1C96EF96-4C8D-4D9C-8003-7383AAF809E5}\xohhcolhfmfcoegngicggdebcmccnahaiml, In Quarantäne, 238, 237878, , , , , F1A823327562667EEEBEE4B2342711FC, 1237A1429DCA697D5260F55003D75FF126CC8F437124CE4D8B272D9B0CD66A9E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1FC2C9D8-2808-4B23-B0AB-170E1630BB36}\cclhgjjfbljkmdgcdchlfianajfmneogarx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 398DCE8BD85B04577797F8CAC58D70DA, 989879B315A314DEEF291AB8522D3DFD2743DE19A8BB4BD7A4F1D6542C696500
PUP.Optional.DownloadProtect, C:\Windows\Installer\{1FC2C9D8-2808-4B23-B0AB-170E1630BB36}\xclhgjjfbljkmdgcdchlfianajfmneogaml, In Quarantäne, 238, 237878, , , , , AAC52372CAD14BCAD7D37DC2E49DBA97, 8E6705CA7BA257DE7A2C5D7095B08835AB30CA8F89E564B9E141561D673BF5EE
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{24A2FA22-CC05-4995-9A94-3863DEC6512D}\colcachchelmkklofenhliljihmpcpdaorx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B2BCFD16AA80D86D00E008A4193B8177, 49B56EE4CF9B921D592C0C4FDD5D230570969E077D1A300EB54C1FD201B15076
PUP.Optional.DownloadProtect, C:\Windows\Installer\{24A2FA22-CC05-4995-9A94-3863DEC6512D}\xolcachchelmkklofenhliljihmpcpdaoml, In Quarantäne, 238, 237878, , , , , 11AE3AD51646EA25E27C5419F0649811, 9AB361C14AAD3BB1B48673DC5DE10FE868E4B26FB3275428E8A052B329DEFBDE
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{24B56D41-0239-4575-9F7C-6D85B480DADB}\cdgbgjceknlcgagijikdkgpjkmfohklaerx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 0668339CFE0DAED3A309E4914C4D2F21, DA69D41EAD205F3D8D2F94910C554B88F3F494F8E71CEDF30AA42E1834662996
PUP.Optional.DownloadProtect, C:\Windows\Installer\{24B56D41-0239-4575-9F7C-6D85B480DADB}\xdgbgjceknlcgagijikdkgpjkmfohklaeml, In Quarantäne, 238, 237878, , , , , 9E3152AAA4B525DCEE08DE271C1A660E, D79E9AAFCC56D12D9AA0A6302012ACAE5A9ECE5BB0B52E72D18E55CFE45E2A67
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{24E93DB8-BF8D-49CA-B19D-4683819364B8}\cmjcffhcmahdlkfjmiacaccnhlpfpjkglrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 387C82A91D63B645D5B7A64021C96CB2, B2F0817A4B00A4319B709A1C8695F2A3F95ADD0FF7C98638632041CC2886F0B1
PUP.Optional.DownloadProtect, C:\Windows\Installer\{24E93DB8-BF8D-49CA-B19D-4683819364B8}\xmjcffhcmahdlkfjmiacaccnhlpfpjkglml, In Quarantäne, 238, 237878, , , , , 304CCF9A26B38EC0E1E8C833687BBD40, B265BA61E00EA4B883D6DFF092F26D50C8B852C027E60C693D61F27A657256B8
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{2546542E-3EDA-449D-92EE-E1EB1C93597D}\ckfckdbpnclnlgnocmhcdilcmoagoajgprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , BD057CE6447F5F8DE3DC911BD7D5A988, A8E4801B37AF90293600EF3F22E2A8121DFB98570DF63DAA43064C8102B28B30
PUP.Optional.DownloadProtect, C:\Windows\Installer\{2546542E-3EDA-449D-92EE-E1EB1C93597D}\xkfckdbpnclnlgnocmhcdilcmoagoajgpml, In Quarantäne, 238, 237878, , , , , 81F6F41BAABC1C336F2589E8B355855F, 8149450AA2E9EE7A2CEC81AFF67DB97FEAE14DFAFF07B6A1E16B2CC04506C647
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{26368EC2-F906-4F63-B2F4-98F7807710AC}\cicokcpolaeamgalcfbhlpffppafemmahrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 47BDBD7063D3D3AF8ED7D06B94375C6C, 52B6C654B9943FAC555E818881CE306540A6CE8F447808D7B97F9959C84CA7CD
PUP.Optional.DownloadProtect, C:\Windows\Installer\{26368EC2-F906-4F63-B2F4-98F7807710AC}\xicokcpolaeamgalcfbhlpffppafemmahml, In Quarantäne, 238, 237878, , , , , 3E3E135C88BF48F426363A1FE2D66DA9, 3D637A71B469B0130E16BCAB34DFE1BDEFC1B7E6208BE8D3468B11E18B3A1BC2
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{2813D3A7-C28A-41ED-AD62-63F35BD60A4C}\ckpihckcbkmbbfpaifdmfbbbaokgdijnmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 44037BD5BA0B8947BB3BB3B0BD86461B, AFB9B20BFA199FC09AB3DE6977EFB9CB32951A2C9257C0C3D4CCA711A5A5EE9E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{2813D3A7-C28A-41ED-AD62-63F35BD60A4C}\xkpihckcbkmbbfpaifdmfbbbaokgdijnmml, In Quarantäne, 238, 237878, , , , , 83CC1C95A6419E2BD2C09EF048BF956A, 4360B75274CB20298E839704DBCBDF2378F7A6910FF25115E7BFC1377AEEB11B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{2B71C7F2-53AE-4EF2-92CC-E795B37C386A}\cadolbddbamihfpebeamofpkpfodibejnrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 7D02FFC398EAD44DBD01713A083AC873, 07393F7414903F1371AAB4AF30DFF51CCFAA6D8D6F5781A585333AC65989C251
PUP.Optional.DownloadProtect, C:\Windows\Installer\{2B71C7F2-53AE-4EF2-92CC-E795B37C386A}\xadolbddbamihfpebeamofpkpfodibejnml, In Quarantäne, 238, 237878, , , , , BE51D2C382B74A987D4D35E34DFD8139, E9842ED564300069C486844C249528EBE38F6765660A7E89F87CF0E720518AE1
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{30081BFE-B990-4D22-9881-6A3F4B0DB01A}\clghdhokacemgjbhilndofhahgimfojdjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 3CB00A87FBEB3E9C09B0B031F6A86FF2, C0EA2A5A055A7E8B6582540172B860CE44F35D7975E518F3F6B5DFA41E1994D1
PUP.Optional.DownloadProtect, C:\Windows\Installer\{30081BFE-B990-4D22-9881-6A3F4B0DB01A}\xlghdhokacemgjbhilndofhahgimfojdjml, In Quarantäne, 238, 237878, , , , , C3C93C4B92831BD1DFE3CDF3A6573B33, 078B060FA326AC58E27B8EFD421B5FF1D263C0AF0047C8EF4EF3AD9BBB4846A5
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{309A8C89-9873-421A-B6CC-2A9C3A0052CA}\cpiaamnmdlkdcahlbbmipgejaialddcbhrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , D39185F66ABA2F459E2CD2137B1170F2, BD7B1D8F0A7B37214696FEB5B27CDD6BDBCAA2DF381FEEAB8A1AB2153B4480F5
PUP.Optional.DownloadProtect, C:\Windows\Installer\{309A8C89-9873-421A-B6CC-2A9C3A0052CA}\xpiaamnmdlkdcahlbbmipgejaialddcbhml, In Quarantäne, 238, 237878, , , , , 3F19505B78203F5FC830174CC295E72C, FEAC40EA0A0B1D3F923175D4BE7F97FA6E2ED724E83A87D4CC54805573283574
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{30AEAE1A-DE14-46FA-99C2-3AD9CAAFA415}\chpcfkajefnjgpgjodmahdacgkcbagkkcrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 283FB0345BFF770DC1A851887C5A86BF, C1241E35E5992BDE83BD5FC52E1D74FEFB74B1C43CE9E8973CD899166CEF096E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{30AEAE1A-DE14-46FA-99C2-3AD9CAAFA415}\xhpcfkajefnjgpgjodmahdacgkcbagkkcml, In Quarantäne, 238, 237878, , , , , 500B806CE04F46D6AAD03E59B6CF6D2B, F10BE4E008E83C5164411DB4F7F96FC29D83751FD4D86F686ED75499F15A7BB3
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{31B0B022-6729-4338-BA40-39AEAC72AA5A}\cjcjddjagadofohnpgjabjdmcnjnbjpfarx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B05A378BFB7202AE82DEA8693F252809, C61F15528B05788DB1347C6DFD6E1B6361ADBA3282A5CE059DFD796ABE3497D2
PUP.Optional.DownloadProtect, C:\Windows\Installer\{31B0B022-6729-4338-BA40-39AEAC72AA5A}\xjcjddjagadofohnpgjabjdmcnjnbjpfaml, In Quarantäne, 238, 237878, , , , , 3D0D68976282407B88C3A1539257619C, 205BBB28C2BC14219E5C782AC0D71F7F6E2CBB031DAC2C0A48ADE133163A1CC6
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{323E9497-749D-4C39-A263-9F248BFFFCB8}\cjmadbdmdpjhgnncmhngbeligedglfdagrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , DBBC14E2850AD496329C1EDF06357D82, 2C033D27ADE7C39497769A20AFEE034C9FE1122D32770461D922CE56334AE392
PUP.Optional.DownloadProtect, C:\Windows\Installer\{323E9497-749D-4C39-A263-9F248BFFFCB8}\xjmadbdmdpjhgnncmhngbeligedglfdagml, In Quarantäne, 238, 237878, , , , , BFE386F2446257B98233DE3D6E175318, 70DD43F58B2BF0CB88ECCF39474FC01BF866614629B1082C7A5A731240A954A6
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{32FB6B07-48CA-409C-AED7-283E66BF5753}\candjacmddihodgfofbefbeocbjbeaifdrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , D83062FB3711D12DA67C5DFB7DBA1CB2, 4DFF7BA42E61C34AFFC8A48DE701AB8D45B158FB685804FFB3D724F6BDDA189D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{32FB6B07-48CA-409C-AED7-283E66BF5753}\xandjacmddihodgfofbefbeocbjbeaifdml, In Quarantäne, 238, 237878, , , , , 2F9E5BA97DDCA9CC89FFC66FD2449AE7, 6261C94D969D43680952CB9AF6A4E132C54420905C9659B8140B71DACFD9E546
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{331D7DDE-6FBB-483E-9806-79EE4E2D8D68}\cjbachebfhjhcllfplbmocibdlmgmphomrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , E6B1B8E0E7706289BED54E9657237E52, 12E5A60D47B41156B5A89383A6E6FA2A74F7596A7DD409F2529C43333A8D2D3C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{331D7DDE-6FBB-483E-9806-79EE4E2D8D68}\xjbachebfhjhcllfplbmocibdlmgmphomml, In Quarantäne, 238, 237878, , , , , FD65F62F5F6AE97791F571087DAA24CA, FF76A2FA20CCE6B0547DE8A62F134020032638625D16FAAE1DFCA6430AFE2CAE
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{34F35160-6519-4ECE-B1CC-304D1A7FFFCF}\ciapjhnhbfmkhcgeedkdpfpdjglhkgkiirx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 0E77896712BC6F188735F66107D16EA5, 7B132BB65E8F6937B8DA68ECA8314278E25BD6668C22BE6D63852211D368762E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{34F35160-6519-4ECE-B1CC-304D1A7FFFCF}\xiapjhnhbfmkhcgeedkdpfpdjglhkgkiiml, In Quarantäne, 238, 237878, , , , , 5E65DC442BAAB3A393FB18DCBD5C1989, 0849D268F5E27B364E38D18B0F855946311A614F97F6481D38A7FFA476C903B6
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3699836B-0F44-4A84-907E-5EE69F358D7C}\cjmchlgoipbflhafmpmpcnbbpjggifggerx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , D359BC15EECBD2980D57F1A6B0383021, CB16BD29B43B0FDAA92F7DAA823CF275F9F7C96A8B86114281C96A6509E093CF
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3699836B-0F44-4A84-907E-5EE69F358D7C}\xjmchlgoipbflhafmpmpcnbbpjggifggeml, In Quarantäne, 238, 237878, , , , , F5B6D0E6911D09C1D206D27EFC11398F, 22355071A9A8CE8DA1FEC99F0273B850BFF9EAE50DF1CCC9A4C42270B9E3D9BA
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3B85D7B7-793C-4B77-B08E-716888A0417A}\cibipafiiakmkelhlmnjljbopcjhmfpmdrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 1E0A233936688092459C93E62ADE6031, 73B24140F04CFB7FAE2C86204B855AEF900576D7A36B809632ADC21228B43A6A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3B85D7B7-793C-4B77-B08E-716888A0417A}\xibipafiiakmkelhlmnjljbopcjhmfpmdml, In Quarantäne, 238, 237878, , , , , 36CA2C384BFC570C76159572B0DB5687, 6909248316F0B668AAFDBE2EA9906A2882D36ED9A192F13C01AE6944A2976A31
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3E4EA4A8-4DE5-468B-994C-F16886A8D011}\cfhbfkpbhlfpcacpppdhbedojnmpieniarx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 206A25B447A291C014C3A7476CE68141, F56FD70B5A41AFB05D95FC9C1BF6FE5C6F701AE9C84C346FCB544CB9B23013ED
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3E4EA4A8-4DE5-468B-994C-F16886A8D011}\xfhbfkpbhlfpcacpppdhbedojnmpieniaml, In Quarantäne, 238, 237878, , , , , 86E1820B44AB7A6FE0CDE1CE8921CCBC, 8AC8F0CF64262DB2F75AC86D286226B6FDAA24D45715D506562E17BF72B2270E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3EE7F39F-70B7-4909-8653-1F1054C60536}\ciofoomogcamhiimpjkbfemdjgkphnehlrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 58E33B0D013719B54A1E4BC353B2698D, CE4D27D40E82B88C39B00FFE3B135DF42FD40BF3E508F00B5C86B62CF441CCDB
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3EE7F39F-70B7-4909-8653-1F1054C60536}\xiofoomogcamhiimpjkbfemdjgkphnehlml, In Quarantäne, 238, 237878, , , , , CE61D3D0550B6D1A6A365BF24D440A26, CEABC36AAE5E3B70759832137B35ABD87C092A98573A1AB5A33EC2A387BDEA27
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3F2F0CC7-7D69-4078-8E93-725314A56ACB}\cclgabladleddfgjkbbdeholehgdlabngrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 6E5D9DA35C7357688C6D37BC23AD9266, 42C0D607A73B9FE55E97E8EED814B6F33CA14700131D6E7EDB439F7494A54E3A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3F2F0CC7-7D69-4078-8E93-725314A56ACB}\xclgabladleddfgjkbbdeholehgdlabngml, In Quarantäne, 238, 237878, , , , , 56E4BE2EB069B5143C76FC4E1AA8899E, 8A7078CB90DA0CADDA2AEB4B4314CC4684288315FEA3C39DA95A0F5CB3F28C74
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3F772A89-30C1-4FBD-81A4-201F8964326B}\cdefbaanfpgichebnmdhckgopnkoejkpcrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , D7C6758293861A3CF75C148C86823345, 035A66C0BE6195472720B9E0F1CA7B0CE96269FC0CAB0EB34138260873FC2ABC
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3F772A89-30C1-4FBD-81A4-201F8964326B}\xdefbaanfpgichebnmdhckgopnkoejkpcml, In Quarantäne, 238, 237878, , , , , 921556FD784F07E0FDE9DBADB8AAD14B, D504C6D87BDE5A30691699FACE2DDAECFDEC1E56B3C1496F7E00EEFDB26F85F8
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{40C02CB7-1CE5-413E-9063-6E60843F4A9A}\cidiaeplneganjhfhoedkjeeghnepdgforx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 0F8C9AC63B594F1711D552BD348F7055, 1DF87010AB2A11CA3E23E005BBC2EAC3593B915AFF53CC228DF127B9E169791E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{40C02CB7-1CE5-413E-9063-6E60843F4A9A}\xidiaeplneganjhfhoedkjeeghnepdgfoml, In Quarantäne, 238, 237878, , , , , 819AE6B218B7B43304243D3F27E1181C, 7EDCD2298C484E783E1DB2AEEB8D288351D0C152D50B21148662EA692AF539D8
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{40E8F663-7DE4-4905-879D-B85B5D6C9DC0}\cfhccfcbpcgjkfacfglleekhbihdpadpkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 683BAAB499FC473D9F70CA373DB74647, 22A284A59F1662621C4DD2D3D33D14470151AAC9EC5EC5618B614DCF7AF304C9
PUP.Optional.DownloadProtect, C:\Windows\Installer\{40E8F663-7DE4-4905-879D-B85B5D6C9DC0}\xfhccfcbpcgjkfacfglleekhbihdpadpkml, In Quarantäne, 238, 237878, , , , , C82417F51E61E9486B27B5AB5F6C9619, A2B729E698CD15EEEC8A62980083769199C301D0EF638D744C2213CEF4878BDF
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{420E9D9D-1F2A-4A66-AE1B-A654F0D77FDD}\cmpgbndkfambdgjoaifkdbfpncodjjbhmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 2051522CDAF7ADDDBF0B241964F0FA17, 649D569DA44298EDF867F7AB3578829E985370BFB31BB987CF46D66F96F3A9AC
PUP.Optional.DownloadProtect, C:\Windows\Installer\{420E9D9D-1F2A-4A66-AE1B-A654F0D77FDD}\xmpgbndkfambdgjoaifkdbfpncodjjbhmml, In Quarantäne, 238, 237878, , , , , 98997E026E0CAFAED1697978573FDA5D, 7D349E463BDCB5E8F8B1FC20F92E5D17C315BA7FF48D08ADD5E577B340A73287
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{44453246-9706-4D09-ABBC-6B2B29CD69EE}\cgdjphoanadpllekhnlcjpobndkjjdnfkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 28BD119695C6AB2F0AAC603EBD145A6B, 54C0F8D26B2605AA47816DB5A3BBC2C64A9DE58D5EEDB8FB049417E373AF45C7
PUP.Optional.DownloadProtect, C:\Windows\Installer\{44453246-9706-4D09-ABBC-6B2B29CD69EE}\xgdjphoanadpllekhnlcjpobndkjjdnfkml, In Quarantäne, 238, 237878, , , , , A5BADDD105049F6BA0A942EA16235D96, F539FF891306902E2BC196AD8B6D3E10550DE78009A79CDD0C6D9FCCBD108F50
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{48D72DC1-62BE-41F2-85BF-5B121E5F725C}\cflnokjbjackkkljfiafheddnkbijgjnbrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 1590FF622F07230ABE91BE456A5E4EC1, B1D407B474912836BF59DDC37C895A319890C0D1838B63DB995B3901935FB9B6
PUP.Optional.DownloadProtect, C:\Windows\Installer\{48D72DC1-62BE-41F2-85BF-5B121E5F725C}\xflnokjbjackkkljfiafheddnkbijgjnbml, In Quarantäne, 238, 237878, , , , , 591257CD0A377E2B01F4E972681A3EE8, E0CCA47AC0788EE40D93ADDC0B206DCB6776E3A2303635CDF94835684078C7BF
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{493D768F-7970-473B-A94A-9464BC426D9F}\cfoojkehkclipgaeoehjkkblkhamdfcmirx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 6A3CC8758B5BCB95CFA21F423AF6F59D, C847FD933647A9A9522A1D03582CDD7D3FDEF714DAAF9E17861287911F383CDF
PUP.Optional.DownloadProtect, C:\Windows\Installer\{493D768F-7970-473B-A94A-9464BC426D9F}\xfoojkehkclipgaeoehjkkblkhamdfcmiml, In Quarantäne, 238, 237878, , , , , 7B315052DC7A542904A66BC35A83EC0F, 43A05E51E725389F5353FD21BFDAEFEB3CE76DF7A413D6E204F260B31A8D10C0
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4A86C221-53F7-41D7-89DF-E8CEF00A2E57}\cjpbpmlkjpnnjamcneeajeilibljohflnrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 057B4842502E48BA9153B361192A0959, BEEF9AE4F2DEF02EC53234E394DE3DAEDE6158D33909C6D3CE6BC2103EE4719F
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4A86C221-53F7-41D7-89DF-E8CEF00A2E57}\xjpbpmlkjpnnjamcneeajeilibljohflnml, In Quarantäne, 238, 237878, , , , , 04956E52F4AA571F90662020DF09AF92, 95215D939C5605BD9B2B1C15F294FF0DA5B30606192A268E205DEAEFEF473782
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4C42157E-98C4-4807-B435-96CA2237831F}\cpbjdgbanfbpleefpgcepeoiholgkfkdcrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 5422B204BE39B2758E9687A21E004430, 2B7BBA004EEC8F8EA24DC789068963988DA651CA9B0F7D31DF92624AC2605144
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4C42157E-98C4-4807-B435-96CA2237831F}\xpbjdgbanfbpleefpgcepeoiholgkfkdcml, In Quarantäne, 238, 237878, , , , , 2689D33C661B624F7BE6FE0500259AF5, 404BD79689084D5986FF2C55F964FA24A037CFCADF9C7AD2D2026A6238C7293B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4E543FEB-895D-4F6C-B60B-F49261900274}\cgckmjnaccjldghbhaflglibdcfjimijgrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 3CAB5DC61473654038DBD35E2D728E5C, 347B423BDE9C8976586A9B79007979718918F24E145A24EBA34507B1AF8AD9F1
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4E543FEB-895D-4F6C-B60B-F49261900274}\xgckmjnaccjldghbhaflglibdcfjimijgml, In Quarantäne, 238, 237878, , , , , 3B0AA729F1A7A954038B2E78969F88D4, 595217970FA2DB0B62DF3FD52E12AD5708904B79537AB7377BB192D8D3D4A1D9
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4E7A5E2A-451D-4E59-BF6F-9792277F855F}\cihgddigichbjmgaoplnnbgmjjckfjocfrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B029D375139EFCF33034AD8C44ACC2CB, 73D3B9DE4D72A43A3EE2FA64FDEDE7A85FA2A35F01EA973B097C7FF6BC63C370
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4E7A5E2A-451D-4E59-BF6F-9792277F855F}\xihgddigichbjmgaoplnnbgmjjckfjocfml, In Quarantäne, 238, 237878, , , , , A6B4E2E579F9CF77EE47C1AC69BE6106, D8FF225AAE9CB9DD92E093FE1466D75410CA190A66217CB87613B8862DF7A5BC
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4EA26C03-60FB-4BCE-A5BE-B9A5DE535A50}\cnmgfkobopkfmdkcbglhbkpfkklkaecfjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 2376400A81961DB213B000C1E7C70F0C, 08CA68CA3CA0A6E6ABFD2425FE01B92CD7465D911BD0D210BB3D2DBA16FE8CEB
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4EA26C03-60FB-4BCE-A5BE-B9A5DE535A50}\xnmgfkobopkfmdkcbglhbkpfkklkaecfjml, In Quarantäne, 238, 237878, , , , , 29CA6DB9EA2C23F6E2CB6681732EF33D, D1B538CC321AF0B0C4FF6E84DC6166725CBF1E961458467B9448EDBEF69196A1
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4F420260-CD63-4BA4-9197-76A32052899D}\cobakplmkkbplkpkclnbhfhklnhphfollrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , E88EF2E1A350D01C7D44432637EB815D, CFE0609EB74E5FFCF6F3E623C8F938EB657B6FB295F5BE2242E5E86D0466CCE8
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4F420260-CD63-4BA4-9197-76A32052899D}\xobakplmkkbplkpkclnbhfhklnhphfollml, In Quarantäne, 238, 237878, , , , , 214BD3B3AF61A90511D21650F276402B, 2D73DC57BC74DF447ABE48DC25D425A9533843358C636A5DDBCD578CDB0BE07B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{50E5E000-BA3A-4C44-97BC-CA02C3DB4CB1}\cfncngohbkhbipinbblgkoaffohfidmdmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 26A2FF8DD4B93E0EEC13943103747596, 4E19A330D165024A194E7EAB6DC3AB3E9BF696027122863CBB496C496DF82242
PUP.Optional.DownloadProtect, C:\Windows\Installer\{50E5E000-BA3A-4C44-97BC-CA02C3DB4CB1}\xfncngohbkhbipinbblgkoaffohfidmdmml, In Quarantäne, 238, 237878, , , , , D716A302019F8EA1E751493C66E7A670, 40E417FC4362BE22F77869C78D49E2DC95B560C121ADA0B3274634E80A0131B6
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{51669EF8-1953-4ADB-A6C8-07227798D480}\cndnfhkiladmamajkpbekhillloabhpbmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 3E2AC72EF318832DAFD76793A4ED47F0, 2274638BDE7E78ADF0A5ED7A2A8080113366CEF6D804210F58D4706F7BF5AE9F
PUP.Optional.DownloadProtect, C:\Windows\Installer\{51669EF8-1953-4ADB-A6C8-07227798D480}\xndnfhkiladmamajkpbekhillloabhpbmml, In Quarantäne, 238, 237878, , , , , 33F659CC709232FFFB38E432FDDD4223, 7DDC1EC2D20721F612C1BC5DAB1479360186D503464A9238B24A41A82D628A24
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{52605AA6-C703-4091-AD19-9B87A77B3B76}\cmojnkddohgdialfdaafbpdoababdfdefrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 79E83AC718A7CBD73C701AEAB38992CD, D5CBC72F5C27360D96DD359DBC1823C22A0F63DF0963383126EDD3D141E93414
PUP.Optional.DownloadProtect, C:\Windows\Installer\{52605AA6-C703-4091-AD19-9B87A77B3B76}\xmojnkddohgdialfdaafbpdoababdfdefml, In Quarantäne, 238, 237878, , , , , D248FE6044945B4F9529C56DB4119763, 86E8146A3D56D636E88C75832FC6C3407F6E042DE72741438EC86064E8B59D11
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{54900CF5-CDAD-4589-A54F-30C87A46EF5C}\cdomeoplffeocpdblcgfhkmpnfdbobkhorx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 2E38C1D0BF6405767DEC433C2AEB04BB, DC4FF9967450EEB6510CE890BBB94D5327C077ED40D5A934F1C86D888C94EBFB
PUP.Optional.DownloadProtect, C:\Windows\Installer\{54900CF5-CDAD-4589-A54F-30C87A46EF5C}\xdomeoplffeocpdblcgfhkmpnfdbobkhoml, In Quarantäne, 238, 237878, , , , , A7504D642D5CF3A6000B0B36439C4E07, 4A496D08D6FCAD0176287B8C79D397BAC7544A0B4AD40991A357944F96219070
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{55155EDD-29DA-44C7-B0ED-E96DFD1313D6}\cpacdgnconmfhilkonecbdgcibjkghnegrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 438DD169A3E1A2ED9F3064FD7D3010D8, A46CC15E051090DBD3E87D0FAECE860E0D56E8358F42C69778F16550FBF55671
PUP.Optional.DownloadProtect, C:\Windows\Installer\{55155EDD-29DA-44C7-B0ED-E96DFD1313D6}\xpacdgnconmfhilkonecbdgcibjkghnegml, In Quarantäne, 238, 237878, , , , , 4C6C78E2775AACD458AED6C9A4A9D011, FF9722904B610C7BF9C8C279A846636972D0D4C435CBD052457797A5F6DD6610
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{554DBD7E-4680-4231-BDED-F89EC2F06976}\cloddlodnpnbkjakfgdahdajojfhelgdmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 523504F516F34B0DA2EB7C458CC6EEDF, 11DD423F6B5D90FFC223C45B087C9AF08ACF1382DC07D64B2DB6A1E2A4E3C1BA
PUP.Optional.DownloadProtect, C:\Windows\Installer\{554DBD7E-4680-4231-BDED-F89EC2F06976}\xloddlodnpnbkjakfgdahdajojfhelgdmml, In Quarantäne, 238, 237878, , , , , C2CF4C8CF86A142EAB2F12FDCE7DC334, 10C685951265807D879098FC16DCB3EDF69AFDD23DD2371E4908DC8AC61A56D0
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{568593FF-608F-4422-80F8-9CB81EC89EEE}\chlghfpiobocobdbaagkohjdgkpdbhpfarx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 3234B8B05D941C3D96C236688D9CA974, C31E60CB4450748EAA49CEA2935DD82D240E06F86F4BFE3573E5A92FB0DB28B1
PUP.Optional.DownloadProtect, C:\Windows\Installer\{568593FF-608F-4422-80F8-9CB81EC89EEE}\xhlghfpiobocobdbaagkohjdgkpdbhpfaml, In Quarantäne, 238, 237878, , , , , 9F8FAB718F0937B509A98455092940E3, A6304683A92C8C2318E2AD1189A3EF10B340FDD5D413A6A75FA6EBBF531045B3
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{5691FF66-59EA-4B71-8B1F-4572A949ABD6}\clckkjcoklkpbapkhbokchdngkcfajlnbrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , ED40117E69D99B9B0C505A188904CC5C, AE7B0F48DFD561BB955B6394E4953E63695A6FB4B7399A948B34EC583A5DCB28
PUP.Optional.DownloadProtect, C:\Windows\Installer\{5691FF66-59EA-4B71-8B1F-4572A949ABD6}\xlckkjcoklkpbapkhbokchdngkcfajlnbml, In Quarantäne, 238, 237878, , , , , A3AB1710E39EE4823F0144200C773E10, 6CFE4C5063CE63B22C92DC623A947932A9F2E1E8DC4AACFD4D93AAA6BB1CCF7C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{5C2BD156-5A2D-41A6-9B4D-1B51FA82D250}\cjlijlgmbeoobpiajngcbgjnegnnnljmnrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 9D8DBF2012D30B438C6C4F2CAE13B0A2, 6DF9630EE5D26A561CA88327C66C7F79B6191984ECBC16826174EC409DAE853F
PUP.Optional.DownloadProtect, C:\Windows\Installer\{5C2BD156-5A2D-41A6-9B4D-1B51FA82D250}\xjlijlgmbeoobpiajngcbgjnegnnnljmnml, In Quarantäne, 238, 237878, , , , , C5AE0A2DFD9C08F3EB4D4AF5CA532A17, E661D3CE7CA174CA60B095119806B2759559DEB3B473F40D8038613F2E5BD8B5
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{628575BA-494D-475F-A1C4-D0465FE2C353}\cbhdjgephjmmppondgpkfocifhhlggganrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , C87509553A3062B3718F345043749A4A, A9C0395E6203DB550756E1E6942DDB2DB54811B08D7B48DEC6E3D7F74F8F1A0A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{628575BA-494D-475F-A1C4-D0465FE2C353}\xbhdjgephjmmppondgpkfocifhhlggganml, In Quarantäne, 238, 237878, , , , , 7374FEF236FF4DF3765C95D3472B8509, 50B70EE50F10944C5A67B8816D509885ED9E8738B57FCDDA076252FAD0C92F0C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{64025A4D-9B01-426E-AE6D-B7E56F231E3C}\cplmnakdbdifalibebgidmompbmhgapjhrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 06C2279EFE60543574FDBDA52DB6A1F7, 1AD7C0E1042857F3B31D94BD097DEA2631A5524272F8513C75B08BF59707F949
PUP.Optional.DownloadProtect, C:\Windows\Installer\{64025A4D-9B01-426E-AE6D-B7E56F231E3C}\xplmnakdbdifalibebgidmompbmhgapjhml, In Quarantäne, 238, 237878, , , , , FE03D08D6B3A0D8A6A340C731A2C8402, D2D5A71770D38FD581015F146F6644B7BABB6E30612FE1448782AAC155823FDC
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{6650ACBF-CD45-47DB-AD99-0DF0D0A18E0C}\copaecibcnhanbmkgnepmjigibmffcmhgrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 579250FBC945560DF806530C9BFEBF1D, 214896DFCDB452FA16849ABC129EB95F609523416E466F02AE445E245A8C02E2
PUP.Optional.DownloadProtect, C:\Windows\Installer\{6650ACBF-CD45-47DB-AD99-0DF0D0A18E0C}\xopaecibcnhanbmkgnepmjigibmffcmhgml, In Quarantäne, 238, 237878, , , , , A42E208FD5FF08EABB127B60378156B2, 84574754B3EB5C7C5A6D98F67DD022E9E3CC853AA20D10CD45929B1A6E27A8C1
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{699DAD57-B7D6-4162-ADBF-D0CDF5D1E6BA}\cdhfpdflbkgdebjimmmbplgjnlhbooibjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 0CB76FA9C6658AC7137288DE6247A592, AEA96FD8BD9FE919C4954B1D49AAB0EE7E5539CAEE441217B3B0E126CC2328ED
PUP.Optional.DownloadProtect, C:\Windows\Installer\{699DAD57-B7D6-4162-ADBF-D0CDF5D1E6BA}\xdhfpdflbkgdebjimmmbplgjnlhbooibjml, In Quarantäne, 238, 237878, , , , , D5C2581A244668F0E93B046529F82DC9, 6D243737455B2022DACC4EF7A345BE400234E50F0F2E0BFFAEFDA7A16C9670F7
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{6B4DC3C9-F59F-491B-9A6B-1CE4CA171CAE}\cadfbbklkhiejbfdhkddpbjhkoeedbpjmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , BB17EC7EE9B2FD0124E65A9EC47115D1, 3F178988A64334A8464712B0D489040155B5B1406A0E1C441D8DC8FF36CC412F
PUP.Optional.DownloadProtect, C:\Windows\Installer\{6B4DC3C9-F59F-491B-9A6B-1CE4CA171CAE}\xadfbbklkhiejbfdhkddpbjhkoeedbpjmml, In Quarantäne, 238, 237878, , , , , 45686D4FAE37CADEF0313D06745DBAB3, 1E9434882268B5768F2CC60031B3E3B34C23560158E6165CA4E2C95DB387CFF2
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{6E9EAAC6-6DFC-4D20-B33E-BA2DE5A002AD}\ckpoaicbcbdppagphkhknieknfjfledenrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 1C2C8F1CF236AA9DD9CCF49354ACF8B8, 2E68FFA3187A511FD251572C0A4545860FAC6B82F9D3F42B790571EB2D0D1834
PUP.Optional.DownloadProtect, C:\Windows\Installer\{6E9EAAC6-6DFC-4D20-B33E-BA2DE5A002AD}\xkpoaicbcbdppagphkhknieknfjfledenml, In Quarantäne, 238, 237878, , , , , 039C5FDB5029BC7EB7985310F0F4E8FD, EEEA64016F7EDE30C1125659496623BC9B033CC40C38014C965BD4122C78FFD4
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{6F2153A8-19EF-4AC6-B929-44A9764CC52F}\chefahfnheapkhaejmjghfcgffeaipkjlrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , FC60393860E4FFCC53D510C0D20F1729, AD5542E0A22D62BFCA338E68684DF0C9BDF3005ED3A30E09FFB265BF4EDE3756
PUP.Optional.DownloadProtect, C:\Windows\Installer\{6F2153A8-19EF-4AC6-B929-44A9764CC52F}\xhefahfnheapkhaejmjghfcgffeaipkjlml, In Quarantäne, 238, 237878, , , , , C2E16F47FCD672732C57D728192EA7F4, 07BE22C81873512485D101F47A69096794FC9F48B611E5A3D8E527EAF444161F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{714A3EB0-0292-44BE-98C6-134E86471CD4}\cohkppbfphkfjhdoidoggpmpgledfmabgrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , AD8FC742627B5EEB157D6C5B1D809BB8, E8C51D163C264AE72480A1BCC121F32B280F5AA4860ADFE94FA05683F4181618
PUP.Optional.DownloadProtect, C:\Windows\Installer\{714A3EB0-0292-44BE-98C6-134E86471CD4}\xohkppbfphkfjhdoidoggpmpgledfmabgml, In Quarantäne, 238, 237878, , , , , 9F79731A0BDFCA4DC1A0E1D365322897, 64AB71DB20901DADC7DED81AFAE892DBFF758AB1C8371A199E3B98635E05AE43
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{72DA827F-168D-4E74-8602-3AE0C3F4C7CD}\ccpneainlegadjndmpljnaafppjidjeblrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 7E94FD90E9E7B49B412F171A8A7940C2, 51EC58329F0EB3BF3E6B20174C935D802A64FBFDFC188606C7CF136F3FD01D44
PUP.Optional.DownloadProtect, C:\Windows\Installer\{72DA827F-168D-4E74-8602-3AE0C3F4C7CD}\xcpneainlegadjndmpljnaafppjidjeblml, In Quarantäne, 238, 237878, , , , , 85A2A21D6933F6272B662EB823DDB770, 41463DAA848CDE29F0EA92FACED0FB03ACB9E8AE036990F50861371997AC1EBF
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{73CAD8BA-F71A-4EEE-B340-6E6D5A3A3653}\coffiomajpnhcbcolhgjpakaekibomcffrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , F6DDCC23E9A6F25610992CDBE9B98303, 500DCEC57D8DD23420B33173D83AF0F6FD6F713B1008ACD4299A417527DB943C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{73CAD8BA-F71A-4EEE-B340-6E6D5A3A3653}\xoffiomajpnhcbcolhgjpakaekibomcffml, In Quarantäne, 238, 237878, , , , , E1E0963A40C92AEA318F2A5A5B47A8F3, 180E81883946D5565773928B81EBF1F1D2D41D2CACC282A0FC64E7DCEAE713BF
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7462B355-A768-4599-A243-21FEFF83BDF6}\camdcfeklcoclkfmgajhebgnjbeecejnjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 177CEBAA805AF4B2F873CBBFE09160E7, E82B5C53FBF6019CF3342E3D680E30B3AC36B61B4411B344E794D44929263C9D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7462B355-A768-4599-A243-21FEFF83BDF6}\xamdcfeklcoclkfmgajhebgnjbeecejnjml, In Quarantäne, 238, 237878, , , , , 405F937C4E9634A084329C271DE3894E, 49BA4EDBE71DA2ED3810A9C2168A2CED3724A39306CC3BF51C598FD4B90649AF
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{756EA1AF-6D0B-418E-A99F-35715B5B418B}\chiigcmggaekbjgaaggfkdfhhelnbgdeprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 8D8AF6C484C1BC140D3E6ABE059024E4, 3B1B3113AFE62AA659555E2E22AE6CDAE75704FC265050AFC879E00D7A1F552E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{756EA1AF-6D0B-418E-A99F-35715B5B418B}\xhiigcmggaekbjgaaggfkdfhhelnbgdepml, In Quarantäne, 238, 237878, , , , , 36D188DE1228FD3FC841ABBEE0C32950, 49DA713BD480979D638FA200C78E1D43BFFC94C841842E9897E5F07B18881CC0
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{75B9C77E-0C3C-4AFA-B2A8-4F35D9957665}\cekmacoladkadincapbejijalkhpinoelrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 633EEF6CFC984FF8FDA7B1E9F876C3EC, 6C42CF199A8B53364DD33594BCC85166A7AC4A21231CE2CDFC076143F5C60771
PUP.Optional.DownloadProtect, C:\Windows\Installer\{75B9C77E-0C3C-4AFA-B2A8-4F35D9957665}\xekmacoladkadincapbejijalkhpinoelml, In Quarantäne, 238, 237878, , , , , 96ED6F69CE0A5BD0E74FC96A5E83A638, 107AAC7565CB7E1C8DE41B82A8EE95517085D970C8F63CC2A81D0EFC264866C0
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{79954DF1-A233-49E2-A039-9D56740F38EA}\codcdkodgjodomopmgffmakmodobfjenmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 2713A9870FF99F017761597E0F5C9558, 3AEACD2744F15451AD8208CFCAC3C82461357B0561843136B7E990A77C22D4CC
PUP.Optional.DownloadProtect, C:\Windows\Installer\{79954DF1-A233-49E2-A039-9D56740F38EA}\xodcdkodgjodomopmgffmakmodobfjenmml, In Quarantäne, 238, 237878, , , , , CCD7BB80C0F6CA6C0A38C4A52BF6D91D, 5BD90B9E171E8FDCB43DDEBCC5A726910EFFF1BC804CCCC0F62710B6C7709722
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7B9056D7-604B-4C71-A037-C1F45013BD27}\cpcompghfcgakollhlmjbnnjdbibmnmgdrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 710FF8DB3E351FB26E468DDEAE7B0660, 7AA0409312CF90AD87134B951D5295B1426CF0837EC06D6629B9F036E8442727
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7B9056D7-604B-4C71-A037-C1F45013BD27}\xpcompghfcgakollhlmjbnnjdbibmnmgdml, In Quarantäne, 238, 237878, , , , , D84DF0E3ACF773C6957DF6AC3ABEB4AD, 76D5DCA938B99D815B1FF7EB6DFAB0A86CD85AB6B72F8266437761622EC8396B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7D1AE669-B217-466D-BE84-C2892B6874F9}\ccmgnpnaboickacafhapdjifdhapflkoprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 55CABF1556259C145C40834DD3D75747, 7FD07046282F4D28E1298F0A11CD48E3752D6D1A15C5C26A9F0C5ABE47FD7C5C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7D1AE669-B217-466D-BE84-C2892B6874F9}\xcmgnpnaboickacafhapdjifdhapflkopml, In Quarantäne, 238, 237878, , , , , 14CA025E4463517CC5C9E2786EB20CB5, 547E8790ED7448775D5DE6D690CC0BBA8A96E1BC3FA8835A58BB8FE0DED2BA46
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7D434D4F-30E6-4891-A579-58ACBBDEC178}\chhhgljfoofjcaaegbbplampkodhfaiilrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , E23B465CA0B3E8078E7DC24BE0CDFB43, 9381A12DA023D6CA2D4A30A2DFA7F63B542E98884332E985A9B8A2A20D272A07
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7D434D4F-30E6-4891-A579-58ACBBDEC178}\xhhhgljfoofjcaaegbbplampkodhfaiilml, In Quarantäne, 238, 237878, , , , , 87EB18A7EBEE5D4C08AD84B25077F5A5, 33301DB42528DD65EFF72854A4B4D220A79F4ECC94C91973D00613FDE330316D
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7D671C4B-458B-43AA-9BB8-981D9A02D756}\cnfnnebleffnmlgkmbgobehhnmncmlacerx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 6E7A09A25E485E6BB6F90FA1399D1D48, 2969B6018A2269D65573EB721CFCD982481660D5B0E4C861646F2E6CF02CA521
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7D671C4B-458B-43AA-9BB8-981D9A02D756}\xnfnnebleffnmlgkmbgobehhnmncmlaceml, In Quarantäne, 238, 237878, , , , , 8402F590FB62FFFA2C5CCF7D3724F446, 1934AAFFBF054590FF43C94D278656FFE59A2226A4715D1349E0C51934E199B1
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7DF978CC-663D-412E-B024-5C756F442B9A}\cpklcaoinpofeagcleepkcllokekgcbpdrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 5710AF5732DCF79E81548E3FF9169A0D, BDD71207CCF434045737D4157482B7CAE42F7F75D66FC81CAAF8A9123857BF56
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7DF978CC-663D-412E-B024-5C756F442B9A}\xpklcaoinpofeagcleepkcllokekgcbpdml, In Quarantäne, 238, 237878, , , , , 4B11FAB42C0C93A8CA85D70D43257CAD, C647B3B67A84C8F341AA22D54F742FD4AE8F68CDAA45CF9F70E1AC5C8F237E45
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7E0176B7-5E6B-4009-9C1E-FD5E4EDE6DE7}\cfamidebjekodndefelgkdhojhbjpihfprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 63385E39518323728867DF2526EC3F2D, CC3E771604890E13F3F4D15B2F7741BF7A8FA761BB885CA33C8189ACCB3DFD31
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7E0176B7-5E6B-4009-9C1E-FD5E4EDE6DE7}\xfamidebjekodndefelgkdhojhbjpihfpml, In Quarantäne, 238, 237878, , , , , 7E00AF26A776F33A49D2D49F2092EC4F, 1985EC12795B6FD25F48D4FA0DB4E9335EC280FE67D44BC91C66BCFA1A7970FD
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7E118547-6528-44BD-8DE4-0376DB0D0BE3}\ckmibhidiblmojhopohjbecmdhdbnlhdgrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , ACF4DD01F8089564CFB5E7D0C7129F57, 69EBAB40F329CEA95857BFDE88331B45CA16B52368D0A5392AFD34CF778D8EC1
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7E118547-6528-44BD-8DE4-0376DB0D0BE3}\xkmibhidiblmojhopohjbecmdhdbnlhdgml, In Quarantäne, 238, 237878, , , , , 68C77865B269DD37206677EE57D05C1B, 2E301FF80653DB0E15B6F7C2DEF48303D03D78BAE3072AE5B0703DA06721854F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{81157D08-6E5B-4117-BB40-858884D8F7B9}\capnmioekglbconefihcfkcafafmcdecprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 8243E899AFA3A2F7FCE2169F55908A1A, 1BC04AFCA5E818DC78CB85D62CDA4EBAC63CDE11711B1B392DB7764DDB64609E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{81157D08-6E5B-4117-BB40-858884D8F7B9}\xapnmioekglbconefihcfkcafafmcdecpml, In Quarantäne, 238, 237878, , , , , B93A669456F5DF22DC65A2DDFF493888, A9DC9C896E48725A0396BC990B33020420B7EF4AC6CF7A62ED22C273DCC0750D
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{81BB723B-EFD4-4236-AF62-57173123DAD6}\cldanmapkoacneihlfdbpbeibhgnjigghrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , D02174564CF071CA315DA0FDF13D4E52, DA67660D881EA9A748A52D6EEB4876459AD5061540624951F76AE241A99B62C5
PUP.Optional.DownloadProtect, C:\Windows\Installer\{81BB723B-EFD4-4236-AF62-57173123DAD6}\xldanmapkoacneihlfdbpbeibhgnjigghml, In Quarantäne, 238, 237878, , , , , 17620ED2A05FE8EDC7367B1F070937F1, E8EDCCDE40BE88BD60F2756D0C85E68AACEB9D757C2F756E91ACD00CF11CBB80
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{8269DBEB-983D-4816-8EDB-E19EA3721268}\cjnhhggibidkcjkailnaplpigpgpbhopjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 5A43AE2AE40FD662EE290EDF30AB7D66, 42A61EA8EE646480731D05E26AE3A947466F7728D308145204247B70BAC5207D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{8269DBEB-983D-4816-8EDB-E19EA3721268}\xjnhhggibidkcjkailnaplpigpgpbhopjml, In Quarantäne, 238, 237878, , , , , F50C23C0AC9FAA2EE876665D7B4F988B, 97FA3792FFBC70E0BBDDEAFA91865DF3B56B33A0A92DE8B09939E374C9D10E04
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{826BE966-221F-42A1-8A7E-4736B27D03FD}\cekppgafpefjolopphangcokmmifjfgjprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 07016B73D77868AE685905A7ECCE559B, 5D2F64F190A1CF23DE67BA4C0558404A09F47E9D86F51CF47E886A141C76FA1C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{826BE966-221F-42A1-8A7E-4736B27D03FD}\xekppgafpefjolopphangcokmmifjfgjpml, In Quarantäne, 238, 237878, , , , , 1D9A84FB5DE691311D58321FB01989E0, F860C3C20BF0468F512CBFE1F5E49CAF591C2E624B78153BB21A688936352C41
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{85D6222A-786E-40C7-AAEB-9B4C7009B0FB}\ceakpmldeoobdngdgelccempkijaalbbdrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 210A401A13840A015665B774F5C1DE92, E014A0B9FE8C0F4CD484586BFB01EA94B97CADFBCEF66F86D5F9E8FBFE1E8ED7
PUP.Optional.DownloadProtect, C:\Windows\Installer\{85D6222A-786E-40C7-AAEB-9B4C7009B0FB}\xeakpmldeoobdngdgelccempkijaalbbdml, In Quarantäne, 238, 237878, , , , , C110C78028CA3F315E346B8FA0240FF9, D0E26056E697FE57C5DC652D536921A0CD9C76F5561E71DAE15F78BAD906089B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{862CD8AE-9889-4898-BCB9-9EDD087B12F7}\cedlfjlgnfgjaaplkimelbcdobfgpnellrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 227AD6CA027A73DAE208ADF61C44CDFD, BE193E1DBBED2832F1A4C5EEE7D7156F32EE689F38166003471F987617D864B3
PUP.Optional.DownloadProtect, C:\Windows\Installer\{862CD8AE-9889-4898-BCB9-9EDD087B12F7}\xedlfjlgnfgjaaplkimelbcdobfgpnellml, In Quarantäne, 238, 237878, , , , , C422F1911C087BF575ECCA0258F15327, 467948CEDA845699A24264C9C5AB4CC4FD436759C59349B1BD5E55534FD977DC
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{87EFA460-61A1-45E0-9C13-84707D1BEDA0}\cpobkkmmbicnhjibcmllcljpkkikgeoajrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 269CEB1019FD95857F6594C8986845EC, A8C2C347EA4400C06B87A24655D899D523AC0C7D63921AD2F7E55EE3C0CBFED2
PUP.Optional.DownloadProtect, C:\Windows\Installer\{87EFA460-61A1-45E0-9C13-84707D1BEDA0}\xpobkkmmbicnhjibcmllcljpkkikgeoajml, In Quarantäne, 238, 237878, , , , , 781647B801A3BFFDD85641059A1E0363, D82D8878DEB4C88BEC031F784A4781E13BDB110E28E7701A27CB62E31620E9FA
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{88291D64-633A-4745-857D-1ED65D05C14A}\clamldbfmckdpedjpkbbcfkdnbcklcalirx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 47E0F2472F664D8AB1576455BF41F5FF, 4F37B4942436F2C867CCE7512FF360F36623E8C5514FC805843DEFEADD0FEBA2
PUP.Optional.DownloadProtect, C:\Windows\Installer\{88291D64-633A-4745-857D-1ED65D05C14A}\xlamldbfmckdpedjpkbbcfkdnbcklcaliml, In Quarantäne, 238, 237878, , , , , AD62599905FD9648BA496F8BAADF0072, AFF6F129FF6B53040D3C0E261A654D1D4D6560007B30902FCF6E11AEFDFE1FCF
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{888AC62F-96DE-43C4-9ACD-E146FE7EB216}\cddebhloeodcpkjbmebibpfbjidaippahrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 421049CF2C92D1208A3D511FC5C66066, 6CCAC46743A4116F334B29D5ED5DEF86D0A00C02B63B679A5DD3A4B547771938
PUP.Optional.DownloadProtect, C:\Windows\Installer\{888AC62F-96DE-43C4-9ACD-E146FE7EB216}\xddebhloeodcpkjbmebibpfbjidaippahml, In Quarantäne, 238, 237878, , , , , BD6D8ABA38D163250FAB28291AC4D224, D3D0876A3C16CFCF8A2786947A5B72AD7CE1482AE9633920D16C8B574167F57F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{8DB54D8D-A806-4B4A-A7BB-8635DB4910C3}\cafiggplepilpmmhibpefajiklknlomkorx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 984D75AF6926505FA78D53ED11C4028E, 0F901DEF021766E41F6C582A3F7E8CF609D6FB4F442ABC12018984626FAFFAAF
PUP.Optional.DownloadProtect, C:\Windows\Installer\{8DB54D8D-A806-4B4A-A7BB-8635DB4910C3}\xafiggplepilpmmhibpefajiklknlomkoml, In Quarantäne, 238, 237878, , , , , 8740E2ACF0886B84FA8E3E1383B4A37A, B2A0A416D4799D9440DDE0E5B4C30D4E2349871EE4A48FBC22A1450A30E54874
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{8DD132CD-46D7-42E6-965C-BFAB9314C814}\cjocdangghjgdkiljpkcdecckdmfhkdndrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 7F1A0331A9AA374D2C2BB7282CA53BA1, CA8433C1B68F0126BE2C17090C999730E2CA2439E9A1A785863F7CA28E805829
PUP.Optional.DownloadProtect, C:\Windows\Installer\{8DD132CD-46D7-42E6-965C-BFAB9314C814}\xjocdangghjgdkiljpkcdecckdmfhkdndml, In Quarantäne, 238, 237878, , , , , D6ED995E9AAC9B3B0E3A329372708BD9, BF760E45AB26F2657669C3F1DC38C0B14BAC04F84B0507F751B7824C11B63E02
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{8EA913A1-1FF3-4E38-B290-A90C3B72EA31}\cfcmonplhpilbkdalobolpkpohmchfmphrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 3CDA8E8679C0BB064ED45512D753981B, CCC2C92EE8BD7F7B00F4A8B728505E56A38460EF990E2F11A73CEF2FA959D3E4
PUP.Optional.DownloadProtect, C:\Windows\Installer\{8EA913A1-1FF3-4E38-B290-A90C3B72EA31}\xfcmonplhpilbkdalobolpkpohmchfmphml, In Quarantäne, 238, 237878, , , , , FADF489F36B117B330D93AB35867D0DE, D4F5342E649311362AC3C3C8FB50E7A34B53292820D48DCD676D9FA88FB951F5
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{8F8D3C2F-05DE-4210-BCA6-6DD68D1BD188}\cjommfkmimhabdnikpjghpiggfdhmhabbrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B0865D74F014BCCDB140FD737C8C6B24, 93A34ED7D0F8BE5080A1FE9DB0CD1F59B883AC73B6279CEBEA69547A4D8F3DF6
PUP.Optional.DownloadProtect, C:\Windows\Installer\{8F8D3C2F-05DE-4210-BCA6-6DD68D1BD188}\xjommfkmimhabdnikpjghpiggfdhmhabbml, In Quarantäne, 238, 237878, , , , , 9C5D18F915FA2AC1EF221EFE1EC26CA3, 36765ECE7F612FDDB221ADF8EFAD25A1FF105A502EC2CA2B9C8310663F19CB4B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{90ABF913-1BEB-452E-80A4-FB428CE759BB}\cghkppjfmhhhbcecgpblakplanhghplmkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 24466D9EB285FFFC357FDD3459CC8842, BAE37C80A930308434CA4F5EE4441D011CE12D0319ED221BE0ADF79CBCC85FE7
PUP.Optional.DownloadProtect, C:\Windows\Installer\{90ABF913-1BEB-452E-80A4-FB428CE759BB}\xghkppjfmhhhbcecgpblakplanhghplmkml, In Quarantäne, 238, 237878, , , , , 6B61407EE1765E5B8BDFC26577BE3182, 0EF82B1391098DEC757E8EFCDC2114762627F81D379A8A56C963C158A9FB1F12
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{90D46587-2DD1-4D88-B1D3-166AA20575C4}\cepniddhgoodmomlmdkpkagafananpgkerx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , FA95CB8ADF5A53D11AFB20A2411D16B2, 7E9E915FDDB45C60740B3833E6D7D8E37FB914E798380DF7A470B676CACEA169
PUP.Optional.DownloadProtect, C:\Windows\Installer\{90D46587-2DD1-4D88-B1D3-166AA20575C4}\xepniddhgoodmomlmdkpkagafananpgkeml, In Quarantäne, 238, 237878, , , , , 97A9E7C1B4EA51F08BA731822E50463A, 3239FD25CF1EC6E31131CB152FF2629B5D50738D793BFB768B515336871F5E08
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{915C8EFE-A04F-42B7-BF41-607826167863}\cednobndmjicdlhbmjlkeljijopljicjhrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 7D9BA8B97F681ACF3489EEF862E76B8E, 63220D31AEE117EDB6B66B28751F0CB6F46DF35A7D69637D9C14ED561781A7A4
PUP.Optional.DownloadProtect, C:\Windows\Installer\{915C8EFE-A04F-42B7-BF41-607826167863}\xednobndmjicdlhbmjlkeljijopljicjhml, In Quarantäne, 238, 237878, , , , , 33E869D24A0D35E532E4AE5C396506A5, 1D64D3E2C843A952AAF7BB9859DE6C24432B583C0CE6D7108E2008C4BCF90430
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{91A5AE67-E446-401A-91DE-9B45591099D0}\camhhmopapnaajjcpicgjlbmmblnlfpiirx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 9B26774EDC87AAF6B3960A9ED2B3D94E, 87F1C737E181DC7E2B5648AD873F07CC3C1ED646BB9CDE9AFE083DFE55B64B93
PUP.Optional.DownloadProtect, C:\Windows\Installer\{91A5AE67-E446-401A-91DE-9B45591099D0}\xamhhmopapnaajjcpicgjlbmmblnlfpiiml, In Quarantäne, 238, 237878, , , , , 47ADDBD6013D2936112B8BB17171FAFA, EFEFD5D9B67A585617BC02EA52AF291BD63730EC9597CBE1A2BEAD297FBC0AE4
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{92F8A39D-72F5-4C08-BF79-ABDE5C9019F5}\cfdclfonimohfjlfjhjhkkofnlmkpjfamrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 065ED9E1588BC822C888959B514E778C, 65700C2F8427F65373060C58D780D9B2EDEB223997B302E164725652A4F9BFC6
PUP.Optional.DownloadProtect, C:\Windows\Installer\{92F8A39D-72F5-4C08-BF79-ABDE5C9019F5}\xfdclfonimohfjlfjhjhkkofnlmkpjfamml, In Quarantäne, 238, 237878, , , , , 80FEB14296952EE1F22209EE2D049223, BF700EF51738FC8368C39F647269CC5AC11E078CE5B885686C5C6585E7C4B28B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{94857958-1988-465F-902B-3FAEA2E72072}\cfgeningmgijmmdbnhglhgdgalemfkmfprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 928645D766E91BD1CE36930940B69147, AB518E8C29347D929348A947C41F4C93151A4692633CBE9A5D3172898FCC22E9
PUP.Optional.DownloadProtect, C:\Windows\Installer\{94857958-1988-465F-902B-3FAEA2E72072}\xfgeningmgijmmdbnhglhgdgalemfkmfpml, In Quarantäne, 238, 237878, , , , , D2936501DCF6A49ED9A27D91C15A15EA, 86B5B298D354DEC2F10D06748AA7D5B7289100252493F5EC9A74908C652FC638
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{95FA6DE6-62BE-47A5-8141-55AF4E9D4AD4}\ckbbkfhhnagimbepdoalhcmfdnmlgglkcrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , C8EABC02970795E8E6F59D8684AF2292, EE36A12AA292DA6B3A8A330130E1CEB693689496E24FA0216762CDD4A1A04124
PUP.Optional.DownloadProtect, C:\Windows\Installer\{95FA6DE6-62BE-47A5-8141-55AF4E9D4AD4}\xkbbkfhhnagimbepdoalhcmfdnmlgglkcml, In Quarantäne, 238, 237878, , , , , C7CDBD51F6C0BF2CA9E4175D99FBAE68, 7C330CCC784F19BBCD40A9C538993875AB349108572148C13D64CA34ADB07D56
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{96E79B31-9E01-4676-8457-EB2DD057D99B}\cjgooplibfhkfcdedehgmpipfbmhapahirx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B26F03FCCF563C5D1DF576715D0505B3, 90F6FD4B32450A36620462051314217289AC559DE54934B862E8FCC564EDAD0A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{96E79B31-9E01-4676-8457-EB2DD057D99B}\xjgooplibfhkfcdedehgmpipfbmhapahiml, In Quarantäne, 238, 237878, , , , , 63CEFF818E33AAA5481DC6A4C9325C62, 7EBB1FFA300BC4B2F591AC267B2AC1DA0FBD263D1E8FB0873B229322D200C2FA
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{99088FD5-2193-4FC1-B6C3-9C770151467A}\chkjiaddelhkljccgamebaokgkcphfhfkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , BD67D4C7C07925F1DB256126B7F771C6, 7815FB7D82762E2F64580154359BA905A512577907DD96FA0B37530828182136
PUP.Optional.DownloadProtect, C:\Windows\Installer\{99088FD5-2193-4FC1-B6C3-9C770151467A}\xhkjiaddelhkljccgamebaokgkcphfhfkml, In Quarantäne, 238, 237878, , , , , CF7FD607F563689472D8B6CB39A0665D, 4EA6044A9B769B6626FD1D0DC3023E5893D38223CA55CCE16CEC38702D2042C5
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{99F42666-3B7C-4C78-A275-7B28C1A56466}\cpbohplfgodphgbmnflbimimpbfajadmprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , A14BC52A5E9E88050E4BAFFCE552A642, 4B4665B2DB27B59D542B2DB05C85724B07F774D1E44DB48EEC0CD8CC15D37BD2
PUP.Optional.DownloadProtect, C:\Windows\Installer\{99F42666-3B7C-4C78-A275-7B28C1A56466}\xpbohplfgodphgbmnflbimimpbfajadmpml, In Quarantäne, 238, 237878, , , , , 1790F3AD546ADC2C68937660E20D66D7, 19DCCDDE5CBF4D141F238C2CC8A20D44E430121194709A2FE5FE12B163550509
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{9A3BE63C-0B87-4E9D-BCFB-81DC300C70B3}\chjhpeimhlglhfbmacjfmdccncmbgcmibrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 3837AC3FB0249F1A6C09E6C0B0CCF675, 2845B21E6796122BB8A3B8451548E1A191D3E4FFF005A3DCF3A307A041995E62
PUP.Optional.DownloadProtect, C:\Windows\Installer\{9A3BE63C-0B87-4E9D-BCFB-81DC300C70B3}\xhjhpeimhlglhfbmacjfmdccncmbgcmibml, In Quarantäne, 238, 237878, , , , , F0C25C449F45DCD9404D924AF1CEFCE6, 9EB28EC2C24C218A2B7839C0A8225E339E85275C3C3292EC61E66E20A0FF69D7
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{9AC524FC-54CF-46DF-AAE8-7ACDB3A4CD0E}\cgelhcgfpphpneihfacmlaogiekdbjojmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 16CA4AA518C4740FAB849D28A9CA9D09, 8758E89948914893B9E5C75F58D46938E8A21E96A289BD977EA096E3D1AE9FB4
PUP.Optional.DownloadProtect, C:\Windows\Installer\{9AC524FC-54CF-46DF-AAE8-7ACDB3A4CD0E}\xgelhcgfpphpneihfacmlaogiekdbjojmml, In Quarantäne, 238, 237878, , , , , 0CC0F6EEC2455C76DF9C31DD498CC51F, 30FB60F91635C2D88D84FDD5E06C4F19F35876CA10BA80441B6646071E8CE8BD
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{9BAD3E58-A2DB-4840-B08B-E55CE4C12E5C}\cncmpcaldgbkacofhladedhkkdmeanbbirx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 24BB3AECE446F787DA44C3FD7AACBD45, E7854210447AA2EC953C9D18DFE49AAA0D2502E6430C5D9019CD48738EC3A8D7
PUP.Optional.DownloadProtect, C:\Windows\Installer\{9BAD3E58-A2DB-4840-B08B-E55CE4C12E5C}\xncmpcaldgbkacofhladedhkkdmeanbbiml, In Quarantäne, 238, 237878, , , , , BE17F57678EBA05E4176CAD02D3BD3F7, 4A2E2A394B472B770DD1F70A0B2A2EB34279D953808F1516DD584D79A2D78E3A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A050B9E1-CC2F-4E66-9DFC-7B84B700C58E}\clfnhhecpipfcfneiadchnioafegdfnafrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , EFBAD9B53D0F7F8881474C0192A41363, 2BF2C7AE90A3506E63FFA3BB12A75D043BB6C46951F8A344DBE10D6760145845
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A050B9E1-CC2F-4E66-9DFC-7B84B700C58E}\xlfnhhecpipfcfneiadchnioafegdfnafml, In Quarantäne, 238, 237878, , , , , 1BC4087E3248D821034DA66BB66ECA3E, 6DF7F3AEAFE7E2CF0A2F98DA7AB42D751BCFBED2261FFE6F65CF22B88EB29A83
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A0A6DFB8-A946-448B-B4D4-A2AF00BDBFC1}\cmnjlollocmleepjncgfniidkogogpnonrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 03B4BD84D2C9D4F9DEEB0C595DE2BECD, D9BA5FD161CBB08508EBF5F9550C774D72FCFAEF9AD63DA3D42FF202EC920903
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A0A6DFB8-A946-448B-B4D4-A2AF00BDBFC1}\xmnjlollocmleepjncgfniidkogogpnonml, In Quarantäne, 238, 237878, , , , , 0BAF3F4F972B2549AC447D5DFA3297C3, 11AF83CED89F54FCA3335AA8E62B9CD2CD047C21B02A9C952D0B5DBB0DE00E5E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A4FBE797-ED04-4A88-93FD-096849236875}\cajmmklgaolnpjfpconmlkfplgmincngfrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , BAE684B75D7FABE71F06E0D66B466501, D0D86B64037278043B82DFBFE2ED448F06335869CD6BEB09870E38B0655007B8
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A4FBE797-ED04-4A88-93FD-096849236875}\xajmmklgaolnpjfpconmlkfplgmincngfml, In Quarantäne, 238, 237878, , , , , 87917F4FC67B88BB6625545700827531, 5C4235FCE29EA928CB9A5FA861D7F0F0F243271C7F02ABAF1E4FD56339CCA5B3
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A57E38B8-1B45-4BB7-A304-AC5C673A1030}\cfnccoenpneiokengfpfngeipdghaffgjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 928DD65D395EC502FC43A49EF7EA4EA9, 0366C6F1FCE4C0B5ABF090A3607DFBD7A42E20C7E83885B6D26859EF5E97DEF0
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A57E38B8-1B45-4BB7-A304-AC5C673A1030}\xfnccoenpneiokengfpfngeipdghaffgjml, In Quarantäne, 238, 237878, , , , , 36680A0CBABB5601DF1B0558090A5D20, AA1B3791A34A0B5CA6C19F714C21D2980EC16883526A4E285156989D266D45DA
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A7EAC703-5509-4873-B779-2C8E49ECCC16}\cbbfddbabnbeegngkhfidpmoahnlpmodmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 45A9D4C3AC6C3B7645ED92430969FC70, 69C536A7C092955DF6B70E3AA436BBEAAC6C01E535490A5F0C4BDD6F65DCFB46
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A7EAC703-5509-4873-B779-2C8E49ECCC16}\xbbfddbabnbeegngkhfidpmoahnlpmodmml, In Quarantäne, 238, 237878, , , , , 0834F35342FA25596674B8ADB35085DB, 4BA4CA0841F9306F10FAFDBCE97678E7C9CFF0C362E3D104B346C5ED37B39E74
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A8829B21-0667-459B-BC91-2A3C0E6377EF}\cphkjhieeppapiajlbnocopfmfbalkkcerx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 453B1C351CCE6DD2668D72E026231776, BB5E678344D37F6AFB5269EB2CCFF846C79C082F892EE668B5E7B98EC5D59381
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A8829B21-0667-459B-BC91-2A3C0E6377EF}\xphkjhieeppapiajlbnocopfmfbalkkceml, In Quarantäne, 238, 237878, , , , , 83DD003BB1A9B5BFCED2C97F729CC5C5, 6863610D07D745E876A6A26713B6FD98B9B10FB6E2F106A40F39BCB58C403250
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AA50C8DE-F071-4047-97C0-B689F5D38CB9}\cmidopmhlgffnbpeoldjklkcahingbkjdrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , C6EF927538186B26EA70B771CC9B8B7C, 83EF5501C8695B9468667EC0CE30E461AC6F2B89F8F47992008B2B1883325BEB
PUP.Optional.DownloadProtect, C:\Windows\Installer\{AA50C8DE-F071-4047-97C0-B689F5D38CB9}\xmidopmhlgffnbpeoldjklkcahingbkjdml, In Quarantäne, 238, 237878, , , , , 23216C9674CD911B58E0535984826258, 6BFF0617455545E689A5621C4028CBA5AB0DE51FC2B6A9BFE28483621A8EF691
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AE3F0D6F-C6B3-4631-9B32-5C1B76876D72}\cboffknjlhdhbicgdoojdgcjlpelijapcrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B94C707767CCAE101D5B451B00995311, 1F6D54CE246B8E96C75BAB69650DD92E87CB7F7A040FDB5A9D74BB2D1AEBCA1C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{AE3F0D6F-C6B3-4631-9B32-5C1B76876D72}\xboffknjlhdhbicgdoojdgcjlpelijapcml, In Quarantäne, 238, 237878, , , , , 6F572DDC8044FD33DB34E1A405605D3E, 2D723A78B1BA9AAD6924E67CE18B75992AD5EDE2104E27A85A8D22689E511D85
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AE8D5BEE-1D1D-46F4-A834-D8E96F2D7BC7}\ceoloipoediidkadooohflpkkfbjhejfkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 13C08715844B184A67E1C2CCEA6FA88E, BDE0BF9094175E2F8528FDF2250DD866FB6AB51B8F415554E6996F0A4C1FED7C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{AE8D5BEE-1D1D-46F4-A834-D8E96F2D7BC7}\xeoloipoediidkadooohflpkkfbjhejfkml, In Quarantäne, 238, 237878, , , , , 1D679103980B6E171C01A92A2B16F717, 46391EAD8B19951078DA88026DFAD1C44EF7B629A9397BF91C91F6539485A391
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AEA8B53C-8CBF-4560-AA3F-664FE3804116}\cojinimdmompinickbnandibhbopnfmakrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 9CF7E17FFDD8CE76830B8143E71AE533, 134A15C6F35625E649B307E523F3CF7EDC41CA52247F98D94D4846A863F6775F
PUP.Optional.DownloadProtect, C:\Windows\Installer\{AEA8B53C-8CBF-4560-AA3F-664FE3804116}\xojinimdmompinickbnandibhbopnfmakml, In Quarantäne, 238, 237878, , , , , 234AC143CEB7F4C6F2F1AB184F1AD716, 84D9EA3CA1C9BFAA97E973AECA34CEEACC1E2E3ADA80F528F920469F6A987B96
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AFBA8917-2B74-47DA-A14B-10A556CB8409}\cddbaebhpdeannpaenpcofhkimkjflcgmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B48E48BB2EB53E8E54D87C4EFB8964B4, 3679F288ADC362F5A08C9C9460C44436412A8FB5FA747FA6C733EB45210C4990
PUP.Optional.DownloadProtect, C:\Windows\Installer\{AFBA8917-2B74-47DA-A14B-10A556CB8409}\xddbaebhpdeannpaenpcofhkimkjflcgmml, In Quarantäne, 238, 237878, , , , , FAF112744AB5E40555AD01DC56FDF0F2, A0B312AB520BF308D14AC2DFAE255756FA9506BE2460B8CCC1E24FA90C89CA52
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B044BF77-2244-48DD-BFA8-09797F5551E5}\cicklmpafnkodmlidkfaaplickbaaggpmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 6754FBA2AABD870F475721C203CA52C5, B70B5AB8363500A10F527669A5E39F50AA45D8EB47BA866CE9A25CAA52FED7F0
PUP.Optional.DownloadProtect, C:\Windows\Installer\{B044BF77-2244-48DD-BFA8-09797F5551E5}\xicklmpafnkodmlidkfaaplickbaaggpmml, In Quarantäne, 238, 237878, , , , , 51325F9659455C4D789948520CB98A43, CB587E6278F4C50175C218CDBFEB197615576B8793F614428028E0B8B54FEEF5
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B1044CBA-2BEA-4B94-9DA6-CC5DABA036E5}\cjiakmhnmjpcamildnjpihgbdamegdofhrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , A370F9EA771288437C2FE07D4049EAEF, 8CD195B1CCC7558453BF1971FBD3343D4B33981A704A3196388D315481B41DEF
PUP.Optional.DownloadProtect, C:\Windows\Installer\{B1044CBA-2BEA-4B94-9DA6-CC5DABA036E5}\xjiakmhnmjpcamildnjpihgbdamegdofhml, In Quarantäne, 238, 237878, , , , , FE1C4C49B54300EB8BE1E7F606BCB5E2, 8E41B3E03655FE98756DB97351AEFFAF72361E3FC56A5545F862CF22DC1E4A9E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B2DB6D4D-BF91-4981-B03C-C4887C8C4F76}\ciphdpgmckoeiagcekpeagnboldfggiearx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , DAF19937FE26C2FB0431ADF59BA51F15, 575E1FE4DDBF2F271884BEB3BEB50DCEF8C460D655C029DCCEEA5EDB630B04A4
PUP.Optional.DownloadProtect, C:\Windows\Installer\{B2DB6D4D-BF91-4981-B03C-C4887C8C4F76}\xiphdpgmckoeiagcekpeagnboldfggieaml, In Quarantäne, 238, 237878, , , , , 0CF1E2EDAA5D0974E2CBD0234B044EAD, 485D4559894D6D0A8E8B58B226DB8D6BE84843D055227F6D92C93FB7CDE409D6
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B429B8AE-1720-4083-8D9D-CC662D562632}\cgflnpfmbjfeaboekikhbgnpfijckknkfrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , E9B9818B7F0F34573598ABB55FCB90E0, B8ADBFFB4B51832495A70454AC3BA5EEBA39C3EF9A84C9C07A3F1CBDB9A84D36
PUP.Optional.DownloadProtect, C:\Windows\Installer\{B429B8AE-1720-4083-8D9D-CC662D562632}\xgflnpfmbjfeaboekikhbgnpfijckknkfml, In Quarantäne, 238, 237878, , , , , 8AAB81E484066FE0675A1A771473983D, 3F8181A4A2E8C9A021BDD59A8163F0002632AF160AB35AEAE49CD9ADF823986E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B44D7EFD-B777-4EF2-AF5F-FCF81879A1A3}\cioigeanjamgedhhbidcfhfmmlfdfjbhjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B15B88E249374E9B7544DD9E51AF1EB5, 9B4B0F71131D15CABBC55710031B4AFDB27DE84B7EB524EE3DE98EF68A6BB5A1
PUP.Optional.DownloadProtect, C:\Windows\Installer\{B44D7EFD-B777-4EF2-AF5F-FCF81879A1A3}\xioigeanjamgedhhbidcfhfmmlfdfjbhjml, In Quarantäne, 238, 237878, , , , , A2401390D800EDDBFEBB049D26AA5B3B, 8C15B8EC843550F4FA9AE241B253A4A5AF4314B57DFF79399C0A6294E9EBF477
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B7FD396E-E3A4-4C66-A29E-1971387D1239}\cgdbeckfhgjcdmbllfmdihijkpdjimmcorx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 759CE9F074CA62892FA7288BEA2FD97B, 3BD756DA07C29DE3862C611E263FF0022444A17AFC645735B378249665B406B6
PUP.Optional.DownloadProtect, C:\Windows\Installer\{B7FD396E-E3A4-4C66-A29E-1971387D1239}\xgdbeckfhgjcdmbllfmdihijkpdjimmcoml, In Quarantäne, 238, 237878, , , , , 0A252F4F6B60FD8C265423C37392F1D7, 703C40284CB07AE8B99C183A9702D54482913D02658DB6517F16B1BA70ABA846
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B82E9A31-E60A-4B87-9D7E-9CAF6A1CBED8}\cmlflinkflbckndaabbckpllmgnfpolgkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 4FE3FC41679D2241EB44ABF2341DBF2B, B74B38D452B874D6F07487EDA017D250F1715E457D4BEA1388CF4D87FD800E4C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{B82E9A31-E60A-4B87-9D7E-9CAF6A1CBED8}\xmlflinkflbckndaabbckpllmgnfpolgkml, In Quarantäne, 238, 237878, , , , , 753F94858183C20FD3E4707976409B4E, 7C9C2B9F4BF4A022B7652EC31E88B940B5AC802CE6A1BA9629C2353BEBF20A5C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B889341C-D9C1-4B77-A068-2E4E587CAC36}\ckbliaaeomgepjlmpkcgjfkdjnbgclgairx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , BE9C0B0E7F467BB445E35A8624851E32, 74D48424336939D2D6915CEC5C2DAD033671D93196CE24688A5F0CD1BF8AE4D4
PUP.Optional.DownloadProtect, C:\Windows\Installer\{B889341C-D9C1-4B77-A068-2E4E587CAC36}\xkbliaaeomgepjlmpkcgjfkdjnbgclgaiml, In Quarantäne, 238, 237878, , , , , 9E64E6DCEE405BA67F0429E6B2191318, 5819C8B71B7DEC887828464C9A83EDCD568C3604013068CDDF212C38A4A4C889
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B91BF17F-224A-4193-B222-06A8A5F6686D}\cbhlflgpfnhhoaoknmaikiakjlogedpgorx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 44E85A6774030EDE7D306DBDBBE0F8E3, EECCEC9F2EF8E616B3ED6D0122326EA36F9735D8787F9391479C06124506491D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{B91BF17F-224A-4193-B222-06A8A5F6686D}\xbhlflgpfnhhoaoknmaikiakjlogedpgoml, In Quarantäne, 238, 237878, , , , , 719359E21617BF79CA24A31103267935, 07F99A026095DD135E0297ED8622EEE5253E41BD45BF46C21BF7ABDD9530EF90
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{BA05E9D5-82DB-48B7-BD35-E2E05893CD6D}\cneedmkgabjfdmicbncpnljoocdiamjbprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 5E438F0AF6F222646C9FCDF7C68CFB72, 139A9210E208754D9F7C7E5221E714E8E04CD9FEA78EFBF29C9D474A18EF1D54
PUP.Optional.DownloadProtect, C:\Windows\Installer\{BA05E9D5-82DB-48B7-BD35-E2E05893CD6D}\xneedmkgabjfdmicbncpnljoocdiamjbpml, In Quarantäne, 238, 237878, , , , , D38E835A3647CA28EAE6FD3A382DE638, 76FA5252987F64AA81AA53DB12C1A31E16C606095923BF0D6C5B38CC86559C69
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C0630F54-5322-4F37-B30E-CF4AFDAE3B5C}\cafiemidgljkboeaafghmcefidfapfidkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , F9F4216669C4F31DCF44B38DBBA338BF, DCB5F130543508904E70F1D0C7D0E67777C21E1F100F367ECB14DB912FEA1F25
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C0630F54-5322-4F37-B30E-CF4AFDAE3B5C}\xafiemidgljkboeaafghmcefidfapfidkml, In Quarantäne, 238, 237878, , , , , 52B6C5A3678D0289BFE79D17D74B85B4, F464A98C2837D035978ED430B38986829ECF97C6018C30FED9D9194249C5FB59
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C0DD8FD2-BEB0-4F6C-BFC8-CC5E4456DD62}\ciccgpjnjoadkjbinkckamcolbakbddmkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 0EC34807603B4EEFBDD15F2DAD4DE231, 763E360075091670BA77BCE70C7DD1A0875BE0152FC7B5902C4A58BE5206718A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C0DD8FD2-BEB0-4F6C-BFC8-CC5E4456DD62}\xiccgpjnjoadkjbinkckamcolbakbddmkml, In Quarantäne, 238, 237878, , , , , EB530BB959812AD0AAEEEBB2FD154064, 259540233BD2E2F54EBDB328BF76006E4B28EFF57C85B439811B168A2326FA14
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C1982C5B-3CE4-4EFA-BED6-D62749BFB1D7}\coneedakkpmdoceidajkmmidmopafoocmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 379661A368ABEB383362A6247B9DCE10, 19DC2DCF31C287FB394ABE0BB605977F58D7489219AC87711B07DD2D5E5B98DB
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C1982C5B-3CE4-4EFA-BED6-D62749BFB1D7}\xoneedakkpmdoceidajkmmidmopafoocmml, In Quarantäne, 238, 237878, , , , , 928E8CB5542208D2FC30DCF89A2694E3, 2D2BF127D580B6B82607697CAFFC97769687395DE517AA48ED651268B1A713E9
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C3CF1274-5657-4273-91F1-C060AA4BD740}\cagmkkbhfilkdkhaeejknkjmngciommmcrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B31F222F2F6BAB1D590924A9DBF846D6, 5ABA9C3420644AECA9F002E595720FC2CA9CB8E788C83EC1E7682513E7FDA828
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C3CF1274-5657-4273-91F1-C060AA4BD740}\xagmkkbhfilkdkhaeejknkjmngciommmcml, In Quarantäne, 238, 237878, , , , , 923E2418ABE38F1639AD4E4F7D831891, B919E5CF3C896B952DC8454F613DDB0749D1606515820C05B0E9CC3AA95DDFEA
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C5320065-79CF-4934-B5FC-3DDDA1F0B87D}\cckoneppikdaadbaofopobmghmmkddcnhrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , CDFFFE7B9CB08DBE251BBFC470E0DD9D, A4B77639268A87D72D39691AA45B6C620BA79024385DB32230D56E68C9CB4258
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C5320065-79CF-4934-B5FC-3DDDA1F0B87D}\xckoneppikdaadbaofopobmghmmkddcnhml, In Quarantäne, 238, 237878, , , , , A810D83031E2008914B0F76C365B6289, 8636ECD37E2C8574F4381394E385F3EB2F2B51C2F6BEEF618F6C44E8FD47FA87
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C58C5C24-C49E-4BA8-B38F-F09A596E711D}\cekfcghlamnaafmmccojlpikmebmhgomkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 307DF646A40F5E5A6BEA2CA4A2684CFD, AE3E9DB4B744F4B0D2275EA90A1E40B4F57A6C71BE7AAAF78976F334B7231380
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C58C5C24-C49E-4BA8-B38F-F09A596E711D}\xekfcghlamnaafmmccojlpikmebmhgomkml, In Quarantäne, 238, 237878, , , , , 375B1C51EC188B85E27EAF7CD18E0D78, D3470E9F7673E769F064FD1A0D73B884AF245495E901D804B7E56E13EF471306
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C6EF3905-91DD-42DD-AF97-CE7B68B17810}\cfnobjejkgacdlockpjehmpoapnnmcngjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 7ABFF7D66E3929E6C2CEA4D084F5A6C6, CABD41F7F3D62246F347872A5098A25E28EE2B9C6A99CC8B3E40483479DA3348
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C6EF3905-91DD-42DD-AF97-CE7B68B17810}\xfnobjejkgacdlockpjehmpoapnnmcngjml, In Quarantäne, 238, 237878, , , , , 9F1ED8B8DD458D50867648C12A8F8090, 423413D04EBFE5B3C0074FECCEACCCE26590F7FF0D361C38AA1B6C7EB679445B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C6FBF7F1-5035-4229-85EE-2978C1A89A91}\ccmeglgpdpedadhhilljjidgoenjbjjnnrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 6D0554024AA5F829175053844DEC789B, D1EFBCB0FA257A4459EB0D7C57B8ABCBA99BD7929971D66EC88CBD0AE8E9AC1D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C6FBF7F1-5035-4229-85EE-2978C1A89A91}\xcmeglgpdpedadhhilljjidgoenjbjjnnml, In Quarantäne, 238, 237878, , , , , 2F28D6438E1F54AB2D739CC9F17C3670, A4E94CCFC95E4171CDA37AAAF8788F8C1B14E34698CED8DBE0C189F340CF86C0
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C7C5E312-19D1-4DEA-ACE5-DF913D4AAAC6}\cbfjebokogmafnmmhelnmodhnkhilkbegrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 68BBB93EF2C0D58910A0C8803511F9D9, 1C5B8942B76C7343C351DFAA46F7EEE3555E870C1522C2F177AA603539FEB6C8
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C7C5E312-19D1-4DEA-ACE5-DF913D4AAAC6}\xbfjebokogmafnmmhelnmodhnkhilkbegml, In Quarantäne, 238, 237878, , , , , C90CBED6E7BA381BA6C50FAA2D49C2A5, 4D9ED2EC7BE0295F21E6E3BAABD9227AFA1592AC0C9E94166E1267DCAF27877D
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C8BF98CF-8485-4B45-A245-811A11F6F15B}\cfkjhnejeiikdjbgbnkifjikepommccenrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , EF6C42A9FCB038363B9E9F096932FDD8, D81A9C076103CFCEFB583696CD5F888117EAB66CD5F0B96F7F2E866E17CA0B93
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C8BF98CF-8485-4B45-A245-811A11F6F15B}\xfkjhnejeiikdjbgbnkifjikepommccenml, In Quarantäne, 238, 237878, , , , , B05CF762C0CD729E945ED4421A617862, CDA6E0EF2CE30D5E07FFA26FAF89186C8CFEC815D7A0D998FD8DB5BF5A30FA8D
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C915C5A5-80FF-4519-BB3E-70D27CBC7307}\cfmbpbnnkkmcaggchhkhcdlkanfcepmnerx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 94B040A23FAECA90F9826448F7F96CF7, F14E03D7FA3FBEA7B020F4C3321D3EBC55AA3E6632A937AF9F7E0FC55BD644F2
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C915C5A5-80FF-4519-BB3E-70D27CBC7307}\xfmbpbnnkkmcaggchhkhcdlkanfcepmneml, In Quarantäne, 238, 237878, , , , , 392746547350DDE08FE8F8D7C4A4FC7F, 6F93C6463E6DB50A858C32F62988E424D718F9F99E1DAE33F5C305960649322E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C9327584-C864-4FB4-8E65-0586A08B8BD1}\cgdhikbhcnpcokpmaanomcjbaeeclchhcrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 68AF2A314C5018056C693804C01A1E9B, 92B1F61E888960180B7828872197A10883B2CC9F38288F6BAF87131CA7B89F0C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C9327584-C864-4FB4-8E65-0586A08B8BD1}\xgdhikbhcnpcokpmaanomcjbaeeclchhcml, In Quarantäne, 238, 237878, , , , , EE809E3E0BFDD1D7910839EFCA42EA65, 75F79441CEC27C4909986CB89EE678E7927DBF45866B1542BEEDA1CDCC0B626C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C93379D8-BC35-470A-9544-10348DB9B3CB}\ccfbcifgmkphmlaheflmkcaeocncllffbrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , A42564298CABB8FEF16A13EB8041A1DF, 1A5EC59DE9D0E8FCC5870A20B55AB4F127F3E68DA6618D7674D37282D58EBE04
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C93379D8-BC35-470A-9544-10348DB9B3CB}\xcfbcifgmkphmlaheflmkcaeocncllffbml, In Quarantäne, 238, 237878, , , , , C496E99D3D559A717BC47BAC007F8AFC, 278991088F2788435BE8BB3DBF955983DAF5FDD8FB74D07E8E693D949417CCBA
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CA4F8357-2978-4E87-BC0C-67598882FC4E}\cjanpgicgfmelinfkhhijlkhadgdfggcerx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , C80AF7064B33F021BE9688993B95E0D3, 08C7E56966A6437F4BE1F971DE57E8781B7F9C9E89C2B62879C45B102715A9F4
PUP.Optional.DownloadProtect, C:\Windows\Installer\{CA4F8357-2978-4E87-BC0C-67598882FC4E}\xjanpgicgfmelinfkhhijlkhadgdfggceml, In Quarantäne, 238, 237878, , , , , 88924C74358D0799E13459C8E0BA1EA4, ACB98259E8EF4F0032A3B759C76D9FFD7DED9CB187A20DAE258E3731E14869BA
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CB34724D-791D-44C7-90C7-7CC009072B05}\cnbcadfjkindcjiadokmaapfgpjjppbldrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , EADD10AF8DB85080A7A3489BFAAF2809, 102862B5CC35F50A16A8BA63EE8F1720187AA775D09F88F3437C42D97A497B17
PUP.Optional.DownloadProtect, C:\Windows\Installer\{CB34724D-791D-44C7-90C7-7CC009072B05}\xnbcadfjkindcjiadokmaapfgpjjppbldml, In Quarantäne, 238, 237878, , , , , C979C2CCB74878DCFE2272F961970C09, B7CA90E98A5F4D7D8B5564882A90684993CABD7EE978F2714571B035C2849471
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CC706477-31BC-4AC6-8EA3-1DB780690BB7}\cdmpodmfldcmbnandhaapdggdnojgekebrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 1A233393814F08D105299AA3538DC1E8, E589ABD9B287A6FE9293A4FE50EFD8A9B80777961B1B014A0194D9627A26C456
PUP.Optional.DownloadProtect, C:\Windows\Installer\{CC706477-31BC-4AC6-8EA3-1DB780690BB7}\xdmpodmfldcmbnandhaapdggdnojgekebml, In Quarantäne, 238, 237878, , , , , 22C5C3245BD5D91557CAEFA9759C7353, E51AAC97DEFF21DBD1AB4DD0C216907B573E00FF5264FE3E3BA1ED6A91E4A43A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CD273D2B-970F-447A-9F73-9CC71CBF6E6B}\cmigcelhadliggdbcahnpjohfkcnhppgbrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 43F945E631E176AFBB7EFCBAC299514C, C5A95C32FB94A4CC2F197A4C9673CFA6864F09A151F2230A93A07645549EFAA0
PUP.Optional.DownloadProtect, C:\Windows\Installer\{CD273D2B-970F-447A-9F73-9CC71CBF6E6B}\xmigcelhadliggdbcahnpjohfkcnhppgbml, In Quarantäne, 238, 237878, , , , , FE63B75DCB688559F60322BA46D6613D, AC6150B8B341932835287AEC8FACAE6F53902C82450CAD8C7FE5A0A92F6081CE
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CE1533DE-0DAF-4A5F-8DC1-749A1E2AEE1C}\ckiccigfjklilbmdclcaolokigeabigjkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 94E0E8CE629E023FC26E013E56712E82, 4A8F8E75B6E5FF39EC814E778AD096E589B64127B96DB239A5868B24881FF055
PUP.Optional.DownloadProtect, C:\Windows\Installer\{CE1533DE-0DAF-4A5F-8DC1-749A1E2AEE1C}\xkiccigfjklilbmdclcaolokigeabigjkml, In Quarantäne, 238, 237878, , , , , 0B3C3355FBC42FC7D55892AFDB726632, D3CE511617BF8B111649E3DB4F74CCC33C49982C484A750C11FCB34690EB180A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CF706157-B182-4D79-BFD1-78742E1ED56A}\combpkenphblaflemlcphjmfeokabciilrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 917ADA5EC522EE7AE21D2F63FB29CC88, 55118C5F96F5C713A804B70B78F8F0F7E816DFAF500C4CC946A33800C13D17F5
PUP.Optional.DownloadProtect, C:\Windows\Installer\{CF706157-B182-4D79-BFD1-78742E1ED56A}\xombpkenphblaflemlcphjmfeokabciilml, In Quarantäne, 238, 237878, , , , , 97ED8F78D7816A2126C7C7DE7C185BD0, 73DBFE54EB2FDA6C18BA4A0867FAFD4FDEA2BE98875ED2D5E1EDF400D181024A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CF93AD3F-8AB4-45D8-B81B-FB6A284F5CB9}\cdmcejcadgphafekhmelaniiekilcegobrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 4443F67B292323EF42553F2D98473260, 0124284727BA8810985A68E705851C7A8CD3B87F98C9F1FF75B8CD108FE0F6D8
PUP.Optional.DownloadProtect, C:\Windows\Installer\{CF93AD3F-8AB4-45D8-B81B-FB6A284F5CB9}\xdmcejcadgphafekhmelaniiekilcegobml, In Quarantäne, 238, 237878, , , , , 5046600F9D0BA1E645345C2DBD592C2B, D63C0F0054C77DB06785E89BC14BF8FC6F06EC225C7A1610FF73815FC851DA7A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CFD948D7-EC46-4D3A-82A4-26013301E7EB}\chflcldbnfecbhfcllgngebdhdeoblonnrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B46046742570EECDDAF297F90AF48A4C, EA7E150D3B55C6A43219EBEF68B3A107184B24D7C611A8B3FC222C9A3AFFDA54
PUP.Optional.DownloadProtect, C:\Windows\Installer\{CFD948D7-EC46-4D3A-82A4-26013301E7EB}\xhflcldbnfecbhfcllgngebdhdeoblonnml, In Quarantäne, 238, 237878, , , , , FC5E066AAB1F4354F69087E7AFAFC1AA, DBA1C94F70BB18DEDBCA51AAB6C28A6373DBC83DC85BA9F0353B5862A4433236
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D05B0715-217E-4E55-B71D-55C365633E13}\cdhcabofhapbeignajomfmdmpahaggchgrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 82B25E0A25CDBF4C9AE509F44490A627, 77934E4AC3D24C48E61A3F787580B1B98B7BE8A5E04079CF90D1C8B2A8F15071
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D05B0715-217E-4E55-B71D-55C365633E13}\xdhcabofhapbeignajomfmdmpahaggchgml, In Quarantäne, 238, 237878, , , , , 2464C8EFF35304C4394385C2550A87C4, 74254B083EE07E0204568886D4B2C892557844AC733C3990CF742B0FEF23E1DB
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D0709F03-8D56-4CF5-8498-FDF3954F8515}\cjobilnlfgnekcanpmbfakdkaghllkflmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 340E5634E9081AE7D44EBC254573E896, 5AC81D645AC41D1F58BA024CF669A8F68814AA536C6BF940AE1DC69DA48B7AD4
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D0709F03-8D56-4CF5-8498-FDF3954F8515}\xjobilnlfgnekcanpmbfakdkaghllkflmml, In Quarantäne, 238, 237878, , , , , C9D919F0BD6DE441AB645257F55C0766, E3E519611184336895D03F0048BF3E9871F20E2B3CCFE0C9EF6E38D82711F672
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D28D4F15-AF69-46AF-9DF3-3E9E161FFCA6}\ccbpfgjhoiljhildomamipehnogcbokpjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , DE6753988845B905E3ECD4F563119AA8, 0E6B6E351F88A61BB0BB4ED12AD68F46661A54558305414EA9167CDC563081CC
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D28D4F15-AF69-46AF-9DF3-3E9E161FFCA6}\xcbpfgjhoiljhildomamipehnogcbokpjml, In Quarantäne, 238, 237878, , , , , 154AE818AB1E11D101FB9D718F8AA3A8, B2D103003743ED3D5E492E9453EB7FAF9425CAF1DAEFE6C94390A0F3D0B1E8F5
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D2AEB45E-9E55-431B-9C1C-1C18687712BC}\cjjfiphhpdejknomckaohlpalamggbnihrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 27CC7D323721DB3B7812CD7FD7FE1C0A, 14B28BC9AB1E6807CF2D076EF45BB61B1783B4B930A42016E8B2FE35734E18B3
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D2AEB45E-9E55-431B-9C1C-1C18687712BC}\xjjfiphhpdejknomckaohlpalamggbnihml, In Quarantäne, 238, 237878, , , , , 6F3B315BB1D25D01C4646F468F16DF53, 71F8DB12873936A7FFD790E2516A4C062C691958012F28C32CCBB7B2FBF53A6E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D31EB023-25FD-4088-AE59-62C6F7209274}\cffbnbbmchedijloojpppkoginbjhhhinrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , C3C4E1455F362F0239CD8970ADFAD9EE, D101101B2B11840EC25101AB1FB573EC86D1ED47D6D584B1F5FE197EB0B4C084
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D31EB023-25FD-4088-AE59-62C6F7209274}\xffbnbbmchedijloojpppkoginbjhhhinml, In Quarantäne, 238, 237878, , , , , E513A5C75E77FBE220AA685DEE37FDA0, D76086028E7D8F05ABF8D73436E6FF228F636E1B3AE710A4DC8A7EE51E3D7FD8
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D4A96DA2-4B00-4907-B7BE-F5384EAD53E6}\ccedichcdifnajdpdhfpbdiciikaenndgrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , EEECB8AD1CF7BAFBD5644060A00CD1F2, C04D49D6BFAE8E101C1FD8876319016739D73871424AC30C79306B91E8DDB9FF
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D4A96DA2-4B00-4907-B7BE-F5384EAD53E6}\xcedichcdifnajdpdhfpbdiciikaenndgml, In Quarantäne, 238, 237878, , , , , 67AEB0BF180FB26AF595ED55972B6C6B, A9BB12493416C515F4FFED871ECEB86DF15CFB940FF6924537D68CC5F7EF43B9
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D4E3B7D1-CE95-43DF-B783-4080D62343AC}\cjhcghkomgehcmdcgiihcejfojccnmfkgrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 0CC5B0758094C16BE0148D2FA28AB3AE, F64778172674AFB93BF0A4DD1AD7658C2D614A50469BF0C34A414121D4E3B49C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D4E3B7D1-CE95-43DF-B783-4080D62343AC}\xjhcghkomgehcmdcgiihcejfojccnmfkgml, In Quarantäne, 238, 237878, , , , , 4BC90DC4E4A15848AD634E020A7202FE, BF57986925BA6000ACE61CB86379064C2F0789FECC98FCAB6960B5AC463E5E46
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D50C17F3-526B-47D8-9559-A01574732D1F}\coghmgakhfjafhaakgjehmliocinjkjedrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , FC98D2EEA5134FA3BCB4F2A8106C7135, 77B1C137A39DB3E0C97A0B103D426CA38FDBDC20C8344132A68FB26478C34302
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D50C17F3-526B-47D8-9559-A01574732D1F}\xoghmgakhfjafhaakgjehmliocinjkjedml, In Quarantäne, 238, 237878, , , , , 15CE45BD1957EB9259FD4B85AB965C66, 5BF4EFADE00F27A74AC7FF10D5BC4753CE6F6708F16E8FBCFEC4A7E687293A4F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D53A8D99-7339-41BF-90C9-948DF270D233}\cnpljliahkkkpbncihalmciieepoclppprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 412A6A045A39521386B0538831AB07F5, 6EA2A3D78B3D8F28A291116188D8FB3C2DB1402035D34A32D80B4296AC4487CD
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D53A8D99-7339-41BF-90C9-948DF270D233}\xnpljliahkkkpbncihalmciieepoclpppml, In Quarantäne, 238, 237878, , , , , 46F1E34DE7F4C7651353B1C656C14595, D9D8ADF8D56AAE693BAD3400F163FE5E7EDCA7481733A3FCA64E84C208308BAD
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D572FA92-2A07-4D4B-A49D-1FC698D320FD}\cnjhbfjafahdoijpnjomdaadmlkliekfcrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 6A40029D29DBCF005CC4CA6E828009D9, 9F17C1114B4C63DC4DEF19DDCCC5D2F8966EA93C84F40040C2B3AD676BE0C893
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D572FA92-2A07-4D4B-A49D-1FC698D320FD}\xnjhbfjafahdoijpnjomdaadmlkliekfcml, In Quarantäne, 238, 237878, , , , , E3B50CA365A02711F67215F919B50F58, E5D43E14453793D32E55C16588A05B5C9FB3C6A31096FF7315951FCFB605D9D8
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D5C3B18E-D027-423A-A4C9-0AB4275EBB53}\ccmmjmnajgjigkdkphmoknpamdpoinjairx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , F4B372718F23107008987BB39D5D88D6, 4D593838468466DBE80FD6B0F2733CFB591E82CA398FD8677761DC46D910BA2D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D5C3B18E-D027-423A-A4C9-0AB4275EBB53}\xcmmjmnajgjigkdkphmoknpamdpoinjaiml, In Quarantäne, 238, 237878, , , , , 38FDFA81E288BF5C3D3370EA838A9986, 6976271C1D1B88FD4C70D5DD05B323913346A95C1C0CA1930398B4F5F6ADF80E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D76465A7-F959-48FB-BDD9-992382482868}\cpplgpolifapcomgikgnfponeioehiigdrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 6C3C268B9CDFB0CC64C8E7B3A7F7C8CB, 06FEB6BCDEC30C4B00AF622E4EB713E1D49085A94AA7523FBBA192CDBF7ECC06
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D76465A7-F959-48FB-BDD9-992382482868}\xpplgpolifapcomgikgnfponeioehiigdml, In Quarantäne, 238, 237878, , , , , 6B1B9722AAAA958F0F860E8ACE666B58, 60258C72C3FDECC4668980961B8DCC26C3C7DA49AA90A8E3C36E1C5375A80793
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D9EE46F1-BB92-422B-920D-8B8732DEA2BD}\cgcchhhplnlkfobbgcgjcmbebmnebcbjerx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 00DE3438CC57922503D26A25981E9F66, 461206058F5FB0D75C6E86E66FA72E91DF35D833DB64AFACB844AE65010CCAAD
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D9EE46F1-BB92-422B-920D-8B8732DEA2BD}\xgcchhhplnlkfobbgcgjcmbebmnebcbjeml, In Quarantäne, 238, 237878, , , , , 231AE16436BAA0140A664FBDD77FCFAF, 284CD994390BC5416D8D963745C4F7944C69CF44E2B600E474D03FB9674C04F0
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{DAC83065-8892-4367-B75A-55603EAC67A5}\cpjaijjlflnonbgimlhfkgjcbckdapnfkrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , F356C4100636773836FB714B58F33D52, B1909928A3633B78134EC8191B4F0949D864CA81A357CAF0E7F902244904603E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{DAC83065-8892-4367-B75A-55603EAC67A5}\xpjaijjlflnonbgimlhfkgjcbckdapnfkml, In Quarantäne, 238, 237878, , , , , 17E782E6A6E141E519888AA83248DF84, 9FB824B50E6D090DA5B1E5895680B9DDCD9667E693946F100FB5C5B0E2B98265
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{DCC806B6-F1DD-4223-9B1B-D29A0A82F069}\cghdafjcikfpedbcbekhjiphamjejejokrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , BAF2D0470CFAECE7B460C580C14F92EA, E2AB9CFAB69E2D5D2D8869C19998AD045285F3C8326C5CD588584BCAAEAA2F50
PUP.Optional.DownloadProtect, C:\Windows\Installer\{DCC806B6-F1DD-4223-9B1B-D29A0A82F069}\xghdafjcikfpedbcbekhjiphamjejejokml, In Quarantäne, 238, 237878, , , , , 65699D50A3CF28AB4BA240EA9E007A8A, A077BC58D8F816958D8CB96C630A835273D0EC945E0F9FEBD9F0DF67EDF0600F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{DD6DD428-9159-40EC-9A79-B5372EEFCF9D}\cgllfmbngknhfledgldejgbjfopefpjdirx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , BD7971FFCFA03BF888C2F4D294672352, 5377C58858E64E01A1ED1BF1BC6CE89708ACA1FF47B76A1446008E23B68338BE
PUP.Optional.DownloadProtect, C:\Windows\Installer\{DD6DD428-9159-40EC-9A79-B5372EEFCF9D}\xgllfmbngknhfledgldejgbjfopefpjdiml, In Quarantäne, 238, 237878, , , , , 51487B2769537A457624F38A32AD50FF, 83710E8CA4254EA9F63BB7EDB01EB362E512BFA33A3C229DD49DDF8CD9D99964
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{DF4F322C-9541-444E-B138-3E01BDCD9D15}\clcdaflklkkmeobhapckfjnpckndgmiairx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 58F080DA907A54ED32C641AA3A38E6C3, 9D124C63B7AE13E268486EC36F72020E6C231576791A2C8160C70A099AF0F36C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{DF4F322C-9541-444E-B138-3E01BDCD9D15}\xlcdaflklkkmeobhapckfjnpckndgmiaiml, In Quarantäne, 238, 237878, , , , , 4CC624C7086F1ADF25BE5EC3A867DCC2, 8A65180DBFCBEA4106D998026891ED6ABC8E8457A2D0B378D80F4AE15EE2E970
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{E21ED873-5053-43AC-BB7D-EE60A8F8FFA9}\cnknapjjokcjkkhnolnbfdpkblnfkopcmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , CC1B8A0C7F464BE59ED3D11F2FBF322B, 879B11C4E14A55EB6B0180064BF7EEE6A592BE559C156046204526D841ADF28D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{E21ED873-5053-43AC-BB7D-EE60A8F8FFA9}\xnknapjjokcjkkhnolnbfdpkblnfkopcmml, In Quarantäne, 238, 237878, , , , , 38227C0D7BF9EAF23869B6343D825C89, 4CC1582B02424ADF738439800F6E5B9D5226D39A768420ADA64A2DB357A96D9B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{E3DC5B37-2BCC-4CEC-A996-D869805DDEEF}\cpcolgmjmempdejecikblajnagmepgdgmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 9E9D7050241F2F1ED64D6753342ACB02, CEE8AD0E1BD5078619DD4408E811FEFFFA781741C82A52AA844A2F29F08E852C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{E3DC5B37-2BCC-4CEC-A996-D869805DDEEF}\xpcolgmjmempdejecikblajnagmepgdgmml, In Quarantäne, 238, 237878, , , , , BCFC4266D705E26441F0331BEF49D9F8, 1651C0A1419EB079BA0397AA929D08A523CE34CE8074419266E44CD7A1C85370
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{E58F550E-88EC-4D6E-AEC5-492C8230C7B2}\cjhainghfipegjppfllimibeedfnpbhlerx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , C60B6DCC6DF6AE85EDAC14D565AED631, 9BE4DF81EA53E23848F653FD85AA47B6BCCEA7142A8332DACD39DF2449661BEB
PUP.Optional.DownloadProtect, C:\Windows\Installer\{E58F550E-88EC-4D6E-AEC5-492C8230C7B2}\xjhainghfipegjppfllimibeedfnpbhleml, In Quarantäne, 238, 237878, , , , , 88D6B99553CE9A7C5CD185617468033D, 5FA8FBCF0147B3736F6F02162D45438BBFFC91E36B81F0A7EE9C65E04F9C659A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{E6452BB0-5949-45F4-B78A-B95F5BC55B37}\cjlogockbmemndkjjnjcnbahbphdhlnccrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 4087677DB19CBAE44CE4265BD87B4210, F869C77B5C98CB209FB2C7D3C0154BF9740B0118F38EEEAD067073CA492C6B66
PUP.Optional.DownloadProtect, C:\Windows\Installer\{E6452BB0-5949-45F4-B78A-B95F5BC55B37}\xjlogockbmemndkjjnjcnbahbphdhlnccml, In Quarantäne, 238, 237878, , , , , FD6D7ACB8F66941D382C5A025416297A, 7B04D0026730E30CF640B36281861EE1143D89735F8F6889E8DDEF070FCC5737
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{E649A5E3-1158-4A6D-9DFB-98EE4A013855}\ccccoelkapljddcpdjfibkgjdkgeodehdrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 65A747AA48C894B2153B26A33C6B388D, 012C1C03F5F53CA5ECE604F63EC07D4A15F8CF0DB1D157A064F322810D5C055F
PUP.Optional.DownloadProtect, C:\Windows\Installer\{E649A5E3-1158-4A6D-9DFB-98EE4A013855}\xcccoelkapljddcpdjfibkgjdkgeodehdml, In Quarantäne, 238, 237878, , , , , B2871FA2540A300D091B035B0FCE63E4, 7E7226A3B97E7AE70E33D48FF9EA2AB6C404F0619511EAED826A5D74AA73EDD8
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{E7DC6AA2-CE20-4E97-A61A-E6593E0A75D1}\cmppnciejaioffahdpkhplpffmckdhplgrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , D4E729D3532CEA225D59F37478C8B038, 7A7344385BFE8D3DE0BE8D77996F834A7B1EE9445FDBB94644710BB7C2FA299A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{E7DC6AA2-CE20-4E97-A61A-E6593E0A75D1}\xmppnciejaioffahdpkhplpffmckdhplgml, In Quarantäne, 238, 237878, , , , , AFD276E8BA888F6C072F8C7375B819CA, 0781DA92B8154EBB23B84BF40866C65FB5A329C878BDF42967509C3FA0343E4C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{E8635CA8-680B-47E3-9150-7F4B8AEE2393}\cnglmiboohfkjnghfpholjojolbaojnblrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 854CEC23292383156002695E877A1A97, DA54842A079FF1EAA0DF2D67C1171CFEAFF3904F2359517D52188D416171197E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{E8635CA8-680B-47E3-9150-7F4B8AEE2393}\xnglmiboohfkjnghfpholjojolbaojnblml, In Quarantäne, 238, 237878, , , , , 5B08090734A78A3B784A39129CF85BB0, C100D998D77713CB1BFFB858E937E3028E3833A1FFFA8C0B73E199D7F242C8AB
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{E92617C5-5D89-490F-90D8-0F7309863CD2}\cjjappacmdbbnjbbfkdalkildkbhjnhmdrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , AFEE5D6FA8A0645E7799AFBFC7D2B7DE, EA525F60F7F1670882DCF192D3E709EAEEFB696C7CDDF227F9F330E1C54C1E00
PUP.Optional.DownloadProtect, C:\Windows\Installer\{E92617C5-5D89-490F-90D8-0F7309863CD2}\xjjappacmdbbnjbbfkdalkildkbhjnhmdml, In Quarantäne, 238, 237878, , , , , 728BA72100CAF8A4D4BED419B3084FA9, 83535FB6F38835B1A54ED5206A9BC34A280936A20F8A63E48619CB945480CD91
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EA7E7523-22FD-418D-BD3E-C8685EA38DB2}\chpbgjaoadienodkekfgamoedgicljcdfrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , AD4EBD3056A4090A867E711BD1607D6F, A06235B11C06FC3A2961AC0393C2CF43A80D486048B3D8516F95CF1991EBEF76
PUP.Optional.DownloadProtect, C:\Windows\Installer\{EA7E7523-22FD-418D-BD3E-C8685EA38DB2}\xhpbgjaoadienodkekfgamoedgicljcdfml, In Quarantäne, 238, 237878, , , , , 6308613F589E3EA4EABF52DFCAE8F9CD, FA5CC8D1E5165025ACC870B7ADD1304F1C9B2A4198AAE770271D0D4E4711681D
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EBA9B5AF-73FC-4283-914F-2C67BD22B963}\cbbieoicodkacngoajjhfbhdkjpioplnnrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , D0EC845F62CB121A6E58C6A8A2697207, EC77C3DC4BD98C67A81EB7FDDB4CDB9487F0F544BA69964C9333B522F636C9BE
PUP.Optional.DownloadProtect, C:\Windows\Installer\{EBA9B5AF-73FC-4283-914F-2C67BD22B963}\xbbieoicodkacngoajjhfbhdkjpioplnnml, In Quarantäne, 238, 237878, , , , , 63DF452EEC075B0AC04D614E0D997356, BC863D497B07C20AB15FBB2CD1151E3949887459EBEBCC2520FB5D938FA475BB
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EBEC4949-8772-4EE0-BCD5-568E561E302E}\cdafkhhjdbkgdomfnhlodalmkiafhbdearx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 6B15AC55D06BB3FD2513B3B937EE31E3, 2CA3BD5DFFA50DE34C00A3305C50E69E62BDBF6504A2C05CE32EEE26ABA009A0
PUP.Optional.DownloadProtect, C:\Windows\Installer\{EBEC4949-8772-4EE0-BCD5-568E561E302E}\xdafkhhjdbkgdomfnhlodalmkiafhbdeaml, In Quarantäne, 238, 237878, , , , , C106789590DFC9A713BADE4882BD74BD, B2CCC9443857C62588C0DEFC27BA99DD6124C4D80A3AED92CF859741AFD186F0
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EC730E43-1E60-4A46-B451-6D563CB019F5}\cmihgkoghgokocdhgkaijnmkecnjllgiprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , E6D9784D725BEF5BB749ECE3E626BD55, B92F9B86FFFDBF65F4CB320FE2E3FA0309CCB3F710726D4FC8F53406A146B24C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{EC730E43-1E60-4A46-B451-6D563CB019F5}\xmihgkoghgokocdhgkaijnmkecnjllgipml, In Quarantäne, 238, 237878, , , , , 1589438EA81C7BE1A977147E342ADD44, 1705184A0FD38F135E11BA2B41C3CE58206CBB33A5FFAC46CA946B6E19BCB2BF
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EF96EA70-A4FC-4DCA-ACF9-E8EFBF83AB63}\cfmhfggopfikagapjkabmjiicgobpedkirx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 3B148E4C8DAA77FE2005B0E0139E3F90, C90ECFB1548FADD5CDCB83412DA96EE6B720173EA62D8B23E0E42D844E8E8453
PUP.Optional.DownloadProtect, C:\Windows\Installer\{EF96EA70-A4FC-4DCA-ACF9-E8EFBF83AB63}\xfmhfggopfikagapjkabmjiicgobpedkiml, In Quarantäne, 238, 237878, , , , , 180392DDA20311DCF3741106344CAFFA, 4D95C6BC33DF8EF543A477A1CDC111D5A7BF7F2F399E54580E58E38A1F4A790C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F2613DFB-4D27-4F52-8A2D-0B73371C6BAE}\clgaoedagkjjjcjmklcinedlcdleniadfrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 7BE7E640416CDA9A23676FAD9788AC54, 484BF61AAA55C955FA59258B68A208C889ED175FE828A120F891C58A22D37238
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F2613DFB-4D27-4F52-8A2D-0B73371C6BAE}\xlgaoedagkjjjcjmklcinedlcdleniadfml, In Quarantäne, 238, 237878, , , , , 59E10829D99736604F0E3E08AA3203B3, DE6CFCD2E781111A192B5DB7C4503082F21DF5933CFA37BB1370C20A81A2B51B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F273E949-EB38-4E1D-BAB3-FB37A568DFA5}\ckifkdmdjdnddhfelhfbkphaajpljmjpbrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , C239A95E173E27AED41E5F98CD4474BE, FF13801C7A662EC543417980A632D8D023FF29D59AE578A6AB17D93D9629FA0A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F273E949-EB38-4E1D-BAB3-FB37A568DFA5}\xkifkdmdjdnddhfelhfbkphaajpljmjpbml, In Quarantäne, 238, 237878, , , , , 0D37F99452CED47A8EF7947E28464256, 5518A4156228558D9B29FBEBAB1BD3BBB3BCEBE4A862BD55D5F45274BD32B740
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F45B8AED-E7D9-4481-8A53-C53764F79B5D}\cgfjphghglgnphdkmjhkjoklheligdlfprx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 21EC544CFB70FE41B3051A525C3061C6, 857ACB90F8DF9B3382C908F8B0BD8860D0DFA185C85F7FCDB923C4A62A54EAE8
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F45B8AED-E7D9-4481-8A53-C53764F79B5D}\xgfjphghglgnphdkmjhkjoklheligdlfpml, In Quarantäne, 238, 237878, , , , , DC403C52649630A0C8214D47408F365F, 194659F367D86B814E4BFF4B28380453D47D3E80C3EE973207BF74B0700727D0
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F472DB1A-A2FF-4844-912C-BBEBF3FFE883}\ckgpalnpgehjgkchgoojcomaomogfipdjrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , CDCCF30AE5EDB9F76844688DFAEC9CEE, 50215869499B313520758E73EEABBF78334752FDAB54A2D6737D82DC894C759B
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F472DB1A-A2FF-4844-912C-BBEBF3FFE883}\xkgpalnpgehjgkchgoojcomaomogfipdjml, In Quarantäne, 238, 237878, , , , , 426D996E01D38FF68109741F96FE3EE3, 6EB52D570AE1EFBF3A196FADA89DAA2B8A5A57AC45806FC554F7E35EB445F03A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F488CE27-E9BD-4440-B324-0022B6299BB0}\coimiocggedbopdeplfjegpgpcgpklffmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 9C75605B9081F59DC0DF1BCAEE6BE785, 86FA0F8A9581FB11DC0430FDE8E07EE4CD757320D0FBEE672BAB2901E3C8C9F6
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F488CE27-E9BD-4440-B324-0022B6299BB0}\xoimiocggedbopdeplfjegpgpcgpklffmml, In Quarantäne, 238, 237878, , , , , 85550ADC47B9748636C6ED6AB53EB81E, F085A678AFDA03E882CCBF599C3E867E72DDE97F5CBDCFD686F841E064EC3418
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F4C2DD8A-4E02-4213-AFF4-6E416BD88D43}\ckchlijdanccjjijaijminchakdglgnklrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , CED00FAEE9D3840BAE32B77172051E1D, EA2697BA677D6EC2D61A3A5A8AA436561B340ED5DBBDA721D58258098D0FAF31
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F4C2DD8A-4E02-4213-AFF4-6E416BD88D43}\xkchlijdanccjjijaijminchakdglgnklml, In Quarantäne, 238, 237878, , , , , C58DE62C2F7338267F92DC9BE2CB35A1, 508DB44451D7E000DD1C8A45565C1C7F889EA8D38B3CA0829C57EC1C611A6871
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F707414D-14C5-4D11-BEF1-7D54F0660C63}\codfnonfihlcekldambokkhnejiklfkedrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 301F900AFC5357A83FE32CF56912FEA7, 5DD27FBE6808C8D34D9FBCD78CC6551D1BF4D5B465FD58F96FAA45E29087469D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F707414D-14C5-4D11-BEF1-7D54F0660C63}\xodfnonfihlcekldambokkhnejiklfkedml, In Quarantäne, 238, 237878, , , , , 097E9E49BF35029F3AD790D5CCBC2903, 6803678919A911A77136234830B999FA3AAA6175CD2C3414D2DC3D8EF0C93503
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F7236897-5813-470B-91DF-31E6ACE24AF1}\cekebkmngjanhnomaknfmacbeklclagcgrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 6DD1873BFF4020D1EF6412F27E95FDBD, 7F4FB113BDC7A8580EC425A707EE0778A07BAD6C024DB6D4497EDBB0B58DAF1F
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F7236897-5813-470B-91DF-31E6ACE24AF1}\xekebkmngjanhnomaknfmacbeklclagcgml, In Quarantäne, 238, 237878, , , , , FBE9DB3BD3D286CC59CB541B479B3F8A, 53E3EA6A80A49B004A1F74AEDA71657E31D6869EEBC3AA9F27F358E989A7D53F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FB73A25A-7E4D-495A-92E8-62EC3D2DA65E}\ckajodcijdakhkjmkelgaginkegjjaaeerx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 9F4CE8B128460042B5B70E57B02FE8E1, 376E68A6E30A34738FD5E844B441C9690EF66C0A7768C4104DCBE3DE208CF824
PUP.Optional.DownloadProtect, C:\Windows\Installer\{FB73A25A-7E4D-495A-92E8-62EC3D2DA65E}\xkajodcijdakhkjmkelgaginkegjjaaeeml, In Quarantäne, 238, 237878, , , , , BD464A6BDA517E8AA05E7621D2922302, 8EB75D673771C7EC7A725942A4F91007FBC7A00E87054996FB5018F3771F637C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FB78DAAB-E10B-479A-920F-6344B4A03D67}\ccgapkhklbhkcmeiaeogfjgnkhkbjdhahrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , B30E233A95A08083E10988B32006333A, CA05A9724F73AC6D1061B4800031F5F4ACCA1610E508B9E800325E955A28CC8D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{FB78DAAB-E10B-479A-920F-6344B4A03D67}\xcgapkhklbhkcmeiaeogfjgnkhkbjdhahml, In Quarantäne, 238, 237878, , , , , 439DF09302063AC12C41BA60841EB728, C579144CBBD8B79647C69AD7863FD907B5EA92480E26CBB2D2A60F783F57F9CD
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FC7C69EC-2924-44B8-99A7-C7EDE3A8258B}\cbihjbjembicmlmckocamngidnmlmfgacrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 258611E009FF6E4ED2200965AA227291, 3A8391268A405B6EFB7DAEFBE819AE2FDB605AC7FC798EE01400ACAABCDCD12A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{FC7C69EC-2924-44B8-99A7-C7EDE3A8258B}\xbihjbjembicmlmckocamngidnmlmfgacml, In Quarantäne, 238, 237878, , , , , 3F43DCE4C902CC687ACA6E4E1FE40C6A, 9395670F4D28F05063772E3BB633C9BED6FB63D94432C759AF8FE1AA93379CCF
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FD45B75E-6BE1-47E2-A0B4-26B941423CEF}\cpakhjnghhoodgfdkndlijhpcmjjdfnabrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 861FB166AC7BC00EBA422F78D64A927F, 63718722FC8576DEC2C94DDC690EC7DB981F9D0711D91E271D1D4645C7BD651C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{FD45B75E-6BE1-47E2-A0B4-26B941423CEF}\xpakhjnghhoodgfdkndlijhpcmjjdfnabml, In Quarantäne, 238, 237878, , , , , D636017795369DB8E55AEF257CAC82D8, 9B47511DA09B51CD4FD4648A8E5E1A87310D58AEEC631CC5DBCDEBFF0CC94C8A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FDF96A9C-77C2-4DC6-A25E-EFFC257717BD}\ckbnibojknkiencnggemobecnelkbbgpirx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 6D45BC3B7DD96A8F51ACDB45F2EABD1C, 94F7B261B9A2DF60DE99645600E47921CB5CFFB294C4D47853AB6F245ADC9D31
PUP.Optional.DownloadProtect, C:\Windows\Installer\{FDF96A9C-77C2-4DC6-A25E-EFFC257717BD}\xkbnibojknkiencnggemobecnelkbbgpiml, In Quarantäne, 238, 237878, , , , , 6290F911679822B6E0579558B14398BB, 43695B4A1B2EA6C077889808D9E5E7E833D23298873E0EC47445899AA2982D57
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FF8402FE-C7FE-40B0-A77E-B60FC9425154}\cfcnkmiafbgjaeiaimbplhbjlkomgmnparx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , 10D82EFF35AAF6F4B2CA2B22A7EE7C3D, 08BC7CC031DFA4BA5D0F33B55109DB0A7B8CD2859212CDC9881DBA55A6AFB684
PUP.Optional.DownloadProtect, C:\Windows\Installer\{FF8402FE-C7FE-40B0-A77E-B60FC9425154}\xfcnkmiafbgjaeiaimbplhbjlkomgmnpaml, In Quarantäne, 238, 237878, , , , , 1B9BB03D4B3915E1710262DC53829E15, 7861ADD00C0A3850F16D2015471EE419E28F6B7FFF8D535D7DBB3A7326373440
Trojan.DownloadProtect, C:\PROGRAMDATA\PACKAGE CACHE\{CE35B488-A482-407E-8C3E-48C213120839}\{1910C353-D10C-44B9-BA91-72D0B3B19EC1}, In Quarantäne, 14185, 910813, 1.0.68287, , ame, , 26B4E15BDE65B3A2AD8C89ECC3EF436A, 5F37F99C4FF433E0ED42FE3C7B644DEC449747C957D91128F73F9DE709DF2C4F
Trojan.DownloadProtect, C:\WINDOWS\INSTALLER\{65C4EEBA-EDAC-4602-8E5C-BD22D8BEA90D}\{B49DA697-B607-4850-AB10-11CF68C3C352}, In Quarantäne, 14185, 910814, 1.0.68287, , ame, , E7EC828B6D23163F07300F14F952D62B, CF1EFBBA08C0033A14CCEDA47DD6B72DAC38AFDC99C0A771394FD11D9CB40333
Trojan.DownloadProtect, C:\WINDOWS\INSTALLER\{0FE15D5E-E7C3-49D1-8E6D-7B7F809935BF}\{740EE9AC-3B3F-4E55-AB9D-B786E2D624FA}, In Quarantäne, 14185, 910814, 1.0.68287, , ame, , 589455E5CA2F818A03AFF67E239EAA00, 8A29D0D25ABEAA7FD2DE4ECC0A501F6E45163E929D2AF74A7823C5C8FDCD8E75

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         
RogueKiller hat dann anschließend wohl nix weiter entdeckt:

Code:
ATTFilter
Program            : RogueKiller Anti-Malware
Version            : 15.8.2.0
x64                : Yes
Program Date       : Mar 21 2023
Location           : D:\Software\RogueKiller_portable64.exe
Premium            : No
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19045) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : Anna
User is Admin      : Yes
Date               : 2023/04/20 16:36:39
Type               : Scan
Aborted            : No
Scan Mode          : Standard
Duration           : 2135
Found items        : 0
Total scanned      : 77228
Signatures Version : 20230411_080448
Truesight Driver   : Yes
Updates Count      : 3

************************* Warnings *************************

************************* Updates *************************
iTunes (64-bit), version 12.12.4.1
  [+] Available Version        : 12.12.8.2
  [+] Size                     : 419 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\iTunes\

Dropbox (32-bit), version 171.4.6182
  [+] Available Version        : 172.4.7555
  [+] Wow6432                  : Yes
  [+] Portable                 : No
  [+] update_location          : C:\Program Files (x86)\Dropbox\Client

Zoom (64-bit), version 5.9.1 (2581)
  [+] Available Version        : 5.14.5
  [+] Size                     : 9,76 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Users\athbi\AppData\Roaming\Zoom\bin


************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************

************************* WMI *************************

************************* Hosts File *************************
is_too_big      : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts


************************* Filesystem *************************

************************* Web Browsers *************************

************************* Antirootkit *************************
         
Wie erwartet findet sich jetzt auch keine berüchtigte "version='2.4.11'" mehr unter C:\Windows\Installer - und in Edge sieht unter edge://policy alles freundlich (und vor allem leer) aus.

Fehlt noch etwas?

Alt 20.04.2023, 18:16   #17
M-K-D-B
/// TB-Ausbilder
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



Da ziemlich viel an Malware auf dem System war, wäre eine erneute Kontrolle mit FRST nicht verkehrt.

Ich hoffe, cosinus nimmt mir das nicht übel, dass ich hier so reinposte.




Schritt 1
  • Starte FRST erneut und klicke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.
__________________


Alt 20.04.2023, 19:59   #18
fbin41
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



Klaro. In der FRST.txt kommen mir noch folgende Punkte seltsam vor:

- Welchen Zweck erfüllen aktuell Einträge wie "GoogleUpdateTask" oder "GoogleUpdate.exe"? (Wo doch aktuell kein Chrome mehr installiert ist? Und meines Wissens auch sonst keine Software von Google?)
- Warum stehen da zwei Einträge zu Chrome Extensions? Ah, das könnte eine neu hinzugekommene Extension von Malwarebytes sein. Muss es aber nicht, oder?

Hier ist das ganze:


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-04-2023
durchgeführt von Anna (Administrator) auf ANNA-LENOVO-W10 (LENOVO 80YL) (20-04-2023 20:36:08)
Gestartet von D:\Software\Farbar_x86_x64\FRST64.exe
Geladene Profile: Anna
Plattform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3408.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\IntelCpHeciSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe <3>
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2780_none_7df1b05c7ca1f251\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [894376 2017-04-14] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1922496 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [362056 2022-05-05] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-04-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\Run: [MicrosoftEdgeAutoLaunch_88349514007821BC009C7118188706C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP 7012 Status Monitor: C:\Windows\system32\hpinksts7012LM.dll [328704 2014-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet Pro 8620): C:\Windows\system32\HPDiscoPM7012.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Startup: C:\Users\athbi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-01-07]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02D80AC4-EAFA-45C2-B1E8-A57ED4B3365F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Keine Datei)
Task: {04008C4A-ACC1-4D34-8A9A-C33E978AC250} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\38b71b36-98cd-41f8-b226-d1c1d1c4986c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {07B7BEEA-5066-45BA-8D1D-4D781B4CDCC9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0DDD97C2-5C1D-4993-AB90-E34D9FC8DA8B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E2B8BA9-811D-4A0D-9DDA-EDDB30F89CD9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {146A8CAD-41D5-48B3-BF2F-48C6E5252AD3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16F7F4CD-38E4-491F-AF35-EF5805697C87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {16F9A3B9-AE18-4434-A35B-000F8F43A5AB} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2017-02-17] (CyberLink Corp. -> CyberLink Corp.)
Task: {18A152A5-6A75-46EB-AAEF-19CA798549D3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {18B3D5DD-8FA0-477F-8FFC-EB2B54975AF3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {263846D5-49F4-4A02-B73C-A373DA5351C7} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {270C1F4E-8C4D-4874-9948-372B40972849} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A1C2893-C129-45F4-8513-975173E72904} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {2F0D5672-4E48-40CC-A89A-08E7C14C7E66} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A76240A-181C-49CD-955C-38E7D260A883} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0028b695-de87-41b0-9a47-fa161f0940a8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {3CFD1FA0-FD46-4EDA-9B1D-ED7367378294} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {3D10AC7F-04A2-4998-BCB9-988508187666} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {5CC0FA82-0DD1-415F-88A8-D8F0F43EC3C4} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {670CB788-B226-4373-B912-2AA9E2F490BF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {6F8CD596-78E4-469C-BCE9-9B0F3B2255DC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {744C8F0F-E50C-4CE3-ACCE-9E8341C96F19} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\938cd0d6-7874-4c1a-8b37-a27db68aa6f2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {88A929E5-219D-45C9-BABA-B89796187F71} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C783D4B-9D3D-42B7-A1D5-0B83CFF0FB09} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1714112 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8CCDCDF0-3F17-4CD8-8368-EEE411828A58} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EAF89F1-D857-4DFD-9DD0-A1B0711F67F1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac7a0baf-274c-4f05-bffa-a2ebb28a9c59 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {8F1D8A1B-2558-46C1-909B-5793580F9083} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {936DBBC0-F92E-447A-9911-543A55FCFB88} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {986F4E96-B5E9-4C2B-B306-175C25B6FEA8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BD2605E-EEE6-4734-8BA0-D5A93BB1E6A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {A50E8C74-F5E0-43CC-8905-89C4CF54032C} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A708C525-478D-46A6-9168-0F0C99EB799E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A8E94241-7910-4603-B8C4-E137F7D6EBDE} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A9144B2A-286A-4560-915B-FE515B39503D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AD3747D6-035C-45F2-AE0B-1B5172774BF8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {AD768997-3A76-425B-AD74-EA03626860C1} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {AE4257FE-175C-4B34-B64F-7D6A91F8A84E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B0495E0F-66D5-4293-8D5E-87289E806DDB} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [347416 2016-09-20] (CyberLink Corp. -> CyberLink Corp.)
Task: {BE53B40D-0E81-4F78-8B5D-19A549970770} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CE0ACD11-0DE5-424F-92D8-8C2F4FA077EB} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {CE80E807-042E-4154-8705-99C9B567CC0C} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {D2A474AC-58B6-4CA5-BAF2-81D58DE8E226} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DA63F70E-D721-4640-A699-E852A5662A3C} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [190744 2016-10-07] (CyberLink Corp. -> CyberLink)
Task: {DE80A756-8BA5-4FCF-9151-C798E96E9D20} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Keine Datei)
Task: {FA6BB3E0-41B5-41F5-8ADA-B549B9AC7062} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {FC74E7F7-4AF3-446B-B664-A28AC6E02533} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (Keine Datei)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2b6d82fc-ac06-414f-abe2-6e7dd76b3117}: [DhcpNameServer] 150.213.1.2
Tcpip\..\Interfaces\{337671d7-3eee-45b8-a9ff-56a66a52a8c9}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-20]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-04-20]
Edge Extension: (Edge relevant text changes) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-20]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: uf33delb.default-1681935890333
FF ProfilePath: C:\Users\athbi\AppData\Roaming\Mozilla\Firefox\Profiles\uf33delb.default-1681935890333 [2023-04-20]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\athbi\AppData\Roaming\Mozilla\Firefox\Profiles\uf33delb.default-1681935890333\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2023-04-20]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\athbi\AppData\Roaming\Mozilla\Firefox\Profiles\uf33delb.default-1681935890333\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-04-19]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [100424 2022-05-02] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
R2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-04-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9098608 2023-04-20] (Malwarebytes Inc. -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-04-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198584 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-04-20] (Malwarebytes Inc. -> Malwarebytes)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [890944 2017-09-29] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2023-04-06] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [497920 2023-04-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-04-20 21:32 - 2023-04-20 21:32 - 102498304 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-04-20 20:32 - 2023-04-20 20:33 - 000000000 ____D C:\Users\athbi\AppData\LocalLow\IGDump
2023-04-20 20:32 - 2023-04-20 20:32 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-04-20 17:58 - 2023-04-20 18:36 - 000000000 ____D C:\ProgramData\RogueKiller
2023-04-20 17:57 - 2023-04-20 17:57 - 035136432 _____ C:\Users\athbi\Downloads\RogueKiller_portable64.exe
2023-04-20 17:35 - 2023-04-20 17:35 - 000000000 ____D C:\Users\athbi\AppData\Local\mbam
2023-04-20 17:27 - 2023-04-20 17:27 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-04-20 17:27 - 2023-04-20 17:27 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-04-20 17:26 - 2023-04-20 17:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-04-20 17:26 - 2023-04-20 17:26 - 000000000 ____D C:\Program Files\Malwarebytes
2023-04-20 17:24 - 2023-04-20 17:24 - 002649088 _____ (Malwarebytes) C:\Users\athbi\Downloads\MBSetup.exe
2023-04-20 07:50 - 2023-04-20 07:58 - 000000000 ____D C:\AdwCleaner
2023-04-20 07:48 - 2023-04-20 07:48 - 008791352 _____ (Malwarebytes) C:\Users\athbi\Downloads\adwcleaner.exe
2023-04-19 22:24 - 2023-04-19 22:24 - 000000000 ____D C:\Users\athbi\Desktop\Alte Firefox-Daten
2023-04-19 22:23 - 2023-04-19 22:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-04-19 22:23 - 2023-04-19 22:23 - 058462736 _____ (Mozilla) C:\Users\athbi\Downloads\Firefox Setup 112.0.1.exe
2023-04-19 22:23 - 2023-04-19 22:23 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2023-04-19 22:23 - 2023-04-19 22:23 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-19 22:23 - 2023-04-19 22:23 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2023-04-19 22:23 - 2023-04-19 22:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-19 22:17 - 2023-04-19 22:17 - 000000000 ____D C:\Users\athbi\AppData\LocalLow\Oracle
2023-04-19 17:17 - 2023-04-20 20:36 - 000000000 ____D C:\FRST
2023-04-19 17:16 - 2023-04-19 17:16 - 003459075 _____ C:\Users\athbi\Downloads\Farbar_x86_x64.zip
2023-04-19 02:03 - 2023-04-20 21:32 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-04-19 01:09 - 2023-04-19 01:09 - 000004036 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-624402189-1887333828-3918413586-1003_0
2023-04-19 00:59 - 2023-04-19 00:59 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-624402189-1887333828-3918413586-1003
2023-04-18 20:15 - 2023-04-18 20:15 - 000000000 ___HD C:\$WinREAgent
2023-04-18 09:13 - 2023-04-18 09:13 - 000024848 _____ C:\Users\athbi\Downloads\dhl-return-60004038-bc29-2622-6b19-3a0aa55fc5ad.pdf
2023-04-18 08:41 - 2023-04-18 08:41 - 000128305 _____ C:\Users\athbi\Downloads\Retourenanleitung.pdf
2023-04-16 15:21 - 2023-04-16 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-04-04 12:51 - 2023-04-04 12:51 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-04-20 20:34 - 2022-08-22 21:03 - 000000000 ____D C:\Users\athbi\AppData\Roaming\DropboxElectron
2023-04-20 20:34 - 2017-12-31 11:03 - 000000000 ____D C:\Users\athbi\AppData\Local\Dropbox
2023-04-20 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-20 20:33 - 2017-12-30 23:00 - 000000000 ___RD C:\Users\athbi\OneDrive
2023-04-20 20:32 - 2020-06-28 17:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-20 20:32 - 2020-06-28 17:47 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-20 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-04-20 20:32 - 2017-08-18 03:20 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-20 20:27 - 2019-12-07 11:03 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2023-04-20 20:15 - 2022-02-14 18:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-20 20:11 - 2020-06-28 17:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-20 19:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-20 19:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-20 18:01 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-04-20 17:48 - 2017-08-18 02:53 - 000000000 ____D C:\ProgramData\Package Cache
2023-04-20 17:27 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-04-20 12:15 - 2020-06-28 17:57 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-20 12:15 - 2019-12-07 16:50 - 000744968 _____ C:\WINDOWS\system32\perfh007.dat
2023-04-20 12:15 - 2019-12-07 16:50 - 000150354 _____ C:\WINDOWS\system32\perfc007.dat
2023-04-20 11:20 - 2020-06-28 17:47 - 000437960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-04-20 11:11 - 2018-03-23 13:24 - 000000000 ____D C:\Users\athbi\AppData\LocalLow\Temp
2023-04-20 08:11 - 2017-12-31 16:19 - 000000000 ____D C:\Users\athbi\AppData\Roaming\WhatsApp
2023-04-20 08:10 - 2017-12-31 16:19 - 000000000 ____D C:\Users\athbi\AppData\Local\WhatsApp
2023-04-20 08:10 - 2017-12-30 22:54 - 000000000 ___SD C:\Users\athbi\AppData\Roaming\Microsoft\Credentials
2023-04-20 07:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-04-19 22:23 - 2020-09-25 08:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-19 22:16 - 2017-12-31 14:05 - 000000000 ____D C:\Users\athbi\AppData\LocalLow\Mozilla
2023-04-19 22:08 - 2017-12-31 13:39 - 000000000 ____D C:\Users\athbi\AppData\Local\Google
2023-04-19 16:48 - 2018-06-26 19:45 - 000000000 ____D C:\Users\athbi\AppData\Local\D3DSCache
2023-04-19 16:47 - 2017-12-31 13:20 - 000000000 ____D C:\Users\athbi\AppData\Roaming\Microsoft\Word
2023-04-19 01:09 - 2018-01-16 18:46 - 000000000 ____D C:\Users\Frank\AppData\Local\Dropbox
2023-04-19 01:08 - 2018-01-16 18:45 - 000000000 __SHD C:\Users\Frank\IntelGraphicsProfiles
2023-04-19 00:59 - 2020-06-28 17:57 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-624402189-1887333828-3918413586-1003
2023-04-19 00:59 - 2020-06-28 17:49 - 000002402 _____ C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-19 00:59 - 2018-01-16 18:45 - 000000000 ____D C:\Users\Frank\AppData\Local\Packages
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-04-18 20:28 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-18 20:24 - 2020-06-28 17:48 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-04-18 19:53 - 2017-12-31 09:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-18 19:49 - 2017-12-31 09:29 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-18 09:18 - 2017-12-31 11:02 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2023-04-18 09:18 - 2017-12-31 11:02 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2023-04-18 08:18 - 2022-10-13 12:17 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-04-18 08:18 - 2022-10-13 12:17 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-04-18 08:18 - 2017-08-18 02:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-04-18 08:16 - 2021-12-11 18:13 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-624402189-1887333828-3918413586-1001
2023-04-18 08:16 - 2020-06-28 17:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-04-18 08:16 - 2020-06-28 17:57 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-624402189-1887333828-3918413586-1001
2023-04-18 08:16 - 2020-06-28 17:49 - 000002402 _____ C:\Users\athbi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-17 12:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-04-16 15:22 - 2017-12-31 11:02 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-04-06 10:11 - 2018-02-14 18:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-27 10:59 - 2018-01-03 13:10 - 000000000 ____D C:\Users\athbi\Documents\HP Scans

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-02-25 21:03 - 2021-02-25 21:03 - 001384728 _____ (Microsoft Corporation) C:\Users\athbi\TeamsSetupx64_s_8D8D9BFA4BA8BEE-7-0_.exe
2020-11-25 14:39 - 2020-11-25 14:39 - 000007648 _____ () C:\Users\athbi\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
--- --- ---


Und noch die Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-04-2023
durchgeführt von Anna (20-04-2023 20:37:28)
Gestartet von D:\Software\Farbar_x86_x64
Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2020-06-28 15:57:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-624402189-1887333828-3918413586-500 - Administrator - Disabled)
Anna (S-1-5-21-624402189-1887333828-3918413586-1001 - Administrator - Enabled) => C:\Users\athbi
athbi (S-1-5-21-624402189-1887333828-3918413586-1002 - Limited - Enabled) => C:\Users\athbi.LAPTOP-P33CJ5M1
DefaultAccount (S-1-5-21-624402189-1887333828-3918413586-503 - Limited - Disabled)
Frank (S-1-5-21-624402189-1887333828-3918413586-1003 - Administrator - Enabled) => C:\Users\Frank
Gast (S-1-5-21-624402189-1887333828-3918413586-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-624402189-1887333828-3918413586-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACDSee 8 (HKLM-x32\...\{AA2E6BFE-4351-481C-A720-47CB3506570B}) (Version: 8.1.100 - ACD Systems Ltd.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.001.20143 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2B3CA448-5266-480F-85FA-2FCCB3C8712C}) (Version: 15.6.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Audiograbber (HKLM-x32\...\Audiograbber) (Version: 1.83 (2020 Edition) - Audiograbber)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 171.4.6182 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.733.1 - Dropbox, Inc.) Hidden
FOTOParadies (HKLM-x32\...\{FD838798-E2CB-45FA-AF79-6011519031E2}}_is1) (Version: 4.12.0.1257 - Foto Online Service GmbH)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP Officejet Pro 8620 - Grundlegende Software für das Gerät (HKLM\...\{F6CE08BC-6929-412E-BB42-A9A7CD9721D7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Hilfe (HKLM-x32\...\{F8E43C63-DFF2-4134-A46C-2A6F00517A35}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iBackup Viewer 4.15.0 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
iCloud Outlook (HKLM\...\{A8C64C2A-BD34-464F-BA61-A969BA46FC2B}) (Version: 10.9.3.62 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{BB1B550F-329D-4B07-A8D0-82914483411C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{603AC145-2337-4355-A6F1-BF66FDB2FA63}) (Version: 12.12.4.1 - Apple Inc.)
JDiskReport 1.4.1 (HKLM-x32\...\JDiskReport 1.4.1) (Version: 1.4.1 (2014-02-26 11:50:44) - JGoodies Karsten Lentzsch)
Lenovo App Explorer (HKU\S-1-5-21-624402189-1887333828-3918413586-1002\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo)
Lenovo App Explorer (HKU\S-1-5-21-624402189-1887333828-3918413586-1003\...\Host App Service) (Version: 0.273.4.600 - SweetLabs for Lenovo)
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.17 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.26.259 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.26.259 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\OneDriveSetup.exe) (Version: 23.071.0402.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-624402189-1887333828-3918413586-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-624402189-1887333828-3918413586-1003\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\Teams) (Version: 1.4.00.22472 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 112.0.1 (x64 de)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16227.20204 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Studie zur Verbesserung von HP Officejet Pro 8620 (HKLM\...\{825BC9A9-A005-4FDB-BDE9-A4F2DF69C3B7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
tiptoi® Manager 5.0.2 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 5.0.2 - Ravensburger AG)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{9E5A6059-314A-4F02-B8A4-8C9C97989589}) (Version: 8.91.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WhatsApp (Outdated) (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\WhatsApp) (Version: 2.2314.11 - WhatsApp)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.32.21.0_x64__kgqvnymyfvs32 [2023-04-04] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.240.400.0_x64__kgqvnymyfvs32 [2023-04-18] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_7.9.9.0_x86__h6adky7gbf63m [2023-04-18] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.17.857.0_x64__rz1tebttyb220 [2023-04-20] (Dolby Laboratories)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_144.1.1068.0_x64__v10z8vjag6ke6 [2023-04-18] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa [2023-01-07] (Apple Inc.) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2303.112.0_x64__k1h2ywk1493x8 [2023-04-20] (LENOVO INC.)
Lenovo Kontoportal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-12-30] (LENOVO INCORPORATED.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-30] (LENOVO INCORPORATED.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_7.3.2.0_x86__h6adky7gbf63m [2023-04-06] (Gameloft SE)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Corporation)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1820.9.73.0_x64__8xx8rvfyw5nnt [2023-03-16] (Meta) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.7302.0_x64__8wekyb3d8bbwe [2023-04-04] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-04-09] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-04-19] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0 [2023-04-18] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.5.0_x64__cv1g1gvanyjgm [2023-04-20] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2023-01-04] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2023-01-04] (Microsoft Corporation)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-13] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-624402189-1887333828-3918413586-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\athbi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21140.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-624402189-1887333828-3918413586-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\athbi\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-624402189-1887333828-3918413586-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\athbi\Dropbox [2017-12-31 16:05]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-20] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxDTCM.dll [2019-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-20] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\athbi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDiskReport 1.4.1\JGoodies Home Page.lnk -> hxxp://www.jgoodies.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-624402189-1887333828-3918413586-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-624402189-1887333828-3918413586-1001 -> DefaultScope {53925601-2FCD-4A29-B367-60284FA6688C} URL = 
SearchScopes: HKU\S-1-5-21-624402189-1887333828-3918413586-1001 -> {53925601-2FCD-4A29-B367-60284FA6688C} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\localhost -> localhost

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-624402189-1887333828-3918413586-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\athbi\Pictures\IMG_1492.JPG
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\athbi.LAPTOP-P33CJ5M1\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{AC218C40-6184-4B36-A2A4-2FC41A623DA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{34343FB8-9C55-4205-B25C-5A386A97EF32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{DD46D48A-05D2-4626-9302-3BF1EAD392CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{8B2F6B13-787A-4C13-B7A0-8669F6F1F8A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{3884368A-3A03-4217-97F7-73A1379F5D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{927C32C8-CD4F-4381-8073-CF61775FE17B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{6B5A2042-FDE7-432F-A3A7-7216DC153EEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{CA684955-E2E6-4FAB-B5BD-3ED8006B46EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{20022487-6451-4800-82E6-11C1AF2CEC77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{DB0C8512-90F3-4BB6-B68B-B054EBDA2115}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{5B98457D-CAEF-4265-A94F-DD95BF97290E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{91999B30-6C59-4E86-854F-814861874A47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{B4F9B27F-F72F-4B4E-8C13-4F8AB713435F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{6D550B11-704C-4138-9E77-F4F86DFDF137}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{371B5B53-EFEA-44D3-9440-F7CD3242241E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{A0653830-5CCA-4318-83D9-CE5832AF5AEF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{36066C1C-C711-499C-80A9-6AB69BA784A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{AE8425FC-91DD-4159-84B5-CD1F07DC5021}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{CBAF5845-1FAA-4AE2-8B58-BC12CC63F91F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{8802D145-297C-4A7D-A3C9-0EB7843E0C04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{41CF2DAF-D1A3-4823-98DE-4E1EA77FA13B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{594775A3-0594-43B2-992C-BBCC1C8A475D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{FB923C09-8584-4DFF-8283-B6505A5E5C22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{7A37757B-0809-44FF-8039-F76DFBD9EF2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{EA0B16FC-649D-4079-B106-34494FDAA641}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{2A20BD29-2804-4119-9400-B60050AC1F1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{ABE8846A-0E4B-4ABD-96E3-1728F8B4E3A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{12DBD426-96B8-46A9-93F9-3B69F0F7D2D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{00EAF64E-9AB3-478F-9506-35AF3EDAC03F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{30E83503-6E1E-4C86-A27A-178EDE79B1F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{9A8D4232-1B0E-4DC3-9C2B-DD15069BA531}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{77439F06-CE7A-435B-9DB9-0300B7C56DF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{48F12A1A-5403-400D-8509-0A89AD7F5C52}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB8DF726-C74D-43E6-B3EA-E6A9A9518054}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6390C560-EA31-41BE-973A-F9E0E0884A03}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E58DA280-9154-467F-B11F-931A8A11ABAA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4C6A7DDE-8AC0-4288-AB69-EAC861E6263F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{421991C6-13E6-40A9-A5E6-48D16D2506A7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{CC0ED3F7-489B-43B4-8D54-ABBE36C30935}] => (Allow) LPort=5357
FirewallRules: [{CE711B05-2DFF-4261-8610-D7B635D08D4F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{CD602CE4-D754-41AA-9CA0-20F77B058F87}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{BC16575D-E187-4694-BF97-5074E7CAA5EF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{D5EC5CA3-2278-4813-A55F-491E9825E8AA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{AD6A0026-2578-4FC4-A8EB-1D2AD0F3E130}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Keine Datei
FirewallRules: [{08E925FA-FE14-45C7-9D80-C509E835E681}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Keine Datei
FirewallRules: [{696FBFD0-A21C-4517-BDE3-E5E810236C70}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{46713C31-8181-4646-9DAD-1D74605FC87B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe => Keine Datei
FirewallRules: [{C328306D-66E3-4106-BBB3-6197713E0CF8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => Keine Datei
FirewallRules: [{869CD70E-7C28-4149-B647-4EE37A4E2B47}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5E875506-7461-4D1B-9EDF-B5D4B6409CD6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{982A9D5B-01AC-480A-8ED5-36E87D76C5FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3EF18B14-2DC7-412E-9569-7354CECD3556}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => Keine Datei
FirewallRules: [{691C41A4-35AB-4708-B2DD-F4A7EC697674}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{961B8823-02F5-4AA6-A910-FA8F8E2C201A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0EFAAB4B-1F56-475F-83B4-07E44B4EE333}C:\program files\rstudio\bin\rsession.exe] => (Block) C:\program files\rstudio\bin\rsession.exe => Keine Datei
FirewallRules: [UDP Query User{E3CC6A00-11BA-4678-B3C9-9C4EE88787BA}C:\program files\rstudio\bin\rsession.exe] => (Block) C:\program files\rstudio\bin\rsession.exe => Keine Datei
FirewallRules: [TCP Query User{0A8942D2-F05D-46C3-81A2-9E06AFEEFB96}C:\users\athbi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\athbi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{EC698404-78E9-4D6B-9C2D-8C3010963F96}C:\users\athbi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\athbi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FAE1F094-FCB9-4B42-B131-9ACA4095C82F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{8D71F9DF-65B8-41D3-B446-9FC0E0995086}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6672EA65-F71F-4DBB-B4EB-CA7F8D18AEB8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{FA449F34-1372-4B29-9230-D45A5CABC0A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{03D77AD8-0FB5-42D1-BB20-7E3655779C1F}] => (Allow) C:\Users\athbi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{9F2E1649-3F75-4D36-83E0-4ECFAE20A6D5}] => (Allow) C:\Users\athbi\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{00C75A60-8331-4716-BC5D-642BA36F2D45}] => (Allow) C:\Users\athbi\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{DBCDF9C3-5A71-48C2-94F0-94FCF28D391B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6519AB27-6EC6-4FBC-92F2-044D53780C17}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6FA4B9C4-F8BE-4A9E-8F0D-A0611CBDFB63}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{19B3E677-74D0-4946-A1A3-CD5100F14CC1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{9B6E2671-9D86-4524-89F8-4BD2381106CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{FDF888C3-96B9-4EA1-B9E7-EE318DE9CD98}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{A84EBDAE-E705-498A-9D97-65E40DE0518F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{091B54F1-E17F-4C36-8E6E-D8DA08380022}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6B6DCFCC-302D-4D69-8891-1A2D2A0D4A17}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DA987158-0D87-4180-9EBF-6746F0A0FE41}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{80F3F0B7-FDF9-4084-83AC-044565766D39}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{46FEE2D0-66DF-4E8D-A061-A40064677082}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{0244CC0E-482B-4552-BC42-C8DFFAB4452B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6196D662-B204-4370-942D-6BBC8732A970}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{B005F084-13F8-4DB1-AC3E-76BEA3B83C5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{C5E8E01C-389F-4FB6-87DA-1F044D3C3EA9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{FE88192B-32AD-4B26-BBDF-90D7EA16B8D8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{7B9C61DD-21BB-4CFD-B499-D76C8AC7EC48}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8820021-1D16-46F5-B0C1-1EF32E54E0B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{F16366D6-52A1-496D-A38F-7C9CC03108B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{9077FB14-9E1F-4387-ADF2-C879E740D618}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{8506515A-C8E8-4746-9016-F386B51E9B85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{EAB9CCF9-B934-46BB-ABF8-340AD86FD394}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{5A01491D-D233-4C7D-B838-4FB9DCAAE25E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{6A8ED854-CC6C-4368-914E-64C1470277B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{DB37A0E1-A49F-42CD-8F0B-90F6E96D2A41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{10791C44-681A-4FC2-85C2-44686054FC6A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{81B7E260-64FC-419D-946E-73DE1AF1A98F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{2DB65C9B-3780-4883-A20E-ADAB83241FF0}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{E9C6707B-CEC3-4A1C-BD3E-26B220E6F9C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{AEC42519-0400-43D9-B4B3-37B351A6E5E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{FB21002E-F19F-476A-B67F-6AF2DF985568}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{76DAF7BF-31DA-4DD2-9847-88B54F4E678D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{A1AF3ABD-5EC3-4855-9D52-C6E03508DF85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{29AE2680-E2BD-43D2-92F0-0CA8D6E44640}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{61335FDB-AF86-4E91-8DDC-6D78B9CF9272}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{96A2A44D-DDE2-4ADB-A84F-6FA36532A46C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{81C2CB23-11BB-419B-BE0E-B32DD7E48B71}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{BC8083FE-8A80-43B2-9D53-6BFD93726AAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{DD9AD8CE-BD47-4A74-A631-4E4A5A9A967D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{24165090-20D1-4882-A9D3-49D9BB8BA7CD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CA4A61C7-5DC2-4B90-882C-CB001B7E73BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3408.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{EF252426-8EDF-4798-90AC-6A8E4968C6BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3408.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{C872316D-7B7D-4BBF-AC08-CE0A2C7988FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3408.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{01A005AC-D8C2-4E05-9989-184AE863F919}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3408.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )

==================== Wiederherstellungspunkte =========================

18-04-2023 20:14:02 Windows Modules Installer
19-04-2023 22:17:53 Removed LibreOffice 5.3.7.2

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (04/19/2023 04:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname ANNA-LENOVO-W10.local already in use; will try ANNA-LENOVO-W10-2.local instead

Error: (04/19/2023 04:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 ANNA-LENOVO-W10.local. Addr 192.168.178.66

Error: (04/19/2023 04:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.66:5353   16 ANNA-LENOVO-W10.local. AAAA 2A02:810A:14BF:CCE8:6753:C417:AABC:2718

Error: (04/19/2023 01:21:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm svchost.exe Version 10.0.19041.1806 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b40

Startzeit: 01d9724ab8d9cd92

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\System32\svchost.exe

Bericht-ID: 3e9fe180-df5d-47e6-89b3-e2865453c2a9

Vollständiger Name des fehlerhaften Pakets: 

Relative Anwendungs-ID des fehlerhaften Pakets: 

Absturztyp: Unknown

Error: (04/16/2023 03:21:53 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (04/16/2023 03:21:53 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (04/16/2023 03:21:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname ANNA-LENOVO-W10.local already in use; will try ANNA-LENOVO-W10-2.local instead

Error: (04/16/2023 03:21:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 ANNA-LENOVO-W10.local. AAAA FE80:0000:0000:0000:9D9D:2049:B4A8:B916


Systemfehler:
=============
Error: (04/20/2023 08:27:51 PM) (Source: DCOM) (EventID: 10010) (User: ANNA-LENOVO-W10)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/20/2023 07:08:50 PM) (Source: DCOM) (EventID: 10010) (User: ANNA-LENOVO-W10)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/20/2023 05:46:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP

Error: (04/20/2023 12:16:52 PM) (Source: DCOM) (EventID: 10010) (User: ANNA-LENOVO-W10)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/20/2023 12:09:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dropbox-Update-Service (dbupdatem)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/20/2023 12:09:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dropbox-Update-Service (dbupdate)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/20/2023 12:09:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "System Interface Foundation Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/20/2023 12:09:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
================
Date: 2023-04-19 17:05:37
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5A61342C-43C9-4C86-8687-F9A088D6FFFF}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-04-19 01:21:40
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EE91A563-A813-4AE7-914F-B355E573FEB3}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Vollständige Überprüfung
Benutzer: ANNA-LENOVO-W10\Anna

Date: 2023-04-04 20:21:48
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {8A98C71A-57C5-4D08-A108-C467FD8E3B99}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-04-04 20:06:32
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi!mclg&threatid=2147784274&enterprise=0
Name: Backdoor:Win32/Bladabindi!mclg
Schweregrad: Schwerwiegend
Kategorie: Hintertür
Pfad: file:_C:\Windows\Temp\4ef247ec-11e3-fdbd-b857-be8b87284343\788bd5ca-828c-9cb0-707f-17bcc0ce7e76.exe; file:_C:\Windows\Temp\9539d4d7-53f8-70f9-24eb-5f8773a9b020\a3deedb8-7f46-12bc-5bff-97df1a4b83d6.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\nodejs\node.exe
Sicherheitsversion: AV: 1.385.1699.0, AS: 1.385.1699.0, NIS: 1.385.1699.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4

Date: 2023-04-04 20:06:30
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi!mclg&threatid=2147784274&enterprise=0
Name: Backdoor:Win32/Bladabindi!mclg
Schweregrad: Schwerwiegend
Kategorie: Hintertür
Pfad: file:_C:\Windows\Temp\4ef247ec-11e3-fdbd-b857-be8b87284343\788bd5ca-828c-9cb0-707f-17bcc0ce7e76.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\nodejs\node.exe
Sicherheitsversion: AV: 1.385.1699.0, AS: 1.385.1699.0, NIS: 1.385.1699.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4

CodeIntegrity:
===============
Date: 2023-04-19 17:05:37
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-23 19:58:20
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-16 16:40:38
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-15 21:59:49
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-05 17:28:19
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: LENOVO 4WCN47WW 06/30/2020
Hauptplatine: LENOVO LNVNB161216
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 8066.72 MB
Verfügbarer physikalischer RAM: 2909.81 MB
Summe virtueller Speicher: 10242.72 MB
Verfügbarer virtueller Speicher: 4969.27 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:92.42 GB) (Model: HFS256G3BTND-N210A) NTFS
Drive d: (Daten) (Fixed) (Total:25 GB) (Free:9.38 GB) (Model: HFS256G3BTND-N210A) NTFS

\\?\Volume{ebc8ede9-b046-4a13-88b1-1d79f48e841a}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.41 GB) NTFS
\\?\Volume{0a7f66c0-07fe-4aa2-9e89-29b2ecdf81db}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 161AE062)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
Anmerkungen hierzu:

Ich habe den Defender vorhin nochmal laufen lassen, ehe ich FRST gestartet hab. Der Defender hat nun deutlich länger gebraucht und viel mehr Elemente geprüft als beim letzten Mal (laut Schutzverlauf) - vermutlich weil inzwischen eine Beschränkung aufgehoben wurde?

Allerdings ist dieser heutige Defender-Lauf in der Addition.txt noch nicht erkennbar - hmm.

(War das zu voreilig mit dem Defender?)

Edit 21:03 Uhr:

Der Defender hat nix gefunden, weder im "vollständigen Scan", noch im "offline Scan".
__________________

Alt 20.04.2023, 21:44   #19
M-K-D-B
/// TB-Ausbilder
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



Zitat:
- Welchen Zweck erfüllen aktuell Einträge wie "GoogleUpdateTask" oder "GoogleUpdate.exe"? (Wo doch aktuell kein Chrome mehr installiert ist? Und meines Wissens auch sonst keine Software von Google?)
Sie erfüllen keinen Zweck mehr, weil ja nichts mehr von Google installiert ist. Es gibt allerdings noch einen versteckten Eintrag von "Google Update Helper".
Den können wir mit FRST sichtbar machen. Evtl. kannst du es dann deinstallieren.


Zitat:
- Warum stehen da zwei Einträge zu Chrome Extensions? Ah, das könnte eine neu hinzugekommene Extension von Malwarebytes sein. Muss es aber nicht, oder?
Ja, das ist von Malwarebytes.



Zitat:
(War das zu voreilig mit dem Defender?)
Nein, alles gut. Passt soweit.



Zuerst ein kleiner FRST-Fix.
Versuch mal, ob du nach dem Neustart den "Google Update Helper" über "Start>Einstellungen>Apps" deinstallieren kannst.





Schritt 1
WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Skript ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!
  • Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    SystemRestore: On 
    CreateRestorePoint:
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
    CMD: reg query "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" /S
    Reboot:
    End::
             
  • Starte nun FRST und klicke direkt auf den Button Reparieren.
    Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Alt 21.04.2023, 12:50   #20
fbin41
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



Danke dafür. Hier zunächst die Fixlog, dann gleich noch ein paar Anmerkungen.

Mag vielleicht nur Kosmetik sein, aber mir scheint eine gewisse Gründlichkeit nun doch angemessen.

Code:
ATTFilter
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-04-2023
durchgeführt von Anna (21-04-2023 12:00:30) Run:3
Gestartet von D:\Software\Farbar_x86_x64
Geladene Profile: Anna
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Start::
SystemRestore: On 
CreateRestorePoint:
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
CMD: reg query "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" /S
Reboot:
End::
*****************

SystemRestore: On => abgeschlossen
Wiederherstellungspunkt wurde erfolgreich erstellt.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}\\SystemComponent" => erfolgreich entfernt

========= reg query "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" /S =========


HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
    AuthorizedCDFPrefix    REG_SZ    
    Comments    REG_SZ    
    Contact    REG_SZ    
    DisplayVersion    REG_SZ    1.3.35.451
    HelpLink    REG_SZ    
    HelpTelephone    REG_SZ    
    InstallDate    REG_SZ    20200320
    InstallLocation    REG_SZ    
    InstallSource    REG_SZ    C:\Program Files (x86)\Google\Update\1.3.35.452\
    ModifyPath    REG_EXPAND_SZ    MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
    Publisher    REG_SZ    Google LLC
    Readme    REG_SZ    
    Size    REG_SZ    
    EstimatedSize    REG_DWORD    0x29
    UninstallString    REG_EXPAND_SZ    MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
    URLInfoAbout    REG_SZ    
    URLUpdateInfo    REG_SZ    
    VersionMajor    REG_DWORD    0x1
    VersionMinor    REG_DWORD    0x3
    WindowsInstaller    REG_DWORD    0x1
    Version    REG_DWORD    0x1030023
    Language    REG_DWORD    0x409
    DisplayName    REG_SZ    Google Update Helper


========= Ende von CMD: =========



Das System musste neu gestartet werden.

==== Ende von Fixlog 12:00:43 ====
         
Nach dem Neustart habe ich noch
- Google Update Helper deinstalliert (via Win 10 Einstellungen / Apps und Features)
- Malwarebytes wieder deinstalliert (allerdings die Browsererweiterung behalten)

Dann folgte ein Neustart und erneut FRST.

Hier die FRST.txt


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-04-2023
durchgeführt von Anna (Administrator) auf ANNA-LENOVO-W10 (LENOVO 80YL) (21-04-2023 13:03:57)
Gestartet von D:\Software\Farbar_x86_x64\FRST64.exe
Geladene Profile: Anna
Plattform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\IntelCpHeciSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [894376 2017-04-14] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1922496 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [362056 2022-05-05] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-04-15] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\Run: [MicrosoftEdgeAutoLaunch_88349514007821BC009C7118188706C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP 7012 Status Monitor: C:\Windows\system32\hpinksts7012LM.dll [328704 2014-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet Pro 8620): C:\Windows\system32\HPDiscoPM7012.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Startup: C:\Users\athbi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-01-07]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02D80AC4-EAFA-45C2-B1E8-A57ED4B3365F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Keine Datei)
Task: {04008C4A-ACC1-4D34-8A9A-C33E978AC250} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\38b71b36-98cd-41f8-b226-d1c1d1c4986c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {07B7BEEA-5066-45BA-8D1D-4D781B4CDCC9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0DDD97C2-5C1D-4993-AB90-E34D9FC8DA8B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E2B8BA9-811D-4A0D-9DDA-EDDB30F89CD9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0E387C0D-3C55-42DC-9B82-FCD93064A6ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {146A8CAD-41D5-48B3-BF2F-48C6E5252AD3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16F7F4CD-38E4-491F-AF35-EF5805697C87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {16F9A3B9-AE18-4434-A35B-000F8F43A5AB} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2017-02-17] (CyberLink Corp. -> CyberLink Corp.)
Task: {18A152A5-6A75-46EB-AAEF-19CA798549D3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {18B3D5DD-8FA0-477F-8FFC-EB2B54975AF3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {263846D5-49F4-4A02-B73C-A373DA5351C7} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {270C1F4E-8C4D-4874-9948-372B40972849} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A1C2893-C129-45F4-8513-975173E72904} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {2F0D5672-4E48-40CC-A89A-08E7C14C7E66} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A76240A-181C-49CD-955C-38E7D260A883} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0028b695-de87-41b0-9a47-fa161f0940a8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {3CFD1FA0-FD46-4EDA-9B1D-ED7367378294} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {3D10AC7F-04A2-4998-BCB9-988508187666} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {40075113-DED5-4684-8DDF-CB3A77E62D90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CC0FA82-0DD1-415F-88A8-D8F0F43EC3C4} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {670CB788-B226-4373-B912-2AA9E2F490BF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {6F8CD596-78E4-469C-BCE9-9B0F3B2255DC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {744C8F0F-E50C-4CE3-ACCE-9E8341C96F19} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\938cd0d6-7874-4c1a-8b37-a27db68aa6f2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {88A929E5-219D-45C9-BABA-B89796187F71} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C783D4B-9D3D-42B7-A1D5-0B83CFF0FB09} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1714112 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8CCDCDF0-3F17-4CD8-8368-EEE411828A58} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EAF89F1-D857-4DFD-9DD0-A1B0711F67F1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac7a0baf-274c-4f05-bffa-a2ebb28a9c59 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {8F1D8A1B-2558-46C1-909B-5793580F9083} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {936DBBC0-F92E-447A-9911-543A55FCFB88} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {986F4E96-B5E9-4C2B-B306-175C25B6FEA8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BD2605E-EEE6-4734-8BA0-D5A93BB1E6A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {A50E8C74-F5E0-43CC-8905-89C4CF54032C} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A708C525-478D-46A6-9168-0F0C99EB799E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A8E94241-7910-4603-B8C4-E137F7D6EBDE} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A9144B2A-286A-4560-915B-FE515B39503D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AD3747D6-035C-45F2-AE0B-1B5172774BF8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {AD768997-3A76-425B-AD74-EA03626860C1} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {AE4257FE-175C-4B34-B64F-7D6A91F8A84E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B0495E0F-66D5-4293-8D5E-87289E806DDB} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [347416 2016-09-20] (CyberLink Corp. -> CyberLink Corp.)
Task: {BE53B40D-0E81-4F78-8B5D-19A549970770} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CE0ACD11-0DE5-424F-92D8-8C2F4FA077EB} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {CE80E807-042E-4154-8705-99C9B567CC0C} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {D2A474AC-58B6-4CA5-BAF2-81D58DE8E226} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DA63F70E-D721-4640-A699-E852A5662A3C} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [190744 2016-10-07] (CyberLink Corp. -> CyberLink)
Task: {DC15145C-66BD-4299-A4EE-E0BE3205F50A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE80A756-8BA5-4FCF-9151-C798E96E9D20} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Keine Datei)
Task: {F9699407-7022-4365-B8E5-A184FD3FD5F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA6BB3E0-41B5-41F5-8ADA-B549B9AC7062} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {FC74E7F7-4AF3-446B-B664-A28AC6E02533} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (Keine Datei)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2b6d82fc-ac06-414f-abe2-6e7dd76b3117}: [DhcpNameServer] 150.213.1.2
Tcpip\..\Interfaces\{337671d7-3eee-45b8-a9ff-56a66a52a8c9}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-21]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-04-20]
Edge Extension: (Edge relevant text changes) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-20]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: uf33delb.default-1681935890333
FF ProfilePath: C:\Users\athbi\AppData\Roaming\Mozilla\Firefox\Profiles\uf33delb.default-1681935890333 [2023-04-21]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\athbi\AppData\Roaming\Mozilla\Firefox\Profiles\uf33delb.default-1681935890333\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2023-04-20]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\athbi\AppData\Roaming\Mozilla\Firefox\Profiles\uf33delb.default-1681935890333\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-04-19]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [100424 2022-05-02] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-04-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 MpKsl2e2343d1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D4D48AE4-E5BB-48A0-80AD-35BBA1DDB82E}\MpKslDrv.sys [211208 2023-04-21] (Microsoft Windows -> Microsoft Corporation)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [890944 2017-09-29] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-04-06] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [497920 2023-04-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-04-21 10:57 - 2023-04-21 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-04-20 21:32 - 2023-04-21 12:01 - 102498304 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-04-20 17:58 - 2023-04-20 18:36 - 000000000 ____D C:\ProgramData\RogueKiller
2023-04-20 17:57 - 2023-04-20 17:57 - 035136432 _____ C:\Users\athbi\Downloads\RogueKiller_portable64.exe
2023-04-20 17:35 - 2023-04-20 17:35 - 000000000 ____D C:\Users\athbi\AppData\Local\mbam
2023-04-20 17:24 - 2023-04-20 17:24 - 002649088 _____ (Malwarebytes) C:\Users\athbi\Downloads\MBSetup.exe
2023-04-20 07:50 - 2023-04-20 07:58 - 000000000 ____D C:\AdwCleaner
2023-04-20 07:48 - 2023-04-20 07:48 - 008791352 _____ (Malwarebytes) C:\Users\athbi\Downloads\adwcleaner.exe
2023-04-19 22:24 - 2023-04-19 22:24 - 000000000 ____D C:\Users\athbi\Desktop\Alte Firefox-Daten
2023-04-19 22:23 - 2023-04-19 22:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-04-19 22:23 - 2023-04-19 22:23 - 058462736 _____ (Mozilla) C:\Users\athbi\Downloads\Firefox Setup 112.0.1.exe
2023-04-19 22:23 - 2023-04-19 22:23 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2023-04-19 22:23 - 2023-04-19 22:23 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-19 22:23 - 2023-04-19 22:23 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2023-04-19 22:23 - 2023-04-19 22:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-19 22:17 - 2023-04-19 22:17 - 000000000 ____D C:\Users\athbi\AppData\LocalLow\Oracle
2023-04-19 17:17 - 2023-04-21 13:04 - 000000000 ____D C:\FRST
2023-04-19 17:16 - 2023-04-19 17:16 - 003459075 _____ C:\Users\athbi\Downloads\Farbar_x86_x64.zip
2023-04-19 02:03 - 2023-04-20 21:32 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-04-19 01:09 - 2023-04-19 01:09 - 000004036 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-624402189-1887333828-3918413586-1003_0
2023-04-19 00:59 - 2023-04-19 00:59 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-624402189-1887333828-3918413586-1003
2023-04-18 20:15 - 2023-04-18 20:15 - 000000000 ___HD C:\$WinREAgent
2023-04-18 09:13 - 2023-04-18 09:13 - 000024848 _____ C:\Users\athbi\Downloads\dhl-return-60004038-bc29-2622-6b19-3a0aa55fc5ad.pdf
2023-04-18 08:41 - 2023-04-18 08:41 - 000128305 _____ C:\Users\athbi\Downloads\Retourenanleitung.pdf
2023-04-15 21:53 - 2023-04-15 21:53 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-04-21 13:04 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-21 13:03 - 2022-02-14 18:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-21 12:55 - 2020-06-28 17:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-21 12:18 - 2022-08-22 21:03 - 000000000 ____D C:\Users\athbi\AppData\Roaming\DropboxElectron
2023-04-21 12:18 - 2017-12-31 11:03 - 000000000 ____D C:\Users\athbi\AppData\Local\Dropbox
2023-04-21 12:17 - 2017-12-30 23:00 - 000000000 ___RD C:\Users\athbi\OneDrive
2023-04-21 12:16 - 2017-08-18 03:20 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-21 12:15 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-04-21 12:05 - 2020-06-28 17:57 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-21 12:05 - 2019-12-07 16:50 - 000744968 _____ C:\WINDOWS\system32\perfh007.dat
2023-04-21 12:05 - 2019-12-07 16:50 - 000150354 _____ C:\WINDOWS\system32\perfc007.dat
2023-04-21 12:05 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-04-21 12:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-21 12:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-21 12:01 - 2020-06-28 17:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-21 12:01 - 2020-06-28 17:47 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-04-21 12:01 - 2019-12-07 11:03 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2023-04-21 10:58 - 2017-12-31 11:02 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-04-20 17:48 - 2017-08-18 02:53 - 000000000 ____D C:\ProgramData\Package Cache
2023-04-20 11:20 - 2020-06-28 17:47 - 000437960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-04-20 11:11 - 2018-03-23 13:24 - 000000000 ____D C:\Users\athbi\AppData\LocalLow\Temp
2023-04-20 08:11 - 2017-12-31 16:19 - 000000000 ____D C:\Users\athbi\AppData\Roaming\WhatsApp
2023-04-20 08:10 - 2017-12-31 16:19 - 000000000 ____D C:\Users\athbi\AppData\Local\WhatsApp
2023-04-20 08:10 - 2017-12-30 22:54 - 000000000 ___SD C:\Users\athbi\AppData\Roaming\Microsoft\Credentials
2023-04-20 07:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-04-19 22:23 - 2020-09-25 08:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-19 22:16 - 2017-12-31 14:05 - 000000000 ____D C:\Users\athbi\AppData\LocalLow\Mozilla
2023-04-19 22:08 - 2017-12-31 13:39 - 000000000 ____D C:\Users\athbi\AppData\Local\Google
2023-04-19 16:48 - 2018-06-26 19:45 - 000000000 ____D C:\Users\athbi\AppData\Local\D3DSCache
2023-04-19 16:47 - 2017-12-31 13:20 - 000000000 ____D C:\Users\athbi\AppData\Roaming\Microsoft\Word
2023-04-19 01:09 - 2018-01-16 18:46 - 000000000 ____D C:\Users\Frank\AppData\Local\Dropbox
2023-04-19 01:08 - 2018-01-16 18:45 - 000000000 __SHD C:\Users\Frank\IntelGraphicsProfiles
2023-04-19 00:59 - 2020-06-28 17:57 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-624402189-1887333828-3918413586-1003
2023-04-19 00:59 - 2020-06-28 17:49 - 000002402 _____ C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-19 00:59 - 2018-01-16 18:45 - 000000000 ____D C:\Users\Frank\AppData\Local\Packages
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-04-18 20:28 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-18 20:24 - 2020-06-28 17:48 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-04-18 19:53 - 2017-12-31 09:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-18 19:49 - 2017-12-31 09:29 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-18 09:18 - 2017-12-31 11:02 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2023-04-18 09:18 - 2017-12-31 11:02 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2023-04-18 08:18 - 2022-10-13 12:17 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-04-18 08:18 - 2022-10-13 12:17 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-04-18 08:18 - 2017-08-18 02:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-04-18 08:16 - 2021-12-11 18:13 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-624402189-1887333828-3918413586-1001
2023-04-18 08:16 - 2020-06-28 17:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-04-18 08:16 - 2020-06-28 17:57 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-624402189-1887333828-3918413586-1001
2023-04-18 08:16 - 2020-06-28 17:49 - 000002402 _____ C:\Users\athbi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-17 12:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-04-06 10:11 - 2018-02-14 18:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-27 10:59 - 2018-01-03 13:10 - 000000000 ____D C:\Users\athbi\Documents\HP Scans

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-02-25 21:03 - 2021-02-25 21:03 - 001384728 _____ (Microsoft Corporation) C:\Users\athbi\TeamsSetupx64_s_8D8D9BFA4BA8BEE-7-0_.exe
2020-11-25 14:39 - 2020-11-25 14:39 - 000007648 _____ () C:\Users\athbi\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
--- --- ---



Und die Addition.txt:

FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-04-2023
durchgeführt von Anna (21-04-2023 13:05:38)
Gestartet von D:\Software\Farbar_x86_x64
Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2020-06-28 15:57:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-624402189-1887333828-3918413586-500 - Administrator - Disabled)
Anna (S-1-5-21-624402189-1887333828-3918413586-1001 - Administrator - Enabled) => C:\Users\athbi
athbi (S-1-5-21-624402189-1887333828-3918413586-1002 - Limited - Enabled) => C:\Users\athbi.LAPTOP-P33CJ5M1
DefaultAccount (S-1-5-21-624402189-1887333828-3918413586-503 - Limited - Disabled)
Frank (S-1-5-21-624402189-1887333828-3918413586-1003 - Administrator - Enabled) => C:\Users\Frank
Gast (S-1-5-21-624402189-1887333828-3918413586-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-624402189-1887333828-3918413586-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACDSee 8 (HKLM-x32\...\{AA2E6BFE-4351-481C-A720-47CB3506570B}) (Version: 8.1.100 - ACD Systems Ltd.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.001.20143 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2B3CA448-5266-480F-85FA-2FCCB3C8712C}) (Version: 15.6.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Audiograbber (HKLM-x32\...\Audiograbber) (Version: 1.83 (2020 Edition) - Audiograbber)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 172.4.7555 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.733.1 - Dropbox, Inc.) Hidden
FOTOParadies (HKLM-x32\...\{FD838798-E2CB-45FA-AF79-6011519031E2}}_is1) (Version: 4.12.0.1257 - Foto Online Service GmbH)
HP Officejet Pro 8620 - Grundlegende Software für das Gerät (HKLM\...\{F6CE08BC-6929-412E-BB42-A9A7CD9721D7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Hilfe (HKLM-x32\...\{F8E43C63-DFF2-4134-A46C-2A6F00517A35}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iBackup Viewer 4.15.0 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
iCloud Outlook (HKLM\...\{A8C64C2A-BD34-464F-BA61-A969BA46FC2B}) (Version: 10.9.3.62 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{BB1B550F-329D-4B07-A8D0-82914483411C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{603AC145-2337-4355-A6F1-BF66FDB2FA63}) (Version: 12.12.4.1 - Apple Inc.)
JDiskReport 1.4.1 (HKLM-x32\...\JDiskReport 1.4.1) (Version: 1.4.1 (2014-02-26 11:50:44) - JGoodies Karsten Lentzsch)
Lenovo App Explorer (HKU\S-1-5-21-624402189-1887333828-3918413586-1002\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo)
Lenovo App Explorer (HKU\S-1-5-21-624402189-1887333828-3918413586-1003\...\Host App Service) (Version: 0.273.4.600 - SweetLabs for Lenovo)
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.17 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\OneDriveSetup.exe) (Version: 23.071.0402.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-624402189-1887333828-3918413586-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-624402189-1887333828-3918413586-1003\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\Teams) (Version: 1.4.00.22472 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 112.0.1 (x64 de)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16227.20204 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Studie zur Verbesserung von HP Officejet Pro 8620 (HKLM\...\{825BC9A9-A005-4FDB-BDE9-A4F2DF69C3B7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
tiptoi® Manager 5.0.2 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 5.0.2 - Ravensburger AG)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{9E5A6059-314A-4F02-B8A4-8C9C97989589}) (Version: 8.91.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WhatsApp (Outdated) (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\WhatsApp) (Version: 2.2314.11 - WhatsApp)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.32.21.0_x64__kgqvnymyfvs32 [2023-04-04] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.241.500.0_x64__kgqvnymyfvs32 [2023-04-21] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_7.9.9.0_x86__h6adky7gbf63m [2023-04-18] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.17.857.0_x64__rz1tebttyb220 [2023-04-20] (Dolby Laboratories)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_144.1.1068.0_x64__v10z8vjag6ke6 [2023-04-18] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa [2023-01-07] (Apple Inc.) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2303.112.0_x64__k1h2ywk1493x8 [2023-04-20] (LENOVO INC.)
Lenovo Kontoportal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-12-30] (LENOVO INCORPORATED.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-30] (LENOVO INCORPORATED.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_7.3.2.0_x86__h6adky7gbf63m [2023-04-06] (Gameloft SE)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Corporation)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1820.9.73.0_x64__8xx8rvfyw5nnt [2023-03-16] (Meta) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.7302.0_x64__8wekyb3d8bbwe [2023-04-04] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-04-09] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-04-19] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0 [2023-04-18] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.6.0_x64__cv1g1gvanyjgm [2023-04-21] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2023-01-04] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2023-01-04] (Microsoft Corporation)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-13] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-624402189-1887333828-3918413586-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\athbi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21140.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-624402189-1887333828-3918413586-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\athbi\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-624402189-1887333828-3918413586-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\athbi\Dropbox [2017-12-31 16:05]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxDTCM.dll [2019-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-21] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\athbi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDiskReport 1.4.1\JGoodies Home Page.lnk -> hxxp://www.jgoodies.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============


==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-624402189-1887333828-3918413586-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-624402189-1887333828-3918413586-1001 -> DefaultScope {53925601-2FCD-4A29-B367-60284FA6688C} URL = 
SearchScopes: HKU\S-1-5-21-624402189-1887333828-3918413586-1001 -> {53925601-2FCD-4A29-B367-60284FA6688C} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\localhost -> localhost

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-624402189-1887333828-3918413586-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\athbi\Pictures\IMG_1492.JPG
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\athbi.LAPTOP-P33CJ5M1\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{AC218C40-6184-4B36-A2A4-2FC41A623DA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{34343FB8-9C55-4205-B25C-5A386A97EF32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{DD46D48A-05D2-4626-9302-3BF1EAD392CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{8B2F6B13-787A-4C13-B7A0-8669F6F1F8A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{3884368A-3A03-4217-97F7-73A1379F5D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{927C32C8-CD4F-4381-8073-CF61775FE17B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{6B5A2042-FDE7-432F-A3A7-7216DC153EEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{CA684955-E2E6-4FAB-B5BD-3ED8006B46EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{20022487-6451-4800-82E6-11C1AF2CEC77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{DB0C8512-90F3-4BB6-B68B-B054EBDA2115}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{5B98457D-CAEF-4265-A94F-DD95BF97290E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{91999B30-6C59-4E86-854F-814861874A47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{B4F9B27F-F72F-4B4E-8C13-4F8AB713435F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{6D550B11-704C-4138-9E77-F4F86DFDF137}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{371B5B53-EFEA-44D3-9440-F7CD3242241E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{A0653830-5CCA-4318-83D9-CE5832AF5AEF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{36066C1C-C711-499C-80A9-6AB69BA784A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{AE8425FC-91DD-4159-84B5-CD1F07DC5021}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{CBAF5845-1FAA-4AE2-8B58-BC12CC63F91F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{8802D145-297C-4A7D-A3C9-0EB7843E0C04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{41CF2DAF-D1A3-4823-98DE-4E1EA77FA13B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{594775A3-0594-43B2-992C-BBCC1C8A475D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{FB923C09-8584-4DFF-8283-B6505A5E5C22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{7A37757B-0809-44FF-8039-F76DFBD9EF2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{EA0B16FC-649D-4079-B106-34494FDAA641}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{2A20BD29-2804-4119-9400-B60050AC1F1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{ABE8846A-0E4B-4ABD-96E3-1728F8B4E3A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{12DBD426-96B8-46A9-93F9-3B69F0F7D2D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{00EAF64E-9AB3-478F-9506-35AF3EDAC03F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{30E83503-6E1E-4C86-A27A-178EDE79B1F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{9A8D4232-1B0E-4DC3-9C2B-DD15069BA531}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{77439F06-CE7A-435B-9DB9-0300B7C56DF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{48F12A1A-5403-400D-8509-0A89AD7F5C52}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB8DF726-C74D-43E6-B3EA-E6A9A9518054}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6390C560-EA31-41BE-973A-F9E0E0884A03}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E58DA280-9154-467F-B11F-931A8A11ABAA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4C6A7DDE-8AC0-4288-AB69-EAC861E6263F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{421991C6-13E6-40A9-A5E6-48D16D2506A7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{CC0ED3F7-489B-43B4-8D54-ABBE36C30935}] => (Allow) LPort=5357
FirewallRules: [{CE711B05-2DFF-4261-8610-D7B635D08D4F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{CD602CE4-D754-41AA-9CA0-20F77B058F87}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{BC16575D-E187-4694-BF97-5074E7CAA5EF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{D5EC5CA3-2278-4813-A55F-491E9825E8AA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{AD6A0026-2578-4FC4-A8EB-1D2AD0F3E130}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Keine Datei
FirewallRules: [{08E925FA-FE14-45C7-9D80-C509E835E681}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Keine Datei
FirewallRules: [{696FBFD0-A21C-4517-BDE3-E5E810236C70}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{46713C31-8181-4646-9DAD-1D74605FC87B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe => Keine Datei
FirewallRules: [{C328306D-66E3-4106-BBB3-6197713E0CF8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => Keine Datei
FirewallRules: [{869CD70E-7C28-4149-B647-4EE37A4E2B47}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5E875506-7461-4D1B-9EDF-B5D4B6409CD6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{982A9D5B-01AC-480A-8ED5-36E87D76C5FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3EF18B14-2DC7-412E-9569-7354CECD3556}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => Keine Datei
FirewallRules: [{691C41A4-35AB-4708-B2DD-F4A7EC697674}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{961B8823-02F5-4AA6-A910-FA8F8E2C201A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0EFAAB4B-1F56-475F-83B4-07E44B4EE333}C:\program files\rstudio\bin\rsession.exe] => (Block) C:\program files\rstudio\bin\rsession.exe => Keine Datei
FirewallRules: [UDP Query User{E3CC6A00-11BA-4678-B3C9-9C4EE88787BA}C:\program files\rstudio\bin\rsession.exe] => (Block) C:\program files\rstudio\bin\rsession.exe => Keine Datei
FirewallRules: [TCP Query User{0A8942D2-F05D-46C3-81A2-9E06AFEEFB96}C:\users\athbi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\athbi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{EC698404-78E9-4D6B-9C2D-8C3010963F96}C:\users\athbi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\athbi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FAE1F094-FCB9-4B42-B131-9ACA4095C82F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{8D71F9DF-65B8-41D3-B446-9FC0E0995086}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6672EA65-F71F-4DBB-B4EB-CA7F8D18AEB8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{FA449F34-1372-4B29-9230-D45A5CABC0A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{03D77AD8-0FB5-42D1-BB20-7E3655779C1F}] => (Allow) C:\Users\athbi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{9F2E1649-3F75-4D36-83E0-4ECFAE20A6D5}] => (Allow) C:\Users\athbi\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{00C75A60-8331-4716-BC5D-642BA36F2D45}] => (Allow) C:\Users\athbi\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{DBCDF9C3-5A71-48C2-94F0-94FCF28D391B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6519AB27-6EC6-4FBC-92F2-044D53780C17}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6FA4B9C4-F8BE-4A9E-8F0D-A0611CBDFB63}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{19B3E677-74D0-4946-A1A3-CD5100F14CC1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{9B6E2671-9D86-4524-89F8-4BD2381106CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{FDF888C3-96B9-4EA1-B9E7-EE318DE9CD98}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{A84EBDAE-E705-498A-9D97-65E40DE0518F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{091B54F1-E17F-4C36-8E6E-D8DA08380022}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6B6DCFCC-302D-4D69-8891-1A2D2A0D4A17}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DA987158-0D87-4180-9EBF-6746F0A0FE41}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{80F3F0B7-FDF9-4084-83AC-044565766D39}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{46FEE2D0-66DF-4E8D-A061-A40064677082}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{0244CC0E-482B-4552-BC42-C8DFFAB4452B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6196D662-B204-4370-942D-6BBC8732A970}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{B005F084-13F8-4DB1-AC3E-76BEA3B83C5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{C5E8E01C-389F-4FB6-87DA-1F044D3C3EA9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{FE88192B-32AD-4B26-BBDF-90D7EA16B8D8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{7B9C61DD-21BB-4CFD-B499-D76C8AC7EC48}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8820021-1D16-46F5-B0C1-1EF32E54E0B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{F16366D6-52A1-496D-A38F-7C9CC03108B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{9077FB14-9E1F-4387-ADF2-C879E740D618}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{8506515A-C8E8-4746-9016-F386B51E9B85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{EAB9CCF9-B934-46BB-ABF8-340AD86FD394}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{5A01491D-D233-4C7D-B838-4FB9DCAAE25E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{6A8ED854-CC6C-4368-914E-64C1470277B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{DB37A0E1-A49F-42CD-8F0B-90F6E96D2A41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{10791C44-681A-4FC2-85C2-44686054FC6A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{81B7E260-64FC-419D-946E-73DE1AF1A98F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{E9C6707B-CEC3-4A1C-BD3E-26B220E6F9C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{AEC42519-0400-43D9-B4B3-37B351A6E5E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{FB21002E-F19F-476A-B67F-6AF2DF985568}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{76DAF7BF-31DA-4DD2-9847-88B54F4E678D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{A1AF3ABD-5EC3-4855-9D52-C6E03508DF85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{29AE2680-E2BD-43D2-92F0-0CA8D6E44640}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{61335FDB-AF86-4E91-8DDC-6D78B9CF9272}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{96A2A44D-DDE2-4ADB-A84F-6FA36532A46C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{81C2CB23-11BB-419B-BE0E-B32DD7E48B71}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{BC8083FE-8A80-43B2-9D53-6BFD93726AAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{DD9AD8CE-BD47-4A74-A631-4E4A5A9A967D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{24165090-20D1-4882-A9D3-49D9BB8BA7CD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5F6A1BCC-7C20-4177-B7BE-16763F1EB584}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{3AA5A1ED-FCA1-41D3-92C7-6B60AAB0B8AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{2F49E28E-118C-4326-82BF-9FCEE2FD5BD5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{3E044DEB-7BC9-4BE5-91E9-5999EA8893AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{24A0AF5D-CA7C-4FDF-A6C7-530AACC89E12}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

18-04-2023 20:14:02 Windows Modules Installer
19-04-2023 22:17:53 Removed LibreOffice 5.3.7.2
21-04-2023 12:06:08 Removed Google Update Helper
21-04-2023 12:11:53 Removed Google Update Helper

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (04/21/2023 12:15:34 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Das Sicherheitscenter konnte den Aufrufer nicht überprüfen. Der Fehler %1 ist aufgetreten.

Error: (04/21/2023 12:00:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (04/21/2023 12:00:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {edffc050-645a-41fd-9d79-4a1eb1d51fa6}

Error: (04/21/2023 10:57:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (04/21/2023 10:57:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (04/19/2023 04:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname ANNA-LENOVO-W10.local already in use; will try ANNA-LENOVO-W10-2.local instead

Error: (04/19/2023 04:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 ANNA-LENOVO-W10.local. Addr 192.168.178.66

Error: (04/19/2023 04:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.66:5353   16 ANNA-LENOVO-W10.local. AAAA 2A02:810A:14BF:CCE8:6753:C417:AABC:2718


Systemfehler:
=============
Error: (04/21/2023 12:16:29 PM) (Source: DCOM) (EventID: 10010) (User: ANNA-LENOVO-W10)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/21/2023 12:00:53 PM) (Source: DCOM) (EventID: 10010) (User: ANNA-LENOVO-W10)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/21/2023 09:46:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP

Error: (04/20/2023 09:03:58 PM) (Source: DCOM) (EventID: 10010) (User: ANNA-LENOVO-W10)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/20/2023 08:27:51 PM) (Source: DCOM) (EventID: 10010) (User: ANNA-LENOVO-W10)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/20/2023 07:08:50 PM) (Source: DCOM) (EventID: 10010) (User: ANNA-LENOVO-W10)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/20/2023 05:46:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP

Error: (04/20/2023 12:16:52 PM) (Source: DCOM) (EventID: 10010) (User: ANNA-LENOVO-W10)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2023-04-19 17:05:37
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5A61342C-43C9-4C86-8687-F9A088D6FFFF}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-04-19 01:21:40
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EE91A563-A813-4AE7-914F-B355E573FEB3}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Vollständige Überprüfung
Benutzer: ANNA-LENOVO-W10\Anna

Date: 2023-04-04 20:21:48
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {8A98C71A-57C5-4D08-A108-C467FD8E3B99}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-04-04 20:06:32
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi!mclg&threatid=2147784274&enterprise=0
Name: Backdoor:Win32/Bladabindi!mclg
Schweregrad: Schwerwiegend
Kategorie: Hintertür
Pfad: file:_C:\Windows\Temp\4ef247ec-11e3-fdbd-b857-be8b87284343\788bd5ca-828c-9cb0-707f-17bcc0ce7e76.exe; file:_C:\Windows\Temp\9539d4d7-53f8-70f9-24eb-5f8773a9b020\a3deedb8-7f46-12bc-5bff-97df1a4b83d6.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\nodejs\node.exe
Sicherheitsversion: AV: 1.385.1699.0, AS: 1.385.1699.0, NIS: 1.385.1699.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4

Date: 2023-04-04 20:06:30
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi!mclg&threatid=2147784274&enterprise=0
Name: Backdoor:Win32/Bladabindi!mclg
Schweregrad: Schwerwiegend
Kategorie: Hintertür
Pfad: file:_C:\Windows\Temp\4ef247ec-11e3-fdbd-b857-be8b87284343\788bd5ca-828c-9cb0-707f-17bcc0ce7e76.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\nodejs\node.exe
Sicherheitsversion: AV: 1.385.1699.0, AS: 1.385.1699.0, NIS: 1.385.1699.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4

CodeIntegrity:
===============
Date: 2023-04-21 12:27:28
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-23 19:58:20
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-16 16:40:38
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-15 21:59:49
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-05 17:28:19
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: LENOVO 4WCN47WW 06/30/2020
Hauptplatine: LENOVO LNVNB161216
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 8066.72 MB
Verfügbarer physikalischer RAM: 3117.19 MB
Summe virtueller Speicher: 10242.72 MB
Verfügbarer virtueller Speicher: 5213.61 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:90.78 GB) (Model: HFS256G3BTND-N210A) NTFS
Drive d: (Daten) (Fixed) (Total:25 GB) (Free:9.38 GB) (Model: HFS256G3BTND-N210A) NTFS

\\?\Volume{ebc8ede9-b046-4a13-88b1-1d79f48e841a}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.41 GB) NTFS
\\?\Volume{0a7f66c0-07fe-4aa2-9e89-29b2ecdf81db}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 161AE062)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
--- --- ---


Ich mache das zum ersten Mal so und daher habe ich keinen Vergleich zu "üblichen Einträgen". Mir scheinen aber die folgenden im aktuellen Zustand noch "verzichtbar" und ich vermute, eine Bereinigung wäre nicht verkehrt:

1. Die vier Edge Extensions mit dem Eintrag "[nicht gefunden]". Vielleicht hilft es zu wissen, dass wir den Edge gar nicht nutzen. Mir ist daher schleierhaft, wie diese Extensions hinzugekommen sein sollen - naja - bzw. inzwischen nicht mehr so schleierhaft. Und offenbar wurden die zugrundeliegenden Dateien auch (von Malwarebytes?) entfernt.

2. Es gibt immer noch mehrere Einträge mit "(Keine Datei)", insbesondere mit Bezug zu "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" - hierzu ist zu sagen, dass unter "C:\Program Files (x86)\Google" kein Unterordner namens "Update", wohl aber ein Unterordner "Updater" (mit finalem 'r') existiert, der dann auch einiges enthält. Meine Idee wäre es, alle diesbezüglichen Einträge zu bereinigen (und ich bewege anschl den "Updater"-Ordner weg von der Systempartition). Denn aktuell ist ja gar keine Google-Software mehr installiert. Vielleicht nur ein Lapsus seitens 'G', aber trotzdem.

Was meint ihr?

Edit 13:58 Uhr:

2.b Es gibt auch noch unter "Dienste" ein paar Einträge zur nicht existierenden "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe". Auch diese Einträge könnten bzw. sollten vermutlich lieber bereinigt werden? (Oder macht 'G' da irgendwelche Tricks, die man kennen muss?)


Geändert von fbin41 (21.04.2023 um 12:58 Uhr)

Alt 21.04.2023, 20:21   #21
M-K-D-B
/// TB-Ausbilder
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



Vielen Dank für die bereitgestellen Informationen und Logdateien.


Wir führen ein weiteres Skript mit FRST aus, damit sollten wir die letzten Reste auch wegbekommen. Dabei handelt es sich um ein Skript, welches ich verwende, wenn jemand Google Chrome komplett entfernen möchte. Dies schließt auch den "Google Update Helper" mit ein.




Schritt 1
WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Skript ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!
  • Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    SystemRestore: On 
    CreateRestorePoint:
    CloseProcesses:
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
    SearchScopes: HKU\S-1-5-21-624402189-1887333828-3918413586-1001 -> DefaultScope {53925601-2FCD-4A29-B367-60284FA6688C} URL = 
    SearchScopes: HKU\S-1-5-21-624402189-1887333828-3918413586-1001 -> {53925601-2FCD-4A29-B367-60284FA6688C} URL = 
    Task: {02D80AC4-EAFA-45C2-B1E8-A57ED4B3365F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Keine Datei)
    Task: {FC74E7F7-4AF3-446B-B664-A28AC6E02533} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (Keine Datei)
    Task: {DE80A756-8BA5-4FCF-9151-C798E96E9D20} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Keine Datei)
    Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
    Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
    Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
    Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
    Edge Extension: (Malwarebytes Browser Guard) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-04-20]
    Edge Extension: (Edge relevant text changes) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-20]
    Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
    Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
    CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
    CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
    S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
    DeleteKey: HKEY_CLASSES_ROOT\AppID\GoogleUpdate.exe
    DeleteKey: HKEY_CLASSES_ROOT\AppID\{708860E0-F641-4611-8895-7D867DD3675B}
    DeleteKey: HKEY_CLASSES_ROOT\ChromeHTML
    DeleteKey: HKEY_CLASSES_ROOT\CLSID\{1D68FC98-508A-49DF-B73F-7D63EFFE8358}
    DeleteKey: HKEY_CLASSES_ROOT\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}
    DeleteKey: HKEY_CLASSES_ROOT\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}
    DeleteKey: HKEY_CLASSES_ROOT\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04}
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoCreateAsync
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoCreateAsync.1.0
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoreClass
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoreClass.1
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoreMachineClass
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoreMachineClass.1
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CredentialDialogMachine
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CredentialDialogMachine.1.0
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachine
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachine.1.0
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachineFallback
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachineFallback.1.0
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassSvc
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassSvc.1.0
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.PolicyStatus
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.PolicyStatus.1.0
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.ProcessLauncher
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.ProcessLauncher.1.0
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3COMClassService
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3COMClassService.1.0
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachine
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachine.1.0
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachineFallback
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachineFallback.1.0
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebSvc
    DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebSvc.1.0
    DeleteKey: HKEY_CLASSES_ROOT\Installer\Products\A089CE062ADB6BC44A720BA745894BAC
    DeleteKey: HKEY_CLASSES_ROOT\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
    DeleteKey: HKEY_CLASSES_ROOT\Interface\{2D363682-561D-4C3A-81C6-F2F82107562A}
    DeleteKey: HKEY_CLASSES_ROOT\Interface\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B}
    DeleteKey: HKEY_CLASSES_ROOT\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}
    DeleteKey: HKEY_CLASSES_ROOT\Interface\{6DB17455-4E85-46E7-9D23-E555E4B005AF}
    DeleteKey: HKEY_CLASSES_ROOT\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
    DeleteKey: HKEY_CLASSES_ROOT\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
    DeleteKey: HKEY_CLASSES_ROOT\Interface\{909489C2-85A6-4322-AA56-D25278649D67}
    DeleteKey: HKEY_CLASSES_ROOT\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
    DeleteKey: HKEY_CLASSES_ROOT\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
    DeleteKey: HKEY_CLASSES_ROOT\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}
    DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\AppID\GoogleUpdate.exe
    DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\AppID\{708860E0-F641-4611-8895-7D867DD3675B}
    DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1D68FC98-508A-49DF-B73F-7D63EFFE8358}
    DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{25461599-633D-42B1-84FB-7CD68D026E53}
    DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{521FDB42-7130-4806-822A-FC5163FAD983}
    DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{534F5323-3569-4F42-919D-1E1CF93E5BF6}
    DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{598FE0E5-E02D-465D-9A9D-37974A28FD42}
    DeleteKey: HKEY_CLASSES_ROOT\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
    DeleteKey: HKEY_CLASSES_ROOT\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
    DeleteKey: HKEY_CLASSES_ROOT\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
    DeleteKey: HKEY_CLASSES_ROOT\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
    DeleteKey: HKEY_CLASSES_ROOT\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{008E91AA-A905-4206-A0FE-D4177E1C7BB1}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FD16473-86A0-4991-B88A-D48733BF9873}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A0AF39E-B30E-4174-9AF5-187EB932F596}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F35925E-5B64-4CD4-B319-5E63F29A5D7C}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22D15128-88AF-4CC2-814D-60E5D5B98878}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25468362-8138-43D8-8E29-DE8D09B16F6E}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{309C029E-6829-4717-8B10-CCBFCF6CFF65}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{315958A0-F5F6-4D47-85E3-F328675E42BC}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38D693FC-A8ED-4B97-A322-846F7DD9CE1D}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CD78BF9-EAFD-4FBC-900C-F89B3EBD425D}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49287933-E5A1-4341-AC0C-D77C259AEFAE}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{495617A4-8B01-4716-96FB-288E6E7A2EF4}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4EC3C18E-7203-41E7-990D-A72B57E286A9}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4FA480D8-32A4-4849-B774-DE8BD5242A4C}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51CC695F-CE3D-4465-AF5E-E6D7D56B7AE0}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{600FDFA3-1EA7-4792-9436-ABB5154A9EB2}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61095308-52CE-433B-9A66-57B9E5835B60}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62B032B7-F027-4274-BFB1-A0418EB9D0D9}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{649CCF8F-C1C9-4275-88B7-31CA8B31154C}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{667ABD49-6DCA-4B5D-A1F8-F1243CB404B0}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71D2697F-5C53-4AAD-98E8-7FAEA818C36B}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75BC6B63-B6F3-4F56-BD5B-26A290AD0F3C}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80CEDA75-4539-45AF-AA3E-8C4B2BF73774}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81E4DE90-AD0A-48C8-BE83-567EB91A0C27}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{877059AD-728E-447E-A97B-EFDB3F20DB2D}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{943FD346-D23E-42F3-8859-67F05CE92021}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96C3591E-04E3-4EF3-8A1A-3C9319E4DC83}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97C73AB9-10F4-474D-B65F-9943BE694247}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AAA1336-C131-4B16-9A86-7BAF3B3B76F8}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD181A86-8540-4EAA-A3D5-68FD744F9A89}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF8B3E35-A68A-4788-BDDA-76D8AE1C4064}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF5A7FAA-57D1-4FCF-88C1-B9D65A6AF11D}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFB16C71-7209-4534-8A47-AD6BABC3A66F}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3EA5C5C-31DF-437F-95E2-BCE4B2E83EE9}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CDF5DD86-4F10-4386-92AF-DF0F30719FDF}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D580254F-5E17-4AE0-9C41-60A0526A8ED6}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DCE425F4-1469-414F-AD07-8A5622C312B7}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E3C8EDEA-D6E5-49DF-A344-FE31D1F3F412}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9957D25-7EB7-42C8-AD32-06AF7776A788}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F44DC845-F9E1-4907-8D9C-1472F72E8326}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F8BC3B89-DD15-4DA2-B936-CEA2B2A35053}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFF5383C-8B35-4126-AF67-8A1B72D68D13}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Google.OneClickProcessLauncherMachine
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Google.OneClickProcessLauncherMachine.1.0
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Google.OneClickProcessLauncherMachine\CurVer
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{008E91AA-A905-4206-A0FE-D4177E1C7BB1}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0FD16473-86A0-4991-B88A-D48733BF9873}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1A0AF39E-B30E-4174-9AF5-187EB932F596}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1F35925E-5B64-4CD4-B319-5E63F29A5D7C}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{22D15128-88AF-4CC2-814D-60E5D5B98878}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{25468362-8138-43D8-8E29-DE8D09B16F6E}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{309C029E-6829-4717-8B10-CCBFCF6CFF65}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{315958A0-F5F6-4D47-85E3-F328675E42BC}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{38D693FC-A8ED-4B97-A322-846F7DD9CE1D}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3CD78BF9-EAFD-4FBC-900C-F89B3EBD425D}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{49287933-E5A1-4341-AC0C-D77C259AEFAE}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{495617A4-8B01-4716-96FB-288E6E7A2EF4}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4EC3C18E-7203-41E7-990D-A72B57E286A9}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4FA480D8-32A4-4849-B774-DE8BD5242A4C}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{51CC695F-CE3D-4465-AF5E-E6D7D56B7AE0}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{600FDFA3-1EA7-4792-9436-ABB5154A9EB2}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{61095308-52CE-433B-9A66-57B9E5835B60}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{62B032B7-F027-4274-BFB1-A0418EB9D0D9}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{649CCF8F-C1C9-4275-88B7-31CA8B31154C}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{667ABD49-6DCA-4B5D-A1F8-F1243CB404B0}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71D2697F-5C53-4AAD-98E8-7FAEA818C36B}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{75BC6B63-B6F3-4F56-BD5B-26A290AD0F3C}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{80CEDA75-4539-45AF-AA3E-8C4B2BF73774}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{81E4DE90-AD0A-48C8-BE83-567EB91A0C27}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{877059AD-728E-447E-A97B-EFDB3F20DB2D}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{943FD346-D23E-42F3-8859-67F05CE92021}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{96C3591E-04E3-4EF3-8A1A-3C9319E4DC83}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{97C73AB9-10F4-474D-B65F-9943BE694247}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9AAA1336-C131-4B16-9A86-7BAF3B3B76F8}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AD181A86-8540-4EAA-A3D5-68FD744F9A89}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AF8B3E35-A68A-4788-BDDA-76D8AE1C4064}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BF5A7FAA-57D1-4FCF-88C1-B9D65A6AF11D}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BFB16C71-7209-4534-8A47-AD6BABC3A66F}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C3EA5C5C-31DF-437F-95E2-BCE4B2E83EE9}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CDF5DD86-4F10-4386-92AF-DF0F30719FDF}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D580254F-5E17-4AE0-9C41-60A0526A8ED6}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DCE425F4-1469-414F-AD07-8A5622C312B7}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E3C8EDEA-D6E5-49DF-A344-FE31D1F3F412}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E9957D25-7EB7-42C8-AD32-06AF7776A788}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F44DC845-F9E1-4907-8D9C-1472F72E8326}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F8BC3B89-DD15-4DA2-B936-CEA2B2A35053}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FFF5383C-8B35-4126-AF67-8A1B72D68D13}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3D412914-1C4F-447D-80D2-E7F9BB302B05}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{831F99E1-2250-4065-8975-7408E726825F}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B35122D2-0036-4536-AEEA-EEA68E54A460}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C416C376-AEC5-4443-9D90-BEBA9434763B}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EF028154-CA20-4F73-ACBB-82451B78F1E6}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475416-B0D6-11D2-8C3B-00104B2A6676}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
    DeleteKey: HKEY_LOCAL_MACHINE\Software\Policies\Google
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B0E6BED-689D-3D0C-A3D7-ED36C01FEB19}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Chrome
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GoogleChromeElevationService
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gupdate
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gupdatem
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Chrome
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\GoogleChromeElevationService
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\gupdate
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\gupdatem
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Chrome
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\GoogleChromeElevationService
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gupdate
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gupdatem
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\GoogleChromeElevationService
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\gupdate
    DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\gupdatem
    DeleteKey: HKCU\SOFTWARE\Google
    DeleteKey: HKEY_USERS\.DEFAULT\Software\Google
    DeleteKey: HKEY_USERS\S-1-5-18\SOFTWARE\Google
    DeleteKey: HKEY_USERS\S-1-5-19\SOFTWARE\Google
    DeleteKey: HKEY_USERS\S-1-5-20\SOFTWARE\Google
    DeleteKey: HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome
    DeleteKey: HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\Google Chrome
    DeleteKey: HKLM\SOFTWARE\Google
    DeleteKey: HKLM\SOFTWARE\WOW6432Node\Google
    DeleteValue: HKLM\SOFTWARE\RegisteredApplications|Google Chrome
    DeleteValue: HKLM\SOFTWARE\Wow6432Node\RegisteredApplications|Google Chrome
    DeleteKey: HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
    DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleDefaultPadding
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthRedirectURI
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthTokenURI
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthURI
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleServer
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleUserInfoURI
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|AuthUri
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|Id
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|RefreshUri
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|Scope
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleDefaultPadding
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthRedirectURI
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthTokenURI
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthURI
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleServer
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleUserInfoURI
    DeleteValue: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    DeleteValue: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\Google\Chrome\Application\chrome.exe
    DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|AuthUri
    DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|Id
    DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|RefreshUri
    DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|Scope
    DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleDefaultPadding
    DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthRedirectURI
    DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthTokenURI
    DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthURI
    DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleServer
    DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleUserInfoURI
    
    DeleteKey: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Google
    DeleteKey: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\Chrome
    DeleteKey: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications\Backup\Chrome
    DeleteKey: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
    DeleteValue: HKEY_USERS\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|GoogleChromeAutoLaunch_16FD632C04F3106D558BB4FF7F76E7FF
    C:\Program Files (x86)\Google
    C:\Program Files\Google
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    C:\Users\AllUserName\AppData\Local\Google
    C:\Users\AllUserName\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    C:\Users\AllUserName\Desktop\Google Chrome.lnk
    C:\Windows\Prefetch\*CHROME*.pf
    C:\Windows\Prefetch\*GOOGLE*.pf
    C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore*
    C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore*
    C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineCore
    C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineUA
    C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineCore*
    C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineUA*
    startpowershell:
    Function Remove-all-windefend-excludes {
    $Paths=(Get-MpPreference).ExclusionPath
    $Extensions=(Get-MpPreference).ExclusionExtension
    $Processes=(Get-MpPreference).ExclusionProcess
    foreach ($Path in $Paths) { Remove-MpPreference -ExclusionPath $Path -force}
    foreach ($Extension in $Extensions) { Remove-MpPreference -ExclusionExtension $Extension -force}
    foreach ($Process in $Processes) { Remove-MpPreference -ExclusionProcess $Process -force}
    }
    Set-MpPreference -DisableAutoExclusions $true -Force
    Remove-all-windefend-excludes
    endpowershell:
    CMD: netsh winsock reset
    CMD: netsh int ip reset
    CMD: ipconfig /release
    CMD: ipconfig /renew
    CMD: ipconfig /flushdns
    CMD: ipconfig /registerdns
    CMD: netsh advfirewall reset
    CMD: netsh advfirewall set allprofiles state ON
    CMD: netsh winhttp reset proxy
    CMD: Bitsadmin /Reset /Allusers
    CMD: Winmgmt /salvagerepository 
    CMD: Winmgmt /resetrepository 
    CMD: winmgmt /resyncperf
    CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
    CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
    CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
    CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
    Hosts:
    RemoveProxy:
    EmptyTemp:
    Reboot:
    End::
             
  • Starte nun FRST und klicke direkt auf den Button Reparieren.
    Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!

  • Wichtig:
    • Bitte gedulde dich, sobald du die Reparatur gestartet hast. Je nach Art und Umfang der notwendigen Reparaturen kann dies einige Minuten dauern.
      Eventuell erhältst du während der Reparatur auch die Information "keine Rückmeldung" von FRST. Das ist normal, du musst nichts weiter tun, nur warten.
    • Mit dieser Reparatur werden alle temporären Dateien/Browserdaten sowie der Papierkorb gelöscht.
    • Mit dieser Reparatur werden die Windows Firewall-Einstellungen zurückgesetzt. Du wirst möglicherweise später aufgefordert, legitimen Programmen eine Erlaubnis/Ausnahme für die Firewall zu erteilen. Dies solltest du dann erlauben/zulassen.

  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Alt 23.04.2023, 08:24   #22
fbin41
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



Ich danke vielmals. Nachfolgend die Logs der gestigen Druchläufe.

Ich denke fast, das sollte es gewesen sein?

Zunächst die Fixlog:

Code:
ATTFilter
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-04-2023
durchgeführt von Anna (22-04-2023 10:02:07) Run:4
Gestartet von D:\Software\Farbar_x86_x64
Geladene Profile: Anna & athbi & Frank
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Start::
SystemRestore: On 
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
SearchScopes: HKU\S-1-5-21-624402189-1887333828-3918413586-1001 -> DefaultScope {53925601-2FCD-4A29-B367-60284FA6688C} URL = 
SearchScopes: HKU\S-1-5-21-624402189-1887333828-3918413586-1001 -> {53925601-2FCD-4A29-B367-60284FA6688C} URL = 
Task: {02D80AC4-EAFA-45C2-B1E8-A57ED4B3365F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Keine Datei)
Task: {FC74E7F7-4AF3-446B-B664-A28AC6E02533} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (Keine Datei)
Task: {DE80A756-8BA5-4FCF-9151-C798E96E9D20} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Keine Datei)
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-04-20]
Edge Extension: (Edge relevant text changes) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-20]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
DeleteKey: HKEY_CLASSES_ROOT\AppID\GoogleUpdate.exe
DeleteKey: HKEY_CLASSES_ROOT\AppID\{708860E0-F641-4611-8895-7D867DD3675B}
DeleteKey: HKEY_CLASSES_ROOT\ChromeHTML
DeleteKey: HKEY_CLASSES_ROOT\CLSID\{1D68FC98-508A-49DF-B73F-7D63EFFE8358}
DeleteKey: HKEY_CLASSES_ROOT\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}
DeleteKey: HKEY_CLASSES_ROOT\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}
DeleteKey: HKEY_CLASSES_ROOT\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04}
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoCreateAsync
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoCreateAsync.1.0
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoreClass
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoreClass.1
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoreMachineClass
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CoreMachineClass.1
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CredentialDialogMachine
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.CredentialDialogMachine.1.0
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachine
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachine.1.0
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachineFallback
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachineFallback.1.0
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassSvc
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassSvc.1.0
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.PolicyStatus
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.PolicyStatus.1.0
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.ProcessLauncher
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.ProcessLauncher.1.0
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3COMClassService
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3COMClassService.1.0
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachine
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachine.1.0
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachineFallback
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachineFallback.1.0
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebSvc
DeleteKey: HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebSvc.1.0
DeleteKey: HKEY_CLASSES_ROOT\Installer\Products\A089CE062ADB6BC44A720BA745894BAC
DeleteKey: HKEY_CLASSES_ROOT\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
DeleteKey: HKEY_CLASSES_ROOT\Interface\{2D363682-561D-4C3A-81C6-F2F82107562A}
DeleteKey: HKEY_CLASSES_ROOT\Interface\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B}
DeleteKey: HKEY_CLASSES_ROOT\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}
DeleteKey: HKEY_CLASSES_ROOT\Interface\{6DB17455-4E85-46E7-9D23-E555E4B005AF}
DeleteKey: HKEY_CLASSES_ROOT\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
DeleteKey: HKEY_CLASSES_ROOT\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
DeleteKey: HKEY_CLASSES_ROOT\Interface\{909489C2-85A6-4322-AA56-D25278649D67}
DeleteKey: HKEY_CLASSES_ROOT\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
DeleteKey: HKEY_CLASSES_ROOT\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
DeleteKey: HKEY_CLASSES_ROOT\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}
DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\AppID\GoogleUpdate.exe
DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\AppID\{708860E0-F641-4611-8895-7D867DD3675B}
DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1D68FC98-508A-49DF-B73F-7D63EFFE8358}
DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{25461599-633D-42B1-84FB-7CD68D026E53}
DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{521FDB42-7130-4806-822A-FC5163FAD983}
DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{534F5323-3569-4F42-919D-1E1CF93E5BF6}
DeleteKey: HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{598FE0E5-E02D-465D-9A9D-37974A28FD42}
DeleteKey: HKEY_CLASSES_ROOT\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
DeleteKey: HKEY_CLASSES_ROOT\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
DeleteKey: HKEY_CLASSES_ROOT\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
DeleteKey: HKEY_CLASSES_ROOT\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
DeleteKey: HKEY_CLASSES_ROOT\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{008E91AA-A905-4206-A0FE-D4177E1C7BB1}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FD16473-86A0-4991-B88A-D48733BF9873}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A0AF39E-B30E-4174-9AF5-187EB932F596}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F35925E-5B64-4CD4-B319-5E63F29A5D7C}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22D15128-88AF-4CC2-814D-60E5D5B98878}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25468362-8138-43D8-8E29-DE8D09B16F6E}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{309C029E-6829-4717-8B10-CCBFCF6CFF65}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{315958A0-F5F6-4D47-85E3-F328675E42BC}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38D693FC-A8ED-4B97-A322-846F7DD9CE1D}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CD78BF9-EAFD-4FBC-900C-F89B3EBD425D}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49287933-E5A1-4341-AC0C-D77C259AEFAE}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{495617A4-8B01-4716-96FB-288E6E7A2EF4}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4EC3C18E-7203-41E7-990D-A72B57E286A9}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4FA480D8-32A4-4849-B774-DE8BD5242A4C}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51CC695F-CE3D-4465-AF5E-E6D7D56B7AE0}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{600FDFA3-1EA7-4792-9436-ABB5154A9EB2}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61095308-52CE-433B-9A66-57B9E5835B60}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62B032B7-F027-4274-BFB1-A0418EB9D0D9}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{649CCF8F-C1C9-4275-88B7-31CA8B31154C}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{667ABD49-6DCA-4B5D-A1F8-F1243CB404B0}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71D2697F-5C53-4AAD-98E8-7FAEA818C36B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75BC6B63-B6F3-4F56-BD5B-26A290AD0F3C}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80CEDA75-4539-45AF-AA3E-8C4B2BF73774}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81E4DE90-AD0A-48C8-BE83-567EB91A0C27}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{877059AD-728E-447E-A97B-EFDB3F20DB2D}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{943FD346-D23E-42F3-8859-67F05CE92021}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96C3591E-04E3-4EF3-8A1A-3C9319E4DC83}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97C73AB9-10F4-474D-B65F-9943BE694247}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AAA1336-C131-4B16-9A86-7BAF3B3B76F8}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD181A86-8540-4EAA-A3D5-68FD744F9A89}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF8B3E35-A68A-4788-BDDA-76D8AE1C4064}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF5A7FAA-57D1-4FCF-88C1-B9D65A6AF11D}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFB16C71-7209-4534-8A47-AD6BABC3A66F}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3EA5C5C-31DF-437F-95E2-BCE4B2E83EE9}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CDF5DD86-4F10-4386-92AF-DF0F30719FDF}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D580254F-5E17-4AE0-9C41-60A0526A8ED6}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DCE425F4-1469-414F-AD07-8A5622C312B7}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E3C8EDEA-D6E5-49DF-A344-FE31D1F3F412}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9957D25-7EB7-42C8-AD32-06AF7776A788}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F44DC845-F9E1-4907-8D9C-1472F72E8326}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F8BC3B89-DD15-4DA2-B936-CEA2B2A35053}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFF5383C-8B35-4126-AF67-8A1B72D68D13}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Google.OneClickProcessLauncherMachine
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Google.OneClickProcessLauncherMachine.1.0
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Google.OneClickProcessLauncherMachine\CurVer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{008E91AA-A905-4206-A0FE-D4177E1C7BB1}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0FD16473-86A0-4991-B88A-D48733BF9873}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1A0AF39E-B30E-4174-9AF5-187EB932F596}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1F35925E-5B64-4CD4-B319-5E63F29A5D7C}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{22D15128-88AF-4CC2-814D-60E5D5B98878}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{25468362-8138-43D8-8E29-DE8D09B16F6E}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{309C029E-6829-4717-8B10-CCBFCF6CFF65}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{315958A0-F5F6-4D47-85E3-F328675E42BC}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{38D693FC-A8ED-4B97-A322-846F7DD9CE1D}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3CD78BF9-EAFD-4FBC-900C-F89B3EBD425D}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{49287933-E5A1-4341-AC0C-D77C259AEFAE}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{495617A4-8B01-4716-96FB-288E6E7A2EF4}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4EC3C18E-7203-41E7-990D-A72B57E286A9}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4FA480D8-32A4-4849-B774-DE8BD5242A4C}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{51CC695F-CE3D-4465-AF5E-E6D7D56B7AE0}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{600FDFA3-1EA7-4792-9436-ABB5154A9EB2}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{61095308-52CE-433B-9A66-57B9E5835B60}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{62B032B7-F027-4274-BFB1-A0418EB9D0D9}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{649CCF8F-C1C9-4275-88B7-31CA8B31154C}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{667ABD49-6DCA-4B5D-A1F8-F1243CB404B0}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71D2697F-5C53-4AAD-98E8-7FAEA818C36B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{75BC6B63-B6F3-4F56-BD5B-26A290AD0F3C}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{80CEDA75-4539-45AF-AA3E-8C4B2BF73774}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{81E4DE90-AD0A-48C8-BE83-567EB91A0C27}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{877059AD-728E-447E-A97B-EFDB3F20DB2D}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{943FD346-D23E-42F3-8859-67F05CE92021}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{96C3591E-04E3-4EF3-8A1A-3C9319E4DC83}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{97C73AB9-10F4-474D-B65F-9943BE694247}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9AAA1336-C131-4B16-9A86-7BAF3B3B76F8}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AD181A86-8540-4EAA-A3D5-68FD744F9A89}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AF8B3E35-A68A-4788-BDDA-76D8AE1C4064}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BF5A7FAA-57D1-4FCF-88C1-B9D65A6AF11D}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BFB16C71-7209-4534-8A47-AD6BABC3A66F}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C3EA5C5C-31DF-437F-95E2-BCE4B2E83EE9}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CDF5DD86-4F10-4386-92AF-DF0F30719FDF}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D580254F-5E17-4AE0-9C41-60A0526A8ED6}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DCE425F4-1469-414F-AD07-8A5622C312B7}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E3C8EDEA-D6E5-49DF-A344-FE31D1F3F412}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E9957D25-7EB7-42C8-AD32-06AF7776A788}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F44DC845-F9E1-4907-8D9C-1472F72E8326}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F8BC3B89-DD15-4DA2-B936-CEA2B2A35053}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FFF5383C-8B35-4126-AF67-8A1B72D68D13}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3D412914-1C4F-447D-80D2-E7F9BB302B05}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{831F99E1-2250-4065-8975-7408E726825F}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B35122D2-0036-4536-AEEA-EEA68E54A460}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C416C376-AEC5-4443-9D90-BEBA9434763B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EF028154-CA20-4F73-ACBB-82451B78F1E6}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475416-B0D6-11D2-8C3B-00104B2A6676}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
DeleteKey: HKEY_LOCAL_MACHINE\Software\Policies\Google
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B0E6BED-689D-3D0C-A3D7-ED36C01FEB19}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Chrome
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GoogleChromeElevationService
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gupdate
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gupdatem
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Chrome
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\GoogleChromeElevationService
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\gupdate
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\gupdatem
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Chrome
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\GoogleChromeElevationService
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gupdate
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gupdatem
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\GoogleChromeElevationService
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\gupdate
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\gupdatem
DeleteKey: HKCU\SOFTWARE\Google
DeleteKey: HKEY_USERS\.DEFAULT\Software\Google
DeleteKey: HKEY_USERS\S-1-5-18\SOFTWARE\Google
DeleteKey: HKEY_USERS\S-1-5-19\SOFTWARE\Google
DeleteKey: HKEY_USERS\S-1-5-20\SOFTWARE\Google
DeleteKey: HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\Google Chrome
DeleteKey: HKLM\SOFTWARE\Google
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Google
DeleteValue: HKLM\SOFTWARE\RegisteredApplications|Google Chrome
DeleteValue: HKLM\SOFTWARE\Wow6432Node\RegisteredApplications|Google Chrome
DeleteKey: HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleDefaultPadding
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthRedirectURI
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthTokenURI
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthURI
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleServer
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleUserInfoURI
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|AuthUri
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|Id
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|RefreshUri
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|Scope
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleDefaultPadding
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthRedirectURI
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthTokenURI
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthURI
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleServer
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleUserInfoURI
DeleteValue: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DeleteValue: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\Google\Chrome\Application\chrome.exe
DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|AuthUri
DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|Id
DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|RefreshUri
DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail|Scope
DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleDefaultPadding
DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthRedirectURI
DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthTokenURI
DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleOAuthURI
DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleServer
DeleteValue:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync|GoogleUserInfoURI

DeleteKey: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Google
DeleteKey: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\Chrome
DeleteKey: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications\Backup\Chrome
DeleteKey: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
DeleteValue: HKEY_USERS\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|GoogleChromeAutoLaunch_16FD632C04F3106D558BB4FF7F76E7FF
C:\Program Files (x86)\Google
C:\Program Files\Google
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
C:\Users\AllUserName\AppData\Local\Google
C:\Users\AllUserName\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
C:\Users\AllUserName\Desktop\Google Chrome.lnk
C:\Windows\Prefetch\*CHROME*.pf
C:\Windows\Prefetch\*GOOGLE*.pf
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore*
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore*
C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineCore
C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineCore*
C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineUA*
startpowershell:
Function Remove-all-windefend-excludes {
$Paths=(Get-MpPreference).ExclusionPath
$Extensions=(Get-MpPreference).ExclusionExtension
$Processes=(Get-MpPreference).ExclusionProcess
foreach ($Path in $Paths) { Remove-MpPreference -ExclusionPath $Path -force}
foreach ($Extension in $Extensions) { Remove-MpPreference -ExclusionExtension $Extension -force}
foreach ($Process in $Processes) { Remove-MpPreference -ExclusionProcess $Process -force}
}
Set-MpPreference -DisableAutoExclusions $true -Force
Remove-all-windefend-excludes
endpowershell:
CMD: netsh winsock reset
CMD: netsh int ip reset
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: ipconfig /registerdns
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winhttp reset proxy
CMD: Bitsadmin /Reset /Allusers
CMD: Winmgmt /salvagerepository 
CMD: Winmgmt /resetrepository 
CMD: winmgmt /resyncperf
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
Hosts:
RemoveProxy:
EmptyTemp:
Reboot:
End::
*****************

SystemRestore: On => abgeschlossen
Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozesse erfolgreich geschlossen.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => erfolgreich entfernt
"HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => erfolgreich entfernt
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{53925601-2FCD-4A29-B367-60284FA6688C} => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02D80AC4-EAFA-45C2-B1E8-A57ED4B3365F}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02D80AC4-EAFA-45C2-B1E8-A57ED4B3365F}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC74E7F7-4AF3-446B-B664-A28AC6E02533}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC74E7F7-4AF3-446B-B664-A28AC6E02533}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE80A756-8BA5-4FCF-9151-C798E96E9D20}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE80A756-8BA5-4FCF-9151-C798E96E9D20}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask" => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => erfolgreich entfernt
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-04-20] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Edge Extension: (Edge relevant text changes) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-20] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKLM\SOFTWARE\Microsoft\Edge\Extensions\bojobppfploabceghnmlahpoonbcbacn => erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Edge\Extensions\bojobppfploabceghnmlahpoonbcbacn => erfolgreich entfernt
HKLM\SOFTWARE\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\gupdate => erfolgreich entfernt
gupdate => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\gupdatem => erfolgreich entfernt
gupdatem => Dienst erfolgreich entfernt
HKEY_CLASSES_ROOT\AppID\GoogleUpdate.exe => erfolgreich entfernt
HKEY_CLASSES_ROOT\AppID\{708860E0-F641-4611-8895-7D867DD3675B} => nicht gefunden
HKEY_CLASSES_ROOT\ChromeHTML => nicht gefunden
HKEY_CLASSES_ROOT\CLSID\{1D68FC98-508A-49DF-B73F-7D63EFFE8358} => erfolgreich entfernt
HKEY_CLASSES_ROOT\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928} => erfolgreich entfernt
HKEY_CLASSES_ROOT\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD} => nicht gefunden
HKEY_CLASSES_ROOT\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04} => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.CoCreateAsync => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.CoCreateAsync.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.CoreClass => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.CoreClass.1 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.CoreMachineClass => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.CoreMachineClass.1 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.CredentialDialogMachine => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.CredentialDialogMachine.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachine => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachine.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachineFallback => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassMachineFallback.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassSvc => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.OnDemandCOMClassSvc.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.PolicyStatus => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.PolicyStatus.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.ProcessLauncher => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.ProcessLauncher.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.Update3COMClassService => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.Update3COMClassService.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachine => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachine.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachineFallback => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebMachineFallback.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebSvc => erfolgreich entfernt
HKEY_CLASSES_ROOT\GoogleUpdate.Update3WebSvc.1.0 => erfolgreich entfernt
HKEY_CLASSES_ROOT\Installer\Products\A089CE062ADB6BC44A720BA745894BAC => nicht gefunden
HKEY_CLASSES_ROOT\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Interface\{2D363682-561D-4C3A-81C6-F2F82107562A} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Interface\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Interface\{6DB17455-4E85-46E7-9D23-E555E4B005AF} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Interface\{909489C2-85A6-4322-AA56-D25278649D67} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} => erfolgreich entfernt
HKEY_CLASSES_ROOT\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8} => nicht gefunden
"HKEY_CLASSES_ROOT\Wow6432Node\AppID\GoogleUpdate.exe" => nicht gefunden
"HKEY_CLASSES_ROOT\Wow6432Node\AppID\{708860E0-F641-4611-8895-7D867DD3675B}" => nicht gefunden
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1D68FC98-508A-49DF-B73F-7D63EFFE8358} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{25461599-633D-42B1-84FB-7CD68D026E53} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{521FDB42-7130-4806-822A-FC5163FAD983} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{534F5323-3569-4F42-919D-1E1CF93E5BF6} => erfolgreich entfernt
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{598FE0E5-E02D-465D-9A9D-37974A28FD42} => erfolgreich entfernt
HKEY_CLASSES_ROOT\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} => erfolgreich entfernt
HKEY_CLASSES_ROOT\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B} => erfolgreich entfernt
HKEY_CLASSES_ROOT\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} => erfolgreich entfernt
HKEY_CLASSES_ROOT\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} => erfolgreich entfernt
HKEY_CLASSES_ROOT\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{008E91AA-A905-4206-A0FE-D4177E1C7BB1} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FD16473-86A0-4991-B88A-D48733BF9873} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A0AF39E-B30E-4174-9AF5-187EB932F596} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F35925E-5B64-4CD4-B319-5E63F29A5D7C} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22D15128-88AF-4CC2-814D-60E5D5B98878} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25468362-8138-43D8-8E29-DE8D09B16F6E} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{309C029E-6829-4717-8B10-CCBFCF6CFF65} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{315958A0-F5F6-4D47-85E3-F328675E42BC} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38D693FC-A8ED-4B97-A322-846F7DD9CE1D} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CD78BF9-EAFD-4FBC-900C-F89B3EBD425D} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49287933-E5A1-4341-AC0C-D77C259AEFAE} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{495617A4-8B01-4716-96FB-288E6E7A2EF4} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4EC3C18E-7203-41E7-990D-A72B57E286A9} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4FA480D8-32A4-4849-B774-DE8BD5242A4C} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51CC695F-CE3D-4465-AF5E-E6D7D56B7AE0} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{600FDFA3-1EA7-4792-9436-ABB5154A9EB2} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61095308-52CE-433B-9A66-57B9E5835B60} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62B032B7-F027-4274-BFB1-A0418EB9D0D9} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{649CCF8F-C1C9-4275-88B7-31CA8B31154C} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{667ABD49-6DCA-4B5D-A1F8-F1243CB404B0} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71D2697F-5C53-4AAD-98E8-7FAEA818C36B} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75BC6B63-B6F3-4F56-BD5B-26A290AD0F3C} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80CEDA75-4539-45AF-AA3E-8C4B2BF73774} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81E4DE90-AD0A-48C8-BE83-567EB91A0C27} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{877059AD-728E-447E-A97B-EFDB3F20DB2D} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{943FD346-D23E-42F3-8859-67F05CE92021} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96C3591E-04E3-4EF3-8A1A-3C9319E4DC83} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97C73AB9-10F4-474D-B65F-9943BE694247} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AAA1336-C131-4B16-9A86-7BAF3B3B76F8} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD181A86-8540-4EAA-A3D5-68FD744F9A89} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF8B3E35-A68A-4788-BDDA-76D8AE1C4064} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF5A7FAA-57D1-4FCF-88C1-B9D65A6AF11D} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFB16C71-7209-4534-8A47-AD6BABC3A66F} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3EA5C5C-31DF-437F-95E2-BCE4B2E83EE9} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CDF5DD86-4F10-4386-92AF-DF0F30719FDF} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D580254F-5E17-4AE0-9C41-60A0526A8ED6} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DCE425F4-1469-414F-AD07-8A5622C312B7} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E3C8EDEA-D6E5-49DF-A344-FE31D1F3F412} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9957D25-7EB7-42C8-AD32-06AF7776A788} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F44DC845-F9E1-4907-8D9C-1472F72E8326} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F8BC3B89-DD15-4DA2-B936-CEA2B2A35053} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFF5383C-8B35-4126-AF67-8A1B72D68D13} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Google.OneClickProcessLauncherMachine => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Google.OneClickProcessLauncherMachine.1.0 => erfolgreich entfernt
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Google.OneClickProcessLauncherMachine\CurVer" => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{008E91AA-A905-4206-A0FE-D4177E1C7BB1} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0FD16473-86A0-4991-B88A-D48733BF9873} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1A0AF39E-B30E-4174-9AF5-187EB932F596} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1F35925E-5B64-4CD4-B319-5E63F29A5D7C} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{22D15128-88AF-4CC2-814D-60E5D5B98878} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{25468362-8138-43D8-8E29-DE8D09B16F6E} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{309C029E-6829-4717-8B10-CCBFCF6CFF65} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{315958A0-F5F6-4D47-85E3-F328675E42BC} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{38D693FC-A8ED-4B97-A322-846F7DD9CE1D} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3CD78BF9-EAFD-4FBC-900C-F89B3EBD425D} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{49287933-E5A1-4341-AC0C-D77C259AEFAE} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{495617A4-8B01-4716-96FB-288E6E7A2EF4} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4EC3C18E-7203-41E7-990D-A72B57E286A9} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4FA480D8-32A4-4849-B774-DE8BD5242A4C} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{51CC695F-CE3D-4465-AF5E-E6D7D56B7AE0} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{600FDFA3-1EA7-4792-9436-ABB5154A9EB2} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{61095308-52CE-433B-9A66-57B9E5835B60} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{62B032B7-F027-4274-BFB1-A0418EB9D0D9} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{649CCF8F-C1C9-4275-88B7-31CA8B31154C} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{667ABD49-6DCA-4B5D-A1F8-F1243CB404B0} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71D2697F-5C53-4AAD-98E8-7FAEA818C36B} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{75BC6B63-B6F3-4F56-BD5B-26A290AD0F3C} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{80CEDA75-4539-45AF-AA3E-8C4B2BF73774} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{81E4DE90-AD0A-48C8-BE83-567EB91A0C27} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{877059AD-728E-447E-A97B-EFDB3F20DB2D} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{943FD346-D23E-42F3-8859-67F05CE92021} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{96C3591E-04E3-4EF3-8A1A-3C9319E4DC83} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{97C73AB9-10F4-474D-B65F-9943BE694247} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9AAA1336-C131-4B16-9A86-7BAF3B3B76F8} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AD181A86-8540-4EAA-A3D5-68FD744F9A89} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AF8B3E35-A68A-4788-BDDA-76D8AE1C4064} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BF5A7FAA-57D1-4FCF-88C1-B9D65A6AF11D} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BFB16C71-7209-4534-8A47-AD6BABC3A66F} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C3EA5C5C-31DF-437F-95E2-BCE4B2E83EE9} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CDF5DD86-4F10-4386-92AF-DF0F30719FDF} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D580254F-5E17-4AE0-9C41-60A0526A8ED6} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DCE425F4-1469-414F-AD07-8A5622C312B7} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E3C8EDEA-D6E5-49DF-A344-FE31D1F3F412} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E9957D25-7EB7-42C8-AD32-06AF7776A788} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F44DC845-F9E1-4907-8D9C-1472F72E8326} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F8BC3B89-DD15-4DA2-B936-CEA2B2A35053} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FFF5383C-8B35-4126-AF67-8A1B72D68D13} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3D412914-1C4F-447D-80D2-E7F9BB302B05} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{831F99E1-2250-4065-8975-7408E726825F} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B35122D2-0036-4536-AEEA-EEA68E54A460} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C416C376-AEC5-4443-9D90-BEBA9434763B} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EF028154-CA20-4F73-ACBB-82451B78F1E6} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475416-B0D6-11D2-8C3B-00104B2A6676} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome => nicht gefunden
HKEY_LOCAL_MACHINE\Software\Policies\Google => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B0E6BED-689D-3D0C-A3D7-ED36C01FEB19} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} => nicht gefunden
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Chrome => nicht gefunden
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GoogleChromeElevationService => nicht gefunden
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gupdate => nicht gefunden
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gupdatem => nicht gefunden
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Chrome" => nicht gefunden
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\GoogleChromeElevationService" => nicht gefunden
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\gupdate" => nicht gefunden
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\gupdatem" => nicht gefunden
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Chrome => nicht gefunden
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\GoogleChromeElevationService => nicht gefunden
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gupdate => nicht gefunden
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gupdatem => nicht gefunden
HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\GoogleChromeElevationService => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\gupdate => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\gupdatem => erfolgreich entfernt
HKCU\SOFTWARE\Google => erfolgreich entfernt
HKEY_USERS\.DEFAULT\Software\Google => nicht gefunden
HKEY_USERS\S-1-5-18\SOFTWARE\Google => nicht gefunden
"HKEY_USERS\S-1-5-19\SOFTWARE\Google" => erfolgreich entfernt
"HKEY_USERS\S-1-5-20\SOFTWARE\Google" => erfolgreich entfernt
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome => nicht gefunden
HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\Google Chrome => nicht gefunden
"HKLM\SOFTWARE\Google" => erfolgreich entfernt
HKLM\SOFTWARE\WOW6432Node\Google => erfolgreich entfernt
"HKLM\SOFTWARE\RegisteredApplications\\Google Chrome" => nicht gefunden
"HKLM\SOFTWARE\Wow6432Node\RegisteredApplications\\Google Chrome" => nicht gefunden
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => nicht gefunden
HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => nicht gefunden
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} => Fehler = 6
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleDefaultPadding" => erfolgreich entfernt
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleOAuthRedirectURI" => erfolgreich entfernt
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleOAuthTokenURI" => erfolgreich entfernt
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleOAuthURI" => erfolgreich entfernt
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleServer" => erfolgreich entfernt
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleUserInfoURI" => erfolgreich entfernt
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleDefaultPadding" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleOAuthRedirectURI" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleOAuthTokenURI" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleOAuthURI" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleServer" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleUserInfoURI" => nicht gefunden
"HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" => nicht gefunden
"HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files\Google\Chrome\Application\chrome.exe" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\WebAuth\Gmail" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleDefaultPadding" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleOAuthRedirectURI" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleOAuthTokenURI" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleOAuthURI" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleServer" => nicht gefunden
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSync\\GoogleUserInfoURI" => nicht gefunden
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Google => nicht gefunden
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\Chrome => nicht gefunden
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications\Backup\Chrome => nicht gefunden
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => nicht gefunden
"HKEY_USERS\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\GoogleChromeAutoLaunch_16FD632C04F3106D558BB4FF7F76E7FF" => nicht gefunden
C:\Program Files (x86)\Google => erfolgreich verschoben
"C:\Program Files\Google" => nicht gefunden
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk" => nicht gefunden
"C:\Users\ProgramData\AppData\Local\Google" => nicht gefunden
C:\Users\athbi\AppData\Local\Google => erfolgreich verschoben
C:\Users\athbi.LAPTOP-P33CJ5M1\AppData\Local\Google => erfolgreich verschoben
"C:\Users\Default\AppData\Local\Google" => nicht gefunden
C:\Users\Frank\AppData\Local\Google => erfolgreich verschoben
"C:\Users\Public\AppData\Local\Google" => nicht gefunden
"C:\Users\ProgramData\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk" => nicht gefunden
"C:\Users\athbi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk" => nicht gefunden
C:\Users\athbi.LAPTOP-P33CJ5M1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => erfolgreich verschoben
"C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk" => nicht gefunden
C:\Users\Frank\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => erfolgreich verschoben
"C:\Users\Public\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk" => nicht gefunden
"C:\Users\ProgramData\Desktop\Google Chrome.lnk" => nicht gefunden
"C:\Users\athbi\Desktop\Google Chrome.lnk" => nicht gefunden
"C:\Users\athbi.LAPTOP-P33CJ5M1\Desktop\Google Chrome.lnk" => nicht gefunden
"C:\Users\Default\Desktop\Google Chrome.lnk" => nicht gefunden
"C:\Users\Frank\Desktop\Google Chrome.lnk" => nicht gefunden
"C:\Users\Public\Desktop\Google Chrome.lnk" => nicht gefunden

=========== "C:\Windows\Prefetch\*CHROME*.pf" ==========

C:\Windows\Prefetch\CHROME.EXE-5349D2D7.pf => erfolgreich verschoben
C:\Windows\Prefetch\CHROME.EXE-5349D2DF.pf => erfolgreich verschoben

========= Ende -> "C:\Windows\Prefetch\*CHROME*.pf" ========


=========== "C:\Windows\Prefetch\*GOOGLE*.pf" ==========

nicht gefunden

========= Ende -> "C:\Windows\Prefetch\*GOOGLE*.pf" ========

"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => nicht gefunden
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => nicht gefunden

=========== "C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore*" ==========

nicht gefunden

========= Ende -> "C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore*" ========


=========== "C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore*" ==========

nicht gefunden

========= Ende -> "C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore*" ========

C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineCore => erfolgreich verschoben
C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineUA => erfolgreich verschoben

=========== "C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineCore*" ==========

nicht gefunden

========= Ende -> "C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineCore*" ========


=========== "C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineUA*" ==========

nicht gefunden

========= Ende -> "C:\Windows\System32\Tasks_Migrated\GoogleUpdateTaskMachineUA*" ========


========= Powershell: =========


========= Ende von Powershell: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


========= netsh int ip reset =========

Depotweiterleitung wird zurckgesetzt... OK
Depot wird zurckgesetzt... OK
Steuerungsprotokoll wird zurckgesetzt... OK
Echosequenzanforderung wird zurckgesetzt... OK
Global wird zurckgesetzt... OK
Schnittstelle wird zurckgesetzt... OK
Anycastadresse wird zurckgesetzt... OK
Multicastadresse wird zurckgesetzt... OK
Unicastadresse wird zurckgesetzt... OK
Nachbar wird zurckgesetzt... OK
Pfad wird zurckgesetzt... OK
Potentiell wird zurckgesetzt... OK
Pr„fixrichtlinie wird zurckgesetzt... OK
Proxynachbar wird zurckgesetzt... OK
Route wird zurckgesetzt... OK
Standordpr„fix wird zurckgesetzt... OK
Unterschnittstelle wird zurckgesetzt... OK
Reaktivierungsmuster wird zurckgesetzt... OK
Nachbar aufl”sen wird zurckgesetzt... OK
 wird zurckgesetzt... OK
 wird zurckgesetzt... OK
 wird zurckgesetzt... OK
 wird zurckgesetzt... OK
 wird zurckgesetzt... Fehler
Zugriff verweigert

 wird zurckgesetzt... OK
 wird zurckgesetzt... OK
 wird zurckgesetzt... OK
 wird zurckgesetzt... OK
 wird zurckgesetzt... OK
 wird zurckgesetzt... OK
 wird zurckgesetzt... OK
 wird zurckgesetzt... OK
Starten Sie den Computer neu, um die Aktion abzuschlieáen.


========= Ende von CMD: =========


========= ipconfig /release =========


Windows-IP-Konfiguration

Es kann kein Vorgang auf Ethernet ausgefhrt werden, solange dessen Medium nicht
verbunden ist.
Es kann kein Vorgang auf LAN-Verbindung* 1 ausgefhrt werden, solange dessen Medium nicht
verbunden ist.
Es kann kein Vorgang auf LAN-Verbindung* 2 ausgefhrt werden, solange dessen Medium nicht
verbunden ist.

Ethernet-Adapter Ethernet:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: 

Drahtlos-LAN-Adapter LAN-Verbindung* 1:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: 

Drahtlos-LAN-Adapter LAN-Verbindung* 2:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: 

Drahtlos-LAN-Adapter WLAN:

   Verbindungsspezifisches DNS-Suffix: 
   IPv6-Adresse. . . . . . . . . . . : 2a02:810a:14bf:cce8:6753:c417:aabc:2718
   Tempor„re IPv6-Adresse. . . . . . : 2a02:810a:14bf:cce8:fc5f:5724:68aa:5fc6
   Verbindungslokale IPv6-Adresse  . : fe80::83e7:f238:1e5:4bb8%7
   Standardgateway . . . . . . . . . : fe80::3631:c4ff:fe89:119c%7

========= Ende von CMD: =========


========= ipconfig /renew =========


Windows-IP-Konfiguration

Es kann kein Vorgang auf Ethernet ausgefhrt werden, solange dessen Medium nicht
verbunden ist.
Es kann kein Vorgang auf LAN-Verbindung* 1 ausgefhrt werden, solange dessen Medium nicht
verbunden ist.
Es kann kein Vorgang auf LAN-Verbindung* 2 ausgefhrt werden, solange dessen Medium nicht
verbunden ist.

Ethernet-Adapter Ethernet:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: 

Drahtlos-LAN-Adapter LAN-Verbindung* 1:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: 

Drahtlos-LAN-Adapter LAN-Verbindung* 2:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: 

Drahtlos-LAN-Adapter WLAN:

   Verbindungsspezifisches DNS-Suffix: fritz.box
   IPv6-Adresse. . . . . . . . . . . : 2a02:810a:14bf:cce8:6753:c417:aabc:2718
   Tempor„re IPv6-Adresse. . . . . . : 2a02:810a:14bf:cce8:fc5f:5724:68aa:5fc6
   Verbindungslokale IPv6-Adresse  . : fe80::83e7:f238:1e5:4bb8%7
   IPv4-Adresse  . . . . . . . . . . : 192.168.178.66
   Subnetzmaske  . . . . . . . . . . : 255.255.255.0
   Standardgateway . . . . . . . . . : fe80::3631:c4ff:fe89:119c%7
                                       192.168.178.1

========= Ende von CMD: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= ipconfig /registerdns =========


Windows-IP-Konfiguration

Die Registrierung der DNS-Ressourceneintr„ge fr alle Adapter dieses Computer wurde initialisiert. Fehler werden in der Ereignisanzeige in 15 Minuten aufgefhrt.

========= Ende von CMD: =========


========= netsh advfirewall reset =========

OK.


========= Ende von CMD: =========


========= netsh advfirewall set allprofiles state ON =========

OK.


========= Ende von CMD: =========


========= netsh winhttp reset proxy =========


Aktuelle WinHTTP-Proxyeinstellungen:

    DirectAccess (kein Proxyserver).


========= Ende von CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{8183ED74-A7E6-4AEC-B35D-671ADB5A6942} canceled.
1 out of 1 jobs canceled.

========= Ende von CMD: =========


========= Winmgmt /salvagerepository =========

Das WMI-Repository ist konsistent.

========= Ende von CMD: =========


========= Winmgmt /resetrepository =========

Das WMI-Repository wurde zurckgesetzt.

========= Ende von CMD: =========


========= winmgmt /resyncperf =========

0
========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Fehler: Die Leistungsindikatoreinstellung konnte nicht aus dem Systemsicherungsspeicher neu erstellt werden. Fehlercode: 2.
========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========

C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.

========= RemoveProxy: =========

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-624402189-1887333828-3918413586-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-624402189-1887333828-3918413586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-624402189-1887333828-3918413586-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-624402189-1887333828-3918413586-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-624402189-1887333828-3918413586-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========== EmptyTemp: ==========

FlushDNS => abgeschlossen
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40187509 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 9722285 B
Edge => 0 B
Firefox => 38757826 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 30530 B
NetworkService => 35186 B
athbi => 32700921 B
athbi.LAPTOP-P33CJ5M1 => 32700921 B
Frank => 32700921 B

RecycleBin => 0 B
EmptyTemp: => 178.2 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:07:58 ====
         
Dann das danach erstellte FRST Log:


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2023
durchgeführt von Anna (Administrator) auf ANNA-LENOVO-W10 (LENOVO 80YL) (22-04-2023 14:39:32)
Gestartet von D:\Software\Farbar_x86_x64\FRST64.exe
Geladene Profile: Anna
Plattform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <7>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\IntelCpHeciSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [894376 2017-04-14] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1922496 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [362056 2022-05-05] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-04-15] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\Run: [MicrosoftEdgeAutoLaunch_88349514007821BC009C7118188706C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP 7012 Status Monitor: C:\Windows\system32\hpinksts7012LM.dll [328704 2014-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet Pro 8620): C:\Windows\system32\HPDiscoPM7012.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Startup: C:\Users\athbi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-01-07]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {043103D8-3D05-444A-87BD-59C965643436} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cc81e7ab-cf9a-4d12-8edf-e20787fb078d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {07B7BEEA-5066-45BA-8D1D-4D781B4CDCC9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0DDD97C2-5C1D-4993-AB90-E34D9FC8DA8B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E2B8BA9-811D-4A0D-9DDA-EDDB30F89CD9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0E387C0D-3C55-42DC-9B82-FCD93064A6ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {146A8CAD-41D5-48B3-BF2F-48C6E5252AD3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16F7F4CD-38E4-491F-AF35-EF5805697C87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {16F9A3B9-AE18-4434-A35B-000F8F43A5AB} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2017-02-17] (CyberLink Corp. -> CyberLink Corp.)
Task: {18A152A5-6A75-46EB-AAEF-19CA798549D3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {18B3D5DD-8FA0-477F-8FFC-EB2B54975AF3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {263846D5-49F4-4A02-B73C-A373DA5351C7} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {270C1F4E-8C4D-4874-9948-372B40972849} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A1C2893-C129-45F4-8513-975173E72904} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {2F0D5672-4E48-40CC-A89A-08E7C14C7E66} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CFD1FA0-FD46-4EDA-9B1D-ED7367378294} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {3D10AC7F-04A2-4998-BCB9-988508187666} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {40075113-DED5-4684-8DDF-CB3A77E62D90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {50C7CE50-20A5-404A-9963-EE9D5B0ADED0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6789069c-2429-40d4-9f62-59ebcd7ea36d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5CC0FA82-0DD1-415F-88A8-D8F0F43EC3C4} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {5DAE32F0-D90D-424D-974A-99B2F3A46B16} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dd41f8bc-0d29-4a72-81a6-4ff6cb15bc30 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {670CB788-B226-4373-B912-2AA9E2F490BF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {6F8CD596-78E4-469C-BCE9-9B0F3B2255DC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {88A929E5-219D-45C9-BABA-B89796187F71} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C783D4B-9D3D-42B7-A1D5-0B83CFF0FB09} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1714112 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8CCDCDF0-3F17-4CD8-8368-EEE411828A58} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F1D8A1B-2558-46C1-909B-5793580F9083} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {936DBBC0-F92E-447A-9911-543A55FCFB88} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {980C3938-F4A6-4E2D-A968-066B9B8B1C0E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c017c196-6dc4-42df-ba70-0902fa4d8637 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {986F4E96-B5E9-4C2B-B306-175C25B6FEA8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BD2605E-EEE6-4734-8BA0-D5A93BB1E6A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {A50E8C74-F5E0-43CC-8905-89C4CF54032C} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A708C525-478D-46A6-9168-0F0C99EB799E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A8E94241-7910-4603-B8C4-E137F7D6EBDE} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A9144B2A-286A-4560-915B-FE515B39503D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AD3747D6-035C-45F2-AE0B-1B5172774BF8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {AD768997-3A76-425B-AD74-EA03626860C1} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {AE4257FE-175C-4B34-B64F-7D6A91F8A84E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B0495E0F-66D5-4293-8D5E-87289E806DDB} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [347416 2016-09-20] (CyberLink Corp. -> CyberLink Corp.)
Task: {BE53B40D-0E81-4F78-8B5D-19A549970770} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CE0ACD11-0DE5-424F-92D8-8C2F4FA077EB} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {CE80E807-042E-4154-8705-99C9B567CC0C} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {D2A474AC-58B6-4CA5-BAF2-81D58DE8E226} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DA63F70E-D721-4640-A699-E852A5662A3C} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [190744 2016-10-07] (CyberLink Corp. -> CyberLink)
Task: {DC15145C-66BD-4299-A4EE-E0BE3205F50A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F9699407-7022-4365-B8E5-A184FD3FD5F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA6BB3E0-41B5-41F5-8ADA-B549B9AC7062} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2b6d82fc-ac06-414f-abe2-6e7dd76b3117}: [DhcpNameServer] 150.213.1.2
Tcpip\..\Interfaces\{337671d7-3eee-45b8-a9ff-56a66a52a8c9}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-22]
Edge Extension: (Edge relevant text changes) - C:\Users\athbi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-20]

FireFox:
========
FF DefaultProfile: uf33delb.default-1681935890333
FF ProfilePath: C:\Users\athbi\AppData\Roaming\Mozilla\Firefox\Profiles\uf33delb.default-1681935890333 [2023-04-22]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\athbi\AppData\Roaming\Mozilla\Firefox\Profiles\uf33delb.default-1681935890333\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2023-04-20]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\athbi\AppData\Roaming\Mozilla\Firefox\Profiles\uf33delb.default-1681935890333\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-04-19]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [100424 2022-05-02] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-04-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 MpKsl6d8a0da9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C511EB4E-69F7-44DB-91F0-35E00168B18E}\MpKslDrv.sys [211208 2023-04-22] (Microsoft Windows -> Microsoft Corporation)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [890944 2017-09-29] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-04-06] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [497920 2023-04-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-04-21 10:57 - 2023-04-21 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-04-20 21:32 - 2023-04-22 10:15 - 102498304 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-04-20 17:58 - 2023-04-20 18:36 - 000000000 ____D C:\ProgramData\RogueKiller
2023-04-20 17:57 - 2023-04-20 17:57 - 035136432 _____ C:\Users\athbi\Downloads\RogueKiller_portable64.exe
2023-04-20 17:35 - 2023-04-20 17:35 - 000000000 ____D C:\Users\athbi\AppData\Local\mbam
2023-04-20 17:24 - 2023-04-20 17:24 - 002649088 _____ (Malwarebytes) C:\Users\athbi\Downloads\MBSetup.exe
2023-04-20 07:50 - 2023-04-20 07:58 - 000000000 ____D C:\AdwCleaner
2023-04-20 07:48 - 2023-04-20 07:48 - 008791352 _____ (Malwarebytes) C:\Users\athbi\Downloads\adwcleaner.exe
2023-04-19 22:24 - 2023-04-19 22:24 - 000000000 ____D C:\Users\athbi\Desktop\Alte Firefox-Daten
2023-04-19 22:23 - 2023-04-19 22:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-04-19 22:23 - 2023-04-19 22:23 - 058462736 _____ (Mozilla) C:\Users\athbi\Downloads\Firefox Setup 112.0.1.exe
2023-04-19 22:23 - 2023-04-19 22:23 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2023-04-19 22:23 - 2023-04-19 22:23 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-19 22:23 - 2023-04-19 22:23 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2023-04-19 22:23 - 2023-04-19 22:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-19 22:17 - 2023-04-19 22:17 - 000000000 ____D C:\Users\athbi\AppData\LocalLow\Oracle
2023-04-19 17:17 - 2023-04-22 14:39 - 000000000 ____D C:\FRST
2023-04-19 17:16 - 2023-04-19 17:16 - 003459075 _____ C:\Users\athbi\Downloads\Farbar_x86_x64.zip
2023-04-19 02:03 - 2023-04-20 21:32 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-04-19 00:59 - 2023-04-19 00:59 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-624402189-1887333828-3918413586-1003
2023-04-18 20:15 - 2023-04-18 20:15 - 000000000 ___HD C:\$WinREAgent
2023-04-18 09:13 - 2023-04-18 09:13 - 000024848 _____ C:\Users\athbi\Downloads\dhl-return-60004038-bc29-2622-6b19-3a0aa55fc5ad.pdf
2023-04-18 08:41 - 2023-04-18 08:41 - 000128305 _____ C:\Users\athbi\Downloads\Retourenanleitung.pdf
2023-04-15 21:53 - 2023-04-15 21:53 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-04-22 14:39 - 2022-02-14 18:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-22 14:31 - 2018-06-26 19:45 - 000000000 ____D C:\Users\athbi\AppData\Local\D3DSCache
2023-04-22 14:30 - 2022-08-22 21:03 - 000000000 ____D C:\Users\athbi\AppData\Roaming\DropboxElectron
2023-04-22 14:30 - 2017-12-31 11:03 - 000000000 ____D C:\Users\athbi\AppData\Local\Dropbox
2023-04-22 14:29 - 2020-06-28 17:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-22 14:29 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-22 14:29 - 2017-12-30 23:00 - 000000000 ___RD C:\Users\athbi\OneDrive
2023-04-22 10:20 - 2020-06-28 17:57 - 001590252 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-22 10:20 - 2019-12-07 16:50 - 000686040 _____ C:\WINDOWS\system32\perfh007.dat
2023-04-22 10:20 - 2019-12-07 16:50 - 000141462 _____ C:\WINDOWS\system32\perfc007.dat
2023-04-22 10:20 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-04-22 10:15 - 2020-06-28 17:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-22 10:15 - 2020-06-28 17:47 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-22 10:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-04-22 10:15 - 2019-12-07 11:03 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2023-04-22 10:15 - 2017-08-18 03:20 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-22 10:07 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-04-21 12:15 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-04-21 12:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-21 12:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-21 10:58 - 2017-12-31 11:02 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-04-20 17:48 - 2017-08-18 02:53 - 000000000 ____D C:\ProgramData\Package Cache
2023-04-20 11:20 - 2020-06-28 17:47 - 000437960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-04-20 11:11 - 2018-03-23 13:24 - 000000000 ____D C:\Users\athbi\AppData\LocalLow\Temp
2023-04-20 08:11 - 2017-12-31 16:19 - 000000000 ____D C:\Users\athbi\AppData\Roaming\WhatsApp
2023-04-20 08:10 - 2017-12-31 16:19 - 000000000 ____D C:\Users\athbi\AppData\Local\WhatsApp
2023-04-20 08:10 - 2017-12-30 22:54 - 000000000 ___SD C:\Users\athbi\AppData\Roaming\Microsoft\Credentials
2023-04-19 22:23 - 2020-09-25 08:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-19 22:16 - 2017-12-31 14:05 - 000000000 ____D C:\Users\athbi\AppData\LocalLow\Mozilla
2023-04-19 16:47 - 2017-12-31 13:20 - 000000000 ____D C:\Users\athbi\AppData\Roaming\Microsoft\Word
2023-04-19 01:09 - 2018-01-16 18:46 - 000000000 ____D C:\Users\Frank\AppData\Local\Dropbox
2023-04-19 01:08 - 2018-01-16 18:45 - 000000000 __SHD C:\Users\Frank\IntelGraphicsProfiles
2023-04-19 00:59 - 2020-06-28 17:57 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-624402189-1887333828-3918413586-1003
2023-04-19 00:59 - 2020-06-28 17:49 - 000002402 _____ C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-19 00:59 - 2018-01-16 18:45 - 000000000 ____D C:\Users\Frank\AppData\Local\Packages
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-18 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-04-18 20:28 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-18 20:24 - 2020-06-28 17:48 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-04-18 19:53 - 2017-12-31 09:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-18 19:49 - 2017-12-31 09:29 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-18 09:18 - 2017-12-31 11:02 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2023-04-18 09:18 - 2017-12-31 11:02 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2023-04-18 08:18 - 2022-10-13 12:17 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-04-18 08:18 - 2022-10-13 12:17 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-04-18 08:18 - 2017-08-18 02:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-04-18 08:16 - 2021-12-11 18:13 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-624402189-1887333828-3918413586-1001
2023-04-18 08:16 - 2020-06-28 17:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-04-18 08:16 - 2020-06-28 17:57 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-624402189-1887333828-3918413586-1001
2023-04-18 08:16 - 2020-06-28 17:49 - 000002402 _____ C:\Users\athbi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-17 12:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-04-06 10:11 - 2018-02-14 18:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-27 10:59 - 2018-01-03 13:10 - 000000000 ____D C:\Users\athbi\Documents\HP Scans

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-02-25 21:03 - 2021-02-25 21:03 - 001384728 _____ (Microsoft Corporation) C:\Users\athbi\TeamsSetupx64_s_8D8D9BFA4BA8BEE-7-0_.exe
2020-11-25 14:39 - 2020-11-25 14:39 - 000007648 _____ () C:\Users\athbi\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
--- --- ---


Fortsetzung folgt sogleich ...

Alt 23.04.2023, 08:25   #23
fbin41
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



Und noch die Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-04-2023
durchgeführt von Anna (22-04-2023 14:41:10)
Gestartet von D:\Software\Farbar_x86_x64
Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2020-06-28 15:57:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-624402189-1887333828-3918413586-500 - Administrator - Disabled)
Anna (S-1-5-21-624402189-1887333828-3918413586-1001 - Administrator - Enabled) => C:\Users\athbi
athbi (S-1-5-21-624402189-1887333828-3918413586-1002 - Limited - Enabled) => C:\Users\athbi.LAPTOP-P33CJ5M1
DefaultAccount (S-1-5-21-624402189-1887333828-3918413586-503 - Limited - Disabled)
Frank (S-1-5-21-624402189-1887333828-3918413586-1003 - Administrator - Enabled) => C:\Users\Frank
Gast (S-1-5-21-624402189-1887333828-3918413586-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-624402189-1887333828-3918413586-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACDSee 8 (HKLM-x32\...\{AA2E6BFE-4351-481C-A720-47CB3506570B}) (Version: 8.1.100 - ACD Systems Ltd.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.001.20143 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2B3CA448-5266-480F-85FA-2FCCB3C8712C}) (Version: 15.6.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Audiograbber (HKLM-x32\...\Audiograbber) (Version: 1.83 (2020 Edition) - Audiograbber)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 172.4.7555 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.733.1 - Dropbox, Inc.) Hidden
FOTOParadies (HKLM-x32\...\{FD838798-E2CB-45FA-AF79-6011519031E2}}_is1) (Version: 4.12.0.1257 - Foto Online Service GmbH)
HP Officejet Pro 8620 - Grundlegende Software für das Gerät (HKLM\...\{F6CE08BC-6929-412E-BB42-A9A7CD9721D7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Hilfe (HKLM-x32\...\{F8E43C63-DFF2-4134-A46C-2A6F00517A35}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iBackup Viewer 4.15.0 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
iCloud Outlook (HKLM\...\{A8C64C2A-BD34-464F-BA61-A969BA46FC2B}) (Version: 10.9.3.62 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{BB1B550F-329D-4B07-A8D0-82914483411C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{603AC145-2337-4355-A6F1-BF66FDB2FA63}) (Version: 12.12.4.1 - Apple Inc.)
JDiskReport 1.4.1 (HKLM-x32\...\JDiskReport 1.4.1) (Version: 1.4.1 (2014-02-26 11:50:44) - JGoodies Karsten Lentzsch)
Lenovo App Explorer (HKU\S-1-5-21-624402189-1887333828-3918413586-1002\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo)
Lenovo App Explorer (HKU\S-1-5-21-624402189-1887333828-3918413586-1003\...\Host App Service) (Version: 0.273.4.600 - SweetLabs for Lenovo)
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.17 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\OneDriveSetup.exe) (Version: 23.071.0402.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-624402189-1887333828-3918413586-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-624402189-1887333828-3918413586-1003\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\Teams) (Version: 1.4.00.22472 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 112.0.1 (x64 de)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16227.20204 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Studie zur Verbesserung von HP Officejet Pro 8620 (HKLM\...\{825BC9A9-A005-4FDB-BDE9-A4F2DF69C3B7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
tiptoi® Manager 5.0.2 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 5.0.2 - Ravensburger AG)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{9E5A6059-314A-4F02-B8A4-8C9C97989589}) (Version: 8.91.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WhatsApp (Outdated) (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\WhatsApp) (Version: 2.2314.11 - WhatsApp)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.32.21.0_x64__kgqvnymyfvs32 [2023-04-04] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.241.500.0_x64__kgqvnymyfvs32 [2023-04-21] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_7.9.9.0_x86__h6adky7gbf63m [2023-04-18] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.17.857.0_x64__rz1tebttyb220 [2023-04-20] (Dolby Laboratories)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_144.1.1068.0_x64__v10z8vjag6ke6 [2023-04-18] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa [2023-01-07] (Apple Inc.) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2303.112.0_x64__k1h2ywk1493x8 [2023-04-20] (LENOVO INC.)
Lenovo Kontoportal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-12-30] (LENOVO INCORPORATED.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-30] (LENOVO INCORPORATED.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_7.3.2.0_x86__h6adky7gbf63m [2023-04-06] (Gameloft SE)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Corporation)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1820.9.73.0_x64__8xx8rvfyw5nnt [2023-03-16] (Meta) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.7302.0_x64__8wekyb3d8bbwe [2023-04-04] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-04-09] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-04-19] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0 [2023-04-18] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.6.0_x64__cv1g1gvanyjgm [2023-04-21] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2023-01-04] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2023-01-04] (Microsoft Corporation)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-13] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-624402189-1887333828-3918413586-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\athbi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21140.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-624402189-1887333828-3918413586-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\athbi\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-624402189-1887333828-3918413586-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\athbi\Dropbox [2017-12-31 16:05]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxDTCM.dll [2019-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-21] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\athbi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDiskReport 1.4.1\JGoodies Home Page.lnk -> hxxp://www.jgoodies.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============


==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-624402189-1887333828-3918413586-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-16] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-624402189-1887333828-3918413586-1001\...\localhost -> localhost

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 23:03 - 2023-04-22 10:07 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-624402189-1887333828-3918413586-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\athbi\Pictures\IMG_1492.JPG
HKU\S-1-5-21-624402189-1887333828-3918413586-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\athbi.LAPTOP-P33CJ5M1\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-624402189-1887333828-3918413586-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{6E7CEF2D-4A96-48EA-BC7E-C49DC37D88B3}C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [UDP Query User{3D44E4CA-0160-47B3-8A39-7C8272BCD62F}C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{EEB2043D-758C-4427-ACA2-5EB2D28514EC}C:\program files (x86)\dropbox\client\dropbox.exe] => (Allow) C:\program files (x86)\dropbox\client\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{EEC815C1-B533-40C1-A40C-A849DECC8146}C:\program files (x86)\dropbox\client\dropbox.exe] => (Allow) C:\program files (x86)\dropbox\client\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

18-04-2023 20:14:02 Windows Modules Installer
19-04-2023 22:17:53 Removed LibreOffice 5.3.7.2
21-04-2023 12:06:08 Removed Google Update Helper
21-04-2023 12:11:53 Removed Google Update Helper

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (04/22/2023 10:08:16 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Windows Defender-Status auf SECURITY_PRODUCT_STATE_ON.

Error: (04/22/2023 10:08:00 AM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT-AUTORITÄT)
Description: Fehler "0x8004401e" beim Laden des MOF "C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.2006.9-0\PROTECTIONMANAGEMENT.MOF" während der Wiederherstellung der für die automatische Wiederherstellung markierten MOF-Datei.

Error: (04/22/2023 10:08:00 AM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT-AUTORITÄT)
Description: Fehler "0x8004401e" beim Laden des MOF "C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.2006.8-0\PROTECTIONMANAGEMENT.MOF" während der Wiederherstellung der für die automatische Wiederherstellung markierten MOF-Datei.

Error: (04/22/2023 10:02:24 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (04/22/2023 10:02:09 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {29a9e271-3410-46e5-b757-9240d7ace90b}

Error: (04/21/2023 04:46:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (04/21/2023 04:46:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (04/21/2023 04:26:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16000


Systemfehler:
=============
Error: (04/22/2023 10:02:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/22/2023 10:02:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/22/2023 10:02:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "System Interface Foundation Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/22/2023 10:02:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RPC-Locator" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/22/2023 10:02:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dolby DAX2 API Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/22/2023 10:02:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LenovoVantageService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/22/2023 10:02:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/22/2023 10:02:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Content Protection HECI Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Windows Defender:
================
Date: 2023-04-19 17:05:37
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5A61342C-43C9-4C86-8687-F9A088D6FFFF}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-04-19 01:21:40
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EE91A563-A813-4AE7-914F-B355E573FEB3}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Vollständige Überprüfung
Benutzer: ANNA-LENOVO-W10\Anna

Date: 2023-04-04 20:21:48
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {8A98C71A-57C5-4D08-A108-C467FD8E3B99}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-04-04 20:06:32
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi!mclg&threatid=2147784274&enterprise=0
Name: Backdoor:Win32/Bladabindi!mclg
Schweregrad: Schwerwiegend
Kategorie: Hintertür
Pfad: file:_C:\Windows\Temp\4ef247ec-11e3-fdbd-b857-be8b87284343\788bd5ca-828c-9cb0-707f-17bcc0ce7e76.exe; file:_C:\Windows\Temp\9539d4d7-53f8-70f9-24eb-5f8773a9b020\a3deedb8-7f46-12bc-5bff-97df1a4b83d6.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\nodejs\node.exe
Sicherheitsversion: AV: 1.385.1699.0, AS: 1.385.1699.0, NIS: 1.385.1699.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4

Date: 2023-04-04 20:06:30
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi!mclg&threatid=2147784274&enterprise=0
Name: Backdoor:Win32/Bladabindi!mclg
Schweregrad: Schwerwiegend
Kategorie: Hintertür
Pfad: file:_C:\Windows\Temp\4ef247ec-11e3-fdbd-b857-be8b87284343\788bd5ca-828c-9cb0-707f-17bcc0ce7e76.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\nodejs\node.exe
Sicherheitsversion: AV: 1.385.1699.0, AS: 1.385.1699.0, NIS: 1.385.1699.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4

CodeIntegrity:
===============
Date: 2023-04-22 14:15:56
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-23 19:58:20
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-16 16:40:38
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-15 21:59:49
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-05 17:28:19
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: LENOVO 4WCN47WW 06/30/2020
Hauptplatine: LENOVO LNVNB161216
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 8066.72 MB
Verfügbarer physikalischer RAM: 3207.38 MB
Summe virtueller Speicher: 10114.72 MB
Verfügbarer virtueller Speicher: 5014.67 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:89.05 GB) (Model: HFS256G3BTND-N210A) NTFS
Drive d: (Daten) (Fixed) (Total:25 GB) (Free:9.38 GB) (Model: HFS256G3BTND-N210A) NTFS

\\?\Volume{ebc8ede9-b046-4a13-88b1-1d79f48e841a}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.41 GB) NTFS
\\?\Volume{0a7f66c0-07fe-4aa2-9e89-29b2ecdf81db}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 161AE062)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
Mir fällt soweit nix mehr auf. Allenfalls, dass meine Frau in Zukunft lieber mit einem Standard-Account arbeiten sollte. Ich werd mal schauen, dass wir das hinbekommen.

Habt ihr noch Anmerkungen oder Empfehlungen?

Ansonsten: Tausend Dank (!!) und viele Grüße!

Alt 23.04.2023, 13:54   #24
M-K-D-B
/// TB-Ausbilder
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



Entfernung der verwendeten Tools
Führe KpRm gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.





Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst...
Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.





Zum Schluss bitte unbedingt die Sicherheitsmaßnahmen lesen und umsetzen:



Hinweis:
Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Alt 24.04.2023, 07:46   #25
fbin41
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



Alles bestens - vielen Dank an Euch, Cosinus und M-K-D-B!!



Ihr könnt das Thema als abgeschlossen betrachten.

Ich werde ggf. nochmal durchsehen, ob in den Logs etwas "maskiert" werden sollte, und ggf. die betreffenden Beiträge editieren. Allzu kritisches war aber nicht dabei.

Danke auch für die Verlinkung der allgemeinen Tipps zur Windows-Absicherung!

Hier noch das Log vom Aufräumen:

PS: Da die vorherigen Wiederherstellungspunkte nicht mehr vertauenswürdig waren, habe ich sie löschen lassen, nach Bereinigung einen neuen angelegen lassen. Das wäre vielleicht ein Tipp für die Anleitung zu KpRm?

Merci!

Code:
ATTFilter
# Run at 24.04.2023 08:35:55
# KpRm (Kernel-panik) version 2.12.0
# Website https://kernel-panik.me/tool/kprm/
# Run by Anna from D:\Software
# Computer Name: ANNA-LENOVO-W10
# OS: Windows 10 X64 (19045) (10.0.19045.0) 
# Number of passes: 1

- Checked options -

    ~ Delete Tools
    ~ Delete Restore Points
    ~ Create Restore Point
    ~ Delete Quarantines

- Delete Tools -


  ## AdwCleaner
     [OK] C:\Users\athbi\Downloads\adwcleaner.exe deleted
     [OK] C:\AdwCleaner deleted

  ## FRST
     [OK] C:\FRST deleted

  ## RogueKiller
     [OK] C:\Users\athbi\Downloads\RogueKiller_portable64.exe deleted

- Clear Restore Points -

   ~ [OK] RP named Windows Modules Installer created at 04/18/2023 18:14:02 deleted
   ~ [OK] RP named Removed LibreOffice 5.3.7.2 created at 04/19/2023 20:17:53 deleted
   ~ [OK] RP named Removed Google Update Helper created at 04/21/2023 10:06:08 deleted
   ~ [OK] RP named Removed Google Update Helper created at 04/21/2023 10:11:53 deleted
     [OK] All system restore points have been successfully deleted

- Create Restore Point -

     [OK] System Restore Point created

- Display System Restore Point -

   ~ [I] RP named KpRm created at 04/24/2023 06:36:37

-- KPRM finished in 59.66s --
         

Alt 24.04.2023, 12:41   #26
M-K-D-B
/// TB-Ausbilder
 
Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - Standard

Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg



Danke für deine Rückmeldung.


Wir sind froh, dass wir helfen konnten

Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.

Thema geschlossen

Themen zu Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg
backdoor, backdoor bladabindi, blockiert, bonjour, browser, computer, cpu, defender, desktop, failed, firefox, google, home, installation, internet, internet explorer, programm, prozesse, realtek, registry, scan, software, starten, svchost.exe, udp, windows




Ähnliche Themen: Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg


  1. Windows Defender erkennt Ethernet-Treiber von Intel-Seite als Backdoor:Win32/Bladabindi!ml
    Mülltonne - 02.04.2023 (9)
  2. Backdoor:Win32/Bladabindi!mclg Meldung und Entfernt
    Plagegeister aller Art und deren Bekämpfung - 10.07.2022 (17)
  3. "Backdoor:Win32/Bladabindi!ml" von Windows Defender entdeckt: was tun?
    Log-Analyse und Auswertung - 25.02.2022 (12)
  4. Backdoor:Win32/Bladabindi.YPS!MTB - von Defender entfernt - ist der Rechner sauber?
    Log-Analyse und Auswertung - 08.12.2021 (4)
  5. Windows Defender hat Backdoor:Win32/Bladabindi.YPS!MTB erkannt
    Log-Analyse und Auswertung - 21.11.2021 (9)
  6. windows 10: Backdoor:Win32/Bladabindi.YPS!MTB - nach Download
    Log-Analyse und Auswertung - 19.11.2021 (12)
  7. Win 10: Backdoor:Win32/Bladabindi.YPS!MTB und TrojanDownloader:JS/Nemucod
    Log-Analyse und Auswertung - 19.11.2021 (10)
  8. Trojan:Script/Wacatac.B!ml + Backdoor:Win32/Bladabindi!ml
    Log-Analyse und Auswertung - 27.08.2021 (4)
  9. Windows 10 - nach WiperSoft Deinstallation Probleme mit Browser (Chrome, MS-Edge)
    Log-Analyse und Auswertung - 29.06.2021 (8)
  10. Windows 10: Backdoor:Win32/Bladabindi!ml
    Log-Analyse und Auswertung - 22.04.2021 (11)
  11. Browser Modifier:Win32/SupTab!blnk Infektion auf neuem Rechner
    Log-Analyse und Auswertung - 18.11.2016 (8)
  12. Windows 8: Trojaner (Backdoor.Win32.Androm.gjvy) auf Computer nach öffnen einer Email für pay pal Rechnung
    Log-Analyse und Auswertung - 25.03.2015 (13)
  13. Probleme mit Backdoor.Win32.Sinowal
    Plagegeister aller Art und deren Bekämpfung - 30.10.2012 (23)
  14. Nach Bereinigung von HEUR:Trojan.Win32.Generic Probleme in Windows Ausführung
    Log-Analyse und Auswertung - 02.05.2011 (6)
  15. Probleme beim Online-Banking: Trojan.Win32.Generic!BT, Win32.Backdoor.Papras/A und andere...
    Log-Analyse und Auswertung - 06.11.2010 (19)
  16. Probleme mit WIN32 Backdoor
    Log-Analyse und Auswertung - 27.04.2009 (0)
  17. Probleme nach Wurm Infektion
    Plagegeister aller Art und deren Bekämpfung - 14.01.2009 (1)

Zum Thema Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg - ... hier die Fortsetzung zu Malwarebytes: Code: Alles auswählen Aufklappen ATTFilter Datei: 379 PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{009D793E-019A-408D-80FC-1111E8D601C0}\cpmjhjbibbnfpijpdmckekeefncliambmrx, In Quarantäne, 238, 237878, 1.0.68287, , ame, , C7CF03D144A68F04E29F78F914B531B2, 953C67195EA7F91F3042A8C1F00127A43772376F03681228A4329C411AC5CF65 PUP.Optional.DownloadProtect, C:\Windows\Installer\{009D793E-019A-408D-80FC-1111E8D601C0}\xpmjhjbibbnfpijpdmckekeefncliambmml, In Quarantäne, 238, - Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg...
Archiv
Du betrachtest: Windows 10: Browser-Probleme nach Infektion mit Backdoor:Win32/Bladabindi!mclg auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.