| |
| |||||||
Log-Analyse und Auswertung: Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.09.2023, 06:14
| #1 |
 |  Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet Hallo ihr Lieben, ich hatte gestern nach einen Download eine Meldung von Bitdefender, dass eine infizierte Datei gefunden wurde und ich einen Systemscan ausführen soll. Der Scan ist durch ohne Ergebniss. Es wurden allerdings über 300 passwortgeschützte Dateien übersprungen, wie. C:\Program Files\Conexant\Install\Audio\SFPPreset Ich würde mich über eure Unterstützung sehr freuen! Lieben Dank!  |
|
05.09.2023, 11:22
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtetZitat:
Du machst aus dem Download ein Geheimnis (Quelle?!), aus dem Dateinamen und was darin gefunden wurde.
__________________ |
|
05.09.2023, 12:27
| #3 |
| | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet Hallo Cosinus,
__________________vielen Dank für deine Rückmeldung. Der Download ist von hier erfolgt: https://www.vlc.de/ Ich wollte mir den VLC-Player Downloaden. Das hat Bitdefender mir gemeldet: Infizierte Datei gefunden vor 23 Stunden Funktion: Virenschutz Die Datei C:\Users\smaas\AppData\Local\VLC Plus Player Updater\uninst.exe ist mit Trojan.GenericKD.68969267 infiziert und wurde in die Quarantäne verschoben. Wir empfehlen die Durchführung eines System-Scans, um weitere Infektionen auszuschließen. Benötigst du weitere Informationen? LG, Stephanie |
|
05.09.2023, 12:57
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet DownloadquellenLade keine Software von Chip.de, Softonic.de, sourceforge.net, openoffice.de, VLC.de, audacity.de, gimp24.de oder updatestar.com. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software (Potentially unwanted programs, kurz PUP) oder Adware installiert. Auf manchen Seiten wird direkt PUP / Adware zum Download angeboten. Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> chocolatey Paketmanager für Windows Wir empfehlen dringend, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein. Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch) Selbstverständlich darfst du auch Fragen zu chocolatey im o.g. Thread zu chocolatey stellen. Für den seltenen Fall, dass du das benötigte Programm nicht im repository von chocolatey findest: Lade diese Software immer direkt beim jeweiligen Hersteller / Entwickler.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.09.2023, 14:03
| #5 |
| | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet Vielen Dank für den Hinweis, das werde ich zukünftig beachten. Wie kann ich denn den Trojaner nun wieder los werden? |
|
05.09.2023, 15:49
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet Hinweise für Hilfesuchende nicht gelesen?
__________________ --> Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet |
|
06.09.2023, 20:45
| #7 |
| | LOG Vornweg: Ich habe einen kleinen Büroservice im Nebenerwerb, daher Datev Rechnungswesen compact auf meinem PC. Ich arbeite hier etwa 10 Stunden im Monat. Ansonsten bin ich ganz normal Arbeitnehmer. Hier die Log Dateien vom FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
durchgeführt von smaas (Administrator) auf DESKTOP-0H6HISI (HP HP ProBook 470 G5) (06-09-2023 08:18:28)
Gestartet von C:\Users\smaas\Desktop\FRST64.exe
Geladene Profile: smaas & MSSQLFDLauncher$DATEV_DBENGINE & MSSQL$DATEV_DBENGINE
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.259\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdwtxag.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\seccenter.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <2>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\fdhost.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\Conexant\Flow\Flow.exe
(DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\RZKOMM\Datev.CC.CommunicationScheduler.Launcher.exe
(DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\SiPaCompact\SiPaHost.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_570a7fccc53e137a\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_570a7fccc53e137a\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\BridgeCommunication.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(explorer.exe ->) (DATEV eG 08 3 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\B0000522\LogFilter.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Conexant Systems LLC.) [Datei ist nicht signiert] C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\B0001442\PSNTServ.exe
(services.exe ->) (DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\SiPaCompact\SiPaHostService.exe
(services.exe ->) (DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe <6>
(services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_570a7fccc53e137a\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_2a3519c52621d0fe\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_2a3519c52621d0fe\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvbl.inf_amd64_a9783cef5015881f\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Conexant Systems LLC -> Conexant) C:\Windows\System32\MicTray64.exe
(svchost.exe ->) (DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\Install\Datev.Installation.Deployment.Notifier.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\smaas\AppData\Local\Microsoft\OneDrive\23.174.0820.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynaMonApp.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-04-08] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2021-02-12] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1061912 2023-08-30] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BdagentApp] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1061912 2023-08-30] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5092056 2021-02-12] (Acronis International GmbH -> )
HKLM-x32\...\Run: [DVCServ] => C:\Program Files (x86)\DATEV\PROGRAMM\SipaCompact\SiPaHost.exe [1255880 2023-01-19] (DATEV eG 08 4 -> DATEV eG)
HKLM-x32\...\Run: [SwmHintergrunddienst] => C:\Program Files (x86)\DATEV\PROGRAMM\SWS\SwmHintergrundDienst.exe [5386696 2023-01-10] (DATEV eG 08 4 -> DATEV eG)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-12-07] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Datev.CC.ControllerUserMode] => "C:\Program Files (x86)\DATEV\PROGRAMM\RZKOMM\Datev.CC.Processes.Cmd.exe" StartRdtControllerUserMode -retry true (Keine Datei)
HKLM-x32\...\Run: [HPNotifications] => C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [1607816 2021-02-11] (HP Inc. -> HP)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\Run: [MicrosoftEdgeAutoLaunch_791E7B7535ADD96E71CD4B90BD0A54B8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\MountPoints2: {f663c88e-9323-11ed-8dbf-0cdd24e485df} - "E:\LaunchU3.exe" -a
HKLM\...\Windows x64\Print Processors\Canon MX920 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBL.DLL [30208 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX920 series: C:\WINDOWS\SYSTEM32\CNCALBL.DLL [303104 2012-09-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX920 series: C:\WINDOWS\SYSTEM32\CNMLMBL.DLL [390656 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\SkyPDF_ProPort: C:\WINDOWS\SYSTEM32\skypdfmonpro.dll [29416 2021-09-03] (SKYCOM CORPORATION -> SKYCOM Co.,Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\116.0.5845.142\Installer\chrmstp.exe [2023-09-05] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{161F2DD3-BD91-4163-9E75-9957F595E485}] -> C:\WINDOWS\SYSTEM32\DvInesCredentialProviderX64.Dll [2022-07-07] (DATEV eG 08 4 -> DATEV eG)
HKLM\Software\...\Authentication\Credential Providers: [{2BF59B80-2BCF-4CD1-83F7-06FECD227D00}] -> C:\WINDOWS\System32\DVCCSAVdstCredentialProvider64.dll [2023-01-19] (DATEV eG -> DATEV eG)
HKLM\Software\...\Authentication\Credential Providers: [{2BF59B80-2BCF-4CD1-83F7-06FECD227D01}] -> C:\WINDOWS\System32\DVCCSAVdstReaderSelectionProvider64.dll [2023-01-19] (DATEV eG -> DATEV eG)
HKLM\Software\...\Authentication\Credential Provider Filters: [{2BF59B80-2BCF-4CD1-83F7-06FECD227D00}] -> C:\WINDOWS\System32\DVCCSAVdstCredentialProvider64.dll [2023-01-19] (DATEV eG -> DATEV eG)
HKLM\Software\...\Authentication\Credential Provider Filters: [{2BF59B80-2BCF-4CD1-83F7-06FECD227D01}] -> C:\WINDOWS\System32\DVCCSAVdstReaderSelectionProvider64.dll [2023-01-19] (DATEV eG -> DATEV eG)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-11-16]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Basisschnittstelle Office Initialisierung.lnk [2023-06-20]
ShortcutTarget: Basisschnittstelle Office Initialisierung.lnk -> C:\Program Files (x86)\DATEV\PROGRAMM\BSOFFICE\service\OfficeDiag.exe (DATEV eG 08 4 -> DATEV eG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CleanupPrintJobs.lnk [2023-01-13]
ShortcutTarget: CleanupPrintJobs.lnk -> C:\Program Files (x86)\DATEV\PROGRAMM\B0001401\CleanupPrintJobs.exe (DATEV eG 08 4 -> DATEV eG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Konfigurations- und Produktinformationen an DATEV eG senden.lnk [2022-12-12]
ShortcutTarget: Konfigurations- und Produktinformationen an DATEV eG senden.lnk -> C:\Program Files (x86)\DATEV\PROGRAMM\B0000522\Logfilter.exe (DATEV eG 08 3 -> DATEV eG)
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {8B3537C6-9802-4AFC-BC10-3DC07E3DFE5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {68F0E477-3B29-4581-8323-9CD95B17ADE2} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.259\WatchDog.exe [937000 2023-07-27] (Bitdefender SRL -> Bitdefender)
Task: {1BBD9ECE-FE12-43B8-9680-C978081A4BCA} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe (Keine Datei)
Task: {79CBD9D0-079E-4508-913E-4AF4B8A93731} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {BE6F1407-A651-4147-A774-67D7B0667387} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "93185c1c-0d65-4742-a7c8-40f3a572fb2f" --version "6.15.10623" --silent
Task: {9CAD246B-8376-4C87-9B87-36F409C86183} - System32\Tasks\CCleanerSkipUAC - smaas => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D1B78500-C8D2-46DD-A2E7-15AF88820AEF} - System32\Tasks\DATEV eG\DATEV Deployment-Executer => C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\INSTALL\Datev.Installation.Deployment.Executer.exe [25032 2022-07-07] (DATEV eG 08 4 -> DATEV eG)
Task: {98802CB2-892D-4498-91A9-570D7CF6F0B9} - System32\Tasks\DATEV eG\DATEV Deployment-Notifier => C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\INSTALL\Datev.Installation.Deployment.Notifier.exe [139720 2022-07-07] (DATEV eG 08 4 -> DATEV eG)
Task: {1A0BABCC-5B05-49F7-9356-5DD059FD9AD2} - System32\Tasks\DATEV eG\DATEV Installation-Logfile-Delete => C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\INSTALL\Datev.Installation.Utility.LogFile.exe [146888 2022-07-07] (DATEV eG 08 4 -> DATEV eG) -> "@C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\INSTALL\Datev.Installation.Utility.LogFile.Delete.Workstation.Daily.dat"
Task: {5CD4977F-EE7C-486F-885D-55012A7FF9D8} - System32\Tasks\DATEV eG\DATEV_SPTool => C:\Program Files (x86)\DATEV\PROGRAMM\B0000585\DATEV_SPTool_SID.exe [113608 2022-03-10] (DATEV eG 08 4 -> DATEV eG)
Task: {53B8F356-7384-4060-A811-681924DB42D0} - System32\Tasks\DATEV eG\DATEV_SPTool_System => C:\Program Files (x86)\DATEV\PROGRAMM\B0000585\DATEV_SPTool_SID.exe [113608 2022-03-10] (DATEV eG 08 4 -> DATEV eG)
Task: {B3F70B3D-EB04-4A83-B295-4B87369BD093} - System32\Tasks\DATEV eG\DV_LogClean => C:\Program Files (x86)\DATEV\PROGRAMM\B0000585\LogDelete.exe [18376 2022-03-10] (DATEV eG 08 4 -> DATEV eG)
Task: {E01E6199-A984-43B6-A45B-B682D84839CE} - System32\Tasks\DATEV eG\DV_LogClean_All => C:\Program Files (x86)\DATEV\PROGRAMM\B0000585\LogDelete.exe [18376 2022-03-10] (DATEV eG 08 4 -> DATEV eG)
Task: {FD852E11-17AC-43AE-92CD-C25F52E495E9} - System32\Tasks\DmsStatisticDataSender => C:\Program Files (x86)\DATEV\PROGRAMM\K0005100\Datev.Dms.DmsStatistic.DataSender.exe [9744 2023-06-07] (DATEV eG 08 3 -> DATEV eG)
Task: {3588DF63-0B39-4807-9F6A-1D6F15B83D4B} - System32\Tasks\DV_Clean => C:\Program Files (x86)\DATEV\PROGRAMM\B0001502\CdbConsoleProAsUser.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
Task: {443BA603-DF33-49AD-83C4-91808A5FFAC3} - System32\Tasks\DV_LimaProST_session0 => C:\Program Files (x86)\DATEV\PROGRAMM\SWS\LimaProST.exe [5325256 2023-01-10] (DATEV eG 08 4 -> )
Task: {4505F1D2-305D-47B1-B2F7-B05CB5BAFF79} - System32\Tasks\DV_mon => C:\Program Files (x86)\DATEV\PROGRAMM\B0000522\LogReporter.exe [116240 2022-11-07] (DATEV eG 08 3 -> DATEV eG)
Task: {CA61974A-85C1-4131-ADF0-92685A168B5C} - System32\Tasks\DV_mon_logfilter_session0 => C:\Program Files (x86)\DATEV\PROGRAMM\B0000522\LogFilter.exe [107024 2022-11-07] (DATEV eG 08 3 -> DATEV eG)
Task: {AE4331C4-9A22-4EF7-AE37-F7FC878E0DBC} - System32\Tasks\DV_Purge => C:\Program Files (x86)\DATEV\PROGRAMM\B0001502\CdbConsoleProAsUser.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
Task: {295426A0-B22A-494E-B9CD-1A50392DBE91} - System32\Tasks\DV_UserAutoStartAgent => C:\Program Files (x86)\DATEV\PROGRAMM\B0001502\CdbConsoleProAsUser.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
Task: {C36B7612-5F6C-46BB-95C2-E4187EC798F9} - System32\Tasks\DV_UserAutoStartAgent_SystemStartup => C:\Program Files (x86)\DATEV\PROGRAMM\B0001502\CdbConsoleProAsUser.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
Task: {6540BA54-A90C-4B35-8F4E-6B1BAED385BF} - System32\Tasks\G2MUpdateTask-S-1-5-21-3236408109-601453854-1968072414-1001 => C:\Users\smaas\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9B70A16C-DD97-4A0E-9567-A17039836807} - System32\Tasks\G2MUploadTask-S-1-5-21-3236408109-601453854-1968072414-1001 => C:\Users\smaas\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {E85EFB26-FBE1-4F4A-8E40-29C6AF20F214} - System32\Tasks\GoogleUpdateTaskMachineCore{4EEC788D-9B8F-49F2-A53F-3F4B7362CA88} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-11] (Google LLC -> Google LLC)
Task: {3F23F258-0BF9-456F-BEF0-001779F8C430} - System32\Tasks\GoogleUpdateTaskMachineUA{07CF223A-BFD5-4C02-9AA4-2B78FD9DE66A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-11] (Google LLC -> Google LLC)
Task: {82DD4766-9A6F-482A-92E7-47EE5D437236} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [702512 2023-07-25] (HP Inc. -> HP Inc.)
Task: {B2BF4658-7B5F-40E5-A90B-EBA7CAC5F579} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-07-25] (HP Inc. -> HP Inc.)
Task: {7751B2E5-DA82-41CA-8E26-313A6A74A2F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-07-25] (HP Inc. -> HP Inc.)
Task: {8C4E8789-BDCD-4A0D-9A40-05004C9781C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-07-25] (HP Inc. -> HP Inc.)
Task: {65984931-9CF2-443E-96F3-174522023766} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\SYSTEM32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {AC646B5D-792C-4BF2-85C3-72B8E0F3F0E3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B16D290-ED5F-44FE-828F-26C3D7072BC5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B23DF06-67FF-4570-A534-B3EE3D6EBF5B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {10D025E8-9ECE-4EFA-8267-8A915DF18FA7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1406349-B7F4-48D7-BF6E-4D1AFDD3E7FB} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {95BB1225-3EC7-43D6-A140-962F557E0150} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2938448 2020-07-03] (Conexant Systems LLC -> Conexant)
Task: {3A867671-2DE7-4906-83B4-AC2CD3D216BC} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [177976 2021-08-25] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {7E10C1A8-95AE-4210-AECE-302DD21AF501} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {CBA62335-C2F3-463B-A4A0-A0CEA2CCC84E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-08-30] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F1D4BD86-E6B8-4863-9673-A38EE86B12CE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-08-30] (Mozilla Corporation -> Mozilla Foundation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3236408109-601453854-1968072414-1001.job => C:\Users\smaas\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3236408109-601453854-1968072414-1001.job => C:\Users\smaas\AppData\Local\GoToMeeting\19950\g2mupload.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5ccce4c8-3bf9-4259-888e-036f193f84a9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a3e7e659-3e6b-4041-baa9-85ed32e88eca}: [DhcpNameServer] 192.168.178.1
Edge:
=======
DownloadDir: C:\Users\smaas\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\smaas\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-06]
Edge HomePage: Default -> hxxp://www.google.de/
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\smaas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2023-04-25]
Edge Extension: (Google Docs Offline) - C:\Users\smaas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28]
Edge Extension: (Edge relevant text changes) - C:\Users\smaas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-24]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
Edge HKLM-x32\...\Edge\Extension: [pdhdldaneekjpoaldekpgomomeabpnek]
FireFox:
========
FF DefaultProfile: fmohtb2h.default
FF ProfilePath: C:\Users\smaas\AppData\Roaming\Mozilla\Firefox\Profiles\fmohtb2h.default [2020-09-06]
FF ProfilePath: C:\Users\smaas\AppData\Roaming\Mozilla\Firefox\Profiles\g0i7ysw9.default-release-1599418123181 [2023-09-06]
FF Notifications: Mozilla\Firefox\Profiles\g0i7ysw9.default-release-1599418123181 -> hxxps://www.ueberbrueckungshilfe-unternehmen.de; hxxps://foodsharing.de; hxxps://de.shein.com; hxxps://www.holidaycheck.de
FF Extension: (mycashbacks GmbH) - C:\Users\smaas\AppData\Roaming\Mozilla\Firefox\Profiles\g0i7ysw9.default-release-1599418123181\Extensions\extension@mycashbacks.com.xpi [2023-07-24]
FF Extension: (plusrente Toolbar) - C:\Users\smaas\AppData\Roaming\Mozilla\Firefox\Profiles\g0i7ysw9.default-release-1599418123181\Extensions\plusrente@mehrwerk.de.xpi [2023-02-03]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security App\bdwteff.xpi [2023-04-24] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => nicht gefunden
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2023-04-25] [] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-08] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-11-04] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-11-04] <==== ACHTUNG
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default [2023-08-02]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Extension: (Bitdefender Wallet) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2022-11-23]
CHR Extension: (Google Docs Offline) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-29]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2022-11-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-11]
CHR Extension: (vidIQ Vision for YouTube) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2022-11-23]
CHR Profile: C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-07-14]
CHR Profile: C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-07-14]
CHR Extension: (Bitdefender Wallet) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2022-11-23]
CHR Extension: (Google Docs Offline) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-31]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2023-03-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-01]
CHR Profile: C:\Users\smaas\AppData\Local\Google\Chrome\User Data\System Profile [2023-07-14]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10425640 2021-02-12] (Acronis International GmbH -> )
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2021-02-12] (Acronis International GmbH -> Acronis International GmbH)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6382320 2021-02-26] (Acronis International GmbH -> )
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [842264 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2560552 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [842264 2023-08-30] (Bitdefender SRL -> Bitdefender)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-12-07] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817440 2023-08-19] (Microsoft Corporation -> Microsoft Corporation)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [81408 2021-08-25] (Conexant Systems LLC.) [Datei ist nicht signiert]
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [173880 2021-08-25] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 DATEV Sicherheitspaket-Basis-Dienst; C:\Program Files (x86)\DATEV\PROGRAMM\SiPaCompact\SiPaHostService.exe [396232 2023-01-19] (DATEV eG 08 4 -> DATEV eG)
S3 DATEV Update-Service; C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [169416 2022-09-21] (DATEV eG 08 4 -> DATEV eG)
R3 Datev.CC.Processes.Hosting.RdtServiceMode; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R2 Datev.Connect.Server; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.DataAdaptation.DataAdaptationManager.Host; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R3 Datev.Database.Conserve; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.Database.SqlBatchService.Host; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.Dms.Ocr.Service; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R2 Datev.Framework.RemoteServiceModel.EnablerService; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.Framework.RemoteServiceModel.Messaging.Server; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R3 Datev.Framework.RemoteServices; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.Irw.ServiceProvider.HostXcut.Server; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.JasperReports.DFLService.Server.WindowsService; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R2 DatevPrintService; C:\Program Files (x86)\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [43464 2023-03-24] (DATEV eG 08 4 -> DATEV eG)
S4 DfueSammlerDienst; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [529072 2019-06-20] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1115560 2021-04-12] (Bayerisches Landesamt fuer Steuern -> )
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_2a3519c52621d0fe\HotKeyServiceUWP.exe [1536456 2023-04-26] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [893984 2022-08-15] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\AppHelperCap.exe [888768 2023-07-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\DiagsCap.exe [887184 2023-07-24] (HP Inc. -> HP Inc.)
R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\NetworkCap.exe [883088 2023-07-24] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149448 2020-07-23] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\SysInfoCap.exe [887696 2023-07-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_570a7fccc53e137a\x64\TouchpointAnalyticsClientService.exe [497752 2023-07-24] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_2a3519c52621d0fe\LanWlanWwanSwitchingServiceUWP.exe [606664 2023-04-26] (HP Inc. -> HP Inc.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1933872 2021-02-12] (Acronis International GmbH -> )
R2 MSSQL$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe [481880 2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe [57224 2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [659496 2023-07-27] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\SQLAGENT.EXE [597896 2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLTELEMETRY$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\sqlceip.exe [254856 2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7394008 2021-02-12] (Acronis International GmbH -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [17900856 2023-08-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [288792 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-08-30] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_a9783cef5015881f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_a9783cef5015881f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [6205488 2023-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [798128 2022-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2020-12-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender)
R3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [39840 2023-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-09-06] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [701064 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2021-02-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [182832 2020-09-13] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1347496 2023-08-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R2 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [165312 2023-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 KobilCcid; C:\WINDOWS\System32\drivers\KobilCcid_x64.sys [50432 2020-11-12] (KOBIL Systems GmbH -> KOBIL Systems GmbH)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 RsFx0503; C:\WINDOWS\System32\DRIVERS\RsFx0503.sys [262888 2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [883256 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171968 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [633248 2023-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [522136 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2021-02-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U0 dmboot; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-09-06 08:14 - 2023-09-06 08:18 - 000077692 _____ C:\Users\smaas\Desktop\Addition.txt
2023-09-06 08:11 - 2023-09-06 08:19 - 000052949 _____ C:\Users\smaas\Desktop\FRST.txt
2023-09-06 08:11 - 2023-09-06 08:18 - 000000000 ____D C:\FRST
2023-09-05 21:04 - 2023-09-05 21:04 - 002382336 _____ (Farbar) C:\Users\smaas\Desktop\FRST64.exe
2023-09-05 13:22 - 2023-09-05 13:22 - 000000275 _____ C:\Users\smaas\Desktop\Plagegeister aller Art und deren Bekämpfung - Trojaner-Board.url
2023-09-04 13:39 - 2023-09-05 20:58 - 000000000 ____D C:\Users\smaas\AppData\Local\VLC Plus Player Updater
2023-09-04 13:35 - 2023-09-04 21:16 - 000000000 ____D C:\Users\smaas\.mediathek3
2023-09-04 13:35 - 2023-09-04 13:35 - 000000000 ____D C:\Users\smaas\.openjfx
2023-09-03 21:52 - 2023-09-03 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediathekView
2023-09-03 21:52 - 2023-09-03 21:52 - 000000000 ____D C:\Program Files\MediathekView
2023-08-31 11:33 - 2023-08-31 11:33 - 000083478 _____ C:\Users\smaas\Downloads\GS202306221608983.pdf
2023-08-30 08:26 - 2023-08-30 17:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-08-28 10:42 - 2023-08-28 10:42 - 000176632 _____ C:\Users\smaas\Downloads\Kontoauszug-1518338601-2023-08(1).pdf
2023-08-28 10:41 - 2023-08-28 10:41 - 000176632 _____ C:\Users\smaas\Downloads\Kontoauszug-1518338601-2023-08.pdf
2023-08-24 09:53 - 2023-08-24 09:55 - 094787188 _____ C:\Users\smaas\Downloads\wetransfer_dji_0072-jpg_2023-08-23_1226.zip
2023-08-23 11:06 - 2023-08-23 11:07 - 061800668 _____ C:\Users\smaas\Downloads\mu4_230821_Gartenbloggerin_Cut_H.NZswGMXr.264(1).mp4.part
2023-08-23 11:06 - 2023-08-23 11:06 - 000000000 _____ C:\Users\smaas\Downloads\mu4_230821_Gartenbloggerin_Cut_H.264(1).mp4
2023-08-23 11:01 - 2023-08-23 11:05 - 038230058 _____ C:\Users\smaas\Downloads\mu4_230821_Gartenbloggerin_Cut_H.coP8Yf7B.264.mp4.part
2023-08-23 10:55 - 2023-08-23 11:04 - 000000000 _____ C:\Users\smaas\Downloads\mu4_230821_Gartenbloggerin_Cut_H.264.mp4
2023-08-20 16:06 - 2023-08-20 16:06 - 000091092 _____ C:\ProgramData\agent.update.1692540376.bdinstall.v2.bin
2023-08-19 08:53 - 2023-08-19 08:53 - 000055780 _____ C:\Users\smaas\Downloads\abenteuersiedlung-MBKF-190823.pdf
2023-08-14 09:45 - 2023-08-14 09:49 - 000000000 ____D C:\Users\smaas\Desktop\defekter Stuhl
2023-08-13 21:25 - 2023-08-13 21:25 - 000030273 _____ C:\Users\smaas\Downloads\202312D2465141.pdf
2023-08-08 19:41 - 2023-08-08 19:41 - 000000000 ___HD C:\$WinREAgent
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-09-06 08:19 - 2020-09-13 15:03 - 000000000 ____D C:\Users\smaas\AppData\Local\CrashDumps
2023-09-06 08:07 - 2022-02-06 22:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-06 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-06 07:51 - 2022-02-11 11:11 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-06 07:51 - 2022-02-06 22:31 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-06 06:04 - 2020-10-01 21:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-06 05:01 - 2020-09-27 15:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-09-06 01:48 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-05 21:52 - 2022-02-11 11:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-05 21:52 - 2022-02-11 11:12 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-09-05 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-05 20:57 - 2022-02-14 14:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-05 20:56 - 2022-07-19 09:14 - 000000000 ____D C:\Program Files\CCleaner
2023-09-05 20:56 - 2020-03-18 22:52 - 000000000 ___RD C:\Users\smaas\OneDrive
2023-09-05 20:56 - 2020-03-18 22:49 - 000000000 __SHD C:\Users\smaas\IntelGraphicsProfiles
2023-09-05 17:52 - 2022-02-06 22:55 - 001632660 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-05 17:52 - 2019-12-07 16:51 - 000708714 _____ C:\WINDOWS\system32\perfh007.dat
2023-09-05 17:52 - 2019-12-07 16:51 - 000142956 _____ C:\WINDOWS\system32\perfc007.dat
2023-09-05 17:48 - 2019-12-12 04:42 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-05 17:48 - 2019-12-12 04:41 - 000000000 ___HD C:\Intel
2023-09-05 17:47 - 2022-02-06 23:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-05 17:47 - 2021-04-19 00:19 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-05 17:47 - 2020-11-16 14:24 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-09-05 17:47 - 2019-12-12 04:42 - 000000000 ____D C:\ProgramData\Synaptics
2023-09-05 17:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-09-05 17:47 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-04 22:24 - 2019-12-12 04:58 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-04 21:39 - 2020-03-18 22:53 - 000000000 ____D C:\Users\smaas\AppData\Roaming\Microsoft\Excel
2023-09-04 21:20 - 2020-03-18 22:49 - 000000000 ____D C:\Users\smaas\AppData\Local\Packages
2023-09-04 13:35 - 2022-02-06 22:43 - 000000000 ____D C:\Users\smaas
2023-09-04 11:28 - 2020-09-27 21:45 - 000000000 ____D C:\Users\smaas\AppData\Roaming\Microsoft\Word
2023-09-04 04:44 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-02 20:16 - 2022-02-06 23:08 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3236408109-601453854-1968072414-1001
2023-09-02 20:16 - 2022-02-06 23:08 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3236408109-601453854-1968072414-1001
2023-09-02 20:16 - 2022-02-06 22:43 - 000002403 _____ C:\Users\smaas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-02 15:29 - 2020-10-01 21:08 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-02 15:29 - 2020-10-01 21:08 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-01 11:41 - 2023-02-16 11:25 - 000009635 _____ C:\Users\smaas\Desktop\monatliche Fixkosten.xlsx
2023-08-31 15:31 - 2023-02-09 21:54 - 000010436 _____ C:\Users\smaas\Desktop\To do.xlsx
2023-08-30 17:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-30 17:38 - 2020-03-20 17:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-30 12:50 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-08-30 12:48 - 2022-06-05 15:49 - 001347496 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2023-08-30 12:45 - 2021-11-04 22:40 - 006205488 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2023-08-30 08:33 - 2020-03-20 17:26 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-24 02:09 - 2022-02-06 23:08 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-24 02:08 - 2022-10-14 05:48 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-24 02:08 - 2022-10-14 05:48 - 000002069 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-23 15:22 - 2021-09-15 09:57 - 000017479 _____ C:\Users\smaas\Desktop\Werte WP.xlsb.xlsx
2023-08-21 17:39 - 2022-09-21 09:56 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-08-21 14:51 - 2023-05-30 10:57 - 000000020 _____ C:\WINDOWS\system32\Caad.db
2023-08-21 12:35 - 2021-11-04 22:40 - 000049200 _____ (Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2023-08-20 16:06 - 2022-02-06 23:08 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-08-20 16:06 - 2020-03-20 17:10 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-08-18 02:27 - 2020-11-16 22:33 - 000000000 ____D C:\Users\smaas\AppData\Local\D3DSCache
2023-08-17 08:08 - 2022-09-21 09:56 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-08-17 08:07 - 2022-07-19 09:14 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-08-08 20:36 - 2020-03-20 17:15 - 000000000 ____D C:\ProgramData\BDLogging
2023-08-08 20:26 - 2022-02-06 22:39 - 000547952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-08 20:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-08 20:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-08 20:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-08 20:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-08 20:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-08 20:22 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-08 20:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-08 20:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-08 20:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-08 20:09 - 2022-02-06 22:40 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-08 19:34 - 2020-09-06 20:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-08 19:09 - 2020-09-06 20:48 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-11-13 11:46 - 2020-11-19 12:45 - 000005055 _____ () C:\Users\smaas\AppData\Local\EmptySettings.xml
2021-04-09 14:50 - 2021-09-30 09:09 - 000000128 _____ () C:\Users\smaas\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
06.09.2023, 20:46
| #8 |
| | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtetCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-08-2023
durchgeführt von smaas (06-09-2023 08:19:53)
Gestartet von C:\Users\smaas\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) (2022-02-06 21:08:57)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3236408109-601453854-1968072414-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3236408109-601453854-1968072414-503 - Limited - Disabled)
Gast (S-1-5-21-3236408109-601453854-1968072414-501 - Limited - Disabled)
smaas (S-1-5-21-3236408109-601453854-1968072414-1001 - Administrator - Enabled) => C:\Users\smaas
WDAGUtilityAccount (S-1-5-21-3236408109-601453854-1968072414-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {F4F8BE4F-D893-2EB2-F208-1A2FF1A396CA}
FW: Bitdefender Firewall (Enabled) {CCC33F6A-92FC-2FEA-D957-B31A0F70D1B1}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acronis True Image (HKLM-x32\...\{87622117-B0F6-4B23-A4F6-4DFF2847928F}) (Version: 24.7.38530 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{87622117-B0F6-4B23-A4F6-4DFF2847928F}Visible) (Version: 24.7.38530 - Acronis)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.003.20284 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.14 - philandro Software GmbH)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.259 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 26.0.1.21 - Bitdefender)
Blackmagic RAW Common Components (HKLM\...\{7C42C191-D936-4CA3-9B25-829BF37F1ECD}) (Version: 2.3 - Blackmagic Design)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Breitbandmessung 3.1.0 (HKLM\...\14607473-30db-509f-94f0-bb7c085c619e) (Version: 3.1.0 - zafaco GmbH)
BrLauncher (HKLM-x32\...\{C04DCB6D-02A2-41AD-AA79-2644CEB26445}) (Version: 2.0.17.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{79262B43-9E15-4732-A034-BFD29D9BD077}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{B9323EF9-E7BE-4245-A20A-7BFEB14E4060}) (Version: 1.0.8.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{979A5583-524C-4D33-8FF9-1B39F12CF385}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{4660CD4C-52A0-4BD1-B14E-C4F798103F11}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
BrSupportTools (HKLM-x32\...\{E1B7CE6D-A4F9-4C9B-8FAB-9178CF47FDED}) (Version: 1.0.27.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.15 - Piriform)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.278.150 - Conexant)
ControlCenter4 (HKLM-x32\...\{CD0E9C09-7A83-4DC4-A54E-7B8EECBF3CA0}) (Version: 4.6.22.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{1E89F75C-EF46-406C-9AAC-615B3CCC1D3D}) (Version: 4.3.2.1 - Brother Insutries Ltd.) Hidden
Crystal Reports Runtime 13 (HKLM-x32\...\{D7BA79EE-62AB-4B55-A7F0-7AA355C37EB5}) (Version: 13.32.1 - DATEV eG) Hidden
DATEV-Installationswerkzeug V.5.63 (HKLM-x32\...\DATEVB00000482.0) (Version: 5.63.3 - DATEV eG)
DaVinci Resolve (HKLM\...\{E9983894-990A-4A5A-8DBF-8E4E0D3A058A}) (Version: 17.4.30010 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7667C543-084F-47F7-BC60-175FC25E9D6F}) (Version: 2.0.1.0 - Blackmagic Design)
DFL7 ConfigDB (HKLM-x32\...\{D324A1B8-4B25-4164-BE36-046D6613B8A5}) (Version: 14.1.3109.2 - DATEV eG)
DFL7 Microkernel (HKLM-x32\...\{368459EE-A638-418B-80D8-06F3063BF0F9}) (Version: 14.1.3109.2 - DATEV eG)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
ElsterFormular (HKLM-x32\...\{8A261933-AEA6-4C5E-B6D0-B88A478BF56C}) (Version: 21.4 - Thüringer Landesamt für Finanzen)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
FileZilla Client 3.55.1 (HKLM-x32\...\FileZilla Client) (Version: 3.55.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.142 - Google LLC)
GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
Hotfix 3281 for SQL Server 2017 (KB4535007) (64-bit) (HKLM\...\KB4535007) (Version: 14.0.3281.6 - Microsoft Corporation)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HP Client Security Manager (HKLM\...\{8CD51E96-C904-4A9B-B533-537E5E074E4B}) (Version: 9.4.1.2817 - HP Inc.) Hidden
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.4.1.2817 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP Inc)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{89102AB4-6000-43B3-883A-5ED8650D3E40}) (Version: 11.4.2.2 - HP) Hidden
HP MAC Address Manager (HKLM-x32\...\{21FA165F-905C-4DDA-B00A-00C3A5D17BBA}) (Version: 1.1.19.1 - HP Inc.)
HP Notifications (HKLM-x32\...\{84937F28-9CB4-49E7-A2CF-E32D97E6DAE6}) (Version: 1.1.28.1 - HP)
HP System Default Settings (HKLM-x32\...\{F74D9DAE-A76A-4BE5-B42E-E6FE0731A9AD}) (Version: 1.4.16.6 - HP Inc.) Hidden
Identiv uTrust Smart Card Reader (HKLM-x32\...\{7915AA7A-46ED-4B2E-9027-E2392574D3A3}) (Version: 1.26.0 - Identiv)
Intel(R) Chipset Device Software (HKLM\...\{4A121459-D3F8-4908-A474-96D45641E357}) (Version: 10.1.18243.8188 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{f3b1c211-1159-4262-bb97-84150cda9096}) (Version: 10.1.18243.8188 - Intel(R) Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2238.3.31.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{9435FBA7-2E47-49A9-861E-8934EBDE5A44}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{D53290CC-858E-4F97-8527-820DB497B51C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{6A1E180E-5E4B-4431-8C80-EA82D118A30E}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.8.1029 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{66FD390A-B5DD-45F6-9225-45CEB1BDCDF1}) (Version: 17.2.8.1029 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{2B2BD352-136F-4616-ACD6-AD967508F8D9}) (Version: 30.100.1914.3 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1914.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.65.245.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.65.245.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{1be68cd9-7dbd-4481-816f-a0a7ec6359bd}) (Version: 1.65.245.0 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{cf961541-ca37-4826-a285-3a9cb22cd5a2}) (Version: 21.40.2 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{68A981A0-ED59-41E0-B45E-7A78F643120D}) (Version: 21.40.1.3406 - Intel Corporation) Hidden
MediathekView 14.0.0 (HKLM\...\1927-5045-2127-3394) (Version: 14.0.0 - MediathekView Team)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{BB8DFBB9-05D0-4703-8164-E8F79C3BD4F4}) (Version: 14.0.3281.6 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{7453C0F5-03D5-4412-BB8F-360574BE29AF}) (Version: 17.8.1.1 - Microsoft Corporation)
Microsoft OLE DB Driver for SQL Server (HKLM\...\{56FB1399-1E7B-4406-BCD3-F22108573014}) (Version: 18.6.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\OneDriveSetup.exe) (Version: 23.174.0820.0003 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{4D2C56FF-7F36-4B49-A97A-24F0522D41D7}) (Version: 11.3.6540.0 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 RsFx Driver (HKLM\...\{2C929CEC-B5F5-41D1-89E8-750AD39A588B}) (Version: 14.0.3281.6 - Microsoft Corporation) Hidden
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{51D86244-6DB6-4A95-806A-9EE10E2D16FE}) (Version: 14.0.3281.6 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{80BA67AB-DC1B-4BA4-BE55-AA3CDC4E901B}) (Version: 14.0.3281.6 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 (HKLM\...\{9D78F5D4-79D2-4FC6-AC56-F364A0ABC54F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B45E323E-F30E-44D3-9B36-EE116268AF9E}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{6CC9F172-F995-439A-9F1A-3C40311CABD5}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30133 (HKLM-x32\...\{42667D2E-B054-46C1-9D46-2EE1332C14C1}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30133 (HKLM-x32\...\{EC9807DE-B577-47B1-A024-0251805ACF24}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 117.0 (x64 de)) (Version: 117.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0.1 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{947DE453-69FD-4CF6-A682-04D1308C79AF}) (Version: 1.2.15.0 - Brother Industries, Ltd.) Hidden
NVIDIA Grafiktreiber 517.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.66 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PC-FAXReceive (HKLM-x32\...\{5905E4B2-93DD-4F9D-AC84-8AE1FC7F91F7}) (Version: 1.6.17.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{3C17737F-A6C4-4528-9A60-06DD0D4B3A63}) (Version: 1.0.18.1 - Brother Industries Ltd.) Hidden
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.216 - Realtek Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{EB4D046E-28C1-4884-9129-47F41317E9B0}) (Version: 3.10.3.0 - Brother Industries Ltd.) Hidden
RoomSketcher (HKLM-x32\...\RoomSketcher 1.0) (Version: 1.0 - RoomSketcher)
ScannerUtilityInstaller (HKLM-x32\...\{D65C0754-7790-427F-AD73-D7C644260F57}) (Version: 1.19.9.1 - Brother) Hidden
SCR3xxx Smart Card Reader (HKLM-x32\...\{17B0906A-26ED-45D0-B51B-83EF1AADCCFE}) (Version: 8.51 - Identive)
Sicherheitspaket compact (HKLM-x32\...\{5999335a-fb13-44f1-87c3-93c76b49042c}) (Version: 7.3.104.23019 - DATEV eG)
Sicherheitspaket compact (HKLM-x32\...\{CF427021-83D2-4528-9341-AB22FCC5ED80}) (Version: 7.3.104.23019 - DATEV eG) Hidden
Sicherheitspaket compact x64 (HKLM\...\{CB600ADE-4807-414E-A29E-39C59F6E8306}) (Version: 7.3.104.23019 - DATEV eG) Hidden
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{C37AD300-12CF-4911-9019-A05D66055EB4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
StatusMonitor (HKLM-x32\...\{B8C27558-33E8-46D3-B965-5937285234CD}) (Version: 1.22.25.0 - Brother Industries, Ltd.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.166 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.45.3 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_3.5.4.0_x64__kgqvnymyfvs32 [2023-08-17] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-07-06] (Canon Inc.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2021-05-22] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.3.2.0_x64__v10z8vjag6ke6 [2023-07-29] (HP Inc.)
HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_3.0.18.0_x64__v10z8vjag6ke6 [2022-11-12] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2023-08-15] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.28.34.0_x64__v10z8vjag6ke6 [2023-08-02] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.39.0_x64__v10z8vjag6ke6 [2023-04-06] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-06-10] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.10.0_x64__w1wdnht996qgy [2023-08-25] (LinkedIn) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-27] (Microsoft Corporation)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2307.24001.0_x64__8wekyb3d8bbwe [2023-08-02] (Microsoft Corporation) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-07-03] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Studios) [MS Ad]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3236408109-601453854-1968072414-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3236408109-601453854-1968072414-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\smaas\AppData\Local\GoToMeeting\19598\G2MOutlookAddin64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_7_38530.dll [2021-02-12] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_7_38530.dll [2021-02-12] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_7_38530.dll [2021-02-12] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_7_38530.dll [2021-02-12] (Acronis International GmbH -> )
ContextMenuHandlers1: [DATEV.DocumentOutputContainer] -> {33419188-8668-4DCC-8021-BA06F643CB33} => C:\Program Files (x86)\DATEV\PROGRAMM\B0001593/Datev.DocumentOutputContainer.ExplorerExtension.dll [] (DATEV eG 08 4 -> DATEV eG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_a9783cef5015881f\nvshext.dll [2022-11-04] (Nvidia Corporation -> NVIDIA Corporation)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\smaas\Desktop\Profil 1 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2009-02-27 16:38 - 2009-02-27 16:38 - 000139264 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-12-07 11:17 - 2018-12-07 11:17 - 000521216 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-11-14 13:28 - 2018-11-14 13:28 - 000180224 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BroSNMP.dll
2018-12-07 11:18 - 2018-12-07 11:18 - 000208896 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2018-12-07 11:18 - 2018-12-07 11:18 - 001720832 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2017-11-07 19:55 - 2017-11-07 19:55 - 000137728 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-08-18 11:23 - 2017-08-18 11:23 - 000087552 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-08-18 11:23 - 2017-08-18 11:23 - 017974784 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2017-11-07 20:04 - 2017-11-07 20:04 - 000095232 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcLGer.dll
2017-11-07 19:55 - 2017-11-07 19:55 - 000440832 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\Track.dll
2020-12-17 14:20 - 2018-05-02 16:25 - 000091648 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll
2020-12-17 14:20 - 2005-04-22 14:36 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll
2016-04-12 10:07 - 2016-04-12 10:07 - 000067584 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Brother\AppLogLib\BrBFLogI.dll
2019-06-20 00:20 - 2019-06-20 00:20 - 000382464 _____ (Crossmatch, Inc.) [Datei ist nicht signiert] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2019-06-20 00:20 - 2019-06-20 00:20 - 000338432 _____ (Crossmatch, Inc.) [Datei ist nicht signiert] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice2.dll
2019-06-20 00:19 - 2019-06-20 00:19 - 000456192 _____ (Crossmatch, Inc.) [Datei ist nicht signiert] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice5.dll
2021-01-30 12:45 - 2023-02-17 12:26 - 000203776 _____ (DATEV eG) [Datei ist nicht signiert] [Datei wird verwendet] C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\RZKOMM\DATEV.CC.BASECPP.DLL
2022-08-31 09:28 - 2022-08-31 09:28 - 000438784 _____ (DATEV eG) [Datei ist nicht signiert] [Datei wird verwendet] C:\WINDOWS\Microsoft.Net\assembly\GAC_32\Datev.Nuko.ManagedNukoBase\v4.0_5.4.0.0__cbc631f1c682336b\Datev.Nuko.ManagedNukoBase.dll
2020-11-13 10:48 - 2022-05-19 07:28 - 000926720 _____ (DATEV eG) [Datei ist nicht signiert] C:\PROGRAM FILES (X86)\DATEV\SYSTEM\DvNukoBase.dll
2020-11-12 22:27 - 2022-05-03 10:39 - 000283648 ____N (DATEV eG) [Datei ist nicht signiert] C:\Program Files (x86)\DATEV\SYSTEM\DVZediFile006.dll
2020-11-12 22:27 - 2022-04-19 08:22 - 000041472 ____N (DATEV eG) [Datei ist nicht signiert] C:\Program Files (x86)\DATEV\SYSTEM\DvZediTermSrvInfo005.dll
2020-11-13 10:48 - 2022-05-19 07:28 - 000541696 ____N (DATEV eG) [Datei ist nicht signiert] C:\PROGRAM FILES (X86)\DATEV\SYSTEM\NUKO\NKRESDEU.DLL
2023-08-31 02:32 - 2023-08-31 02:32 - 000022528 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Arbei660df01a#\dc29fdc81ca1d16896c2acd15e0850b0\Datev.Arbeitsplatz.LeistungenServer.ClientInterfaces.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 002573312 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.CC.Aldcfb4663#\5f1c0b9f3fa0d153b5edcff48851df04\Datev.CC.AllInterface.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 005392384 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.CC.AllPlugin\cd6fef1cb99c2330460a8d3cf592efb9\Datev.CC.AllPlugin.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000012800 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.CC.Check\8ba9981d7774071b1ccc79e1759071d0\Datev.CC.Check.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000013312 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.CC.Gu2b75cfaa#\29fcee68e66e54727c163919bbfbea8e\Datev.CC.GuiInterfaces.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000284160 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.CC.GuiPlugIn\e6ee04b5b6c88bbd663dc31cfefce47f\Datev.CC.GuiPlugIn.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000059392 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.CC.Interfaces\407ef9beb1aacd12c84cd267774fc382\Datev.CC.Interfaces.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000098304 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Confi7f21011d#\5c24f97e93bcb5a9924621ae29135aa5\Datev.ConfigDB.Interfaces.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000146432 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Confi8547abd3#\c70d2bc513340f42b4520081fdf39f1e\Datev.ConfigDB.StorageProvider.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000020992 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Confic5300622#\a526f97dc8c6f267393fceaa4d9eecff\Datev.ConfigDB.PlugIn.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 004003840 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.ConfigDB\70fd35688b6435117361e34d47a94884\Datev.ConfigDB.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000273408 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Datab270b2e75#\44d907a59c7ef4a6875528663ee3723c\Datev.Database.PublicInterfaces.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000495616 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Datab8b231e4f#\28d8311c61b8046a98070d2ec2e5e2e8\Datev.Database.Common.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000055808 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Databbf5f3d03#\f5284396b6018210f082e202093c2f57\Datev.Database.ConserveManager.PlugIn.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000212992 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Databe47a69d7#\a5c258b79dc3a1083aebaf5caaa4a904\Datev.Database.SqlAdminManager.PlugIn.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000232448 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame042da1b0#\f9526532a7aafd1d1cc7da95022103d9\Datev.Framework.Hosting.Interface.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000520192 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame08769d03#\bf6f8ada7908d303f08f08bf63ed615b\Datev.Framework.Messages.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000513536 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame10fc7270#\0e1cf91b1b8d242aa033826341398ae7\Datev.Framework.Validation.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000171520 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame14c1d090#\a31d1f4e054b45e2bec6497d1b17e5ef\Datev.Framework.AppLauncher.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 001027072 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame20b6c0cc#\c28883d9b364c207ce6277a212a01b23\Datev.Framework.Data.PlugIn.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 001201664 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame25674a8f#\898e93e54f77b05325284e490bb5158c\Datev.Framework.Windows.Forms.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000780800 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame2652d5d4#\89e8855eb8cd86d0df48bb7088228e69\Datev.Framework.Windows.Shell.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000097792 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame2bd203b7#\84417c2f12cf64c2c7a35187cab79dcb\Datev.Framework.TraceListeners.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000139264 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame2c9b6f5b#\346d81982ed3befa03ee93ba3919524c\Datev.Framework.Windows.Skinning.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 003253760 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame30195f3b#\a4a835bb0b9b10994ded671b69b13bab\Datev.Framework.Windows.Controls.ExtendedChart.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000279040 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame30ff9ad5#\5ed03feac5700401e57b39723d21d193\Datev.Framework.Windows.Controls.Interface.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 003372544 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame40ac8fe1#\185e4737e87204b1f6f3947b471e77c4\Datev.Framework.ResourceData.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000543744 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame44c3c082#\3c083d3f82622f5652523af5412052b6\Datev.Framework.ServiceBus.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 003594240 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame5644da5a#\a26c3cd3897b9894d6924147d86db43c\Datev.Framework.MicroKernel.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000305152 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame6258f43d#\950a03f2b2a262558ca255775fa3e822\Datev.Framework.Windows.Controls.Common.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000525824 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame65f3ecdb#\ae8f8e755986be17bc674e3c294a2f35\Datev.Framework.Windows.Help.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000470528 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame6609c2ed#\972a1bc6d4fb8f8a0511745321db58fa\Datev.Framework.Windows.ToolWindows.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000329728 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame6aef35fb#\0bc04012ae2eade745f8b99f4bfe40c7\Datev.Framework.Filter.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 002757120 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame6d91350d#\f25c63d6ca27ad5f7a5cca5d7db98abb\Datev.Framework.RemoteServiceModel.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000124416 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame70a042b5#\234021df292baf43bab4a20fb6cbb389\Datev.Framework.Compression.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000473088 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame83f4b6fc#\b6a61a95e29adfcde0fa1213c9835c14\Datev.Framework.Windows.StatusBars.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 004229120 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame87dbf564#\54a801bff095d7ddbe01352b173ca1d2\Datev.Framework.Windows.Controls.ComplexControls.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000043520 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame8c36d377#\735cc19613d4f4f30cdfce19ae33358b\Datev.Framework.UndoRedo.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000453120 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame96062c26#\7db6ae20d3e9269b6331a69329007d33\Datev.Framework.Dataelements.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000165376 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frame9ce31ae9#\bc6477312b78b73cc2482bb02af9fffe\Datev.Framework.Windows.SkinBuilder.ExtendedControls.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000315392 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framea03d02f4#\af209e26c8024177755165296d7b8625\Datev.Framework.Windows.ObjectExplorer.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000588800 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framea4c0d8a0#\1aa9668fc6f87f0c4942a540f2929606\Datev.Framework.Interop.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000032256 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framea6d7e453#\9a2ed003f14b0d9a0cc209490b57c237\Datev.Framework.Windows.Controls.UIAutomation.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 004392960 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framebba1300f#\152d4fde41ae418941f4464e9a50b673\Datev.Framework.Windows.Controls.ExtendedGrid.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 002566144 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framec54d5563#\2fd9e080343cd37d91347aa1e3d76a21\Datev.Framework.Windows.Controls.ExtendedControls.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000638976 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framed7b51ccf#\5945b9fa7a0feb86b2c6fe1d24ae80ed\Datev.Framework.Windows.CommandBars.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 003271680 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framed860c83e#\8e68700a55841c6f387a5d8403cf86d8\Datev.Framework.Interface.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 001213440 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framee6a039ca#\e7d6e9682d7d85a8039da0c5ee263178\Datev.Framework.Diagnostics.RealTimeTracing.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000038400 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framee718f93a#\389af8fd3ddcaf855683e0f7d4946f33\Datev.Framework.RemoteServiceModel.GenericServiceBase.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000422912 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Frameea139483#\568ecc45a78a808c4354dc3f0f196cea\Datev.Framework.Windows.SkinBuilder.CommonControls.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000070656 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framef9829f70#\93e30acd07960ee6406b7aea70c38061\Datev.Framework.Windows.AdditionalLocalization.ni.dll
2023-08-31 02:32 - 2023-08-31 02:32 - 000296448 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framefc38e8f6#\7e803eded5f3a5eac11f525be59b727f\Datev.Framework.Actions.ni.dll
2023-08-31 02:33 - 2023-08-31 02:33 - 000069120 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framefddc5b0e#\2cb9023178cc01023ec7ce5413a59af9\Datev.Framework.Environment.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000023552 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Netwod20dd46f#\5058df870e4e94abf759aa50129376d5\Datev.Network.Interfaces.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000020992 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Network.PlugIn\30d74b31c8434ddb1b397fd05e8e45a9\Datev.Network.PlugIn.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000281600 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Network\1532c4b8ed6620a536665625dc600960\Datev.Network.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000037888 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Sdd.C19028bda#\4c9cdf75b8ee43d7f261ce54e04bc6bc\Datev.Sdd.Connection.Interfaces.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000018432 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Sdd.C5ca90190#\d6dca9e309ce8be8b2b33f4f87f1b56a\Datev.Sdd.ContractPublisher.Interfaces.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000041984 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Sdd.D027404e5#\9d3510c710cd3070bdbe9e0636daae6c\Datev.Sdd.Data.ClientInterfaces.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000041472 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Sdd.D2b254cb5#\ab344650aa0ac07d2fe1bf5d9de36296\Datev.Sdd.Data.PlugInInterfaces.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000311296 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Sdd.Db41587e7#\c9eece6e0471ffe6d44964b07de7364f\Datev.Sdd.Data.TransferObjects.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000019968 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Sdd.S7e2169c7#\6add44cdde564a42067002533b0f34a0\Datev.Sdd.ServerEngine.Interfaces.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 002864640 _____ (DATEV eG) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Secura6b79bdb#\70816762995c121f3e7005507ae40f43\Datev.Security.Iam.Contracts.ni.dll
2023-08-31 02:35 - 2023-08-31 02:35 - 001487872 _____ (Infragistics Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Infragistic38f1df67#\321faf608b51cf37bde2d1602f486288\Infragistics.Win.UltraWinCalcManager.ni.dll
2023-08-31 02:35 - 2023-08-31 02:35 - 002102272 _____ (Infragistics Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Infragistic537132e3#\c8602dea4b1946862e848d449610ef25\Infragistics.Win.UltraWinExplorerBar.ni.dll
2023-08-31 02:35 - 2023-08-31 02:35 - 009388032 _____ (Infragistics Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Infragisticaa537683#\2e9fcf2c346325bb7045f64d9d22821a\Infragistics.Win.UltraWinToolbars.ni.dll
2023-08-31 02:35 - 2023-08-31 02:35 - 003678208 _____ (Infragistics Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Infragisticb2d350c3#\8d7bf39dc16a349b53c8c10ed693fb2f\Infragistics.Win.Misc.ni.dll
2023-08-31 02:35 - 2023-08-31 02:35 - 000322560 _____ (Infragistics Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Infragistice4fa07ea#\336364f54c782d00bf4c14915e9d6ee1\Infragistics.Win.UltraWinPrintPreviewDialog.ni.dll
2023-08-31 02:35 - 2023-08-31 02:35 - 000914432 _____ (Infragistics Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Infragisticf2db5d2d#\dc61d2e6fc2f764cd2492ef94e56c200\Infragistics.Win.UltraWinTabbedMdi.ni.dll
2023-08-31 02:35 - 2023-08-31 02:35 - 007778304 _____ (Infragistics Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Infragisticfafb7921#\5ee8def0875918309a73fc5f72dd4cca\Infragistics.Win.UltraWinGrid.ni.dll
2023-08-31 02:35 - 2023-08-31 02:35 - 002192896 _____ (Infragistics Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Infragisticfafd2c5a#\e839b98f6b3c892d184c510cc8d3bfeb\Infragistics.Win.UltraWinDock.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 000885760 _____ (Infragistics Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Infragistics.Shared\7d475a4d90d4f74cacbbff96e44614ab\Infragistics.Shared.ni.dll
2023-08-31 02:34 - 2023-08-31 02:34 - 017341440 _____ (Infragistics Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Infragistics.Win\8d74a1f9d4dcf6fb91d696206b32f75a\Infragistics.Win.ni.dll
2019-12-12 04:58 - 2019-12-12 04:58 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2019-12-12 04:58 - 2019-12-12 04:58 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2019-12-12 04:58 - 2019-12-12 04:58 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Client\C2R64.dll
2019-12-12 04:58 - 2019-12-12 04:58 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-08-23 11:46 - 2020-05-30 15:58 - 001280000 ____N (Robert Simpson, et al.) [Datei ist nicht signiert] C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\B0000861\x86\SQLite.Interop.dll
2022-01-20 23:39 - 2021-06-29 15:06 - 001431552 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\CONEXANT\Flow\x64\SQLite.Interop.dll
2020-03-31 14:49 - 2020-03-31 14:49 - 025338368 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2020-03-31 14:49 - 2020-03-31 14:49 - 002056704 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2020-03-31 14:49 - 2020-03-31 14:49 - 001425408 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\smaas\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\smaas\Downloads\servicerelease_mittelstand_1141.exe:BDU [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-80-2054237562-3159735960-3156364989-4048385539-2475628211\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-80-2989764441-1653506572-1536396221-1414198802-3743180884\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackerstbie.dll [2023-08-30] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security App\pmbxie.dll [2023-08-30] (Bitdefender SRL -> Bitdefender)
BHO: SCardBHOEvent Class -> {AF8CD625-E04A-4A8F-A90A-0C74846C2E30} -> C:\Program Files (x86)\DATEV\PROGRAMM\SiPaCompact\DVCCSAScardBHO64002.dll [2023-01-19] (DATEV eG 08 4 -> DATEV eG)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-07-25] (HP Inc. -> HP Inc.)
BHO-x32: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\antispam32\bdtrackerstbie.dll [2023-08-30] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security App\Antispam32\pmbxie.dll [2023-08-30] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SCardBHOEvent Class -> {AF8CD625-E04A-4A8F-A90A-0C74846C2E30} -> C:\Program Files (x86)\DATEV\PROGRAMM\SiPaCompact\DVCCSAScardBHO002.dll [2023-01-19] (DATEV eG 08 4 -> DATEV eG)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-07-25] (HP Inc. -> HP Inc.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security App\pmbxie.dll [2023-08-30] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security App\Antispam32\pmbxie.dll [2023-08-30] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\bstbk-vollmachtsdatenbank.de -> hxxp://bstbk-vollmachtsdatenbank.de
IE trusted site: HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\bstbk-vollmachtsdatenbank.de -> hxxps://bstbk-vollmachtsdatenbank.de
IE trusted site: HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\datev.de -> hxxp://download.datev.de
IE trusted site: HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\datev.de -> hxxps://download.datev.de
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2023-05-08 21:27 - 2023-06-26 20:54 - 000000003 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3236408109-601453854-1968072414-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\smaas\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_5174.jpg
HKU\S-1-5-80-2054237562-3159735960-3156364989-4048385539-2475628211\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-2989764441-1653506572-1536396221-1414198802-3743180884\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{388DF648-01B6-470D-9DDF-49FC3145E46B}] => (Allow) C:\Users\smaas\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0791843F-FABD-4F16-88B3-A26AB29CA32F}] => (Allow) C:\Users\smaas\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5637682B-BCE9-4970-91F8-1FC56C7F7B1E}] => (Allow) C:\Users\smaas\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BE33F92F-FF91-4C14-8B69-72C841BB7292}] => (Allow) C:\Program Files (x86)\DATEV\PROGRAMM\B0000391\Datev.Security.Dokumentenschutz.exe => Keine Datei
FirewallRules: [{2CB0180F-8416-43B4-88B9-DB9961246BEC}] => (Allow) LPort=54925
FirewallRules: [{95E65C15-BBE1-4D0E-8569-1098A8DB3238}] => (Allow) C:\Users\smaas\Downloads\Install\wlan_wiz\.\wlan_assistant\waw.exe => Keine Datei
FirewallRules: [{FEE33988-241A-4569-827F-D55A335CBECF}] => (Allow) C:\Users\smaas\Downloads\Install\wlan_wiz\.\wlan_assistant\waw.exe => Keine Datei
FirewallRules: [{9E84F03D-8E67-4B64-83D9-0170969EDBCC}] => (Allow) C:\Users\smaas\Downloads\Install\wlan_wiz\.\wlan_assistant\waw.exe => Keine Datei
FirewallRules: [{9B60D745-1D29-4DB0-897B-6C492BE739D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6294D24D-95A6-4BF6-8887-2F6548582303}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DD80FF9E-FDF3-4E50-80D9-39A532590E06}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6342266B-5DA1-477B-9F49-15DAB2C176D2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4CC69A60-5DDE-4947-8583-9DC036C4B659}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ACD49B13-E242-4355-B047-29A491E32DB8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A610F9C0-5D75-44FE-9494-713B882013AE}] => (Allow) C:\Program Files (x86)\DATEV\PROGRAMM\Sws\LimaService.exe (DATEV eG 08 4 -> DATEV eG)
FirewallRules: [{AFF0D68A-FDEB-4F88-98E6-F0F4E2DC1679}] => (Allow) C:\Program Files (x86)\DATEV\PROGRAMM\K0005000\Arbeitsplatz.exe (DATEV eG 08 4 -> DATEV eG)
FirewallRules: [{C1C06528-F51F-4485-9EF0-CAC75AA501AC}] => (Allow) C:\Program Files (x86)\DATEV\PROGRAMM\K0005000\Arbeitsplatz.exe (DATEV eG 08 4 -> DATEV eG)
FirewallRules: [TCP Query User{0BDFD7A6-151E-4678-AF81-BCD04B654D23}C:\users\smaas\downloads\anydesk.exe] => (Allow) C:\users\smaas\downloads\anydesk.exe => Keine Datei
FirewallRules: [UDP Query User{7ED56FCC-66EA-4BB0-A205-6143624D4065}C:\users\smaas\downloads\anydesk.exe] => (Allow) C:\users\smaas\downloads\anydesk.exe => Keine Datei
FirewallRules: [{8B85EEE9-04B2-4E14-B8DB-0C2660EECE12}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [Datei ist nicht signiert]
FirewallRules: [{68A4DB1E-EFF4-4B38-9DE2-9CDDE471C91F}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [Datei ist nicht signiert]
FirewallRules: [{B64C8371-B199-4548-9337-B4D7C56A26C1}] => (Allow) C:\Program Files (x86)\DATEV\PROGRAMM\DFUEISDN\SSLClt\sslclt.exe => Keine Datei
FirewallRules: [{EC856731-A512-46B8-982B-F6E82C9E082E}] => (Allow) C:\Program Files (x86)\DATEV\PROGRAMM\DFUEWS\MNTBNA\mntbna.exe => Keine Datei
FirewallRules: [{0C559257-21E6-499C-B713-B9FF6E4A5FAA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{1FB682B7-7121-4D35-9C4B-63F898493507}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{2248D150-BD34-45E7-A1C1-BEC154D2DC05}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{9D6DD477-A523-49D0-8097-DEF6B1BBB74E}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{95F386FB-AC86-446B-8675-34BE33DC9DED}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{A764719A-B5F5-495F-A478-5CEACE06241B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{6ECCED97-122E-49CF-B4E4-E592266963A4}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{BAE595D8-F3F4-40AE-A3EC-BBC3B6F5E593}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{49084241-8641-4251-BE70-3AEC33C5C113}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{8613EBEC-13D8-448C-8053-B0CA38939BAB}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{BFDDA0BD-54C5-455E-BC70-42CB49266A61}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{CC430E75-7A60-4682-84D8-1F96B54EB7E4}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{AEF2BA5F-06B2-4A6B-A9DA-281559A54538}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{731ECCF5-4D84-419A-9EB8-F366555960FC}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{2F449824-1790-44EA-B5C3-05D4CABDAF63}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{DEBEE2B7-365F-41BE-91A0-A6F60793BC21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E5C30F8A-E777-4E7B-B24D-B91CD7FED84B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{91712EE4-DF61-4B81-B598-4061EA0496C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B6A5F270-0A35-4BA6-AD52-3636BE4063D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C120DE1D-3F2D-485F-AC4A-7EA00B2BB506}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{03556B29-C0D0-40DC-903B-C467481BE6EC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7BAC5C95-92AF-482E-B61D-1258BCAD839C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4A06312B-54D4-4E0A-9A8D-73A8842801A7}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{45404AD3-1815-4673-9ECE-CB0CFEAAAF4D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{890AA04D-8225-4F61-A8CD-99143CEF4250}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{E3E9DFB1-FE82-4AC6-9E57-C9ADFF07B43A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Keine Datei
FirewallRules: [{73AB7697-14A1-464D-AA26-732C337116F0}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{CF9D97C3-DF21-4814-A72A-D31B582EB080}] => (Allow) C:\Program Files (x86)\DATEV\PROGRAMM\B0000376\ElevatedLocalWindowsIdentityProvider.exe (DATEV eG 08 4 -> DATEV eG)
FirewallRules: [{3F338B8C-0A34-4C83-BAC8-409206235221}] => (Allow) C:\Program Files (x86)\DATEV\PROGRAMM\B0000376\ElevatedLocalWindowsIdentityProvider.exe (DATEV eG 08 4 -> DATEV eG)
FirewallRules: [{0E17F836-B3F1-40EB-A7BF-EA8AC2BDF56B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{769B6ACB-EEDC-4074-8EA2-B4EDBFA6F148}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{6DD5A878-6EE1-4999-9C29-19899D18C3BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B9541D94-F3ED-402B-B4C6-51EC841D893E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2B509E05-EC67-4CDD-8753-829497C043D2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{47E87A07-CC91-40BC-9115-1D1799C12A94}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{876BA7FB-786E-49BB-8EA5-908F77EC8760}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{36F987B0-7FCC-43B5-AE65-8D1C3A2B610B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{3A1C8FB9-7AEF-4B6F-B439-B14D761475E4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BA63FAEC-3741-4D90-B7CF-8328CA65AD99}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4FEF962B-BB44-4176-B737-27772B6E1703}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0DF8F0E8-0C57-48DF-B484-3C0841C01C19}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FD345DF-BB4D-4933-B44F-D2A0CE58A3E5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E476C6F2-E999-421B-8187-A9944EE86838}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95099828-EDA5-4164-A795-AE6E84A7EA72}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D7D7ABCC-C3AA-4B77-83F4-CAD8812E450C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69D1C735-BEB4-423A-98AB-E4A035B747DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BFECF69C-42CA-41BE-86D3-49CAA58DFB20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E0537917-F2DF-4C2F-8DC4-0DB0DFF4DB9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AF729153-AA6C-46DB-9BF3-4BFA4F612D5B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{93209894-5B8A-4A91-BC82-BA41FD59CE84}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0AFE20FC-C4D5-4E8F-8481-F3267D12643C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CEFA2126-C44C-4282-9F3A-7E3B9499565D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D7CDF70C-A914-4583-A68E-2057FF144003}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{AA8AB2EB-3049-4440-9294-73829DD857AB}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{EADA4EEA-CF7E-4DDE-862E-C37A595D6E7C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{4EAAB7ED-291F-432A-9A6E-9F3784EE7FB6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{A0B510B9-38D6-4568-9652-6DF1FE147370}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D0A944A2-E35C-4BD0-BADD-7C476B1192B0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Wiederherstellungspunkte =========================
30-08-2023 15:45:55 Windows Modules Installer
30-08-2023 17:46:06 Windows Modules Installer
30-08-2023 17:48:01 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (09/06/2023 08:20:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SmartAudio3.exe, Version: 4.0.141.0, Zeitstempel: 0x6126382b
Name des fehlerhaften Moduls: SmartAudio3.ni.exe, Version: 4.0.141.0, Zeitstempel: 0x6126382b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000092f06
ID des fehlerhaften Prozesses: 0x6c3c
Startzeit der fehlerhaften Anwendung: 0x01d9e08a3aea2959
Pfad der fehlerhaften Anwendung: C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SmartAudio3\13a54e20e282b374d16acc3af6ce716f\SmartAudio3.ni.exe
Berichtskennung: 30bb9a86-46e6-4d45-b02d-b0982c346445
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/06/2023 08:20:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: SmartAudio3.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
bei SmartAudio3.EntryPoint.Main(System.String[])
Error: (09/06/2023 08:18:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SmartAudio3.exe, Version: 4.0.141.0, Zeitstempel: 0x6126382b
Name des fehlerhaften Moduls: SmartAudio3.ni.exe, Version: 4.0.141.0, Zeitstempel: 0x6126382b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000092f06
ID des fehlerhaften Prozesses: 0x60d4
Startzeit der fehlerhaften Anwendung: 0x01d9e08a053fd2cd
Pfad der fehlerhaften Anwendung: C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SmartAudio3\13a54e20e282b374d16acc3af6ce716f\SmartAudio3.ni.exe
Berichtskennung: 2c9b2caa-2f87-4df8-97dc-10411d5a1acf
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/06/2023 08:18:58 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: SmartAudio3.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
bei SmartAudio3.EntryPoint.Main(System.String[])
Error: (09/06/2023 08:17:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SmartAudio3.exe, Version: 4.0.141.0, Zeitstempel: 0x6126382b
Name des fehlerhaften Moduls: SmartAudio3.ni.exe, Version: 4.0.141.0, Zeitstempel: 0x6126382b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000092f06
ID des fehlerhaften Prozesses: 0x311c
Startzeit der fehlerhaften Anwendung: 0x01d9e089cf93fd74
Pfad der fehlerhaften Anwendung: C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SmartAudio3\13a54e20e282b374d16acc3af6ce716f\SmartAudio3.ni.exe
Berichtskennung: 9471726b-94a7-432b-9106-abbafd6b3d33
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/06/2023 08:17:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: SmartAudio3.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
bei SmartAudio3.EntryPoint.Main(System.String[])
Error: (09/06/2023 08:15:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SmartAudio3.exe, Version: 4.0.141.0, Zeitstempel: 0x6126382b
Name des fehlerhaften Moduls: SmartAudio3.ni.exe, Version: 4.0.141.0, Zeitstempel: 0x6126382b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000092f06
ID des fehlerhaften Prozesses: 0x60ec
Startzeit der fehlerhaften Anwendung: 0x01d9e08999e93e6e
Pfad der fehlerhaften Anwendung: C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SmartAudio3\13a54e20e282b374d16acc3af6ce716f\SmartAudio3.ni.exe
Berichtskennung: 1f2b6188-4ca2-4443-9c36-774da6e5e170
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/06/2023 08:15:58 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: SmartAudio3.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
bei SmartAudio3.EntryPoint.Main(System.String[])
Systemfehler:
=============
Error: (09/05/2023 05:48:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DATEV DMS OCR Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/05/2023 05:48:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde mit folgendem Fehler beendet:
%%2147770990
Error: (09/05/2023 05:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0H6HISI)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/02/2023 04:10:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AcronisActiveProtectionService erreicht.
Error: (08/31/2023 01:18:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DATEV DMS OCR Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/31/2023 01:18:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde mit folgendem Fehler beendet:
%%2147770990
Error: (08/31/2023 01:17:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0H6HISI)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/31/2023 01:17:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0H6HISI)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===============
Date: 2023-09-05 17:51:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender\Bitdefender Security\bdamsi\266757318933620506\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2023-09-05 17:50:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender\Bitdefender Security\bdamsi\266757318933620506\antimalware_provider64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: HP Q85 Ver. 01.24.00 03/29/2023
Hauptplatine: HP 837F
Prozessor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 16275.21 MB
Verfügbarer physikalischer RAM: 7745.69 MB
Summe virtueller Speicher: 18707.21 MB
Verfügbarer virtueller Speicher: 8088.27 MB
==================== Laufwerke ================================
Drive c: (Windows ) (Fixed) (Total:237.35 GB) (Free:96.48 GB) (Model: KBG30ZMV256G KIOXIA) (Protected) NTFS
Drive d: (DATADRIVE1) (Fixed) (Total:931.39 GB) (Free:740.53 GB) (Model: TOSHIBA MQ04ABF100) (Protected) NTFS
\\?\Volume{0aff68b3-0e69-4bc5-9357-21fd24fc22ce}\ () (Fixed) (Total:0.85 GB) (Free:0.12 GB) NTFS
\\?\Volume{d5e64737-2a20-4b3b-af52-92a2a8f2d5cf}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BDB59C5E)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: EEEC9B2B)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
|
06.09.2023, 20:48
| #9 |
| | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet Und die Log vom Bitdefender: Code:
ATTFilter <?xml version="1.0" encoding="utf-8"?>
<ScanSession creator="" name="Vollständiger System-Scan" installPath="C:\Program Files\Bitdefender\Bitdefender Security\" creationDate="Dienstag, 5. September 2023 00:03:09" originalPath="C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\system\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1693855885_1_01_2.xml" >
<ScanSettings
statisticsRefreshInterval="1000"
scanSpeed="1.000000"
lowPriority="1"
enableExclusions="1"
scanAdware="1"
scanSpyware="1"
scanApplications="1"
scanDialers="1"
scanKeyloggers="1"
scanFiles="1"
scanAllFiles="1"
scanProgramsOnly="0"
useCustomPrograms="0"
customPrograms=""
scanUserDefined="0"
scanPacked="1"
scanArchives="1"
useSmartScan="1"
scanEmails="1"
scanRootkits="0"
scanAllRootkits="1"
scanBoot="1"
scanMemory="1"
scanRegistry="1"
quickScan="1"
scanCookies="1"
scanUefi="1"
shutdownAfter="0"
passwordPrompt="0"
onlyAllowedActions="1"
deepArchiveScan="1"
maxArchiveLevel="15"
maxArchiveSize="0"
infectedAction1="3"
infectedAction2="7"
suspectAction1="7"
suspectAction2="1"
rootkitAction="3"
userDefinedExtensions=""
scanPua="1"
computeSha256Hash="0"
computeMd5Hash="0"
disableIndexer="1"
enableCertReport="0"
scanCloudFiles="0"
paranoidAction="1"
>
<Paranoid>
</Paranoid>
<ScanPaths>
<path>C:\</path>
<path>D:\</path>
</ScanPaths>
<ExcludedPaths>
</ExcludedPaths>
<ExcludedCertificateHashes>
</ExcludedCertificateHashes>
<ExcludedFileHash>
</ExcludedFileHash>
<ExcludedExtensions>
</ExcludedExtensions>
<ExcludedCmdlineParams>
</ExcludedCmdlineParams>
<ExcludedThreatNames>
</ExcludedThreatNames>
</ScanSettings>
<EngineSummary
totalSignatures="13581917"
enginesVersion="11.0.1.21"
/>
<ScanSummary
scannedArchives="19904"
scannedPacked="100474"
startTime="1693855885"
duration="9103469"
userDefinedExtensions="">
<TypeSummary type="1"
scanned="30"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="4"
scanned="0"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="0"
scanned="3562402"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="5"
scanned="0"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="2"
scanned="7797"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="3"
scanned="9554"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="6"
scanned="413"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="7"
scanned="20340"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
</ScanSummary>
<ScanDetails>
<UnresolvedDetails>
</UnresolvedDetails>
<ResolvedDetails>
</ResolvedDetails>
<IgnoredDetails>
</IgnoredDetails>
<NotScannedDetails
skipped="62588"
ioerrors="4"
archiveBombs="0"
passwordProtected="284"
>
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.8377.cab=>APO=>83770708=>83770708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b6.cab=>APO=>83b60708=>83b60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d6.cab=>APO=>83d60708=>83d60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8377.cab=>APO=>83770708=>83770708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.836e.cab=>APO=>836e0708=>836e0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.iSST.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.cab=>APO=>823c0708=>823c0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8414.cab=>APO=>84140708=>84140708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b3.cab=>APO=>83b30708=>83b30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.84d8.cab=>APO=>84d80708=>84d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.846f.cab=>APO=>846f0708=>846f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.84d8.cab=>APO=>84d80708=>84d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.cab=>APO=>823c0708=>823c0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.83b3.cab=>APO=>83b30708=>83b30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842a.cab=>APO=>842a0708=>842a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.8470.cab=>APO=>84700708=>84700708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.8377.cab=>APO=>83770708=>83770708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.844a.cab=>APO=>844a0708=>844a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.837b.cab=>APO=>837b0708=>837b0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.83b7.cab=>APO=>83b70708=>83b70708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d4.cab=>APO=>83d40708=>83d40708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.83ff.cab=>APO=>83ff0708=>83ff0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.844a.cab=>APO=>844a0708=>844a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.8438.cab=>APO=>84380708=>84380708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.837d.cab=>APO=>837d0708=>837d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842d.cab=>APO=>842d0708=>842d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d3.cab=>APO=>83d30708=>83d30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8418.cab=>APO=>84180708=>84180708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.842d.cab=>APO=>842d0708=>842d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.83d3.cab=>APO=>83d30708=>83d30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.837f.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.842a.cab=>APO=>842a0708=>842a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.8427.cab=>APO=>84270708=>84270708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842a.cab=>APO=>842a0708=>842a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.842d.cab=>APO=>842d0708=>842d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.8418.cab=>APO=>84180708=>84180708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.83d3.cab=>APO=>83d30708=>83d30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d8.cab=>APO=>83d80708=>83d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.837f.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.8414.cab=>APO=>84140708=>84140708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8427.cab=>APO=>84270708=>84270708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.836e.cab=>APO=>836e0708=>836e0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b3.cab=>APO=>83b30708=>83b30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837d.cab=>APO=>837d0708=>837d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.8401.cab=>APO=>84010708=>84010708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.83d4.cab=>APO=>83d40708=>83d40708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b3.cab=>APO=>83b30708=>83b30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.83b6.cab=>APO=>83b60708=>83b60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.83d8.cab=>APO=>83d80708=>83d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.83db.cab=>APO=>83db0709=>83db0709.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.84d8.cab=>APO=>84d80708=>84d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.83d6.cab=>APO=>83d60708=>83d60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.83b6.cab=>APO=>83b60708=>83b60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.836e.cab=>APO=>836e0708=>836e0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b6.cab=>APO=>83b60708=>83b60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.83d4.cab=>APO=>83d40708=>83d40708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.83d8.cab=>APO=>83d80708=>83d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.83b7.cab=>APO=>83b70708=>83b70708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.83d4.cab=>APO=>83d40708=>83d40708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.83b3.cab=>APO=>83b30708=>83b30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842d.cab=>APO=>842d0708=>842d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d3.cab=>APO=>83d30708=>83d30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.83d6.cab=>APO=>83d60708=>83d60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d6.cab=>APO=>83d60708=>83d60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.837d.cab=>APO=>837d0708=>837d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d4.cab=>APO=>83d40708=>83d40708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.837b.cab=>APO=>837b0708=>837b0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83db.cab=>APO=>83db0709=>83db0709.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.83d8.cab=>APO=>83d80708=>83d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.cab=>APO=>823c0708=>823c0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.83db.cab=>APO=>83db0709=>83db0709.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.83ff.cab=>APO=>83ff0708=>83ff0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.8401.cab=>APO=>84010708=>84010708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.8414.cab=>APO=>84140708=>84140708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.8418.cab=>APO=>84180708=>84180708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.8427.cab=>APO=>84270708=>84270708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.842a.cab=>APO=>842a0708=>842a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d4.cab=>APO=>83d40708=>83d40708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.8438.cab=>APO=>84380708=>84380708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.844a.cab=>APO=>844a0708=>844a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.846f.cab=>APO=>846f0708=>846f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.8470.cab=>APO=>84700708=>84700708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83db.cab=>APO=>83db0709=>83db0709.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.84d8.cab=>APO=>84d80708=>84d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.cab=>APO=>823c0708=>823c0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset.cab=>SFPreset=>SFP=>SFP.iSST.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\SoundResearch\APO\837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d8.cab=>APO=>83d80708=>83d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files\Conexant\Install\Audio\SFPreset\SFP\SFP.836e.cab=>APO=>836e0708=>836e0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="\\?\Volume{d5e64737-2a20-4b3b-af52-92a2a8f2d5cf}\EFI\Microsoft\Boot\BCD" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
<Item type="0" objectType="0" path="\\?\Volume{d5e64737-2a20-4b3b-af52-92a2a8f2d5cf}\EFI\Microsoft\Boot\BCD.LOG" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8401.cab=>APO=>84010708=>84010708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.836e.cab=>APO=>836e0708=>836e0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8377.cab=>APO=>83770708=>83770708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837b.cab=>APO=>837b0708=>837b0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837f.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b6.cab=>APO=>83b60708=>83b60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8418.cab=>APO=>84180708=>84180708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b7.cab=>APO=>83b70708=>83b70708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842d.cab=>APO=>842d0708=>842d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d3.cab=>APO=>83d30708=>83d30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d6.cab=>APO=>83d60708=>83d60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d8.cab=>APO=>83d80708=>83d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83db.cab=>APO=>83db0709=>83db0709.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837f.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83ff.cab=>APO=>83ff0708=>83ff0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8401.cab=>APO=>84010708=>84010708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8414.cab=>APO=>84140708=>84140708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8418.cab=>APO=>84180708=>84180708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.cab=>APO=>823c0708=>823c0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842a.cab=>APO=>842a0708=>842a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8438.cab=>APO=>84380708=>84380708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83db.cab=>APO=>83db0709=>83db0709.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.844a.cab=>APO=>844a0708=>844a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.846f.cab=>APO=>846f0708=>846f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837b.cab=>APO=>837b0708=>837b0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8470.cab=>APO=>84700708=>84700708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8377.cab=>APO=>83770708=>83770708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.84d8.cab=>APO=>84d80708=>84d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.cab=>APO=>823c0708=>823c0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem95.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.iSST.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.836e.cab=>APO=>836e0708=>836e0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.836e.cab=>APO=>836e0708=>836e0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8377.cab=>APO=>83770708=>83770708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837b.cab=>APO=>837b0708=>837b0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8470.cab=>APO=>84700708=>84700708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837d.cab=>APO=>837d0708=>837d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.844a.cab=>APO=>844a0708=>844a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837f.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b6.cab=>APO=>83b60708=>83b60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8414.cab=>APO=>84140708=>84140708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b7.cab=>APO=>83b70708=>83b70708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842d.cab=>APO=>842d0708=>842d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d3.cab=>APO=>83d30708=>83d30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d4.cab=>APO=>83d40708=>83d40708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d6.cab=>APO=>83d60708=>83d60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d8.cab=>APO=>83d80708=>83d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837b.cab=>APO=>837b0708=>837b0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83ff.cab=>APO=>83ff0708=>83ff0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8401.cab=>APO=>84010708=>84010708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.844a.cab=>APO=>844a0708=>844a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.84d8.cab=>APO=>84d80708=>84d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8414.cab=>APO=>84140708=>84140708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8427.cab=>APO=>84270708=>84270708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842a.cab=>APO=>842a0708=>842a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8438.cab=>APO=>84380708=>84380708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.iSST.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.844a.cab=>APO=>844a0708=>844a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.846f.cab=>APO=>846f0708=>846f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8470.cab=>APO=>84700708=>84700708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.84d8.cab=>APO=>84d80708=>84d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem187.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.iSST.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837d.cab=>APO=>837d0708=>837d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.836e.cab=>APO=>836e0708=>836e0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8377.cab=>APO=>83770708=>83770708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837d.cab=>APO=>837d0708=>837d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.846f.cab=>APO=>846f0708=>846f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837f.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b3.cab=>APO=>83b30708=>83b30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.837d.cab=>APO=>837d0708=>837d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b6.cab=>APO=>83b60708=>83b60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b6.cab=>APO=>83b60708=>83b60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b7.cab=>APO=>83b70708=>83b70708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842d.cab=>APO=>842d0708=>842d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d3.cab=>APO=>83d30708=>83d30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842d.cab=>APO=>842d0708=>842d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d3.cab=>APO=>83d30708=>83d30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d4.cab=>APO=>83d40708=>83d40708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d6.cab=>APO=>83d60708=>83d60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83db.cab=>APO=>83db0709=>83db0709.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83ff.cab=>APO=>83ff0708=>83ff0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8427.cab=>APO=>84270708=>84270708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8418.cab=>APO=>84180708=>84180708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8427.cab=>APO=>84270708=>84270708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842a.cab=>APO=>842a0708=>842a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8438.cab=>APO=>84380708=>84380708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.844a.cab=>APO=>844a0708=>844a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.846f.cab=>APO=>846f0708=>846f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8470.cab=>APO=>84700708=>84700708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837f.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.84d8.cab=>APO=>84d80708=>84d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem180.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.iSST.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837b.cab=>APO=>837b0708=>837b0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b3.cab=>APO=>83b30708=>83b30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b7.cab=>APO=>83b70708=>83b70708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d4.cab=>APO=>83d40708=>83d40708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.846f.cab=>APO=>846f0708=>846f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d6.cab=>APO=>83d60708=>83d60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d8.cab=>APO=>83d80708=>83d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83db.cab=>APO=>83db0709=>83db0709.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83ff.cab=>APO=>83ff0708=>83ff0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8401.cab=>APO=>84010708=>84010708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8414.cab=>APO=>84140708=>84140708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8418.cab=>APO=>84180708=>84180708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842a.cab=>APO=>842a0708=>842a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b6.cab=>APO=>83b60708=>83b60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8438.cab=>APO=>84380708=>84380708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.844a.cab=>APO=>844a0708=>844a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.cab=>APO=>823c0708=>823c0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem153.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.iSST.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.84d8.cab=>APO=>84d80708=>84d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837d.cab=>APO=>837d0708=>837d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b7.cab=>APO=>83b70708=>83b70708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d4.cab=>APO=>83d40708=>83d40708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d6.cab=>APO=>83d60708=>83d60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d8.cab=>APO=>83d80708=>83d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83db.cab=>APO=>83db0709=>83db0709.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83ff.cab=>APO=>83ff0708=>83ff0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8401.cab=>APO=>84010708=>84010708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8427.cab=>APO=>84270708=>84270708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8438.cab=>APO=>84380708=>84380708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.846f.cab=>APO=>846f0708=>846f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8418.cab=>APO=>84180708=>84180708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8470.cab=>APO=>84700708=>84700708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.cab=>APO=>823c0708=>823c0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem146.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.iSST.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.836e.cab=>APO=>836e0708=>836e0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8377.cab=>APO=>83770708=>83770708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837b.cab=>APO=>837b0708=>837b0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837d.cab=>APO=>837d0708=>837d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837f.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.837b.cab=>APO=>837b0708=>837b0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b3.cab=>APO=>83b30708=>83b30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.837f.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8414.cab=>APO=>84140708=>84140708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b7.cab=>APO=>83b70708=>83b70708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837b.cab=>APO=>837b0708=>837b0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83ff.cab=>APO=>83ff0708=>83ff0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8401.cab=>APO=>84010708=>84010708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8414.cab=>APO=>84140708=>84140708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8418.cab=>APO=>84180708=>84180708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8427.cab=>APO=>84270708=>84270708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842a.cab=>APO=>842a0708=>842a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8438.cab=>APO=>84380708=>84380708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.844a.cab=>APO=>844a0708=>844a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.846f.cab=>APO=>846f0708=>846f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8470.cab=>APO=>84700708=>84700708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.84d8.cab=>APO=>84d80708=>84d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.cab=>APO=>823c0708=>823c0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem129.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.iSST.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.836e.cab=>APO=>836e0708=>836e0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8377.cab=>APO=>83770708=>83770708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837d.cab=>APO=>837d0708=>837d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.837f.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.83ff.cab=>APO=>83ff0708=>83ff0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b3.cab=>APO=>83b30708=>83b30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83b7.cab=>APO=>83b70708=>83b70708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.842d.cab=>APO=>842d0708=>842d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d3.cab=>APO=>83d30708=>83d30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83d8.cab=>APO=>83d80708=>83d80708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.83ff.cab=>APO=>83ff0708=>83ff0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8401.cab=>APO=>84010708=>84010708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8427.cab=>APO=>84270708=>84270708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8438.cab=>APO=>84380708=>84380708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.846f.cab=>APO=>846f0708=>846f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.8470.cab=>APO=>84700708=>84700708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\UCI\Rollback\oem122.inf\SFPreset.cab=>SFPreset=>SFP=>SFP.iSST.cab=>APO=>837f0708=>837f0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.8377.cab=>APO=>83770708=>83770708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.83b3.cab=>APO=>83b30708=>83b30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.83b6.cab=>APO=>83b60708=>83b60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.83b7.cab=>APO=>83b70708=>83b70708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.842d.cab=>APO=>842d0708=>842d0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.83d3.cab=>APO=>83d30708=>83d30708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.83d6.cab=>APO=>83d60708=>83d60708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.83db.cab=>APO=>83db0709=>83db0709.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.8401.cab=>APO=>84010708=>84010708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.8414.cab=>APO=>84140708=>84140708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.8418.cab=>APO=>84180708=>84180708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.8427.cab=>APO=>84270708=>84270708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.842a.cab=>APO=>842a0708=>842a0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.8438.cab=>APO=>84380708=>84380708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.8470.cab=>APO=>84700708=>84700708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Windows\System32\DriverStore\FileRepository\cisstrt.inf_amd64_6cbf697292377f48\SFPreset.cab=>SFPreset=>SFP=>SFP.cab=>APO=>823c0708=>823c0708.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
[From: CHECK24 Kfz-Versicherung]=>Beratungsprotokoll_1473-7037-0250-81.pdf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
</NotScannedDetails>
</ScanDetails>
</ScanSession>
|
|
07.09.2023, 11:32
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.09.2023, 20:25
| #11 |
| | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet Der AdwCleaner hat keine PUP oder Adware gefunden: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-07-2023
# Duration: 00:00:02
# OS: Windows 10 (Build 19045.3324)
# Cleaned: 18
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPNotifications Folder C:\Program Files (x86)\HP\HP NOTIFICATIONS
Deleted Preinstalled.HPNotifications Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPNotifications
Deleted Preinstalled.HPNotifications Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|HPNotifications
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\smaas\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Needs Reboot Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
*************************
AdwCleaner[S00].txt - [3550 octets] - [07/09/2023 21:14:56]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
|
|
07.09.2023, 21:06
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet Aber viel vorinstallierter Schrott. adwCleaner wiederholen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.09.2023, 07:42
| #13 |
| | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet Die nächste AdwCleaner-Log: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-08-2023
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.3324)
# Cleaned: 2
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Needs Reboot Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
*************************
AdwCleaner[S00].txt - [3550 octets] - [07/09/2023 21:14:56]
AdwCleaner[C00].txt - [4164 octets] - [07/09/2023 21:17:57]
AdwCleaner[S01].txt - [1709 octets] - [08/09/2023 08:35:18]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
|
|
08.09.2023, 11:56
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet Und nun neue FRST-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.09.2023, 12:58
| #15 |
| | Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet Hier die neuen FRST-Logs: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
durchgeführt von smaas (Administrator) auf DESKTOP-0H6HISI (HP HP ProBook 470 G5) (08-09-2023 13:27:01)
Gestartet von C:\Users\smaas\Desktop\FRST64.exe
Geladene Profile: smaas & MSSQLFDLauncher$DATEV_DBENGINE & MSSQL$DATEV_DBENGINE
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.259\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <2>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\fdhost.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\Conexant\Flow\Flow.exe
(DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\RZKOMM\Datev.CC.CommunicationScheduler.Launcher.exe
(DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\SiPaCompact\SiPaHost.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_570a7fccc53e137a\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_570a7fccc53e137a\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\BridgeCommunication.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(explorer.exe ->) (DATEV eG 08 3 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\B0000522\LogFilter.exe
(explorer.exe ->) (DATEV eG 08 3 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\R0131247\DataBaseBackup.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Conexant Systems LLC.) [Datei ist nicht signiert] C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\B0001442\PSNTServ.exe
(services.exe ->) (DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\SiPaCompact\SiPaHostService.exe
(services.exe ->) (DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe <7>
(services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_570a7fccc53e137a\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_2a3519c52621d0fe\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_2a3519c52621d0fe\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvbl.inf_amd64_a9783cef5015881f\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Conexant Systems LLC -> Conexant) C:\Windows\System32\MicTray64.exe
(svchost.exe ->) (DATEV eG 08 4 -> DATEV eG) C:\Program Files (x86)\DATEV\PROGRAMM\Install\Datev.Installation.Deployment.Notifier.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\smaas\AppData\Local\Microsoft\OneDrive\23.174.0820.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynaMonApp.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-04-08] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2021-02-12] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1061912 2023-08-30] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BdagentApp] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1061912 2023-08-30] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5092056 2021-02-12] (Acronis International GmbH -> )
HKLM-x32\...\Run: [DVCServ] => C:\Program Files (x86)\DATEV\PROGRAMM\SipaCompact\SiPaHost.exe [1255880 2023-01-19] (DATEV eG 08 4 -> DATEV eG)
HKLM-x32\...\Run: [SwmHintergrunddienst] => C:\Program Files (x86)\DATEV\PROGRAMM\SWS\SwmHintergrundDienst.exe [5386696 2023-01-10] (DATEV eG 08 4 -> DATEV eG)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-12-07] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Datev.CC.ControllerUserMode] => "C:\Program Files (x86)\DATEV\PROGRAMM\RZKOMM\Datev.CC.Processes.Cmd.exe" StartRdtControllerUserMode -retry true (Keine Datei)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\Run: [MicrosoftEdgeAutoLaunch_791E7B7535ADD96E71CD4B90BD0A54B8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3236408109-601453854-1968072414-1001\...\MountPoints2: {f663c88e-9323-11ed-8dbf-0cdd24e485df} - "E:\LaunchU3.exe" -a
HKLM\...\Windows x64\Print Processors\Canon MX920 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBL.DLL [30208 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX920 series: C:\WINDOWS\SYSTEM32\CNCALBL.DLL [303104 2012-09-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX920 series: C:\WINDOWS\SYSTEM32\CNMLMBL.DLL [390656 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\SkyPDF_ProPort: C:\WINDOWS\SYSTEM32\skypdfmonpro.dll [29416 2021-09-03] (SKYCOM CORPORATION -> SKYCOM Co.,Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\116.0.5845.180\Installer\chrmstp.exe [2023-09-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{161F2DD3-BD91-4163-9E75-9957F595E485}] -> C:\WINDOWS\SYSTEM32\DvInesCredentialProviderX64.Dll [2022-07-07] (DATEV eG 08 4 -> DATEV eG)
HKLM\Software\...\Authentication\Credential Providers: [{2BF59B80-2BCF-4CD1-83F7-06FECD227D00}] -> C:\WINDOWS\System32\DVCCSAVdstCredentialProvider64.dll [2023-01-19] (DATEV eG -> DATEV eG)
HKLM\Software\...\Authentication\Credential Providers: [{2BF59B80-2BCF-4CD1-83F7-06FECD227D01}] -> C:\WINDOWS\System32\DVCCSAVdstReaderSelectionProvider64.dll [2023-01-19] (DATEV eG -> DATEV eG)
HKLM\Software\...\Authentication\Credential Provider Filters: [{2BF59B80-2BCF-4CD1-83F7-06FECD227D00}] -> C:\WINDOWS\System32\DVCCSAVdstCredentialProvider64.dll [2023-01-19] (DATEV eG -> DATEV eG)
HKLM\Software\...\Authentication\Credential Provider Filters: [{2BF59B80-2BCF-4CD1-83F7-06FECD227D01}] -> C:\WINDOWS\System32\DVCCSAVdstReaderSelectionProvider64.dll [2023-01-19] (DATEV eG -> DATEV eG)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-11-16]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Basisschnittstelle Office Initialisierung.lnk [2023-06-20]
ShortcutTarget: Basisschnittstelle Office Initialisierung.lnk -> C:\Program Files (x86)\DATEV\PROGRAMM\BSOFFICE\service\OfficeDiag.exe (DATEV eG 08 4 -> DATEV eG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CleanupPrintJobs.lnk [2023-01-13]
ShortcutTarget: CleanupPrintJobs.lnk -> C:\Program Files (x86)\DATEV\PROGRAMM\B0001401\CleanupPrintJobs.exe (DATEV eG 08 4 -> DATEV eG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Konfigurations- und Produktinformationen an DATEV eG senden.lnk [2022-12-12]
ShortcutTarget: Konfigurations- und Produktinformationen an DATEV eG senden.lnk -> C:\Program Files (x86)\DATEV\PROGRAMM\B0000522\Logfilter.exe (DATEV eG 08 3 -> DATEV eG)
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {8B3537C6-9802-4AFC-BC10-3DC07E3DFE5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {68F0E477-3B29-4581-8323-9CD95B17ADE2} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.259\WatchDog.exe [937000 2023-07-27] (Bitdefender SRL -> Bitdefender)
Task: {1BBD9ECE-FE12-43B8-9680-C978081A4BCA} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe (Keine Datei)
Task: {79CBD9D0-079E-4508-913E-4AF4B8A93731} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {BE6F1407-A651-4147-A774-67D7B0667387} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "93185c1c-0d65-4742-a7c8-40f3a572fb2f" --version "6.15.10623" --silent
Task: {9CAD246B-8376-4C87-9B87-36F409C86183} - System32\Tasks\CCleanerSkipUAC - smaas => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D1B78500-C8D2-46DD-A2E7-15AF88820AEF} - System32\Tasks\DATEV eG\DATEV Deployment-Executer => C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\INSTALL\Datev.Installation.Deployment.Executer.exe [25032 2022-07-07] (DATEV eG 08 4 -> DATEV eG)
Task: {98802CB2-892D-4498-91A9-570D7CF6F0B9} - System32\Tasks\DATEV eG\DATEV Deployment-Notifier => C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\INSTALL\Datev.Installation.Deployment.Notifier.exe [139720 2022-07-07] (DATEV eG 08 4 -> DATEV eG)
Task: {1A0BABCC-5B05-49F7-9356-5DD059FD9AD2} - System32\Tasks\DATEV eG\DATEV Installation-Logfile-Delete => C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\INSTALL\Datev.Installation.Utility.LogFile.exe [146888 2022-07-07] (DATEV eG 08 4 -> DATEV eG) -> "@C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\INSTALL\Datev.Installation.Utility.LogFile.Delete.Workstation.Daily.dat"
Task: {5CD4977F-EE7C-486F-885D-55012A7FF9D8} - System32\Tasks\DATEV eG\DATEV_SPTool => C:\Program Files (x86)\DATEV\PROGRAMM\B0000585\DATEV_SPTool_SID.exe [113608 2022-03-10] (DATEV eG 08 4 -> DATEV eG)
Task: {53B8F356-7384-4060-A811-681924DB42D0} - System32\Tasks\DATEV eG\DATEV_SPTool_System => C:\Program Files (x86)\DATEV\PROGRAMM\B0000585\DATEV_SPTool_SID.exe [113608 2022-03-10] (DATEV eG 08 4 -> DATEV eG)
Task: {B3F70B3D-EB04-4A83-B295-4B87369BD093} - System32\Tasks\DATEV eG\DV_LogClean => C:\Program Files (x86)\DATEV\PROGRAMM\B0000585\LogDelete.exe [18376 2022-03-10] (DATEV eG 08 4 -> DATEV eG)
Task: {E01E6199-A984-43B6-A45B-B682D84839CE} - System32\Tasks\DATEV eG\DV_LogClean_All => C:\Program Files (x86)\DATEV\PROGRAMM\B0000585\LogDelete.exe [18376 2022-03-10] (DATEV eG 08 4 -> DATEV eG)
Task: {FD852E11-17AC-43AE-92CD-C25F52E495E9} - System32\Tasks\DmsStatisticDataSender => C:\Program Files (x86)\DATEV\PROGRAMM\K0005100\Datev.Dms.DmsStatistic.DataSender.exe [9744 2023-06-07] (DATEV eG 08 3 -> DATEV eG)
Task: {3588DF63-0B39-4807-9F6A-1D6F15B83D4B} - System32\Tasks\DV_Clean => C:\Program Files (x86)\DATEV\PROGRAMM\B0001502\CdbConsoleProAsUser.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
Task: {443BA603-DF33-49AD-83C4-91808A5FFAC3} - System32\Tasks\DV_LimaProST_session0 => C:\Program Files (x86)\DATEV\PROGRAMM\SWS\LimaProST.exe [5325256 2023-01-10] (DATEV eG 08 4 -> )
Task: {4505F1D2-305D-47B1-B2F7-B05CB5BAFF79} - System32\Tasks\DV_mon => C:\Program Files (x86)\DATEV\PROGRAMM\B0000522\LogReporter.exe [116240 2022-11-07] (DATEV eG 08 3 -> DATEV eG)
Task: {CA61974A-85C1-4131-ADF0-92685A168B5C} - System32\Tasks\DV_mon_logfilter_session0 => C:\Program Files (x86)\DATEV\PROGRAMM\B0000522\LogFilter.exe [107024 2022-11-07] (DATEV eG 08 3 -> DATEV eG)
Task: {AE4331C4-9A22-4EF7-AE37-F7FC878E0DBC} - System32\Tasks\DV_Purge => C:\Program Files (x86)\DATEV\PROGRAMM\B0001502\CdbConsoleProAsUser.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
Task: {295426A0-B22A-494E-B9CD-1A50392DBE91} - System32\Tasks\DV_UserAutoStartAgent => C:\Program Files (x86)\DATEV\PROGRAMM\B0001502\CdbConsoleProAsUser.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
Task: {C36B7612-5F6C-46BB-95C2-E4187EC798F9} - System32\Tasks\DV_UserAutoStartAgent_SystemStartup => C:\Program Files (x86)\DATEV\PROGRAMM\B0001502\CdbConsoleProAsUser.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
Task: {6540BA54-A90C-4B35-8F4E-6B1BAED385BF} - System32\Tasks\G2MUpdateTask-S-1-5-21-3236408109-601453854-1968072414-1001 => C:\Users\smaas\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9B70A16C-DD97-4A0E-9567-A17039836807} - System32\Tasks\G2MUploadTask-S-1-5-21-3236408109-601453854-1968072414-1001 => C:\Users\smaas\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {E85EFB26-FBE1-4F4A-8E40-29C6AF20F214} - System32\Tasks\GoogleUpdateTaskMachineCore{4EEC788D-9B8F-49F2-A53F-3F4B7362CA88} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-11] (Google LLC -> Google LLC)
Task: {3F23F258-0BF9-456F-BEF0-001779F8C430} - System32\Tasks\GoogleUpdateTaskMachineUA{07CF223A-BFD5-4C02-9AA4-2B78FD9DE66A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-11] (Google LLC -> Google LLC)
Task: {82DD4766-9A6F-482A-92E7-47EE5D437236} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2023-08-25] (HP Inc. -> HP Inc.)
Task: {B2BF4658-7B5F-40E5-A90B-EBA7CAC5F579} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-08-25] (HP Inc. -> HP Inc.)
Task: {7751B2E5-DA82-41CA-8E26-313A6A74A2F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145904 2023-08-25] (HP Inc. -> HP Inc.)
Task: {8C4E8789-BDCD-4A0D-9A40-05004C9781C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145904 2023-08-25] (HP Inc. -> HP Inc.)
Task: {65984931-9CF2-443E-96F3-174522023766} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\SYSTEM32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {AC646B5D-792C-4BF2-85C3-72B8E0F3F0E3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B16D290-ED5F-44FE-828F-26C3D7072BC5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B23DF06-67FF-4570-A534-B3EE3D6EBF5B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {10D025E8-9ECE-4EFA-8267-8A915DF18FA7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1406349-B7F4-48D7-BF6E-4D1AFDD3E7FB} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {95BB1225-3EC7-43D6-A140-962F557E0150} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2938448 2020-07-03] (Conexant Systems LLC -> Conexant)
Task: {3A867671-2DE7-4906-83B4-AC2CD3D216BC} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [177976 2021-08-25] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {7E10C1A8-95AE-4210-AECE-302DD21AF501} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {CBA62335-C2F3-463B-A4A0-A0CEA2CCC84E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-08-30] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F1D4BD86-E6B8-4863-9673-A38EE86B12CE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-08-30] (Mozilla Corporation -> Mozilla Foundation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3236408109-601453854-1968072414-1001.job => C:\Users\smaas\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3236408109-601453854-1968072414-1001.job => C:\Users\smaas\AppData\Local\GoToMeeting\19950\g2mupload.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5ccce4c8-3bf9-4259-888e-036f193f84a9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a3e7e659-3e6b-4041-baa9-85ed32e88eca}: [DhcpNameServer] 192.168.178.1
Edge:
=======
DownloadDir: C:\Users\smaas\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\smaas\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-08]
Edge HomePage: Default -> hxxp://www.google.de/
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\smaas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2023-04-25]
Edge Extension: (Google Docs Offline) - C:\Users\smaas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28]
Edge Extension: (Edge relevant text changes) - C:\Users\smaas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-24]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
Edge HKLM-x32\...\Edge\Extension: [pdhdldaneekjpoaldekpgomomeabpnek]
FireFox:
========
FF DefaultProfile: fmohtb2h.default
FF ProfilePath: C:\Users\smaas\AppData\Roaming\Mozilla\Firefox\Profiles\fmohtb2h.default [2020-09-06]
FF ProfilePath: C:\Users\smaas\AppData\Roaming\Mozilla\Firefox\Profiles\g0i7ysw9.default-release-1599418123181 [2023-09-08]
FF Notifications: Mozilla\Firefox\Profiles\g0i7ysw9.default-release-1599418123181 -> hxxps://www.ueberbrueckungshilfe-unternehmen.de; hxxps://foodsharing.de; hxxps://de.shein.com; hxxps://www.holidaycheck.de
FF Extension: (mycashbacks GmbH) - C:\Users\smaas\AppData\Roaming\Mozilla\Firefox\Profiles\g0i7ysw9.default-release-1599418123181\Extensions\extension@mycashbacks.com.xpi [2023-07-24]
FF Extension: (plusrente Toolbar) - C:\Users\smaas\AppData\Roaming\Mozilla\Firefox\Profiles\g0i7ysw9.default-release-1599418123181\Extensions\plusrente@mehrwerk.de.xpi [2023-02-03]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security App\bdwteff.xpi [2023-04-24] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => nicht gefunden
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2023-04-25] [] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-08] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-11-04] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-11-04] <==== ACHTUNG
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default [2023-09-08]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Extension: (Bitdefender Wallet) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2022-11-23]
CHR Extension: (Google Docs Offline) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-29]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2022-11-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-11]
CHR Extension: (vidIQ Vision for YouTube) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2022-11-23]
CHR Profile: C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-07-14]
CHR Profile: C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-07-14]
CHR Extension: (Bitdefender Wallet) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2022-11-23]
CHR Extension: (Google Docs Offline) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-31]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2023-03-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\smaas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-01]
CHR Profile: C:\Users\smaas\AppData\Local\Google\Chrome\User Data\System Profile [2023-07-14]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10425640 2021-02-12] (Acronis International GmbH -> )
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2021-02-12] (Acronis International GmbH -> Acronis International GmbH)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6382320 2021-02-26] (Acronis International GmbH -> )
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [842264 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2560552 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [842264 2023-08-30] (Bitdefender SRL -> Bitdefender)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-12-07] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817440 2023-08-19] (Microsoft Corporation -> Microsoft Corporation)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [81408 2021-08-25] (Conexant Systems LLC.) [Datei ist nicht signiert]
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [173880 2021-08-25] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 DATEV Sicherheitspaket-Basis-Dienst; C:\Program Files (x86)\DATEV\PROGRAMM\SiPaCompact\SiPaHostService.exe [396232 2023-01-19] (DATEV eG 08 4 -> DATEV eG)
S3 DATEV Update-Service; C:\PROGRAM FILES (X86)\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [169416 2022-09-21] (DATEV eG 08 4 -> DATEV eG)
R3 Datev.CC.Processes.Hosting.RdtServiceMode; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R2 Datev.Connect.Server; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.DataAdaptation.DataAdaptationManager.Host; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R3 Datev.Database.Conserve; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R3 Datev.Database.SqlBatchService.Host; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.Dms.Ocr.Service; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R2 Datev.Framework.RemoteServiceModel.EnablerService; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.Framework.RemoteServiceModel.Messaging.Server; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R3 Datev.Framework.RemoteServices; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.Irw.ServiceProvider.HostXcut.Server; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
S3 Datev.JasperReports.DFLService.Server.WindowsService; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R2 DatevPrintService; C:\Program Files (x86)\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [43464 2023-03-24] (DATEV eG 08 4 -> DATEV eG)
S4 DfueSammlerDienst; C:\Program Files (x86)\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [10184 2023-06-27] (DATEV eG 08 4 -> DATEV eG)
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [529072 2019-06-20] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1115560 2021-04-12] (Bayerisches Landesamt fuer Steuern -> )
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_2a3519c52621d0fe\HotKeyServiceUWP.exe [1536456 2023-04-26] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\AppHelperCap.exe [888768 2023-07-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\DiagsCap.exe [887184 2023-07-24] (HP Inc. -> HP Inc.)
R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\NetworkCap.exe [883088 2023-07-24] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149448 2020-07-23] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_766c68ffd261771b\x64\SysInfoCap.exe [887696 2023-07-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_570a7fccc53e137a\x64\TouchpointAnalyticsClientService.exe [497752 2023-07-24] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_2a3519c52621d0fe\LanWlanWwanSwitchingServiceUWP.exe [606664 2023-04-26] (HP Inc. -> HP Inc.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1933872 2021-02-12] (Acronis International GmbH -> )
R2 MSSQL$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe [481880 2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe [57224 2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [659496 2023-07-27] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\SQLAGENT.EXE [597896 2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLTELEMETRY$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL14.DATEV_DBENGINE\MSSQL\Binn\sqlceip.exe [254856 2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7394008 2021-02-12] (Acronis International GmbH -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [17900856 2023-08-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [288792 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-08-30] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_a9783cef5015881f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_a9783cef5015881f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [6205488 2023-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [798128 2022-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2020-12-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender)
R3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [39840 2023-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-09-06] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [701064 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2021-02-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [182832 2020-09-13] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1347496 2023-08-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R2 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [165312 2023-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 KobilCcid; C:\WINDOWS\System32\drivers\KobilCcid_x64.sys [50432 2020-11-12] (KOBIL Systems GmbH -> KOBIL Systems GmbH)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 RsFx0503; C:\WINDOWS\System32\DRIVERS\RsFx0503.sys [262888 2020-01-24] (Microsoft Corporation -> Microsoft Corporation)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [883256 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171968 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [633248 2023-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [522136 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2021-02-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U0 dmboot; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-09-08 09:19 - 2023-09-08 09:37 - 1717880832 _____ C:\Users\smaas\Downloads\DATEV_Mittelstand_Faktura_mit_Rechnungswesen_compact_88980_1220_01_20230808_194316.ISO
2023-09-07 21:14 - 2023-09-07 21:17 - 000000000 ____D C:\AdwCleaner
2023-09-07 21:05 - 2023-09-07 21:05 - 008791352 _____ (Malwarebytes) C:\Users\smaas\Desktop\adwcleaner.exe
2023-09-06 08:11 - 2023-09-08 13:27 - 000052063 _____ C:\Users\smaas\Desktop\FRST.txt
2023-09-06 08:11 - 2023-09-08 13:27 - 000000000 ____D C:\FRST
2023-09-05 21:04 - 2023-09-05 21:04 - 002382336 _____ (Farbar) C:\Users\smaas\Desktop\FRST64.exe
2023-09-05 13:22 - 2023-09-05 13:22 - 000000275 _____ C:\Users\smaas\Desktop\Plagegeister aller Art und deren Bekämpfung - Trojaner-Board.url
2023-09-04 13:39 - 2023-09-05 20:58 - 000000000 ____D C:\Users\smaas\AppData\Local\VLC Plus Player Updater
2023-09-04 13:35 - 2023-09-04 21:16 - 000000000 ____D C:\Users\smaas\.mediathek3
2023-09-04 13:35 - 2023-09-04 13:35 - 000000000 ____D C:\Users\smaas\.openjfx
2023-08-30 08:26 - 2023-08-30 17:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-08-24 09:53 - 2023-08-24 09:55 - 094787188 _____ C:\Users\smaas\Downloads\wetransfer_dji_0072-jpg_2023-08-23_1226.zip
2023-08-20 16:06 - 2023-08-20 16:06 - 000091092 _____ C:\ProgramData\agent.update.1692540376.bdinstall.v2.bin
2023-08-19 08:53 - 2023-08-19 08:53 - 000055780 _____ C:\Users\smaas\Downloads\abenteuersiedlung-MBKF-190823.pdf
2023-08-13 21:25 - 2023-08-13 21:25 - 000030273 _____ C:\Users\smaas\Downloads\202312D2465141.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-09-08 13:28 - 2020-09-13 15:03 - 000000000 ____D C:\Users\smaas\AppData\Local\CrashDumps
2023-09-08 13:28 - 2020-03-18 22:49 - 000000000 ____D C:\Users\smaas\AppData\Local\Packages
2023-09-08 13:25 - 2022-02-06 22:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-08 13:25 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-08 12:51 - 2022-02-11 11:11 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-08 12:51 - 2022-02-06 22:31 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-08 12:47 - 2020-09-27 15:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-09-08 11:08 - 2019-11-11 17:50 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2023-09-08 10:25 - 2020-11-16 10:21 - 000000000 ____D C:\Users\smaas\Desktop\DatevMittelstandBackup2020-11-13_21-19-16_0562985
2023-09-08 10:06 - 2020-03-18 22:53 - 000000000 ____D C:\Users\smaas\AppData\Roaming\Microsoft\Excel
2023-09-08 08:44 - 2022-02-06 22:55 - 001632660 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-08 08:44 - 2019-12-07 16:51 - 000708714 _____ C:\WINDOWS\system32\perfh007.dat
2023-09-08 08:44 - 2019-12-07 16:51 - 000142956 _____ C:\WINDOWS\system32\perfc007.dat
2023-09-08 08:44 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-08 08:42 - 2022-07-19 09:14 - 000000000 ____D C:\Program Files\CCleaner
2023-09-08 08:42 - 2022-02-14 14:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-08 08:41 - 2022-02-06 23:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2023-09-08 08:41 - 2020-03-18 22:52 - 000000000 ___RD C:\Users\smaas\OneDrive
2023-09-08 08:41 - 2020-03-18 22:49 - 000000000 __SHD C:\Users\smaas\IntelGraphicsProfiles
2023-09-08 08:38 - 2022-02-06 23:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-08 08:38 - 2021-04-19 00:19 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-08 08:38 - 2019-12-12 04:42 - 000000000 ____D C:\ProgramData\Synaptics
2023-09-08 08:38 - 2019-12-12 04:42 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-08 08:38 - 2019-12-12 04:41 - 000000000 ___HD C:\Intel
2023-09-08 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-09-08 08:37 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-07 23:53 - 2022-02-11 11:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-07 23:53 - 2022-02-11 11:12 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-09-07 21:21 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-07 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-07 21:21 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-09-07 21:17 - 2020-11-17 00:00 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2023-09-07 21:17 - 2020-03-19 10:06 - 000000000 ____D C:\Users\smaas\AppData\Roaming\Hewlett-Packard
2023-09-07 21:17 - 2019-11-11 17:50 - 000000000 ____D C:\Program Files (x86)\HP
2023-09-07 21:17 - 2019-06-28 03:49 - 000000000 _RSHD C:\hp
2023-09-07 21:17 - 2019-04-19 20:34 - 000000000 ____D C:\ProgramData\HP
2023-09-06 21:02 - 2023-02-09 21:54 - 000010451 _____ C:\Users\smaas\Desktop\To do.xlsx
2023-09-06 06:04 - 2020-10-01 21:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-05 17:47 - 2020-11-16 14:24 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-09-04 22:24 - 2019-12-12 04:58 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-04 13:35 - 2022-02-06 22:43 - 000000000 ____D C:\Users\smaas
2023-09-04 11:28 - 2020-09-27 21:45 - 000000000 ____D C:\Users\smaas\AppData\Roaming\Microsoft\Word
2023-09-02 20:16 - 2022-02-06 23:08 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3236408109-601453854-1968072414-1001
2023-09-02 20:16 - 2022-02-06 23:08 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3236408109-601453854-1968072414-1001
2023-09-02 20:16 - 2022-02-06 22:43 - 000002403 _____ C:\Users\smaas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-02 15:29 - 2020-10-01 21:08 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-02 15:29 - 2020-10-01 21:08 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-01 11:41 - 2023-02-16 11:25 - 000009635 _____ C:\Users\smaas\Desktop\monatliche Fixkosten.xlsx
2023-08-30 17:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-30 17:38 - 2020-03-20 17:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-30 12:48 - 2022-06-05 15:49 - 001347496 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2023-08-30 12:45 - 2021-11-04 22:40 - 006205488 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2023-08-30 08:33 - 2020-03-20 17:26 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-24 02:09 - 2022-02-06 23:08 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-24 02:08 - 2022-10-14 05:48 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-24 02:08 - 2022-10-14 05:48 - 000002069 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-23 15:22 - 2021-09-15 09:57 - 000017479 _____ C:\Users\smaas\Desktop\Werte WP.xlsb.xlsx
2023-08-21 17:39 - 2022-09-21 09:56 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-08-21 14:51 - 2023-05-30 10:57 - 000000020 _____ C:\WINDOWS\system32\Caad.db
2023-08-21 12:35 - 2021-11-04 22:40 - 000049200 _____ (Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2023-08-20 16:06 - 2022-02-06 23:08 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-08-20 16:06 - 2020-03-20 17:10 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-08-18 02:27 - 2020-11-16 22:33 - 000000000 ____D C:\Users\smaas\AppData\Local\D3DSCache
2023-08-17 08:08 - 2022-09-21 09:56 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-08-17 08:07 - 2022-07-19 09:14 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-11-13 11:46 - 2020-11-19 12:45 - 000005055 _____ () C:\Users\smaas\AppData\Local\EmptySettings.xml
2021-04-09 14:50 - 2021-09-30 09:09 - 000000128 _____ () C:\Users\smaas\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
| Themen zu Bitdefender überspringt passwortgeschütze Dateien/Trojaner befürchtet |
| audio, ausführen, befürchtet, bitdefender, datei, dateien, defender, download, files, freue, gefunde, gen, geschützte, gestern, infizierte, infizierte datei, install, liebe, lieben, meldung, passwortgeschützte, program, systemscan, unterstützung, würde |
Linear-Darstellung
