|
Log-Analyse und Auswertung: Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
23.04.2023, 12:27 | #1 |
| Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Hallo, seit ich vor ca. 10 tagen aus dem Urlaub zurückkam ist das Internet unglaublich langsam. Manche Seite öffnen einfach nach langem warten gar nicht mehr. An der Leitung liegt es nicht, es kommt immer noch genau so viel an. Vielleicht hab ich mir da irgendwas eingefangen? Hier sind die Logs von FRST und Addition. Anderes hab ich noch nicht durchlaufen lassen. Weil die FRST und Addition zu groß sind habe ich die angehängt. Danke im voraus. |
23.04.2023, 13:41 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen?Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
23.04.2023, 13:54 | #3 |
| Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Achso, ich hatte es so verstanden, dass wenns nicht geht man zippen soll:
__________________FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2023 01 durchgeführt von do83h (Administrator) auf DESKTOP-V3T0UTA (MEDION E63007) (23-04-2023 13:13:24) Gestartet von C:\Users\do83h\OneDrive\Desktop\FRST64.exe Geladene Profile: do83h Plattform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Autodesk, Inc. -> Autodesk) C:\Users\do83h\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4> (C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3> (C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.48\msedgewebview2.exe <7> (C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe (C:\Program Files (x86)\TotalAV\SecurityService.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (C:\Users\do83h\Knuddels-Stapp\CommonFiles\Java\bin\javaw.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <21> (C:\Users\do83h\Knuddels-Stapp\CommonFiles\Java\bin\javaw.exe ->) (TEAMDEV LTD. -> The Chromium Authors) C:\Users\do83h\AppData\Local\JxBrowser\7.28_x64\chromium.exe <14> (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe (DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxEM.exe (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (explorer.exe ->) (Lavasoft Software Canada Inc. -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (explorer.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Users\do83h\Knuddels-Stapp\CommonFiles\Java\bin\javaw.exe (explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler64.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe (services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (services.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe (services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe (services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe (services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe (services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\McCSPServiceHost.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2> (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_6\mcapexe.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe <2> (services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (svchost.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\AuthManager\AuthManSvr.exe (svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe (svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\VUL\McVulCtr.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe [3380320 2021-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [256952 2023-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [665384 2019-12-05] (Autodesk, Inc. -> Autodesk, Inc.) HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\do83h\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [109324536 2021-03-12] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1713432 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.) HKLM-x32\...\Run: [InstallHelper] => C:\Program Files (x86)\Citrix\Citrix WorkSpace 2302\InstallHelper.exe [410544 2023-02-07] (Citrix Systems, Inc. -> Cloud Software Group, Inc.) HKLM-x32\...\Run: [AnalyticsSrv] => C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe [2644072 2023-02-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2974600 2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [562056 2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [292104 2023-02-28] (Intel Corporation -> Intel) HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.2.0\GoogleDriveFS.exe [53340440 2023-04-21] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.2.0\GoogleDriveFS.exe [53340440 2023-04-21] (Google LLC -> Google, Inc.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33000928 2021-04-07] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9255120 2023-03-18] (Lavasoft Software Canada Inc. -> Lavasoft) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> ) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [com.squirrel.Teams.Teams] => C:\Users\do83h\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-07-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.2.0\GoogleDriveFS.exe [53340440 2023-04-21] (Google LLC -> Google, Inc.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [] => [X] HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Policies\Explorer: [] HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {11ae930c-1cdb-11eb-a845-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {2d9bfd5a-ab41-11eb-a86b-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {2f109b79-53b8-11ec-a87f-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {8e9c3683-068a-11ed-a89a-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.2.0\GoogleDriveFS.exe [53340440 2023-04-21] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [] => [X] HKLM\...\Windows x64\Print Processors\HPM11M13PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM11M13PP.DLL [74240 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\HP BC11 Status Monitor: C:\Windows\system32\hpinkstsBC11LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 7520 series): C:\Windows\system32\HPDiscoPMBC11.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HPM11M13LM: C:\Windows\system32\HPM11M13LM.DLL [288768 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.138\Installer\chrmstp.exe [2023-04-21] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{60f15951-e7ef-11ea-b28e-c4b301b9ed33}] -> C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\108.1.1.97\Installer\chrmstp.exe [2023-02-28] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2021-11-01] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Startup: C:\Users\do83h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 7520 series.lnk [2023-04-23] ShortcutAndArgument: Tintenwarnungen überwachen - HP Photosmart 7520 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Photosmart 7520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH4A1710WP05YY;CONNECTION=USB;MONITOR=1; HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {040310DD-CB77-43E4-8279-924E17C6B61B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [156112424 2023-04-15] (Microsoft Windows -> Microsoft Corporation) Task: {0C513AFB-E8CE-4D7C-BAC3-AC1624BB4C62} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114624 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Task: {2010EA3E-9F0D-415E-A218-4FDC3E41E911} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5037496 2023-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {262C3E9C-36FB-416D-9B22-681018F087E0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC) Task: {3F91757F-92A4-4741-8CE7-5F4348663D09} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-09] (McAfee, LLC -> McAfee, LLC) Task: {41FB538F-E69F-4062-A8FE-42B756762C06} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2172344 2023-04-15] (AVG Technologies USA, LLC -> AVG Technologies) Task: {44C1D279-047F-4D25-9130-340FC3BDCA5E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation) Task: {4F689235-F97C-46C4-B507-240CA6C38203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC) Task: {53DD5BC8-EC96-40DF-AC1E-73ADE4A3807B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114624 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Task: {5E016F5B-57AC-4FDF-B0EE-DD9111BA47EF} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {6C00A265-94E7-4865-B2EC-59EFABDAE67F} - System32\Tasks\Opera scheduled Autoupdate 1605363011 => C:\Users\do83h\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-03] (Opera Software AS -> Opera Software) Task: {78DDFC1F-7D48-40BE-B0AE-595F0AB40665} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4564016 2023-01-16] (McAfee, LLC -> McAfee, LLC) Task: {7C6AAADD-6794-4CEC-842E-F176CA9317EC} - System32\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {8ED46F6B-D868-45F9-A5DA-F936D7B2E679} - System32\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {8EFF55D3-C8A4-4882-BF83-295EEAAB4288} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC) Task: {8F8519B8-C23A-4E03-A22F-7761436B1C73} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [7074232 2023-03-01] (AVG Technologies USA, LLC -> AVG Technologies) Task: {A160F302-5259-4CC8-88D7-5327AE03EDBA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei) Task: {AE4CD1A5-76DE-44A6-889D-7885E061B63F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26301352 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Task: {AF02A63D-FDCC-4CFB-A094-48A4E4432387} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-17] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {B473CF9B-0E2C-4DEB-8FC8-7FE808EE020F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26301352 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Task: {BFEB3880-E556-4F2C-B7D0-790E7658A61B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-17] (Mozilla Corporation -> Mozilla Foundation) Task: {C145D0EA-DB56-421C-B716-F1D441FEB974} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.108\DADUpdater.exe [4094568 2023-02-17] (McAfee, LLC -> McAfee, LLC) Task: {D3F7123B-3C07-446B-9FFE-FCC5C5061943} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Task: {E65BF73C-EB8F-452B-979A-36C9931D7E92} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Task: {E7474536-071E-469B-B266-FC9A0EF2AE45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC) Task: {E8A0CD34-2229-4F32-8BAB-DFCA367A434F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.) Task: {F59146C7-C25F-4DE3-99D4-7D64FB97AAD4} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) Task: {FCCA6D1E-93E4-42CC-9BA0-A2D2C26F7175} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005.job => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupdate.exe Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005.job => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupload.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{0894d97c-231f-418b-bd94-97d6dc7075e5}: [DhcpNameServer] 192.168.2.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\do83h\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-09] FireFox: ======== FF DefaultProfile: 3uauklfr.default FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\3uauklfr.default [nicht gefunden] <==== ACHTUNG FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\bxljijxg.dominik [2023-04-23] FF Homepage: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://www.google.com/ FF NewTab: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620 FF Notifications: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://www.planetromeo.com; hxxps://www.jako.de; hxxps://www.romeo.com FF SearchPlugin: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\bxljijxg.dominik\searchplugins\Yahoo Search.xml [2022-06-17] FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\79tx312p.default-release [2023-04-21] FF Homepage: Mozilla\Firefox\Profiles\79tx312p.default-release -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620 FF NewTab: Mozilla\Firefox\Profiles\79tx312p.default-release -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620 FF SearchPlugin: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\79tx312p.default-release\searchplugins\Yahoo Search.xml [2022-06-17] FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [ist nicht signiert] FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-08-21] (McAfee, LLC -> ) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-08-21] (McAfee, LLC -> ) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-12-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-12-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default [2023-04-23] CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://www.fmscout.com CHR Extension: (McAfee® WebAdvisor) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-03-23] CHR Extension: (Google Docs Offline) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-06] CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-28] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKU\S-1-5-21-584500284-1391629960-3397962802-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] Opera: ======= OPR Profile: C:\Users\do83h\AppData\Roaming\Opera Software\Opera Stable [2020-11-14] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1047416 2019-12-05] (Autodesk, Inc. -> Autodesk Inc.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.) R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk) S3 appprotectionsvc; C:\Program Files (x86)\Citrix\ICA Client\appprotection.exe [520624 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [619960 2023-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [620472 2023-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8930232 2023-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512768 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [10759616 2021-09-29] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [66480 2023-02-07] (Citrix Systems, Inc. -> Cloud Software Group, Inc.) R2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2023-03-18] (Lavasoft Software Canada Inc. -> ) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42760 2023-02-28] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [211208 2023-02-28] (Intel Corporation -> Intel) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncHelper.exe [3420040 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [128272 2016-03-30] (Hewlett-Packard Company -> HP) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [856472 2023-04-05] (McAfee, LLC -> McAfee, LLC) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_6\McApExe.exe [768256 2020-09-11] (McAfee, LLC -> McAfee, LLC) S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [584296 2020-02-06] (McAfee, LLC. -> McAfee, LLC.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\\McCSPServiceHost.exe [2726312 ] (McAfee, LLC -> McAfee, LLC) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1745400 2020-08-14] (McAfee, LLC -> McAfee, LLC) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.066.0326.0005\OneDriveUpdaterService.exe [3805576 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4221040 2020-07-29] (McAfee, LLC -> McAfee, LLC) R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [283112 2022-09-27] (Protected Antivirus Limited -> TotalAV) <==== ACHTUNG R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [27856 2023-03-18] (Lavasoft Software Canada Inc. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 CitrixEnterpriseBrowserElevationService; "C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\108.1.1.97\elevation_service.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 acsock; C:\Windows\system32\DRIVERS\acsock64.sys [300456 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.) R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [31456 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [231840 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [391896 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [297920 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [96512 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgElam; C:\Windows\System32\drivers\avgElam.sys [25064 2022-10-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [39688 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [268520 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [557176 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [209088 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [105288 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [80456 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [941960 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [699712 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [212720 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [319088 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [199312 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [367096 2023-03-18] (Bitdefender SRL -> Bitdefender) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [75704 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R2 ctxusbm; C:\Windows\system32\DRIVERS\ctxusbmon.sys [156072 2022-12-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 entryprotectdrv; C:\Program Files (x86)\Citrix\ICA Client\entryprotect.sys [72064 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 epinject6; C:\Program Files (x86)\Citrix\ICA Client\epinject.sys [161832 2023-01-17] (Citrix Systems, Inc. -> ) S4 epusbfilter; C:\Program Files (x86)\Citrix\ICA Client\epusbfilter.sys [43904 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.) S3 iaLPSS2_GPIO2_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_90beccc7e046abab\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_I2C_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_SPI_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_66a759065dfa6f64\iaLPSS2_SPI_ICL.sys [160024 2020-04-27] (Intel Corporation -> Intel Corporation) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [529848 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [382392 2020-06-09] (McAfee, Inc. -> McAfee, LLC) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85928 2020-06-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> McAfee, LLC) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [521656 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [1006008 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [595896 2020-06-08] (McAfee, Inc. -> McAfee LLC.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [107960 2020-06-08] (McAfee, Inc. -> McAfee LLC.) R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116664 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252344 2020-06-09] (McAfee, Inc. -> McAfee, LLC) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) S0 ProtectedELAM; C:\Windows\System32\drivers\protected_elam.sys [18912 2022-09-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> TODO: <Company name>) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 Usbnet; C:\Windows\System32\drivers\usbnet.sys [46080 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [74064 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-11-06] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429288 2020-11-06] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-06] (Microsoft Windows -> Microsoft Corporation) R1 webshieldfilter; C:\Windows\System32\drivers\webshieldfilter.sys [96264 2022-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ACHTUNG ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-04-23 12:34 - 2023-04-23 12:37 - 000091985 _____ C:\Users\do83h\Downloads\Addition.txt 2023-04-23 12:32 - 2023-04-23 13:13 - 000000000 ____D C:\FRST 2023-04-23 12:32 - 2023-04-23 12:37 - 000055029 _____ C:\Users\do83h\Downloads\FRST.txt 2023-04-23 12:32 - 2023-04-23 12:32 - 000000000 ____D C:\Users\do83h\Downloads\FRST-OlderVersion 2023-04-23 11:32 - 2023-04-23 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2023-04-21 17:28 - 2023-04-21 17:28 - 000005961 _____ C:\Users\do83h\Downloads\FID_PCHS_INV_1666020271_dfhJMkTU.pdf 2023-04-17 21:13 - 2023-04-20 12:36 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-04-16 11:12 - 2023-04-16 11:12 - 000000004 ____H C:\ProgramData\cm-lock 2023-04-15 16:10 - 2023-04-15 16:10 - 000000000 ___HD C:\$WinREAgent 2023-04-06 20:05 - 2023-04-06 20:05 - 000188129 _____ C:\Users\do83h\Downloads\Vorlage_Exposé_BuK_Website(5).dotx 2023-04-06 20:04 - 2023-04-06 20:04 - 000188129 _____ C:\Users\do83h\Downloads\Vorlage_Exposé_BuK_Website(3).dotx 2023-04-06 20:04 - 2023-04-06 20:04 - 000188129 _____ C:\Users\do83h\Downloads\Vorlage_Exposé_BuK_Website(2).dotx 2023-04-06 19:42 - 2023-04-06 19:42 - 000188129 _____ C:\Users\do83h\Downloads\Vorlage_Exposé_BuK_Website(1).dotx 2023-04-05 23:43 - 2023-04-23 12:31 - 000002678 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2023-04-03 10:41 - 2023-04-03 10:41 - 000115679 _____ C:\Users\do83h\Downloads\Organigramm_Stadt_Wuppertal_ab_02.2023.pdf 2023-03-31 16:54 - 2023-03-31 16:54 - 000000162 ____H C:\Users\do83h\Downloads\~$rlage_Exposé_BuK_Website.dotx 2023-03-31 16:53 - 2023-03-31 16:53 - 000256395 _____ C:\Users\do83h\Downloads\Humboldt Universität z_expose_090402.pdf 2023-03-30 12:51 - 2023-03-30 12:51 - 000323037 _____ C:\Users\do83h\OneDrive\Dokumente\Krankmeldungen DH.pdf 2023-03-29 18:01 - 2023-03-29 18:01 - 001382425 _____ C:\Users\do83h\Downloads\broschuere_elektromobilitaet_kurz_erklaert_01.17.pdf 2023-03-29 15:21 - 2023-03-29 15:21 - 000001094 _____ C:\Users\Public\Desktop\Funkyplot.lnk 2023-03-29 14:59 - 2023-03-29 15:00 - 006758511 _____ (LOGICIEL ) C:\Users\do83h\Downloads\funkyplot-1.1.0-pre1_win32_installer_v002(1).exe ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-04-23 13:14 - 2020-10-31 17:15 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Microsoft\Word 2023-04-23 13:11 - 2021-11-01 18:16 - 000000068 ___SH C:\Windows\system32\Drivers\WppRecorder.winsecurity 2023-04-23 13:06 - 2020-10-29 15:00 - 000000000 ____D C:\Users\do83h\AppData\Local\D3DSCache 2023-04-23 13:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-04-23 12:41 - 2021-11-01 18:16 - 000000068 ___SH C:\Windows\system32\Drivers\WdfLdr.winsecurity 2023-04-23 12:31 - 2022-01-06 16:39 - 000003066 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-584500284-1391629960-3397962802-1005 2023-04-23 12:31 - 2021-07-14 11:35 - 000002716 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-04-23 12:31 - 2021-03-08 16:10 - 000003042 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2023-04-23 12:31 - 2021-03-05 20:47 - 000002970 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2023-04-23 12:31 - 2021-03-05 20:47 - 000002604 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2023-04-23 12:31 - 2021-02-18 14:56 - 000003260 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005 2023-04-23 12:31 - 2021-02-18 14:56 - 000003164 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005 2023-04-23 12:31 - 2021-02-18 14:56 - 000000666 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005.job 2023-04-23 12:31 - 2021-02-18 14:56 - 000000570 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005.job 2023-04-23 12:31 - 2020-11-15 20:07 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2023-04-23 12:31 - 2020-11-14 16:10 - 000003624 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1605363011 2023-04-23 12:31 - 2020-11-14 16:07 - 000003044 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update 2023-04-23 12:31 - 2020-11-11 15:09 - 000002718 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Photosmart 7520 series 2023-04-23 12:31 - 2020-11-01 15:12 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2023-04-23 12:31 - 2020-10-29 14:48 - 000000000 ____D C:\Program Files (x86)\Steam 2023-04-23 12:31 - 2020-10-29 14:44 - 000003568 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2023-04-23 12:31 - 2020-10-29 14:44 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2023-04-23 12:31 - 2020-07-14 15:01 - 000002674 _____ C:\Windows\system32\Tasks\McAfeeLogon 2023-04-23 12:31 - 2020-07-14 15:00 - 000002650 _____ C:\Windows\system32\Tasks\McAfee Remediation (Prepare) 2023-04-23 12:31 - 2020-07-02 09:15 - 000003684 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-04-23 12:31 - 2020-07-02 09:15 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-04-23 11:42 - 2020-10-29 14:44 - 000000000 ____D C:\Program Files (x86)\Google 2023-04-23 11:36 - 2020-10-29 13:58 - 000000000 ____D C:\Users\do83h 2023-04-23 11:32 - 2022-10-23 13:31 - 000001162 _____ C:\Users\do83h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk 2023-04-23 11:32 - 2020-10-29 15:32 - 000000000 ____D C:\Users\do83h\Knuddels-Stapp 2023-04-23 11:32 - 2020-07-02 09:15 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-04-23 11:32 - 2020-07-02 09:15 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-04-23 11:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-04-23 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2023-04-23 11:30 - 2020-10-29 14:03 - 000000000 __SHD C:\Users\do83h\IntelGraphicsProfiles 2023-04-22 19:51 - 2020-10-29 21:37 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Microsoft\Excel 2023-04-22 19:22 - 2021-12-19 00:44 - 000000000 ____D C:\Windows\SystemTemp 2023-04-22 18:34 - 2020-06-15 08:59 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-04-21 17:47 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2023-04-21 15:01 - 2020-10-29 14:46 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-04-21 15:01 - 2020-10-29 14:46 - 000002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-04-21 14:58 - 2021-09-22 18:18 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2023-04-21 14:58 - 2021-09-22 18:18 - 000001903 _____ C:\Users\Default\Desktop\Google Slides.lnk 2023-04-21 14:58 - 2021-09-22 18:18 - 000001903 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2023-04-21 14:58 - 2021-09-22 18:18 - 000001891 _____ C:\Users\Default\Desktop\Google Docs.lnk 2023-04-20 12:36 - 2020-10-29 15:01 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-04-20 12:36 - 2020-10-29 15:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-04-19 18:13 - 2020-10-29 14:03 - 000000000 ____D C:\Users\do83h\AppData\Local\Packages 2023-04-18 18:23 - 2020-10-29 15:01 - 000000000 ____D C:\Users\do83h\AppData\LocalLow\Mozilla 2023-04-18 17:52 - 2020-10-30 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2023-04-17 20:49 - 2022-10-23 13:30 - 000000000 ____D C:\Program Files (x86)\TotalAV 2023-04-17 09:44 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2023-04-16 11:16 - 2020-07-02 08:37 - 000747396 _____ C:\Windows\system32\perfh007.dat 2023-04-16 11:16 - 2020-07-02 08:37 - 000151262 _____ C:\Windows\system32\perfc007.dat 2023-04-16 11:16 - 2020-06-15 09:07 - 001731656 _____ C:\Windows\system32\PerfStringBackup.INI 2023-04-16 11:12 - 2020-11-14 16:05 - 000000000 ____D C:\ProgramData\AVG 2023-04-16 11:12 - 2020-06-15 08:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-04-16 11:11 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI 2023-04-15 17:38 - 2021-08-26 13:18 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-04-15 17:38 - 2020-06-15 08:59 - 000608824 _____ C:\Windows\system32\FNTCACHE.DAT 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2023-04-15 16:17 - 2020-06-15 09:01 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2023-04-15 16:13 - 2022-10-11 16:18 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2023-04-15 16:13 - 2022-10-11 16:18 - 000002128 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk 2023-04-15 16:08 - 2020-11-01 17:21 - 000000000 ____D C:\Windows\system32\MRT 2023-04-15 16:05 - 2020-07-02 09:13 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2023-04-15 15:24 - 2021-07-14 11:35 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-04-15 15:19 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM 2023-04-02 16:18 - 2020-10-30 15:06 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Microsoft\UProof 2023-04-02 00:06 - 2020-10-29 17:28 - 000000000 ____D C:\Users\do83h\OneDrive\Dokumente\eigene dateien 2023-03-29 15:21 - 2020-11-28 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Funkyplot 2023-03-29 15:21 - 2020-11-28 22:46 - 000000000 ____D C:\Program Files (x86)\Funkyplot 2023-03-26 17:31 - 2020-10-29 21:36 - 000000000 ____D C:\Users\do83h\OneDrive\Dokumente\UniWuppertal1 ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2020-12-30 00:50 - 2020-12-30 00:50 - 000000457 _____ () C:\Program Files (x86)\INSTALL.LOG 2021-07-14 16:13 - 2022-07-20 00:01 - 000030049 _____ () C:\Users\do83h\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR 2020-10-30 15:19 - 2021-06-30 15:53 - 000022399 _____ () C:\Users\do83h\AppData\Roaming\Kommagetrennte Werte (Windows).ADR 2020-10-29 21:51 - 2021-01-06 19:19 - 000000081 _____ () C:\Users\do83h\AppData\Local\.bidstack.fault 2021-03-14 22:46 - 2021-03-14 22:46 - 000000950 _____ () C:\Users\do83h\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
23.04.2023, 13:55 | #4 |
| Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? und Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-04-2023 01 durchgeführt von do83h (23-04-2023 13:14:29) Gestartet von C:\Users\do83h\OneDrive\Desktop Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2020-08-27 06:57:47) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-584500284-1391629960-3397962802-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-584500284-1391629960-3397962802-503 - Limited - Disabled) do83h (S-1-5-21-584500284-1391629960-3397962802-1005 - Administrator - Enabled) => C:\Users\do83h Gast (S-1-5-21-584500284-1391629960-3397962802-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-584500284-1391629960-3397962802-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Total AV (Enabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C} AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} AV: McAfee VirusScan (Disabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA} FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 23.001.20143 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AutoCAD 2021 - Deutsch (German) (HKLM\...\{28B89EEF-4101-0407-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk) Autodesk AutoCAD 2021 - Deutsch (German) (HKLM\...\AutoCAD 2021 - Deutsch (German)) (Version: 24.0.47.0 - Autodesk) Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.21.17 - Autodesk) Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk) Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk) Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk) AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 23.2.7961.610 - AVG) Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.) BCR Plug-in (HKLM-x32\...\{FFC7EBF7-F91B-4FB6-98CD-A8828C5A87BA}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.03104 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{A4076314-DE10-4FEB-A977-A3AF859B4073}) (Version: 4.10.03104 - Cisco Systems, Inc.) Hidden Citrix Authentication Manager (HKLM-x32\...\{05050F9C-B6C7-446C-B2B9-4C03DB2E79E2}) (Version: 23.3.0.5 - Cloud Software Group, Inc.) Hidden Citrix Web Helper (HKLM-x32\...\{6D00D7E5-31A3-4122-82E8-32791FF475A3}) (Version: 23.2.0.21 - Cloud Software Group, Inc.) Hidden Citrix Workspace (DV) (HKLM-x32\...\{8DBE26D1-262A-42AE-9894-F4D67A25E5E8}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden Citrix Workspace (USB) (HKLM-x32\...\{78457B01-3E7D-4565-96B5-00B7D9B58750}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden Citrix Workspace 2302 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 23.2.0.38 - Cloud Software Group, Inc.) Citrix Workspace Inside (HKLM-x32\...\{ABAB33DE-1F6B-431A-B72B-0E1E31AD1E2A}) (Version: 23.2.0.15 - Citrix Systems, Inc.) Hidden CodeMeter Runtime Kit v7.30a (HKLM\...\{9B600D30-C133-4D53-BDE1-CBDC9783E657}) (Version: 7.30.4820.501 - WIBU-SYSTEMS AG) CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.8922 - CyberLink Corp.) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.8922 - CyberLink Corp.) Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FileZilla Client 3.51.0 (HKLM-x32\...\FileZilla Client) (Version: 3.51.0 - Tim Kosse) Funkyplot 1.1.0-pre1 (HKLM-x32\...\Funkyplot_is1) (Version: - LOGICIEL) FUSSBALL MANAGER 11 (HKLM-x32\...\FUSSBALL MANAGER 11) (Version: - Electronic Arts) GGU-SOFTWARE COMPLETE PACK (HKLM-x32\...\{B2A0B907-6666-4ADD-817D-173678BAD83E}) (Version: 20.21.023 - Civilserve GmbH) GIMP 2.10.22 (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 112.0.5615.138 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 74.0.2.0 - Google LLC) GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.) GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.) HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version: - ) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photosmart 7520 series - Grundlegende Software für das Gerät (HKLM\...\{62883BA5-32F6-44D0-AF9D-9CBED778F36F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 7520 series Hilfe (HKLM-x32\...\{2230C40A-ADE0-4231-98EC-7AAFC14BC7F3}) (Version: 28.0.0 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.) In Autodesk Web & Mobile speichern (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk) Intel Driver && Support Assistant (HKLM-x32\...\{91672422-9B98-4606-A6D7-E164D7037B06}) (Version: 23.1.9.7 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{318C30A1-C7AF-414E-890F-6345E6E0FD33}) (Version: 2.4.09084 - Intel Corporation) Intel(R) SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden Intel® Driver & Support Assistant (HKLM-x32\...\{a532c7c7-1594-49bb-a186-f44c52c9509e}) (Version: 23.1.9.7 - Intel) Knuddels Standalone App (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App") Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R28 - McAfee, LLC) Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation) Microsoft 365 Apps for Business - de-de (HKLM\...\O365BusinessRetail - de-de) (Version: 16.0.16130.20394 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\{3196C85D-CFB0-3E5B-A592-0322692C2140}) (Version: 112.0.1722.58 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.48 - Microsoft Corporation) Microsoft Office Access MUI (German) 2010 (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (HKLM\...\{90140000-002A-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.066.0326.0005 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Teams) (Version: 1.4.00.18264 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.63 - mIRC Co. Ltd.) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 112.0.1 (x64 de)) (Version: 112.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20394 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Online Plug-in (HKLM-x32\...\{E4FE6BEF-21A1-49E2-B3C8-56752D626893}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden OpenOffice 4.1.7 (HKLM-x32\...\{81D7585D-3E44-4984-B99B-911492419D3E}) (Version: 4.17.9800 - Apache Software Foundation) Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer) PremierOpinion (HKLM-x32\...\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}) (Version: 1.3.338.320 - VoiceFive, Inc.) <==== ACHTUNG QGIS 3.28.1 'Firenze' (HKLM\...\{7EC18ED8-729C-1014-BC9F-C7938B569609}) (Version: 3.28.1 - QGIS.org) RuckZuck Demo (HKLM-x32\...\{E7EB9C2F-4270-435E-93C3-3BC734234A75}) (Version: 6.0.22 - MURSOFT) Self-Service Plug-in (HKLM-x32\...\{E8019414-F222-40FF-8131-B02FC64BC67D}) (Version: 23.2.0.21 - Cloud Software Group, Inc.) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{97099817-53F1-4CA1-ACEA-DA6D74371689}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{996096F8-956B-41C9-A7E3-9BA1E801014F}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{D505EC85-885F-4BE3-8A89-3EFE4F855692}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SmartTools Office DDE-Fix (HKLM-x32\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing) Stahlbau (HKLM-x32\...\{41C5E1CA-3507-49CE-87D4-9939AE5D3521}) (Version: 1.1.1 - Schneider Bautabellen) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Studie zur Verbesserung von HP Photosmart 7520 series Produkten (HKLM\...\{D662A279-973A-42A0-8D4B-8747C56C0501}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) SupportAPP (HKLM\...\{0000A0AB-3A12-1EF4-A21C-9ADE1843AB04}) (Version: 1.1 - ) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH) TotalAV (HKLM-x32\...\TotalAV) (Version: 5.18.284 - TotalAV) <==== ACHTUNG Verfügbare Autodesk-Apps 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk) Web Companion (HKLM-x32\...\{928be91b-ffd0-48ac-9e85-bef0fbc8a78e}) (Version: 8.9.0.748 - Lavasoft) WebAdvisor von McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.810 - McAfee, LLC) Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation) Zoom (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\ZoomUMX) (Version: 5.13.5 (12053) - Zoom Video Communications, Inc.) Packages: ========= 7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2201.1.0_x64__6bk20wvc8rfx2 [2022-12-30] (Hauke Hasselberg) Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2020-10-29] (Adobe Systems Incorporated) Aldi Angebote -> C:\Program Files\WindowsApps\MEDION.AldiAngebote_1.1.4.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION) Aldi Foto -> C:\Program Files\WindowsApps\MEDION.AldiFoto_1.1.46.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION) ALDI life -> C:\Program Files\WindowsApps\MEDION.ALDIlife_1.1.5.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION) AldiTalk -> C:\Program Files\WindowsApps\MEDION.AldiTalk_1.1.28.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION) BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.27.0_x64__ffd303wmbhcjt [2023-03-23] (BreeZip) Dropbox für S Modus -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_23.4.16.0_x64__xbfy0k16fey96 [2023-04-15] (Dropbox Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_144.1.1068.0_x64__v10z8vjag6ke6 [2023-04-07] (HP Inc.) Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-04-15] (INTEL CORP) [Startup Task] Internet-Security -> C:\Program Files\WindowsApps\MEDION.Internet-Security_1.1.26.0_x64__eqf9tz77ft5w8 [2020-10-30] (MEDION) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-16] (Microsoft Corporation) MEDION -> C:\Program Files\WindowsApps\MEDION.MEDION_1.1.18.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-23] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-23] (Microsoft Corporation) [MS Ad] MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Corporation) OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2023-03-07] (Microsoft Corporation) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.259.0_x64__dt26b99r8h8gj [2022-02-04] (Realtek Semiconductor Corp) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0 [2023-04-15] (Spotify AB) [Startup Task] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.6.0_x64__cv1g1gvanyjgm [2023-04-23] (WhatsApp Inc.) [Startup Task] XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-02] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{04271989-C4D2-3B08-EDAD-DFB9128A2A49} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\do83h\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\do83h\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\do83h\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\de-DE\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google) ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-03-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-03-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-03-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC) ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-03-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.2.0\drivefsext.dll [2023-04-21] (Google LLC -> Google, Inc.) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-03-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC) ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\do83h\OneDrive\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2022-08-09 15:02 - 2022-08-09 15:02 - 005998080 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll 2023-04-23 11:31 - 2023-04-23 11:31 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_ctypes.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_elementtree.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_hashlib.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_multiprocessing.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_psutil_windows.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_socket.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 002825216 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_ssl.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\_yappi.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\bz2.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\common.time34.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\hashobjs_ext.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\PIL._imaging.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\pyexpat.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\pysqlite2._sqlite.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\pythoncom27.dll 2023-04-23 11:31 - 2023-04-23 11:31 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\pywintypes27.dll 2023-04-23 11:31 - 2023-04-23 11:31 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\select.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\thumbnails_ext.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\unicodedata.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\usb_ext.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32api.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32com.shell.shell.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32crypt.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32event.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32file.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32gui.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32inet.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32pdh.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32pipe.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32process.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32profile.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32security.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\win32ts.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\windows.conditional.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\windows.connectivity.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\windows.device_monitor.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\windows.volumes.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\windows.winwrap.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._controls_.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._core_.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._gdi_.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._html2.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._misc_.pyd 2023-04-23 11:31 - 2023-04-23 11:31 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wx._windows_.pyd 2023-02-07 00:23 - 2023-02-07 00:23 - 000512000 _____ (Cloud Software Group, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\Shims.dll 2023-04-23 11:31 - 2023-04-23 11:31 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\python27.dll 2023-02-24 23:02 - 2023-02-24 23:02 - 001600512 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll 2023-02-24 23:02 - 2023-02-24 23:02 - 002165760 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2021-09-29 07:30 - 2021-09-29 07:30 - 000218624 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.lDe 2021-09-29 07:30 - 2021-09-29 07:30 - 000056320 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\Windows\SYSTEM32\WIBUCM64.lDe 2023-04-23 11:31 - 2023-04-23 11:31 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxbase30u_net_vc90_x64.dll 2023-04-23 11:31 - 2023-04-23 11:31 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxbase30u_vc90_x64.dll 2023-04-23 11:31 - 2023-04-23 11:31 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxmsw30u_adv_vc90_x64.dll 2023-04-23 11:31 - 2023-04-23 11:31 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxmsw30u_core_vc90_x64.dll 2023-04-23 11:31 - 2023-04-23 11:31 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxmsw30u_html_vc90_x64.dll 2023-04-23 11:31 - 2023-04-23 11:31 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI150882\wxmsw30u_webview_vc90_x64.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Windows:CM_460d012b145979dbf37dc3b0d01ccb88c0d32947f35d43424efdd9b5dd3d14d5 [74] AlternateDataStreams: C:\Windows:CM_663b0d0a539d6165560218efcbd7453ad718e66208ff706cc3a31c7a8e4b9b0e [74] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKU\S-1-5-21-584500284-1391629960-3397962802-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D110620-A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016 SearchScopes: HKU\S-1-5-21-584500284-1391629960-3397962802-1005 -> DefaultScope {4226AE2E-DA9C-4FEC-ADD0-2938E5D206C9} URL = SearchScopes: HKU\S-1-5-21-584500284-1391629960-3397962802-1005 -> {4226AE2E-DA9C-4FEC-ADD0-2938E5D206C9} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-03-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\do83h\OneDrive\Bilder\20201203_232012.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "GoogleDriveFS" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{91097782-B4C1-4FCA-BF83-9AD32B9890CA}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC) FirewallRules: [{7CF70F64-0B6D-4329-A798-1CE1A865BBAE}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC) FirewallRules: [{C799C331-682B-4A56-ABE3-A05198BF033C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC) FirewallRules: [{1A83EFA7-0542-46E5-9787-595031A07EB6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5731ADC6-7E60-4ED0-8B37-E2980C4408E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C992071C-F4BA-461C-8494-4EB8CA948F98}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{4269E496-7B7B-49DE-A2C6-85BA6181F15A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{07AD66A0-7A75-4700-AD0B-447D1CCA7173}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{C5A75EDE-55BF-4D8E-B211-90421381FEDD}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{AB9924EC-BE8D-4050-896F-F7B061682528}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{C9FBF2F2-D244-4EFD-BBDB-D359A5DCA33D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{2B4D694B-B65E-492B-AA68-6EFD9C6D7478}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{78965097-61FD-4ED1-B0DB-E0E4554F5C8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert] FirewallRules: [{4961590A-E9C8-413A-B8B3-422F32EA911F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert] FirewallRules: [{2DE5F4C7-FEFE-45FA-9DD2-774EFF9C0594}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [Datei ist nicht signiert] FirewallRules: [{B983BDC8-9219-4CDB-BADE-2C1207477073}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [Datei ist nicht signiert] FirewallRules: [{27A009E9-D942-4FDB-9E04-A943590297D0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => Keine Datei FirewallRules: [{4804A448-841A-4375-A3E1-31A216F373B3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => Keine Datei FirewallRules: [{D22BF529-B605-4B6B-9980-DB6EF6631A6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{8168CAFE-BEF4-4770-94FF-9C165B5BA5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{6076706E-C7C9-4EDA-AC8C-AE97ACD9F30B}D:\germanfunscript\mirc.exe] => (Allow) D:\germanfunscript\mirc.exe () <==== ACHTUNG [Null Byte Datei/Ordner] FirewallRules: [UDP Query User{4B855A4A-6C2C-460C-A9BC-F2B422E04D5C}D:\germanfunscript\mirc.exe] => (Allow) D:\germanfunscript\mirc.exe () <==== ACHTUNG [Null Byte Datei/Ordner] FirewallRules: [{077F70C1-2CEA-4C12-9779-4A83A7C367C5}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{7DCFF239-148D-47FA-97BF-6F199139BB76}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{A4EED48E-BFCB-4021-BF6F-C17CC386549B}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{0E839BF7-3245-48F4-888B-01F936DFBA5E}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{C3AC304C-3C8E-426C-9B83-93608B27420C}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{19EA0D33-EDB7-4A72-ACC7-3CEC33B7A378}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3261CB5D-DFC2-48EF-8B1C-BC07CB075042}] => (Allow) C:\Users\do83h\AppData\Local\Temp\7zS3462\HP.EasyStart.exe => Keine Datei FirewallRules: [{3016874C-B080-4FE8-A159-09C8CEA3257C}] => (Allow) C:\Users\do83h\AppData\Local\Temp\7zS355A\HP.EasyStart.exe => Keine Datei FirewallRules: [{B576C5F3-E56F-41C7-94AA-1B681CE44758}] => (Allow) C:\Programme\ftp-uploader\FTPUploader.exe => Keine Datei FirewallRules: [{58D2599F-700D-4DC0-B034-E98317FCC896}] => (Allow) C:\Programme\ftp-uploader\FTPUploader.exe => Keine Datei FirewallRules: [{6B34D53D-3A32-4C7F-BA5F-CEC894277B41}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe => Keine Datei FirewallRules: [{A2B1FAF7-1044-4101-B797-57990D2D71CA}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe => Keine Datei FirewallRules: [{2F7F35B0-8DEB-4112-8305-7A9C9DF86471}] => (Allow) C:\Users\do83h\AppData\Local\Programs\Opera\67.0.3575.53\opera.exe => Keine Datei FirewallRules: [TCP Query User{52DE1D0B-80DE-48E7-B07A-8C2621FB460A}C:\program files (x86)\icq\icq.exe] => (Allow) C:\program files (x86)\icq\icq.exe => Keine Datei FirewallRules: [UDP Query User{4CE88939-DF7E-4732-BD99-82EA33DF945C}C:\program files (x86)\icq\icq.exe] => (Allow) C:\program files (x86)\icq\icq.exe => Keine Datei FirewallRules: [{0BD76F22-3A76-4AE8-B85E-0D5F0EC682C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [{2763FA1C-BCFD-4FD6-9A0C-6CD2044D5F03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [{AD42407A-317B-4BC1-A57D-58DDE7C30BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021 Touch\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [{397D6737-1738-496D-A5F3-4620080DB974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021 Touch\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [TCP Query User{04634F77-68BA-44D0-96FA-2E269400C92D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{D90C5E21-9D34-4BD3-95D8-5A90EF934BDF}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{CA9EF035-44A2-4023-994E-F06C7267A2AE}G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe] => (Allow) G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{B5384481-8A52-49BE-B452-E9FEB687C5A8}G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe] => (Allow) G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{9C266B58-5837-4F14-8ED3-55850FEFCB9B}C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{F970D8C5-A9BB-4BB5-BBD7-4E2CA061E2B0}C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8E996BBA-E521-4C0C-BFB2-44006CEAA027}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C62A528F-9005-4B14-9645-9CBF11A2211A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{0AE8D691-C774-4DDE-A3B5-DB93D95520CC}C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe] => (Allow) C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe (TEAMDEV LTD. -> The Chromium Authors) FirewallRules: [UDP Query User{6E56B611-983C-45E7-B9A0-126D0B1BA121}C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe] => (Allow) C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe (TEAMDEV LTD. -> The Chromium Authors) FirewallRules: [TCP Query User{48BAD51C-6E9D-4ADA-ABC3-2C293FCB7F60}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{A490F037-01AD-4740-8428-4901A593DD1A}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{1D3A27B8-E90E-403D-B14D-75762255F683}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{B9C33F69-B4CF-4E27-A100-1AF8A5EFD605}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [{F9257276-5D95-48B2-8D94-4D0F314FF9FE}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{2BED97C3-C9F1-4838-BEFF-3CD10A8440AF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{FC85DFCD-E50E-44EF-BFE8-E156210BA8E6}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{1BAF5D6E-30B7-459F-A220-967CFF7AE31D}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{F31317B2-5019-43F3-9CA8-BCA6B81B6ACB}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{97250A55-32AB-44E1-A35E-7AFE8E944E57}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{C038A0F9-7DC6-45EA-8BF0-F66054BDB1CF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{7B1E9BE0-D757-428A-9801-08F57E63BB0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [{D28CC963-9B82-4191-B5B5-F36DA1B1CD8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [{44D08B88-985A-4679-A942-15FAA5F1690B}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{6DDAAEFE-A5CA-465F-9E56-C7F6003988E6}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{426DF6BA-7EAC-425F-9A41-10ACC7575050}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{349A9509-0562-4E8C-8E1B-82DEE374ECD1}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{4599150E-EE6C-4BFF-A54F-BD8BFB9E134A}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{8368168C-9629-4E62-B484-F6751CCFDFB1}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{C9424330-09EB-4CC1-A938-9534CF8C59A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0FB0B6C2-558C-4190-BBF8-F827086F1E41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DA5256F6-44D3-4BFF-8493-F6C83BE6090B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EDFE08D6-2D12-4A59-9FAD-A152E840314B}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{2ADFBFE8-7C9B-4C67-9D30-9E1EED70CDE0}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{35C59D83-368A-44D8-96E3-5D8FF9B76E2C}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{01ED5F99-B8B6-4A96-867A-BD094B93ABCF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{54BA204B-45EC-4DF4-8B49-F560AF474F0A}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{DBF7FC75-387B-47BC-AC24-DAD807426B46}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{AD6006F8-04D0-410B-93DA-A762A8F9FB24}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{AD2982F0-2F42-418F-8C47-DF460B9CFE35}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{9F5714B7-3E5A-472A-8377-23CDF8D6163C}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{C2E89D23-C8A0-4EF5-BAB4-E5F5CEFD7C39}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{6FAFF0E4-0B0A-4471-B6E0-228380983555}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{B2FB0A4E-C7FE-4163-982B-F0B688CDF303}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{2ED68962-F905-4924-A4CF-56B83F88AF14}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{30339956-8C4F-4735-8CC8-2EC3A5A534CF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{86ED600E-DAC4-4940-B927-7F1D076A6849}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{EA75FAE2-A25D-4211-BC4F-79AF5AFEB8CC}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{DE86BE77-8AA1-46EA-9B88-CEA7785648C4}] => (Allow) C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\CitrixEnterpriseBrowser.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) FirewallRules: [{1550DA8F-6ECA-42BB-A215-D8055EE73786}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{EF1F8A95-A410-4418-BEE2-B9EAE245AEA9}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{1140C0D0-5214-41F2-B9F1-55C49F529AF7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{F00A2095-7BE0-4F1F-B87A-8DA54E1ABD05}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{CC522D3A-097C-48E0-BE0B-DE7D8DCD0D1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) FirewallRules: [{641ED20C-2908-41CE-A66A-B82141CBD3FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) FirewallRules: [{A074F7DF-BC8B-4C7F-8C14-1D731AE2889A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) FirewallRules: [{7EE6912D-E4CD-4EE6-A08C-B9024F01B42A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) FirewallRules: [{84853C0F-C549-41F6-BDD4-61D4E829C236}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) FirewallRules: [{F93BF714-2736-4CA2-BB10-8B5C43EE7A99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) FirewallRules: [{C63533A9-BAE1-493A-8462-1D9E5F8F3BC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) FirewallRules: [{228F5254-9211-4663-9223-DD263DD2774B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) FirewallRules: [{DB8C9316-25C8-4DB1-876F-2367F999D3F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) FirewallRules: [{6BAFC3FF-0314-4209-A897-299F5D502AB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) FirewallRules: [{F932AAB2-E83B-4A75-97BE-913711F206E5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.48\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E8B37696-3363-4A41-9AA1-C5EE894A78D1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{84E29D0E-2AC8-422A-88FE-6DD7BF75E1B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> ) FirewallRules: [{863ECA00-17C9-4E5C-B70E-B6EBED8B2E3B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> ) FirewallRules: [{70A73443-F799-4FE7-B449-EC54222B314E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> ) FirewallRules: [{D677658E-2237-4B2F-ABC3-84F7A6CF94D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> ) DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server ==================== Wiederherstellungspunkte ========================= 21-04-2023 18:56:53 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (04/23/2023 11:34:04 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (04/22/2023 08:06:44 PM) (Source: Windows Search Service) (EventID: 3083) (User: ) Description: Fehler beim Laden des Protokollhandlers Mapi. Fehlerbeschreibung: Eine DLL-Initialisierungsroutine ist fehlgeschlagen. (HRESULT : 0x8007045a). Error: (04/22/2023 07:33:40 PM) (Source: Windows Search Service) (EventID: 3083) (User: ) Description: Fehler beim Laden des Protokollhandlers Mapi. Fehlerbeschreibung: Eine DLL-Initialisierungsroutine ist fehlgeschlagen. (HRESULT : 0x8007045a). Error: (04/21/2023 06:46:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf HDDRIVE2GO (G:) nicht abschließen. Grund: Dieser Vorgang wird auf diesem Dateisystem nicht unterstützt. (0x89000020) Error: (04/18/2023 05:52:44 PM) (Source: Outlook) (EventID: 35) (User: ) Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x8007045b). Error: (04/18/2023 05:52:44 PM) (Source: Outlook) (EventID: 34) (User: ) Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x8007045b. Error: (04/18/2023 05:51:56 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-V3T0UTA) Description: Die Anwendung oder der Dienst "Microsoft Outlook" konnte nicht heruntergefahren werden. Error: (04/17/2023 08:43:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: SecurityService.exe, Version: 5.18.284.0, Zeitstempel: 0x609c79ed Name des fehlerhaften Moduls: coreclr.dll, Version: 4.700.21.26205, Zeitstempel: 0x609c3176 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001b17ff ID des fehlerhaften Prozesses: 0x1e54 Startzeit der fehlerhaften Anwendung: 0x01d970438cf6495f Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\TotalAV\SecurityService.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\TotalAV\coreclr.dll Berichtskennung: b69cd246-3a3c-497a-988e-8ae9234295fa Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (04/22/2023 06:37:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert. Error: (04/21/2023 06:38:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop Error: (04/21/2023 02:52:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (04/17/2023 09:31:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop Error: (04/16/2023 11:11:54 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Der Dienst AVG Antivirus konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error: (04/16/2023 11:11:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (04/15/2023 07:28:40 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (04/15/2023 05:39:22 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Der Dienst AVG Antivirus konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Windows Defender: ================ Date: 2023-03-11 12:04:15 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=App:Cheat_Engine_BundleInstaller&threatid=268652&enterprise=1 Name: App:Cheat_Engine_BundleInstaller Schweregrad: Mittel Kategorie: Potenziell unerwünschte Software Pfad: file:_C:\Users\do83h\Downloads\CheatEngine72.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Program Files (x86)\TotalAV\SecurityService.exe Sicherheitsversion: AV: 1.327.879.0, AS: 1.327.879.0, NIS: 1.327.879.0 Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5 Date: 2022-12-15 15:52:24 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=App:Cheat_Engine_BundleInstaller&threatid=268652&enterprise=1 Name: App:Cheat_Engine_BundleInstaller Schweregrad: Mittel Kategorie: Potenziell unerwünschte Software Pfad: file:_C:\Users\do83h\Downloads\CheatEngine72.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Program Files (x86)\TotalAV\SecurityService.exe Sicherheitsversion: AV: 1.327.879.0, AS: 1.327.879.0, NIS: 1.327.879.0 Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5 Date: 2022-11-07 18:48:04 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=App:Cheat_Engine_BundleInstaller&threatid=268652&enterprise=1 Name: App:Cheat_Engine_BundleInstaller Schweregrad: Mittel Kategorie: Potenziell unerwünschte Software Pfad: file:_C:\Users\do83h\Downloads\CheatEngine72.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Program Files (x86)\TotalAV\SecurityService.exe Sicherheitsversion: AV: 1.327.879.0, AS: 1.327.879.0, NIS: 1.327.879.0 Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5 Date: 2022-11-03 12:35:35 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=App:Cheat_Engine_BundleInstaller&threatid=268652&enterprise=1 Name: App:Cheat_Engine_BundleInstaller Schweregrad: Mittel Kategorie: Potenziell unerwünschte Software Pfad: file:_C:\Users\do83h\Downloads\CheatEngine72.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Program Files (x86)\TotalAV\SecurityService.exe Sicherheitsversion: AV: 1.327.879.0, AS: 1.327.879.0, NIS: 1.327.879.0 Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5 Date: 2020-11-14 15:07:45 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/PremierOpinion&threatid=223808&enterprise=1 Name: PUA:Win32/PremierOpinion Schweregrad: Schwerwiegend Kategorie: Potenziell unerwünschte Software Pfad: file:_C:\Program Files (x86)\PremierOpinion\pmservice.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: NT Authority\System Prozessname: System Sicherheitsversion: AV: 1.327.879.0, AS: 1.327.879.0, NIS: 1.327.879.0 Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5 Event[0]: Date: 2023-03-18 11:58:52 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.327.879.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: %Vorherige Modulversion: 1.1.17600.5 Fehlercode: 0x80004004 Fehlerbeschreibung: Vorgang abgebrochen Date: 2023-03-18 11:58:52 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.327.879.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiSpyware Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: %Vorherige Modulversion: 1.1.17600.5 Fehlercode: 0x80004004 Fehlerbeschreibung: Vorgang abgebrochen Date: 2023-03-18 11:58:52 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.327.879.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: %Vorherige Modulversion: 1.1.17600.5 Fehlercode: 0x80004004 Fehlerbeschreibung: Vorgang abgebrochen Date: 2023-03-18 11:58:49 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: 1.385.384.0 %Vorherige Version der Sicherheitsinformationen: 1.327.879.0 Update Source: Benutzer Sicherheitstyp: AntiSpyware Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: 1.1.20100.6 %Vorherige Modulversion: 1.1.17600.5 Fehlercode: 0x80004004 Fehlerbeschreibung: Vorgang abgebrochen Date: 2023-03-18 11:58:49 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: 1.385.384.0 %Vorherige Version der Sicherheitsinformationen: 1.327.879.0 Update Source: Benutzer Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: 1.1.20100.6 %Vorherige Modulversion: 1.1.17600.5 Fehlercode: 0x80004004 Fehlerbeschreibung: Vorgang abgebrochen CodeIntegrity: =============== Date: 2023-04-23 13:06:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2023-04-23 13:06:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 360H4W0X.116 02/25/2020 Hauptplatine: MEDION B360H4-EM Prozessor: Intel(R) Core(TM) i5-9400 CPU @ 2.90GHz Prozentuale Nutzung des RAM: 63% Installierter physikalischer RAM: 16237.52 MB Verfügbarer physikalischer RAM: 5918.34 MB Summe virtueller Speicher: 18925.52 MB Verfügbarer virtueller Speicher: 6005.26 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:449.85 GB) (Free:34.77 GB) (Model: E12-512G-PHISON-SSD-B16-BB1) NTFS Drive d: (Recover) (Fixed) (Total:25 GB) (Free:7.09 GB) (Model: E12-512G-PHISON-SSD-B16-BB1) NTFS Drive g: (HDDRIVE2GO) (Fixed) (Total:931.47 GB) (Free:432.03 GB) (Model: ASMT 2115 SCSI Disk Device) FAT32 \\?\Volume{b319fff4-b23e-42fe-b98d-753bae4dd40c}\ () (Fixed) (Total:0.98 GB) (Free:0.38 GB) NTFS \\?\Volume{63a434ab-a066-44ea-8fb0-0e21ce378da4}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ==================== Ende von Addition.txt ======================= |
23.04.2023, 14:21 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? auch hier sieht das Problem selbstverschuldet aus. Warum müllt ihr euch alle eure Rechner immer so zu? Sehr schlechte Systempflege. Störende, veraltete oder unnötige Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
27.04.2023, 09:22 | #6 |
| Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Vielen Dank, es scheint wieder deutlich schneller zu laufen. Habt ihr hier einen Thread wo es eine Übersicht mit guten AntiVirus-Programmen gibt, wovon man am besten eines nutzen sollte? Habe in der Suche nichts gefunden. |
27.04.2023, 09:42 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner bitte wiederholen falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten |
27.04.2023, 20:45 | #8 |
| Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Hier die Log: Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2022-10-10.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 04-27-2023 # Duration: 00:00:10 # OS: Windows 10 (Build 19045.2846) # Cleaned: 57 # Awaiting reboot:1 # Failed: 0 ***** [ Services ] ***** Deleted WCAssistantService Deleted webshieldfilter ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Lavasoft\Web Companion Deleted C:\ProgramData\Lavasoft\Web Companion Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion Deleted C:\ProgramData\SecuritySuite Deleted C:\Users\do83h\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4 Deleted C:\Users\do83h\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG Deleted C:\Users\do83h\AppData\Roaming\Lavasoft\Web Companion Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV ***** [ Files ] ***** Deleted C:\Users\do83h\Downloads\TOTALAV.EXE Deleted C:\Windows\restoro.ini Needs Reboot C:\Windows\System32\drivers\webshieldfilter.sys ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKCU\Software\Local AppWizard-Generated Applications\Restoro Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted HKCU\Software\Restoro Deleted HKCU\Software\SSProtect Deleted HKCU\Software\csastats Deleted HKLM\SOFTWARE\Classes\*\shell\TotalAV Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6B34D53D-3A32-4C7F-BA5F-CEC894277B41} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A2B1FAF7-1044-4101-B797-57990D2D71CA} Deleted HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1} Deleted HKLM\Software\Classes\CLSID\{BA827421-E282-479E-AE60-34796877B8AE} Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Deleted HKLM\Software\Classes\Restoro.Engine Deleted HKLM\Software\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3} Deleted HKLM\Software\Classes\totalav Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Restoro Deleted HKLM\Software\Restoro Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{928be91b-ffd0-48ac-9e85-bef0fbc8a78e}|DisplayIcon Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{928be91b-ffd0-48ac-9e85-bef0fbc8a78e}|DisplayName Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{928be91b-ffd0-48ac-9e85-bef0fbc8a78e}|UninstallString Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3} Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** Deleted Bing Default Search Deleted Bing Default Search Deleted My Firefox Search Deleted My Firefox Search Deleted My Firefox Search Deleted My Firefox Search ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ***** Reboot Required to Complete ***** ***** [ Files ] ***** Cleaned C:\Windows\System32\drivers\webshieldfilter.sys ************************* AdwCleaner[S00].txt - [6702 octets] - [27/04/2023 21:41:50] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## |
02.05.2023, 08:19 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Hast du meinen Post komplett gelesen? Was ist zu tun, wenn adwCleaner Funde hatte?
__________________ Logfiles bitte immer in CODE-Tags posten |
06.05.2023, 10:18 | #10 |
/// TB-Ausbilder | Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Fehlende Rückmeldung Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
07.05.2023, 15:53 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Thread ist wieder offen.
__________________ Logfiles bitte immer in CODE-Tags posten |
07.05.2023, 16:08 | #12 |
| Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Der weitere Scan: Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2022-10-10.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 05-07-2023 # Duration: 00:00:10 # OS: Windows 10 (Build 19045.2846) # Scanned: 32091 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [6702 octets] - [27/04/2023 21:41:50] AdwCleaner[C00].txt - [6039 octets] - [27/04/2023 21:42:23] AdwCleaner[S01].txt - [1542 octets] - [27/04/2023 21:49:09] AdwCleaner[S02].txt - [1603 octets] - [07/05/2023 13:31:44] AdwCleaner[S03].txt - [1664 octets] - [07/05/2023 13:32:48] AdwCleaner[S04].txt - [1725 octets] - [07/05/2023 13:35:20] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ########## |
07.05.2023, 18:28 | #13 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Dann jetzt bitte neue FRST-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
10.05.2023, 19:13 | #14 |
| Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-05-2023 durchgeführt von do83h (Administrator) auf DESKTOP-V3T0UTA (MEDION E63007) (10-05-2023 20:06:35) Gestartet von C:\Users\do83h\OneDrive\Desktop\FRST64.exe Geladene Profile: do83h Plattform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Autodesk, Inc. -> Autodesk) C:\Users\do83h\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3> (C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxEM.exe (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11> (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2> (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe (services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (services.exe ->) (Citrix Systems, Inc. -> Cloud Software Group, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe (services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe <2> (services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2780_none_7df1b05c7ca1f251\TiWorker.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe [3380320 2021-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [665384 2019-12-05] (Autodesk, Inc. -> Autodesk, Inc.) HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\do83h\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [109324536 2021-03-12] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1713432 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.) HKLM-x32\...\Run: [InstallHelper] => C:\Program Files (x86)\Citrix\Citrix WorkSpace 2302\InstallHelper.exe [410544 2023-02-07] (Citrix Systems, Inc. -> Cloud Software Group, Inc.) HKLM-x32\...\Run: [AnalyticsSrv] => C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe [2644072 2023-02-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2974600 2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [562056 2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [292104 2023-02-28] (Intel Corporation -> Intel) HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33000928 2021-04-07] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> ) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [com.squirrel.Teams.Teams] => C:\Users\do83h\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-07-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Run: [] => [X] HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Policies\Explorer: [] HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {11ae930c-1cdb-11eb-a845-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {2d9bfd5a-ab41-11eb-a86b-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {2f109b79-53b8-11ec-a87f-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\MountPoints2: {8e9c3683-068a-11ed-a89a-6c6a77606d86} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [] => [X] HKLM\...\Windows x64\Print Processors\HPM11M13PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM11M13PP.DLL [74240 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\HP BC11 Status Monitor: C:\Windows\system32\hpinkstsBC11LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 7520 series): C:\Windows\system32\HPDiscoPMBC11.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HPM11M13LM: C:\Windows\system32\HPM11M13LM.DLL [288768 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.140\Installer\chrmstp.exe [2023-05-09] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{60f15951-e7ef-11ea-b28e-c4b301b9ed33}] -> C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\108.1.1.97\Installer\chrmstp.exe [2023-02-28] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2021-11-01] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Startup: C:\Users\do83h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 7520 series.lnk [2023-05-10] ShortcutAndArgument: Tintenwarnungen überwachen - HP Photosmart 7520 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Photosmart 7520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH4A1710WP05YY;CONNECTION=USB;MONITOR=1; HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {040310DD-CB77-43E4-8279-924E17C6B61B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [156112424 2023-04-15] (Microsoft Windows -> Microsoft Corporation) Task: {0F6DD865-D582-4419-AF23-517024B3C5F9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26301352 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Task: {1FB5BBDB-B3C6-4455-A77A-6F371047A8B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2D252927-3F67-486B-B0AE-FDA700635A82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {39F44E05-C6A6-4FFE-BFE6-0B8BB1877B35} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114624 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Task: {44C1D279-047F-4D25-9130-340FC3BDCA5E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation) Task: {4F689235-F97C-46C4-B507-240CA6C38203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC) Task: {5A46C9B6-282E-4C77-BE38-E8BA34F15D3C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5E016F5B-57AC-4FDF-B0EE-DD9111BA47EF} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\System32\Wscript.exe [170496 2021-09-15] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {6C00A265-94E7-4865-B2EC-59EFABDAE67F} - System32\Tasks\Opera scheduled Autoupdate 1605363011 => C:\Users\do83h\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-03] (Opera Software AS -> Opera Software) Task: {795F0DB5-45C3-49D5-B115-0AD0A8D35102} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196784 2023-05-07] (Microsoft Corporation -> Microsoft Corporation) Task: {7C6AAADD-6794-4CEC-842E-F176CA9317EC} - System32\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {81214D6B-8E5A-470D-ACD5-F6E5ED211BB0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114624 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Task: {8ED46F6B-D868-45F9-A5DA-F936D7B2E679} - System32\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {A160F302-5259-4CC8-88D7-5327AE03EDBA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe--automatic Task: {AF02A63D-FDCC-4CFB-A094-48A4E4432387} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-25] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {BFEB3880-E556-4F2C-B7D0-790E7658A61B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-04-25] (Mozilla Corporation -> Mozilla Foundation) Task: {E65BF73C-EB8F-452B-979A-36C9931D7E92} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-584500284-1391629960-3397962802-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196784 2023-05-07] (Microsoft Corporation -> Microsoft Corporation) Task: {E7474536-071E-469B-B266-FC9A0EF2AE45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC) Task: {E7BFFB67-3038-4FFF-82E2-BF41FA79BA58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E8A0CD34-2229-4F32-8BAB-DFCA367A434F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.) Task: {F59146C7-C25F-4DE3-99D4-7D64FB97AAD4} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) Task: {FCCA6D1E-93E4-42CC-9BA0-A2D2C26F7175} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation) Task: {FDC64B14-F563-4E1C-B37E-8AC7CC8F23DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26301352 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005.job => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupdate.exe Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005.job => C:\Users\do83h\AppData\Local\GoToMeeting\19950\g2mupload.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{0894d97c-231f-418b-bd94-97d6dc7075e5}: [DhcpNameServer] 192.168.2.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\do83h\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-09] Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg] FireFox: ======== FF DefaultProfile: 3uauklfr.default FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\3uauklfr.default [nicht gefunden] <==== ACHTUNG FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\bxljijxg.dominik [2023-05-09] FF Homepage: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://www.google.com/ FF NewTab: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620 FF Notifications: Mozilla\Firefox\Profiles\bxljijxg.dominik -> hxxps://www.planetromeo.com; hxxps://www.jako.de; hxxps://www.romeo.com FF Extension: (Citavi Picker) - C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\bxljijxg.dominik\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2023-05-02] FF SearchPlugin: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\bxljijxg.dominik\searchplugins\Yahoo Search.xml [2022-06-17] FF ProfilePath: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\79tx312p.default-release [2023-04-24] FF Homepage: Mozilla\Firefox\Profiles\79tx312p.default-release -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620 FF NewTab: Mozilla\Firefox\Profiles\79tx312p.default-release -> hxxps://mynewtab.co?pId=IC150206&searchEngine=bing&iDate=110620 FF SearchPlugin: C:\Users\do83h\AppData\Roaming\Mozilla\Firefox\Profiles\79tx312p.default-release\searchplugins\Yahoo Search.xml [2022-06-17] FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2023-03-23] FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [ist nicht signiert] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-12-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-12-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default [2023-05-10] CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://www.fmscout.com CHR Extension: (Google Docs Offline) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-27] CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-28] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Citavi Picker) - C:\Users\do83h\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2023-05-01] CHR HKU\S-1-5-21-584500284-1391629960-3397962802-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] Opera: ======= OPR Profile: C:\Users\do83h\AppData\Roaming\Opera Software\Opera Stable [2020-11-14] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1047416 2019-12-05] (Autodesk, Inc. -> Autodesk Inc.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.) R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk) S3 appprotectionsvc; C:\Program Files (x86)\Citrix\ICA Client\appprotection.exe [520624 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512768 2023-04-15] (Microsoft Corporation -> Microsoft Corporation) R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [10759616 2021-09-29] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [66480 2023-02-07] (Citrix Systems, Inc. -> Cloud Software Group, Inc.) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42760 2023-02-28] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [211208 2023-02-28] (Intel Corporation -> Intel) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncHelper.exe [3445120 2023-05-07] (Microsoft Corporation -> Microsoft Corporation) R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [128272 2016-03-30] (Hewlett-Packard Company -> HP) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.081.0416.0001\OneDriveUpdaterService.exe [3781512 2023-05-07] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation) S2 AvgWscReporter; "C:\Program Files\AVG\Antivirus\wsc_proxy.exe" /runassvc /rpcserver [X] S3 CitrixEnterpriseBrowserElevationService; "C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\108.1.1.97\elevation_service.exe" [X] S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X] <==== ACHTUNG ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 acsock; C:\Windows\system32\DRIVERS\acsock64.sys [300456 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [209088 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [199312 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2022-07-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [367096 2023-03-18] (Bitdefender SRL -> Bitdefender) R2 ctxusbm; C:\Windows\system32\DRIVERS\ctxusbmon.sys [156072 2022-12-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 entryprotectdrv; C:\Program Files (x86)\Citrix\ICA Client\entryprotect.sys [72064 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 epinject6; C:\Program Files (x86)\Citrix\ICA Client\epinject.sys [161832 2023-01-17] (Citrix Systems, Inc. -> ) S4 epusbfilter; C:\Program Files (x86)\Citrix\ICA Client\epusbfilter.sys [43904 2023-01-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) S3 iaLPSS2_GPIO2_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_90beccc7e046abab\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_I2C_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_SPI_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_66a759065dfa6f64\iaLPSS2_SPI_ICL.sys [160024 2020-04-27] (Intel Corporation -> Intel Corporation) R3 MpKsl333de18a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C0B91F3-8C37-4B3B-B201-C43C42E0148F}\MpKslDrv.sys [212264 2023-05-08] (Microsoft Windows -> Microsoft Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) S0 ProtectedELAM; C:\Windows\System32\drivers\protected_elam.sys [18912 2022-09-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> TODO: <Company name>) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 Usbnet; C:\Windows\System32\drivers\usbnet.sys [46080 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [74064 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49616 2023-05-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-05-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-05-01 23:04 - 2023-05-01 23:08 - 000000000 ____D C:\Users\do83h\OneDrive\Dokumente\Citavi 6 2023-05-01 23:04 - 2023-05-01 23:08 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Swiss Academic Software 2023-05-01 23:04 - 2023-05-01 23:04 - 000000000 ____D C:\Users\do83h\AppData\Local\Swiss Academic Software 2023-05-01 23:04 - 2023-05-01 23:04 - 000000000 ____D C:\ProgramData\Swiss Academic Software 2023-05-01 23:03 - 2023-05-01 23:03 - 000002112 _____ C:\Users\Public\Desktop\Citavi 6.lnk 2023-05-01 23:03 - 2023-05-01 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 6 2023-05-01 23:03 - 2023-05-01 23:03 - 000000000 ____D C:\Program Files (x86)\Citavi 6 2023-05-01 23:02 - 2023-05-01 23:02 - 000000000 ____D C:\Users\do83h\AppData\Local\Downloaded Installations 2023-05-01 22:59 - 2023-05-01 23:02 - 155929680 _____ (Swiss Academic Software) C:\Users\do83h\Downloads\Citavi6Setup.exe 2023-05-01 22:54 - 2023-05-01 22:54 - 000188129 _____ C:\Users\do83h\Downloads\Vorlage_Exposé_BuK_Website(4).dotx 2023-04-27 21:42 - 2023-04-27 21:43 - 000000004 ____H C:\ProgramData\cm-lock 2023-04-27 21:42 - 2023-04-27 21:42 - 000001435 _____ C:\Windows\system32\default_error_stack-000021-000000.txt 2023-04-27 21:41 - 2023-04-27 21:42 - 000000000 ____D C:\AdwCleaner 2023-04-25 17:57 - 2023-05-01 23:03 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-04-24 10:41 - 2023-04-24 10:41 - 000002587 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2023-04-24 10:41 - 2023-04-24 10:41 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2023-04-24 10:41 - 2023-04-24 10:41 - 000002562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2023-04-24 10:41 - 2023-04-24 10:41 - 000002540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2023-04-24 10:41 - 2023-04-24 10:41 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2023-04-24 10:41 - 2023-04-24 10:41 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2023-04-24 10:41 - 2023-04-24 10:41 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2023-04-24 10:41 - 2023-04-24 10:41 - 000002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2023-04-24 10:41 - 2023-04-24 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2023-04-24 10:29 - 2023-04-24 10:29 - 000001427 _____ C:\Windows\system32\default_error_stack-000020-000000.txt 2023-04-23 14:00 - 2023-04-23 14:01 - 007614193 _____ C:\Users\do83h\Downloads\VID-20230423-WA0004.mp4 2023-04-23 13:57 - 2023-04-23 13:57 - 007445490 _____ C:\Users\do83h\Downloads\VID-20230423-WA0005.mp4 2023-04-23 13:20 - 2023-04-23 13:20 - 001575742 _____ (Igor Pavlov) C:\Users\do83h\Downloads\7z2201-x64.exe 2023-04-23 13:20 - 2023-04-23 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2023-04-23 13:20 - 2023-04-23 13:20 - 000000000 ____D C:\Program Files\7-Zip 2023-04-23 12:34 - 2023-04-23 12:37 - 000091985 _____ C:\Users\do83h\Downloads\Addition.txt 2023-04-23 12:32 - 2023-05-10 20:06 - 000000000 ____D C:\FRST 2023-04-23 12:32 - 2023-04-23 12:37 - 000055029 _____ C:\Users\do83h\Downloads\FRST.txt 2023-04-23 12:32 - 2023-04-23 12:32 - 000000000 ____D C:\Users\do83h\Downloads\FRST-OlderVersion 2023-04-21 17:28 - 2023-04-21 17:28 - 000005961 _____ C:\Users\do83h\Downloads\FID_PCHS_INV_1666020271_dfhJMkTU.pdf 2023-04-15 16:10 - 2023-04-15 16:10 - 000000000 ___HD C:\$WinREAgent ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-05-10 20:06 - 2020-10-29 14:44 - 000000000 ____D C:\Program Files (x86)\Google 2023-05-10 20:05 - 2020-10-29 14:03 - 000000000 __SHD C:\Users\do83h\IntelGraphicsProfiles 2023-05-09 23:12 - 2021-11-01 18:16 - 000000068 ___SH C:\Windows\system32\Drivers\WdfLdr.winsecurity 2023-05-09 23:12 - 2020-10-29 14:48 - 000000000 ____D C:\Program Files (x86)\Steam 2023-05-09 23:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-05-09 23:03 - 2020-06-15 08:59 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-05-09 22:42 - 2021-11-01 18:16 - 000000068 ___SH C:\Windows\system32\Drivers\WppRecorder.winsecurity 2023-05-09 19:07 - 2020-10-29 15:32 - 000000000 ____D C:\Users\do83h\Knuddels-Stapp 2023-05-09 19:07 - 2020-10-29 13:58 - 000000000 ____D C:\Users\do83h 2023-05-09 19:03 - 2020-10-29 14:46 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-05-09 19:03 - 2020-10-29 14:46 - 000002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-05-08 19:56 - 2020-10-31 17:15 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Microsoft\Word 2023-05-08 19:47 - 2020-10-29 21:37 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Microsoft\Excel 2023-05-08 19:40 - 2020-10-29 15:00 - 000000000 ____D C:\Users\do83h\AppData\Local\D3DSCache 2023-05-08 19:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2023-05-07 15:33 - 2020-10-29 17:28 - 000000000 ____D C:\Users\do83h\OneDrive\Dokumente\eigene dateien 2023-05-07 12:37 - 2022-01-06 16:39 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-584500284-1391629960-3397962802-1005 2023-05-07 12:37 - 2021-08-26 13:18 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-05-07 12:37 - 2021-07-14 11:35 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-05-07 12:37 - 2021-07-14 11:35 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-05-07 12:35 - 2020-07-02 09:15 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-05-07 12:35 - 2020-07-02 09:15 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-05-07 12:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-05-07 12:32 - 2021-01-22 19:56 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-05-04 12:37 - 2020-06-15 08:59 - 000000000 ____D C:\Windows\system32\Drivers\wd 2023-05-01 23:51 - 2020-10-29 14:03 - 000000000 ____D C:\Users\do83h\AppData\Local\Packages 2023-04-27 21:47 - 2020-07-02 08:37 - 000747396 _____ C:\Windows\system32\perfh007.dat 2023-04-27 21:47 - 2020-07-02 08:37 - 000151262 _____ C:\Windows\system32\perfc007.dat 2023-04-27 21:47 - 2020-06-15 09:07 - 001731656 _____ C:\Windows\system32\PerfStringBackup.INI 2023-04-27 21:47 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2023-04-27 21:42 - 2020-11-06 16:40 - 000000000 ____D C:\Users\do83h\AppData\Roaming\Lavasoft 2023-04-27 21:42 - 2020-11-06 16:40 - 000000000 ____D C:\Users\do83h\AppData\Local\Lavasoft 2023-04-27 21:42 - 2020-11-06 16:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2023-04-27 21:42 - 2020-11-06 16:40 - 000000000 ____D C:\ProgramData\Lavasoft 2023-04-27 21:42 - 2020-11-06 16:40 - 000000000 ____D C:\Program Files (x86)\Lavasoft 2023-04-27 21:42 - 2020-10-29 15:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-04-27 21:42 - 2020-06-15 08:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-04-27 21:42 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI 2023-04-26 20:05 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-04-26 18:54 - 2021-09-22 18:18 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2023-04-26 18:54 - 2021-09-22 18:18 - 000001903 _____ C:\Users\Default\Desktop\Google Slides.lnk 2023-04-26 18:54 - 2021-09-22 18:18 - 000001903 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2023-04-26 18:54 - 2021-09-22 18:18 - 000001891 _____ C:\Users\Default\Desktop\Google Docs.lnk 2023-04-26 18:51 - 2020-10-29 15:01 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-04-24 19:17 - 2020-10-29 14:44 - 000003926 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2023-04-24 19:17 - 2020-10-29 14:44 - 000003802 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2023-04-24 10:54 - 2020-12-20 15:00 - 000000000 ____D C:\Users\do83h\AppData\Local\CrashDumps 2023-04-24 10:54 - 2020-11-04 16:07 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2023-04-24 10:29 - 2021-02-18 14:56 - 000000666 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005.job 2023-04-24 10:29 - 2021-02-18 14:56 - 000000570 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005.job 2023-04-24 10:29 - 2020-11-14 16:05 - 000000000 ____D C:\ProgramData\AVG 2023-04-24 10:29 - 2020-06-15 08:59 - 000600912 _____ C:\Windows\system32\FNTCACHE.DAT 2023-04-24 10:23 - 2020-10-30 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2023-04-24 10:22 - 2020-10-30 16:26 - 000000000 ____D C:\Program Files (x86)\MSBuild 2023-04-24 10:21 - 2020-07-02 09:22 - 000000000 ____D C:\Program Files\Microsoft Office 2023-04-24 10:20 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-04-24 10:19 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2023-04-24 10:19 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM 2023-04-24 10:17 - 2021-06-09 00:33 - 000000000 ____D C:\Users\do83h\AppData\Local\AVG 2023-04-24 10:17 - 2020-11-14 16:10 - 000000000 ____D C:\Users\do83h\AppData\Roaming\AVG 2023-04-23 14:50 - 2023-04-05 23:43 - 000002678 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2023-04-23 14:50 - 2021-03-08 16:10 - 000003042 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2023-04-23 14:50 - 2021-03-05 20:47 - 000002970 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2023-04-23 14:50 - 2021-03-05 20:47 - 000002604 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2023-04-23 14:50 - 2021-02-18 14:56 - 000003260 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-584500284-1391629960-3397962802-1005 2023-04-23 14:50 - 2021-02-18 14:56 - 000003164 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-584500284-1391629960-3397962802-1005 2023-04-23 14:50 - 2020-11-15 20:07 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2023-04-23 14:50 - 2020-11-14 16:10 - 000003624 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1605363011 2023-04-23 14:50 - 2020-11-11 15:09 - 000002718 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Photosmart 7520 series 2023-04-23 14:50 - 2020-11-01 15:12 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2023-04-23 14:50 - 2020-07-02 09:15 - 000003684 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-04-23 14:50 - 2020-07-02 09:15 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-04-22 19:22 - 2021-12-19 00:44 - 000000000 ____D C:\Windows\SystemTemp 2023-04-18 18:23 - 2020-10-29 15:01 - 000000000 ____D C:\Users\do83h\AppData\LocalLow\Mozilla 2023-04-17 09:44 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-04-15 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2023-04-15 16:17 - 2020-06-15 09:01 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2023-04-15 16:13 - 2022-10-11 16:18 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2023-04-15 16:13 - 2022-10-11 16:18 - 000002128 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk 2023-04-15 16:08 - 2020-11-01 17:21 - 000000000 ____D C:\Windows\system32\MRT 2023-04-15 16:05 - 2020-07-02 09:13 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2020-12-30 00:50 - 2020-12-30 00:50 - 000000457 _____ () C:\Program Files (x86)\INSTALL.LOG 2021-07-14 16:13 - 2022-07-20 00:01 - 000030049 _____ () C:\Users\do83h\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR 2020-10-30 15:19 - 2021-06-30 15:53 - 000022399 _____ () C:\Users\do83h\AppData\Roaming\Kommagetrennte Werte (Windows).ADR 2020-10-29 21:51 - 2021-01-06 19:19 - 000000081 _____ () C:\Users\do83h\AppData\Local\.bidstack.fault 2021-03-14 22:46 - 2021-03-14 22:46 - 000000950 _____ () C:\Users\do83h\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
10.05.2023, 19:14 | #15 |
| Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-05-2023 durchgeführt von do83h (10-05-2023 20:08:38) Gestartet von C:\Users\do83h\OneDrive\Desktop Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2020-08-27 06:57:47) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-584500284-1391629960-3397962802-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-584500284-1391629960-3397962802-503 - Limited - Disabled) do83h (S-1-5-21-584500284-1391629960-3397962802-1005 - Administrator - Enabled) => C:\Users\do83h Gast (S-1-5-21-584500284-1391629960-3397962802-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-584500284-1391629960-3397962802-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C} FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov) Adobe Acrobat Reader - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 23.001.20143 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AutoCAD 2021 - Deutsch (German) (HKLM\...\{28B89EEF-4101-0407-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk) Autodesk AutoCAD 2021 - Deutsch (German) (HKLM\...\AutoCAD 2021 - Deutsch (German)) (Version: 24.0.47.0 - Autodesk) Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.21.17 - Autodesk) Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk) Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk) Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk) Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.) BCR Plug-in (HKLM-x32\...\{FFC7EBF7-F91B-4FB6-98CD-A8828C5A87BA}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.03104 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{A4076314-DE10-4FEB-A977-A3AF859B4073}) (Version: 4.10.03104 - Cisco Systems, Inc.) Hidden Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.15.2.0 - Swiss Academic Software) Citrix Authentication Manager (HKLM-x32\...\{05050F9C-B6C7-446C-B2B9-4C03DB2E79E2}) (Version: 23.3.0.5 - Cloud Software Group, Inc.) Hidden Citrix Web Helper (HKLM-x32\...\{6D00D7E5-31A3-4122-82E8-32791FF475A3}) (Version: 23.2.0.21 - Cloud Software Group, Inc.) Hidden Citrix Workspace (DV) (HKLM-x32\...\{8DBE26D1-262A-42AE-9894-F4D67A25E5E8}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden Citrix Workspace (USB) (HKLM-x32\...\{78457B01-3E7D-4565-96B5-00B7D9B58750}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden Citrix Workspace 2302 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 23.2.0.38 - Cloud Software Group, Inc.) Citrix Workspace Inside (HKLM-x32\...\{ABAB33DE-1F6B-431A-B72B-0E1E31AD1E2A}) (Version: 23.2.0.15 - Citrix Systems, Inc.) Hidden CodeMeter Runtime Kit v7.30a (HKLM\...\{9B600D30-C133-4D53-BDE1-CBDC9783E657}) (Version: 7.30.4820.501 - WIBU-SYSTEMS AG) CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.8922 - CyberLink Corp.) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.8922 - CyberLink Corp.) Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FileZilla Client 3.51.0 (HKLM-x32\...\FileZilla Client) (Version: 3.51.0 - Tim Kosse) Funkyplot 1.1.0-pre1 (HKLM-x32\...\Funkyplot_is1) (Version: - LOGICIEL) FUSSBALL MANAGER 11 (HKLM-x32\...\FUSSBALL MANAGER 11) (Version: - Electronic Arts) GGU-SOFTWARE COMPLETE PACK (HKLM-x32\...\{B2A0B907-6666-4ADD-817D-173678BAD83E}) (Version: 20.21.023 - Civilserve GmbH) GIMP 2.10.22 (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 112.0.5615.140 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 74.0.3.0 - Google LLC) GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.) GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.) HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version: - ) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photosmart 7520 series - Grundlegende Software für das Gerät (HKLM\...\{62883BA5-32F6-44D0-AF9D-9CBED778F36F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 7520 series Hilfe (HKLM-x32\...\{2230C40A-ADE0-4231-98EC-7AAFC14BC7F3}) (Version: 28.0.0 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.) In Autodesk Web & Mobile speichern (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk) Intel Driver && Support Assistant (HKLM-x32\...\{91672422-9B98-4606-A6D7-E164D7037B06}) (Version: 23.1.9.7 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{318C30A1-C7AF-414E-890F-6345E6E0FD33}) (Version: 2.4.09084 - Intel Corporation) Intel(R) SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden Intel® Driver & Support Assistant (HKLM-x32\...\{a532c7c7-1594-49bb-a186-f44c52c9509e}) (Version: 23.1.9.7 - Intel) Knuddels Standalone App (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App") Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation) Microsoft 365 Apps for Business - de-de (HKLM\...\O365BusinessRetail - de-de) (Version: 16.0.16130.20394 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\{3196C85D-CFB0-3E5B-A592-0322692C2140}) (Version: 113.0.1774.35 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.35 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.081.0416.0001 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\Teams) (Version: 1.4.00.18264 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.63 - mIRC Co. Ltd.) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 112.0.2 (x64 de)) (Version: 112.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20394 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Online Plug-in (HKLM-x32\...\{E4FE6BEF-21A1-49E2-B3C8-56752D626893}) (Version: 23.2.0.9 - Citrix Systems, Inc.) Hidden OpenOffice 4.1.7 (HKLM-x32\...\{81D7585D-3E44-4984-B99B-911492419D3E}) (Version: 4.17.9800 - Apache Software Foundation) Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer) QGIS 3.28.1 'Firenze' (HKLM\...\{7EC18ED8-729C-1014-BC9F-C7938B569609}) (Version: 3.28.1 - QGIS.org) RuckZuck Demo (HKLM-x32\...\{E7EB9C2F-4270-435E-93C3-3BC734234A75}) (Version: 6.0.22 - MURSOFT) Self-Service Plug-in (HKLM-x32\...\{E8019414-F222-40FF-8131-B02FC64BC67D}) (Version: 23.2.0.21 - Cloud Software Group, Inc.) Hidden SmartTools Office DDE-Fix (HKLM-x32\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing) Stahlbau (HKLM-x32\...\{41C5E1CA-3507-49CE-87D4-9939AE5D3521}) (Version: 1.1.1 - Schneider Bautabellen) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Studie zur Verbesserung von HP Photosmart 7520 series Produkten (HKLM\...\{D662A279-973A-42A0-8D4B-8747C56C0501}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) SupportAPP (HKLM\...\{0000A0AB-3A12-1EF4-A21C-9ADE1843AB04}) (Version: 1.1 - ) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH) Verfügbare Autodesk-Apps 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk) Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation) Zoom (HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\ZoomUMX) (Version: 5.13.5 (12053) - Zoom Video Communications, Inc.) Packages: ========= 7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2201.1.0_x64__6bk20wvc8rfx2 [2022-12-30] (Hauke Hasselberg) Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2020-10-29] (Adobe Systems Incorporated) Aldi Angebote -> C:\Program Files\WindowsApps\MEDION.AldiAngebote_1.1.4.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION) Aldi Foto -> C:\Program Files\WindowsApps\MEDION.AldiFoto_1.1.46.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION) ALDI life -> C:\Program Files\WindowsApps\MEDION.ALDIlife_1.1.5.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION) AldiTalk -> C:\Program Files\WindowsApps\MEDION.AldiTalk_1.1.28.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION) BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.28.0_x64__ffd303wmbhcjt [2023-04-30] (BreeZip) Dropbox für S Modus -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_23.4.16.0_x64__xbfy0k16fey96 [2023-04-15] (Dropbox Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_144.1.1068.0_x64__v10z8vjag6ke6 [2023-04-07] (HP Inc.) Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-04-15] (INTEL CORP) [Startup Task] Internet-Security -> C:\Program Files\WindowsApps\MEDION.Internet-Security_1.1.26.0_x64__eqf9tz77ft5w8 [2020-10-30] (MEDION) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-16] (Microsoft Corporation) MEDION -> C:\Program Files\WindowsApps\MEDION.MEDION_1.1.18.0_x64__eqf9tz77ft5w8 [2020-07-13] (MEDION) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-23] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-23] (Microsoft Corporation) [MS Ad] MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Corporation) OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2023-03-07] (Microsoft Corporation) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.259.0_x64__dt26b99r8h8gj [2022-02-04] (Realtek Semiconductor Corp) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0 [2023-04-27] (Spotify AB) [Startup Task] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2314.6.0_x64__cv1g1gvanyjgm [2023-04-23] (WhatsApp Inc.) [Startup Task] XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-02] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{04271989-C4D2-3B08-EDAD-DFB9128A2A49} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\do83h\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\do83h\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\do83h\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-584500284-1391629960-3397962802-1005_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\de-DE\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-07] (Microsoft Corporation -> Microsoft Corporation) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\do83h\OneDrive\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2022-08-09 15:02 - 2022-08-09 15:02 - 005998080 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll 2023-05-10 20:06 - 2023-05-10 20:06 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_ctypes.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_elementtree.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_hashlib.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_multiprocessing.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_psutil_windows.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_socket.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 002825216 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_ssl.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\_yappi.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\bz2.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\common.time34.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\hashobjs_ext.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\PIL._imaging.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\pyexpat.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\pysqlite2._sqlite.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\pythoncom27.dll 2023-05-10 20:06 - 2023-05-10 20:06 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\pywintypes27.dll 2023-05-10 20:06 - 2023-05-10 20:06 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\select.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\thumbnails_ext.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\unicodedata.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\usb_ext.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32api.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32com.shell.shell.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32crypt.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32event.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32file.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32gui.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32inet.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32pdh.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32pipe.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32process.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32profile.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32security.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\win32ts.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\windows.conditional.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\windows.connectivity.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\windows.device_monitor.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\windows.volumes.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\windows.winwrap.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._controls_.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._core_.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._gdi_.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._html2.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._misc_.pyd 2023-05-10 20:06 - 2023-05-10 20:06 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wx._windows_.pyd 2023-02-07 00:23 - 2023-02-07 00:23 - 000512000 _____ (Cloud Software Group, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\Shims.dll 2023-05-10 20:06 - 2023-05-10 20:06 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\python27.dll 2023-02-24 23:02 - 2023-02-24 23:02 - 001600512 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll 2023-02-24 23:02 - 2023-02-24 23:02 - 002165760 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2021-09-29 07:30 - 2021-09-29 07:30 - 000218624 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.lDe 2021-09-29 07:30 - 2021-09-29 07:30 - 000056320 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\Windows\SYSTEM32\WIBUCM64.lDe 2023-05-10 20:06 - 2023-05-10 20:06 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxbase30u_net_vc90_x64.dll 2023-05-10 20:06 - 2023-05-10 20:06 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxbase30u_vc90_x64.dll 2023-05-10 20:06 - 2023-05-10 20:06 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxmsw30u_adv_vc90_x64.dll 2023-05-10 20:06 - 2023-05-10 20:06 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxmsw30u_core_vc90_x64.dll 2023-05-10 20:06 - 2023-05-10 20:06 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxmsw30u_html_vc90_x64.dll 2023-05-10 20:06 - 2023-05-10 20:06 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\do83h\AppData\Local\Temp\_MEI141562\wxmsw30u_webview_vc90_x64.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Windows:CM_460d012b145979dbf37dc3b0d01ccb88c0d32947f35d43424efdd9b5dd3d14d5 [74] AlternateDataStreams: C:\Windows:CM_663b0d0a539d6165560218efcbd7453ad718e66208ff706cc3a31c7a8e4b9b0e [74] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== SearchScopes: HKU\S-1-5-21-584500284-1391629960-3397962802-1005 -> DefaultScope {4226AE2E-DA9C-4FEC-ADD0-2938E5D206C9} URL = SearchScopes: HKU\S-1-5-21-584500284-1391629960-3397962802-1005 -> {4226AE2E-DA9C-4FEC-ADD0-2938E5D206C9} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-03-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\x64\SwissAcademic.Citavi.IEPicker.DLL [2023-03-23] (Swiss Academic Software -> Swiss Academic Software) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\SwissAcademic.Citavi.IEPicker.DLL [2023-03-23] (Swiss Academic Software -> Swiss Academic Software) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2023-01-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\localhost -> localhost ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\do83h\OneDrive\Bilder\20201203_232012.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-584500284-1391629960-3397962802-1005\...\StartupApproved\Run: => "GoogleDriveFS" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{1A83EFA7-0542-46E5-9787-595031A07EB6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5731ADC6-7E60-4ED0-8B37-E2980C4408E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C992071C-F4BA-461C-8494-4EB8CA948F98}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{4269E496-7B7B-49DE-A2C6-85BA6181F15A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{07AD66A0-7A75-4700-AD0B-447D1CCA7173}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{C5A75EDE-55BF-4D8E-B211-90421381FEDD}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{AB9924EC-BE8D-4050-896F-F7B061682528}] => (Allow) C:\Users\do83h\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{C9FBF2F2-D244-4EFD-BBDB-D359A5DCA33D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{2B4D694B-B65E-492B-AA68-6EFD9C6D7478}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{78965097-61FD-4ED1-B0DB-E0E4554F5C8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert] FirewallRules: [{4961590A-E9C8-413A-B8B3-422F32EA911F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert] FirewallRules: [{2DE5F4C7-FEFE-45FA-9DD2-774EFF9C0594}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [Datei ist nicht signiert] FirewallRules: [{B983BDC8-9219-4CDB-BADE-2C1207477073}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [Datei ist nicht signiert] FirewallRules: [{27A009E9-D942-4FDB-9E04-A943590297D0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => Keine Datei FirewallRules: [{4804A448-841A-4375-A3E1-31A216F373B3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => Keine Datei FirewallRules: [{D22BF529-B605-4B6B-9980-DB6EF6631A6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{8168CAFE-BEF4-4770-94FF-9C165B5BA5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{6076706E-C7C9-4EDA-AC8C-AE97ACD9F30B}D:\germanfunscript\mirc.exe] => (Allow) D:\germanfunscript\mirc.exe () <==== ACHTUNG [Null Byte Datei/Ordner] FirewallRules: [UDP Query User{4B855A4A-6C2C-460C-A9BC-F2B422E04D5C}D:\germanfunscript\mirc.exe] => (Allow) D:\germanfunscript\mirc.exe () <==== ACHTUNG [Null Byte Datei/Ordner] FirewallRules: [{077F70C1-2CEA-4C12-9779-4A83A7C367C5}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{7DCFF239-148D-47FA-97BF-6F199139BB76}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{A4EED48E-BFCB-4021-BF6F-C17CC386549B}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{0E839BF7-3245-48F4-888B-01F936DFBA5E}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{C3AC304C-3C8E-426C-9B83-93608B27420C}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{19EA0D33-EDB7-4A72-ACC7-3CEC33B7A378}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3261CB5D-DFC2-48EF-8B1C-BC07CB075042}] => (Allow) C:\Users\do83h\AppData\Local\Temp\7zS3462\HP.EasyStart.exe => Keine Datei FirewallRules: [{3016874C-B080-4FE8-A159-09C8CEA3257C}] => (Allow) C:\Users\do83h\AppData\Local\Temp\7zS355A\HP.EasyStart.exe => Keine Datei FirewallRules: [{B576C5F3-E56F-41C7-94AA-1B681CE44758}] => (Allow) C:\Programme\ftp-uploader\FTPUploader.exe => Keine Datei FirewallRules: [{58D2599F-700D-4DC0-B034-E98317FCC896}] => (Allow) C:\Programme\ftp-uploader\FTPUploader.exe => Keine Datei FirewallRules: [{2F7F35B0-8DEB-4112-8305-7A9C9DF86471}] => (Allow) C:\Users\do83h\AppData\Local\Programs\Opera\67.0.3575.53\opera.exe => Keine Datei FirewallRules: [TCP Query User{52DE1D0B-80DE-48E7-B07A-8C2621FB460A}C:\program files (x86)\icq\icq.exe] => (Allow) C:\program files (x86)\icq\icq.exe => Keine Datei FirewallRules: [UDP Query User{4CE88939-DF7E-4732-BD99-82EA33DF945C}C:\program files (x86)\icq\icq.exe] => (Allow) C:\program files (x86)\icq\icq.exe => Keine Datei FirewallRules: [{0BD76F22-3A76-4AE8-B85E-0D5F0EC682C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [{2763FA1C-BCFD-4FD6-9A0C-6CD2044D5F03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [{AD42407A-317B-4BC1-A57D-58DDE7C30BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021 Touch\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [{397D6737-1738-496D-A5F3-4620080DB974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021 Touch\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [TCP Query User{04634F77-68BA-44D0-96FA-2E269400C92D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{D90C5E21-9D34-4BD3-95D8-5A90EF934BDF}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{CA9EF035-44A2-4023-994E-F06C7267A2AE}G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe] => (Allow) G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{B5384481-8A52-49BE-B452-E9FEB687C5A8}G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe] => (Allow) G:\__neuer pc medion oktober 2020\sicherungen vom alten pc\germanfunscript\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{9C266B58-5837-4F14-8ED3-55850FEFCB9B}C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{F970D8C5-A9BB-4BB5-BBD7-4E2CA061E2B0}C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\do83h\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8E996BBA-E521-4C0C-BFB2-44006CEAA027}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C62A528F-9005-4B14-9645-9CBF11A2211A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{0AE8D691-C774-4DDE-A3B5-DB93D95520CC}C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe] => (Allow) C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe (TEAMDEV LTD. -> The Chromium Authors) FirewallRules: [UDP Query User{6E56B611-983C-45E7-B9A0-126D0B1BA121}C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe] => (Allow) C:\users\do83h\appdata\local\jxbrowser\7.15_x64\chromium.exe (TEAMDEV LTD. -> The Chromium Authors) FirewallRules: [TCP Query User{48BAD51C-6E9D-4ADA-ABC3-2C293FCB7F60}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{A490F037-01AD-4740-8428-4901A593DD1A}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc\mirc.exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{1D3A27B8-E90E-403D-B14D-75762255F683}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{B9C33F69-B4CF-4E27-A100-1AF8A5EFD605}C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe] => (Allow) C:\users\do83h\onedrive\dokumente\germanfunscript\mirc (2).exe (mIRC Co. Ltd.) [Datei ist nicht signiert] FirewallRules: [{F9257276-5D95-48B2-8D94-4D0F314FF9FE}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{2BED97C3-C9F1-4838-BEFF-3CD10A8440AF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{FC85DFCD-E50E-44EF-BFE8-E156210BA8E6}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{1BAF5D6E-30B7-459F-A220-967CFF7AE31D}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{F31317B2-5019-43F3-9CA8-BCA6B81B6ACB}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{97250A55-32AB-44E1-A35E-7AFE8E944E57}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{C038A0F9-7DC6-45EA-8BF0-F66054BDB1CF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{7B1E9BE0-D757-428A-9801-08F57E63BB0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [{D28CC963-9B82-4191-B5B5-F36DA1B1CD8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [Datei ist nicht signiert] FirewallRules: [{44D08B88-985A-4679-A942-15FAA5F1690B}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{6DDAAEFE-A5CA-465F-9E56-C7F6003988E6}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{426DF6BA-7EAC-425F-9A41-10ACC7575050}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{349A9509-0562-4E8C-8E1B-82DEE374ECD1}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{4599150E-EE6C-4BFF-A54F-BD8BFB9E134A}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{8368168C-9629-4E62-B484-F6751CCFDFB1}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{0FB0B6C2-558C-4190-BBF8-F827086F1E41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DA5256F6-44D3-4BFF-8493-F6C83BE6090B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EDFE08D6-2D12-4A59-9FAD-A152E840314B}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{2ADFBFE8-7C9B-4C67-9D30-9E1EED70CDE0}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{35C59D83-368A-44D8-96E3-5D8FF9B76E2C}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{01ED5F99-B8B6-4A96-867A-BD094B93ABCF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{54BA204B-45EC-4DF4-8B49-F560AF474F0A}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{DBF7FC75-387B-47BC-AC24-DAD807426B46}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{AD6006F8-04D0-410B-93DA-A762A8F9FB24}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{AD2982F0-2F42-418F-8C47-DF460B9CFE35}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{9F5714B7-3E5A-472A-8377-23CDF8D6163C}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{C2E89D23-C8A0-4EF5-BAB4-E5F5CEFD7C39}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{6FAFF0E4-0B0A-4471-B6E0-228380983555}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{B2FB0A4E-C7FE-4163-982B-F0B688CDF303}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{2ED68962-F905-4924-A4CF-56B83F88AF14}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{30339956-8C4F-4735-8CC8-2EC3A5A534CF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe => Keine Datei FirewallRules: [{DE86BE77-8AA1-46EA-9B88-CEA7785648C4}] => (Allow) C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\CitrixEnterpriseBrowser.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) FirewallRules: [{1550DA8F-6ECA-42BB-A215-D8055EE73786}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{EF1F8A95-A410-4418-BEE2-B9EAE245AEA9}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{1140C0D0-5214-41F2-B9F1-55C49F529AF7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{F00A2095-7BE0-4F1F-B87A-8DA54E1ABD05}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{56952FB3-7E5A-44F2-B11D-ABEA53B11A81}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0C512E20-D088-4E83-A59C-536B6789BC14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C07974BA-AFC9-470B-A91B-AAAA45BFD28B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E67DE364-B9A0-44F9-8661-40684E277B38}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C305CACD-8139-4B6A-B8F9-B6A5E4711C0C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2CB24F62-6FF7-47DC-93E8-E9212AE90E85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{1CEEC802-B50B-4501-B23C-664B7F8FF334}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{42C372B2-DB30-4854-8F27-70D31A5CBA80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{F7432A2D-EBE4-4510-8418-207C9AF2E8BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{1D714636-9B9C-491B-AF08-A7C0DA206A49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{1049144B-6E03-491C-969B-29B88E8B4230}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{287B2C80-D956-4631-9183-9F2C0A97A4D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{69651D4A-0D7A-4018-A651-E14990499673}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{9B4C43F0-6F70-41E7-911B-87C5846B6AAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{19067314-787B-472B-94CD-5913B6B34794}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0D81A5E6-4E21-424D-A6E0-F427304AE4F5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.35\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F2BBDAAA-DCB4-4B38-9279-6058F1B6BCD1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server ==================== Wiederherstellungspunkte ========================= 21-04-2023 18:56:53 Geplanter Prüfpunkt 24-04-2023 10:20:23 Removed Microsoft Office Professional Plus 2010 01-05-2023 23:03:09 Installed Citavi 6. ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (05/07/2023 06:23:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf HDDRIVE2GO (G:) nicht abschließen. Grund: Dieser Vorgang wird auf diesem Dateisystem nicht unterstützt. (0x89000020) Error: (04/30/2023 12:49:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf HDDRIVE2GO (G:) nicht abschließen. Grund: Dieser Vorgang wird auf diesem Dateisystem nicht unterstützt. (0x89000020) Error: (04/30/2023 12:03:29 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (04/27/2023 09:47:43 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-V3T0UTA) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (04/24/2023 10:53:47 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: SecurityService.exe, Version: 5.18.284.0, Zeitstempel: 0x609c79ed Name des fehlerhaften Moduls: coreclr.dll, Version: 4.700.21.26205, Zeitstempel: 0x609c3176 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001b17ff ID des fehlerhaften Prozesses: 0x3ed4 Startzeit der fehlerhaften Anwendung: 0x01d9768a36ae576d Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\TotalAV\SecurityService.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\TotalAV\coreclr.dll Berichtskennung: e2da7630-3277-444a-aee6-1f673710de4d Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/24/2023 10:53:47 AM) (Source: .NET Runtime) (EventID: 1023) (User: ) Description: Application: SecurityService.exe CoreCLR Version: 4.700.21.26205 .NET Core Version: 3.1.16 Description: The process was terminated due to an internal error in the .NET Runtime at IP 6E8517FF (6E6A0000) with exit code c0000005. Error: (04/24/2023 10:53:47 AM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Das Sicherheitscenter konnte den Aufrufer nicht überprüfen. Der Fehler %1 ist aufgetreten. Error: (04/24/2023 10:35:53 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Systemfehler: ============= Error: (05/07/2023 12:35:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert. Error: (05/06/2023 12:25:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-V3T0UTA) Description: Der Server "Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (05/06/2023 12:25:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-V3T0UTA) Description: Der Server "Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (05/02/2023 05:44:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert. Error: (04/30/2023 12:02:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (04/30/2023 12:02:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (04/29/2023 10:54:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (04/28/2023 02:58:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Windows Defender: ================ Date: 2023-05-10 20:07:55 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/FusionCore.C&threatid=266656&enterprise=0 Name: PUA:Win32/FusionCore.C Schweregrad: Niedrig Kategorie: Potenziell unerwünschte Software Pfad: file:_C:\Users\do83h\Downloads\CheatEngine72.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: DESKTOP-V3T0UTA\do83h Prozessname: C:\Users\do83h\OneDrive\Desktop\FRST64.exe Sicherheitsversion: AV: 1.389.612.0, AS: 1.389.612.0, NIS: 1.389.612.0 Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3 Date: 2023-05-07 18:08:46 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {3C49945B-11BC-4C86-AD23-02BA94B1CE7C} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-05-01 18:05:05 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {C45254D8-AE4F-42FD-9CA6-D768C4D1DEA1} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-04-30 12:44:24 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {4E29DF5B-2E28-4135-A6B1-34D28D1CEF38} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-04-28 16:15:00 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {A5FC0905-6946-48B7-8930-838695B977B9} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Event[0]: Date: 2023-03-18 11:58:52 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.327.879.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: %Vorherige Modulversion: 1.1.17600.5 Fehlercode: 0x80004004 Fehlerbeschreibung: Vorgang abgebrochen Date: 2023-03-18 11:58:52 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.327.879.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiSpyware Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: %Vorherige Modulversion: 1.1.17600.5 Fehlercode: 0x80004004 Fehlerbeschreibung: Vorgang abgebrochen Date: 2023-03-18 11:58:52 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.327.879.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: %Vorherige Modulversion: 1.1.17600.5 Fehlercode: 0x80004004 Fehlerbeschreibung: Vorgang abgebrochen Date: 2023-03-18 11:58:49 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: 1.385.384.0 %Vorherige Version der Sicherheitsinformationen: 1.327.879.0 Update Source: Benutzer Sicherheitstyp: AntiSpyware Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: 1.1.20100.6 %Vorherige Modulversion: 1.1.17600.5 Fehlercode: 0x80004004 Fehlerbeschreibung: Vorgang abgebrochen Date: 2023-03-18 11:58:49 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: 1.385.384.0 %Vorherige Version der Sicherheitsinformationen: 1.327.879.0 Update Source: Benutzer Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: 1.1.20100.6 %Vorherige Modulversion: 1.1.17600.5 Fehlercode: 0x80004004 Fehlerbeschreibung: Vorgang abgebrochen CodeIntegrity: =============== Date: 2023-05-10 20:09:23 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-05-07 18:07:42 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 360H4W0X.116 02/25/2020 Hauptplatine: MEDION B360H4-EM Prozessor: Intel(R) Core(TM) i5-9400 CPU @ 2.90GHz Prozentuale Nutzung des RAM: 42% Installierter physikalischer RAM: 16237.52 MB Verfügbarer physikalischer RAM: 9387.63 MB Summe virtueller Speicher: 18669.52 MB Verfügbarer virtueller Speicher: 11496.59 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:449.85 GB) (Free:35.95 GB) (Model: E12-512G-PHISON-SSD-B16-BB1) NTFS Drive d: (Recover) (Fixed) (Total:25 GB) (Free:7.09 GB) (Model: E12-512G-PHISON-SSD-B16-BB1) NTFS Drive g: (HDDRIVE2GO) (Fixed) (Total:931.47 GB) (Free:432.02 GB) (Model: ASMT 2115 SCSI Disk Device) FAT32 \\?\Volume{b319fff4-b23e-42fe-b98d-753bae4dd40c}\ () (Fixed) (Total:0.98 GB) (Free:0.38 GB) NTFS \\?\Volume{63a434ab-a066-44ea-8fb0-0e21ce378da4}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ==================== Ende von Addition.txt ======================= |
Themen zu Windows 10: Browser/Internet unglaublich langsam - vielleicht was eingefangen? |
einfach, eingefangen, gefangen, gen, inter, interne, internet, langsam, leitung, nicht, seite, tagen, unglaublich, urlaub, windows, windows 10, öffnen |