|
Log-Analyse und Auswertung: Windows Defender meldet Bedrohung durch Vigua.A und Creprote.AWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
07.11.2023, 13:33 | #1 |
| Windows Defender meldet Bedrohung durch Vigua.A und Creprote.A Hallo, Windows Defender meldet folgendes: Code:
ATTFilter "Aktuelle Bedrohungen Bedrohungen gefunden. Starten Sie die empfohlenen Aktionen. PUA•Win32/Vigua.A Niedrig 08.08.2023 20:36 (Aktiv) PUA•Win32/Vigua.A Niedrig 08.08.2023 20:36 (Aktiv) PUA•Win32/Vigua.A Niedrig 08.08.2023 20:36 (Aktiv) PIJA:Win32/Creprote.A Niedrig 05.07.2022 17:24 (Aktiv)" Danke im Voraus für eine eventuelle Unterstützung. Hier das FRST-Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02 durchgeführt von User (Administrator) auf HAUF22 (Gigabyte Technology Co., Ltd. B560M DS3H V2) (07-11-2023 12:44:58) Gestartet von C:\Users\User\Desktop\FRST64.exe Geladene Profile: User Plattform: Microsoft Windows 10 Home Version 22H2 19045.3570 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe ->) (Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersHelper.exe (C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe ->) (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.Plugins.PluginsService.exe (C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe ->) (The CefSharp Authors) [Datei ist nicht signiert] C:\Program Files\Copernic\DesktopSearch\CefSharp.BrowserSubprocess.exe <3> (C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe (C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (C:\Users\User\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe ->) (The CefSharp Authors) [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.exe <5> (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe (DeepL SE -> DeepL SE) C:\Users\User\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe (DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxEMN.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7> (explorer.exe ->) () [Datei ist nicht signiert] D:\ToolsHH\AutoHotkey\AutoHotkey.exe <3> (explorer.exe ->) (Comfort Software Group -> Comfort Software Group) C:\Program Files (x86)\Tools\FreeAlarmClock\FreeAlarmClock.exe (explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (explorer.exe ->) (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe (explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Tools\Greenshot\Greenshot.exe (explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\User\AppData\Local\Programs\signal-desktop\Signal.exe <4> (explorer.exe ->) (Telekom Deutschland GmbH -> Deutsche Telekom AG) C:\Program Files\MagentaCLOUD\magentacloud.exe (explorer.exe ->) (Tonalio GmbH -> Sandboxie-Plus.com) F:\SandboxieProgramm\SbieCtrl.exe (Ghisler Software GmbH -> Ghisler Software GmbH) D:\ToolsHH\WinCmd\TotalCmd.EXE <5> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <22> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\Pdf\PDF24\pdf24.exe <2> (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIServiceN.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9d19662e01abea6b\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0797c0ea8580ae89\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Tonalio GmbH -> Sandboxie-Plus.com) F:\SandboxieProgramm\SbieSvc.exe (services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2> (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe [1231864 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1687616 2022-02-21] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2264704 2022-05-20] (voidtools -> voidtools) HKLM\...\Run: [PDF24] => C:\Program Files\Pdf\PDF24\pdf24.exe [592608 2022-06-29] (geek software GmbH -> geek software GmbH) HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\Sicherheit\KeePass\KeePass.exe [3245968 2023-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM\...\Run: [Greenshot] => C:\Program Files\Tools\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot) HKLM-x32\...\Run: [CanonQuickToolbox] => C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe [2289616 2021-11-16] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11561184 2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2589712 2023-10-27] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech) HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [FreeAC] => C:\Program Files (x86)\Tools\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group -> Comfort Software Group) HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\User\AppData\Local\Programs\signal-desktop\Signal.exe [163654880 2023-10-25] (Signal Messenger, LLC -> Signal Messenger, LLC) HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [SandboxieControl] => f:\SandboxieProgramm\SbieCtrl.exe [3397584 2023-02-27] (Tonalio GmbH -> Sandboxie-Plus.com) HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [MagentaCLOUD] => C:\Program Files\MagentaCLOUD\magentacloud.exe [6458080 2023-02-17] (Telekom Deutschland GmbH -> Deutsche Telekom AG) HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [Copernic Desktop Search] => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe [751008 2023-10-16] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891768 2023-11-02] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon MB5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDD2.DLL [30720 2023-07-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon MX870 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA7.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MB5100 series: C:\Windows\system32\CNCALD2.DLL [254464 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MB5100 series: C:\Windows\system32\CNMLMD2.DLL [436736 2023-07-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MX870 series: C:\Windows\system32\CNMLMA7.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MX870 series XPS: C:\Windows\system32\CNMXLMA7.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [337920 2009-10-09] (CANON INC.) [Datei ist nicht signiert] HKLM\...\Print\Monitors\Canon MP FAX Language Monitor MX870 series: C:\Windows\system32\CNCF2Lm.DLL [343552 2009-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Canon Inc.) HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [953600 2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\118.0.5993.120\Installer\chrmstp.exe [2023-11-06] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{296985B0-9E7B-49B0-9C65-7847A6489C4D}] -> C:\Program Files (x86)\Tools\ASAP Utilities\Add_ASAP_Utilities_to_the_Excel_menu.exe [2022-03-24] (A Must in Every Office B.V. -> A Must in Every Office BV) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2022-07-09] ShortcutTarget: DeepL auto-start.lnk -> C:\Users\User\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [Datei ist nicht signiert] Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StartHotkey.ahk.lnk [2014-12-14] ShortcutTarget: StartHotkey.ahk.lnk -> D:\ToolsHH\AutoHotkey\Scripte\StartHotkey.ahk () [Datei ist nicht signiert] Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SzDownloadPruefung - Verknüpfung.lnk [2014-12-15] ShortcutTarget: SzDownloadPruefung - Verknüpfung.lnk -> D:\ToolsHH\AutoHotkey\Scripte\KonMenu\SzDownloadPruefung.ahk () [Datei ist nicht signiert] ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {7C16F9CD-972E-499E-A93A-920C425DCA4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.) Task: {92973833-E6B3-4F79-B589-CFB7F22E48E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-09-21] (Dropbox, Inc -> Dropbox, Inc.) Task: {5F903DD9-1533-4FCE-892E-54C48BBF0BF3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-09-21] (Dropbox, Inc -> Dropbox, Inc.) Task: {1C4318F6-2CB6-4C77-9736-B676812CD587} - System32\Tasks\GoogleUpdateTaskMachineCore{4565DBCC-481A-42F2-BB19-058DC8DEDE40} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-06] (Google LLC -> Google LLC) Task: {8BEEAF0A-7F33-4093-B4D5-3AF141CD93A0} - System32\Tasks\GoogleUpdateTaskMachineUA{C2894CD8-C040-4E45-B5C0-79044176DBCD} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-06] (Google LLC -> Google LLC) Task: {FCDB6C69-1E19-48EB-AAFD-F9C94D9BE88A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-03] (Microsoft Corporation -> Microsoft Corporation) Task: {9186A765-C1F2-4CAA-A3B5-3949BCFBEECF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-03] (Microsoft Corporation -> Microsoft Corporation) Task: {E95BE918-F3E9-475D-AADC-8D92E1DA6723} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218080 2023-11-03] (Microsoft Corporation -> Microsoft Corporation) Task: {671DCFFC-9F45-41E1-BD23-2AADDD0034BD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218080 2023-11-03] (Microsoft Corporation -> Microsoft Corporation) Task: {2EB34DB4-233A-4097-83F8-71396CE91FAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E2F21C6B-401D-4ABD-823B-7B376B7D07F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BEFB27AD-D8F7-4DD0-929C-BA6D39F16B7C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {22169F2E-35F1-4C3A-80D6-4A775B947D37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EFFE9DEC-E886-449F-91B6-A901F846016E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [723872 2023-10-27] (Mozilla Corporation -> Mozilla Foundation) Task: {8DD76058-C9BB-43C5-BB11-BF8A54D9C80A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130848 2023-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {9FEFF221-6CB5-4D34-84A4-AD48C7A6AA5C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2359011715-3956498778-3170841144-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130848 2023-10-27] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{ba1293da-f410-4b5d-b555-6489e9bb8b17}: [DhcpNameServer] 192.168.178.1 Edge: ======= Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-07] Edge Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-24] Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-24] FireFox: ======== FF DefaultProfile: 6tp8ngdm.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\6tp8ngdm.default [2022-07-01] FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release [2023-11-07] FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\user.js [2016-03-04] FF DownloadDir: D:\Download FF Homepage: Mozilla\Firefox\Profiles\k3bdhuwe.default-release -> hxxps://www.google.com/ FF Notifications: Mozilla\Firefox\Profiles\k3bdhuwe.default-release -> hxxps://www.medimops.de; hxxps://mail.yahoo.com FF Extension: (Nervenschoner) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\bidev@ingenit.com.xpi [2023-02-21] FF Extension: (OneNote Web Clipper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\Clipper@OneNote.com.xpi [2022-12-19] FF Extension: (Reverso - Übersetzung, Wörterbuch) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\context@reverso.net.xpi [2022-03-25] FF Extension: (German Dictionary, extended for Austria) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\de-AT@dictionaries.addons.mozilla.org.xpi [2022-11-24] FF Extension: (German Dictionary (Switzerland)) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\de-CH@dictionaries.addons.mozilla.org.xpi [2022-11-24] FF Extension: (German Dictionary) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\de-DE@dictionaries.addons.mozilla.org.xpi [2022-11-24] FF Extension: (OneTab) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\extension@one-tab.com.xpi [2023-10-03] FF Extension: (FoxyTab) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\foxytab@eros.man.xpi [2019-07-04] FF Extension: (Language: Deutsch (German)) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\langpack-de@firefox.mozilla.org.xpi [2023-11-06] FF Extension: (Dict.cc Übersetzung) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\searchdictcc@roughael.xpi [2022-03-20] FF Extension: (Session Sync) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\session-sync@gabrielivanica.com.xpi [2019-07-12] FF Extension: (Tile Tabs WE) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\tiletabs-we@DW-dev.xpi [2020-08-04] FF Extension: (lyricist - Lyrics for Youtube) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{0c4ad04f-c27f-416f-9165-6839dc884e2c}.xpi [2020-08-09] FF Extension: (Startpage.com — Datenschutz-Suchmaschine) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-10] FF Extension: (ePub Reader) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{323353ee-cfbd-4178-9676-85566d98c8b1}.xpi [2021-05-15] FF Extension: (YouTube lyrics) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{44586611-e754-4018-ade4-190167bbe45f}.xpi [2020-08-09] FF Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2021-02-09] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%] FF Extension: (Selenium IDE) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2022-02-10] FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-26] FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-20] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\k3bdhuwe.default-release\searchplugins\startpage-ssl.xml [2014-12-30] FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\Multimedia\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2359011715-3956498778-3170841144-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2359011715-3956498778-3170841144-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2359011715-3956498778-3170841144-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Pdf\XChangeEditor\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2023-11-06] CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-06] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-06] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.) R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe [1092656 2022-03-16] (AOMEI International Network Limited -> AOMEI International Network Limited) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12876472 2023-11-03] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-09-21] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-09-21] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46824 2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) R2 Everything; C:\Program Files\Everything\Everything.exe [2264704 2022-05-20] (voidtools -> voidtools) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncHelper.exe [3505696 2023-10-27] (Microsoft Corporation -> Microsoft Corporation) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.209.1008.0002\OneDriveUpdaterService.exe [3842064 2023-10-27] (Microsoft Corporation -> Microsoft Corporation) R2 PDF24; C:\Program Files\Pdf\PDF24\pdf24.exe [592608 2022-06-29] (geek software GmbH -> geek software GmbH) R2 SbieSvc; f:\SandboxieProgramm\SbieSvc.exe [371152 2023-02-27] (Tonalio GmbH -> Sandboxie-Plus.com) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14610864 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [805224 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AcxHdAudio; C:\Windows\System32\drivers\AcxHdAudio.sys [526848 2023-10-11] (Microsoft Windows -> Microsoft Corporation) R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [172928 2022-07-09] (AOMEI International Network Limited -> ) R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [32176 2022-07-09] (AOMEI International Network Limited -> ) R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation) R3 MpKslf0c43ee6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DF55C01B-560D-4858-87E5-976338AC4815}\MpKslDrv.sys [263560 2023-11-07] (Microsoft Windows -> Microsoft Corporation) R3 SbieDrv; f:\SandboxieProgramm\SbieDrv.sys [235576 2023-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Sandboxie-Plus.com) R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [254632 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [265504 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates) R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1060880 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates) R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [817672 2022-07-08] (Microsoft Windows Hardware Compatibility Publisher -> IDRIX) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-11-07 12:44 - 2023-11-07 12:45 - 000034229 _____ C:\Users\User\Desktop\FRST.txt 2023-11-07 12:44 - 2023-11-07 12:31 - 002383872 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe 2023-11-07 12:38 - 2023-11-07 12:45 - 000000000 ____D C:\FRST 2023-11-06 16:01 - 2023-11-06 16:13 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-11-06 16:01 - 2023-11-06 16:13 - 000002192 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-11-06 16:01 - 2023-11-06 16:01 - 000000000 ____D C:\Users\User\AppData\Local\Google 2023-11-06 16:00 - 2023-11-07 12:20 - 000000000 ____D C:\Program Files (x86)\Google 2023-11-06 16:00 - 2023-11-06 16:06 - 000004002 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{C2894CD8-C040-4E45-B5C0-79044176DBCD} 2023-11-06 16:00 - 2023-11-06 16:06 - 000003878 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{4565DBCC-481A-42F2-BB19-058DC8DEDE40} 2023-11-06 16:00 - 2023-11-06 16:00 - 000000000 ____D C:\Program Files\Google 2023-11-02 09:27 - 2023-11-02 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2023-10-31 12:19 - 2023-10-31 12:19 - 000046824 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2023-10-24 20:13 - 2023-10-24 20:13 - 000117515 _____ C:\Users\User\Documents\IMG_20231024_0004.pdf 2023-10-24 20:13 - 2023-10-24 20:13 - 000107813 _____ C:\Users\User\Documents\IMG_20231024_0003.pdf 2023-10-24 20:06 - 2023-10-24 20:06 - 000060680 _____ C:\Users\User\Documents\IMG_20231024_0001.pdf 2023-10-24 20:06 - 2023-10-24 20:06 - 000058960 _____ C:\Users\User\Documents\IMG_20231024_0002.pdf 2023-10-22 20:55 - 2023-10-22 20:55 - 000001298 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reverso.lnk 2023-10-22 20:55 - 2023-10-22 20:55 - 000001290 _____ C:\Users\User\Desktop\Reverso.lnk 2023-10-18 17:28 - 2023-10-18 17:28 - 000002158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copernic Desktop Search.lnk 2023-10-18 17:28 - 2023-10-18 17:28 - 000002146 _____ C:\Users\Public\Desktop\Copernic Desktop Search.lnk 2023-10-18 17:28 - 2023-10-18 17:28 - 000000000 ____D C:\Program Files\Copernic 2023-10-17 20:22 - 2023-10-17 20:22 - 000000000 ____D C:\Users\User\AppData\Local\Captura 2023-10-17 17:35 - 2023-10-17 21:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Captura 2023-10-17 17:35 - 2023-10-17 17:35 - 000001259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Captura.lnk 2023-10-17 17:35 - 2023-10-17 17:35 - 000000000 ____D C:\Users\User\Documents\Captura 2023-10-17 16:15 - 2023-10-17 16:15 - 000000000 ____D C:\Users\User\AppData\Local\Backup 2023-10-12 18:31 - 2023-10-12 18:31 - 000000000 ____D C:\ProgramData\PLUG 2023-10-12 14:31 - 2023-10-12 14:31 - 000000000 ____D C:\Program Files\RUXIM 2023-10-11 17:42 - 2023-10-11 17:42 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json 2023-10-11 17:38 - 2023-10-11 17:38 - 000000000 ___HD C:\$WinREAgent ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-11-07 12:39 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2023-11-07 12:20 - 2022-06-24 17:05 - 000000000 ____D C:\Windows\system32\Drivers\wd 2023-11-07 12:20 - 2022-06-24 11:26 - 000000000 ____D C:\Windows\SystemTemp 2023-11-07 12:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-11-07 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2023-11-06 23:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-11-06 22:49 - 2022-08-04 11:39 - 000000000 ____D C:\Users\User\AppData\Roaming\XnView 2023-11-06 22:48 - 2022-07-07 13:31 - 000000000 ____D C:\Users\User\AppData\Roaming\Everything 2023-11-06 22:25 - 2022-07-04 11:19 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Excel 2023-11-06 22:25 - 2022-07-04 11:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Word 2023-11-06 22:24 - 2022-07-04 20:43 - 000000000 ____D C:\Users\User\AppData\Roaming\KeePass 2023-11-06 18:26 - 2022-06-24 17:04 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-11-06 16:03 - 2022-06-24 11:18 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache 2023-11-06 15:27 - 2022-07-01 21:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-11-05 20:44 - 2022-08-10 13:54 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Access 2023-11-04 23:22 - 2022-07-20 17:18 - 000000000 _____ C:\Users\User\AppData\Roaming\leotemp.txt 2023-11-04 22:49 - 2023-09-29 19:57 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps 2023-11-04 16:30 - 2023-09-02 11:18 - 000000000 ____D C:\Users\User\AppData\Roaming\ALFBanCo9 2023-11-04 16:30 - 2023-09-02 11:18 - 000000000 ____D C:\ProgramData\AlfBanCo9 2023-11-04 15:57 - 2023-01-17 11:26 - 000002308 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-11-04 15:57 - 2022-07-04 14:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2023-11-04 15:57 - 2022-06-24 17:05 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-11-03 11:50 - 2022-06-24 17:07 - 000000000 ____D C:\Users\User\AppData\Local\Packages 2023-11-02 22:26 - 2022-07-09 15:06 - 000000000 ____D C:\Users\User\.mediathek3 2023-11-02 21:58 - 2022-07-09 15:16 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc 2023-11-02 17:18 - 2022-12-20 20:59 - 000000000 ____D C:\Users\User\AppData\Roaming\Signal 2023-11-02 09:27 - 2023-09-21 12:07 - 000000000 ____D C:\Users\User\AppData\Roaming\Dropbox 2023-11-02 09:27 - 2023-09-21 12:07 - 000000000 ____D C:\Users\User\AppData\Local\Dropbox 2023-11-02 09:27 - 2023-09-21 12:06 - 000000000 ____D C:\Program Files (x86)\Dropbox 2023-11-01 20:40 - 2022-06-24 11:15 - 001732248 _____ C:\Windows\system32\PerfStringBackup.INI 2023-11-01 20:40 - 2019-12-07 15:50 - 000747552 _____ C:\Windows\system32\perfh007.dat 2023-11-01 20:40 - 2019-12-07 15:50 - 000151418 _____ C:\Windows\system32\perfc007.dat 2023-11-01 20:33 - 2022-08-18 22:08 - 000000000 ____D C:\Program Files\TeamViewer 2023-11-01 20:33 - 2022-07-09 11:59 - 000000208 _____ C:\Windows\SysWOW64\AbBakConfig.dat 2023-11-01 20:33 - 2022-07-09 11:56 - 000000432 _____ C:\Windows\SysWOW64\winsevr.dat 2023-11-01 20:33 - 2022-07-07 12:28 - 000000000 ____D C:\Users\User\AppData\Local\LogiBolt 2023-11-01 20:33 - 2022-06-24 17:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-11-01 20:33 - 2022-06-24 17:04 - 000008192 ___SH C:\DumpStack.log.tmp 2023-11-01 20:33 - 2022-06-24 11:14 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles 2023-11-01 20:33 - 2022-06-24 11:14 - 000000000 ____D C:\Intel 2023-11-01 20:33 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI 2023-11-01 20:32 - 2023-07-26 09:26 - 000000000 ____D C:\Users\User\AppData\Roaming\MagentaCLOUD 2023-11-01 20:32 - 2022-07-07 13:31 - 000000000 ____D C:\Users\User\AppData\Local\Everything 2023-11-01 11:18 - 2022-07-06 15:46 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Outlook 2023-10-31 23:02 - 2022-07-04 11:15 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Office 2023-10-30 22:45 - 2022-07-06 19:02 - 000000000 ____D C:\Temp 2023-10-30 21:04 - 2022-07-04 20:51 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-10-30 21:04 - 2022-07-01 21:41 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-10-30 21:04 - 2022-07-01 21:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-10-29 23:43 - 2022-07-04 10:32 - 000000000 ____D C:\InstallierteProgramme 2023-10-29 21:34 - 2022-06-24 17:07 - 000000000 ___SD C:\Users\User\AppData\Roaming\Microsoft\Credentials 2023-10-29 11:10 - 2022-06-27 07:03 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder 2023-10-28 22:39 - 2022-07-04 07:48 - 000000000 ____D C:\ProgramsPortable 2023-10-28 16:12 - 2023-03-03 13:48 - 000000000 ____D C:\Users\User\AppData\Roaming\DeepL_SE 2023-10-27 21:12 - 2022-07-04 10:35 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-10-27 21:12 - 2022-07-04 10:35 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-10-27 21:12 - 2022-06-24 11:12 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2359011715-3956498778-3170841144-1001 2023-10-27 20:54 - 2022-07-01 21:41 - 000001039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-10-27 12:20 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2023-10-27 11:17 - 2022-06-24 17:05 - 000003754 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-10-27 11:17 - 2022-06-24 17:05 - 000003630 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-10-26 22:01 - 2022-07-09 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediathekView 2023-10-20 11:22 - 2022-08-14 12:49 - 000000000 ____D C:\Users\User\Documents\My Digital Editions 2023-10-18 11:57 - 2023-09-02 11:18 - 000000000 ____D C:\Program Files (x86)\ALFBanCo9 2023-10-17 21:28 - 2022-07-09 13:25 - 000000000 ____D C:\Users\User\AppData\Roaming\draw.io 2023-10-17 17:35 - 2022-10-13 15:41 - 000002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-10-17 17:35 - 2022-10-13 15:41 - 000002055 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2023-10-17 17:35 - 2022-07-15 21:39 - 000000000 ____D C:\Program Files (x86)\Multimedia 2023-10-17 17:35 - 2022-06-24 11:35 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2023-10-16 19:35 - 2022-09-29 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer 2023-10-16 19:35 - 2022-07-09 15:47 - 000002039 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk 2023-10-16 16:52 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-10-16 16:50 - 2022-06-24 17:04 - 000440128 _____ C:\Windows\system32\FNTCACHE.DAT 2023-10-16 16:49 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-10-16 16:49 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-10-16 16:49 - 2019-12-07 15:50 - 000000000 ____D C:\Windows\SysWOW64\de 2023-10-16 16:49 - 2019-12-07 15:50 - 000000000 ____D C:\Windows\system32\de 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-10-16 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-10-16 16:49 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing 2023-10-15 20:45 - 2022-07-09 12:52 - 000000000 ____D C:\Users\User\Calibre-Bibliothek 2023-10-15 20:45 - 2022-07-09 12:51 - 000000000 ____D C:\Users\User\AppData\Roaming\calibre 2023-10-11 17:45 - 2019-12-07 15:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll 2023-10-11 17:45 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2023-10-11 17:45 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll 2023-10-11 17:42 - 2022-06-24 17:08 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2023-10-11 17:34 - 2022-06-24 11:19 - 000000000 ____D C:\Windows\system32\MRT 2023-10-11 17:32 - 2022-06-24 11:19 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2022-12-19 21:48 - 2022-12-19 21:48 - 000052223 _____ () C:\Users\User\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR 2022-07-20 17:18 - 2023-11-04 23:22 - 000000000 _____ () C:\Users\User\AppData\Roaming\leotemp.txt 2022-10-14 21:14 - 2022-10-14 21:14 - 000005632 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02 durchgeführt von User (07-11-2023 12:45:37) Gestartet von C:\Users\User\Desktop Microsoft Windows 10 Home Version 22H2 19045.3570 (X64) (2022-06-24 16:06:08) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-2359011715-3956498778-3170841144-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2359011715-3956498778-3170841144-503 - Limited - Disabled) Gast (S-1-5-21-2359011715-3956498778-3170841144-501 - Limited - Disabled) User (S-1-5-21-2359011715-3956498778-3170841144-1001 - Administrator - Enabled) => C:\Users\User WDAGUtilityAccount (S-1-5-21-2359011715-3956498778-3170841144-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.006.20360 - Adobe) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden ALF-BanCo 8 (HKLM-x32\...\Alf-BanCo8_is1) (Version: 8.3.5 - ALF AG) ALF-BanCo 9 (HKLM-x32\...\Alf-BanCo9_is1) (Version: 9.0.8 - ALF AG) AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 6.9.2 - AOMEI International Network Limited.) ASAP*Utilities (HKLM-x32\...\ASAP Utilities_is1) (Version: 8.0.2 - A Must in Every Office BV - Bastien Mensink) AutoHotkey 1.1.33.10 (HKLM-x32\...\AutoHotkey) (Version: 1.1.33.10 - Lexikos) Avidemux VC++ 64bits (HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\{1a7934be-b952-4a64-845c-8ec73ab3de11}) (Version: 2.7.6 - Mean) Beyond Compare 4.4.2 (HKLM\...\BeyondCompare4_is1) (Version: 4.4.2.26348 - Scooter Software) calibre (HKLM-x32\...\{D3CF17E8-ECE2-4B16-86D3-1C6B2F94BF8C}) (Version: 5.44.0 - Kovid Goyal) Canon Calibration Tool (HKLM-x32\...\CanonCalibrationTool) (Version: 1.5.0 - Canon Inc.) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.2.0.18 - Canon Inc.) Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: - ) Canon Kurzwahlprogramm2 (HKLM-x32\...\Speed Dial Utility2) (Version: 2.2.1 - Canon Inc.) Canon MB5100 series Benutzerregistrierung (HKLM-x32\...\Canon MB5100 series Benutzerregistrierung) (Version: - *Canon Inc.) Canon MB5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB5100_series) (Version: 1.02 - Canon Inc.) Canon MB5100 series On-screen Manual (HKLM-x32\...\Canon MB5100 series On-screen Manual) (Version: 7.8.0 - Canon Inc.) Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - ) Canon MX870 series Benutzerregistrierung (HKLM-x32\...\Canon MX870 series Benutzerregistrierung) (Version: - ) Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Quick Utility Toolbox (HKLM-x32\...\Quick Toolbox) (Version: 2.5.0 - Canon Inc.) Canon Wi-Fi Connection Assistant (HKLM-x32\...\Wi-Fi Connection Assistant) (Version: 1.30.0 - Canon Inc.) Captura v8.0.0 (HKLM-x32\...\{C1670C5E-5042-4300-9491-6BFFF963823F}_is1) (Version: 8.0.0 - Mathew Sachin) ClipGrab 3.9.7 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - The ClipGrab Project) Copernic Desktop Search (HKLM\...\CopernicDesktopSearch8) (Version: 8.2.3.16420 - Copernic) DB Browser for SQLite (HKLM\...\{5211034D-495B-4A5E-9B8D-8961BBB2B9E2}) (Version: 3.12.2 - DB Browser for SQLite Team) DeepL (HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - ) draw.io 22.0.2 (HKLM\...\27a75bf3-be48-5c35-934f-8491cf108abe) (Version: 22.0.2 - JGraph) Dropbox (HKLM-x32\...\Dropbox) (Version: 186.4.6207 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.817.1 - Dropbox, Inc.) Hidden Everything 1.4.1.1017 (x64) (HKLM\...\Everything) (Version: 1.4.1.1017 - voidtools) Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 118.0.5993.120 - Google LLC) GPL Ghostscript (HKLM\...\GPL Ghostscript 9.56.1) (Version: 9.56.1 - Artifex Software Inc.) GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.56.1) (Version: 9.56.1 - Artifex Software Inc.) GPS Track Editor (HKLM-x32\...\GpsTrackEditor) (Version: 1.15 (build 141) - MapSphere) GPS-Track-Analyse.NET 6.0 (HKLM-x32\...\GPS-Track-Analyse.NET 6.0_is1) (Version: - ) GPXSee (x64) (HKLM\...\GPXSee) (Version: 11.9 - Martin Tůma) Greenfish Icon Editor Pro 3.6 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version: - Greenfish Corporation) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson) IrfanView 4.60 (64-bit) (HKLM\...\IrfanView64) (Version: 4.60 - Irfan Skiljan) Java 8 Update 381 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180381F0}) (Version: 8.0.3810.9 - Oracle Corporation) KeePass Password Safe 2.53 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.53 - Dominik Reichl) Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi) Logitech Options (HKLM\...\LogiOptions) (Version: 9.60.87 - Logitech) MagentaCLOUD (HKLM\...\{1369654A-24FD-4D83-B45A-222E19EAD9A1}) (Version: 3.6.7.20230217 - Deutsche Telekom AG) MediaHuman YouTube to MP3 Converter 3.9.9.81 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.81 - MediaHuman) MediathekView 14.0.0 (HKLM\...\1927-5045-2127-3394) (Version: 14.0.0 - MediathekView Team) Microsoft .NET Host - 6.0.9 (x64) (HKLM\...\{C30ABA3F-32C0-43D1-B3B8-9AEFD58A15D9}) (Version: 48.39.47157 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.9 (x64) (HKLM\...\{FD10B803-97FD-4867-9753-8784BC35D2F8}) (Version: 48.39.47157 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.9 (x64) (HKLM\...\{0B4F742D-2D47-4E95-B756-402822D31C48}) (Version: 48.39.47157 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.44 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.44 - Microsoft Corporation) Microsoft Garage Mouse without Borders (HKLM-x32\...\{D3BC954F-D661-474C-B367-30EB6E56542E}) (Version: 2.1.8.105 - Microsoft Garage) Microsoft Office Professional 2019 - de-de (HKLM\...\Professional2019Retail - de-de) (Version: 16.0.16924.20124 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.209.1008.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.9 (x64) (HKLM\...\{C1CD2FC1-92E6-4DE2-89D8-6D309881856F}) (Version: 48.39.47171 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.9 (x64) (HKLM-x32\...\{569b351b-451b-48db-a2c7-7beb63411666}) (Version: 6.0.9.31620 - Microsoft Corporation) Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 119.0 (x64 en-US)) (Version: 119.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.0 - Mozilla) Mp3tag v3.16 (HKLM\...\Mp3tag) (Version: 3.16 - Florian Heidenreich) MPC-BE x64 1.6.8.5 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.6.8.5 - MPC-BE Team) MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 2.1 - F.J. Wechselberger) No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23) Hidden No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.2 - Notepad++ Team) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20078 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16924.20088 - Microsoft Corporation) Hidden Office RibbonX Editor (HKLM\...\{414e2267-764a-4e61-aa5e-f25f407dfafd}_is1) (Version: 1.9.0.1056 - Fernando Andreu) Oracle VM VirtualBox 7.0.4 (HKLM\...\{1CEDDF58-8D2F-407F-BF34-877EAAFF3C40}) (Version: 7.0.4 - Oracle and/or its affiliates) paint.net (HKLM\...\{31D05AC5-4242-433C-A002-9DB22D740F8C}) (Version: 4.3.11 - dotPDN LLC) PDF24 Creator 11.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.2.0 - PDF24.org) PDF-XChange Editor (HKLM\...\{1DE89B26-390D-4262-B7BD-788427632263}) (Version: 9.5.366.0 - Tracker Software Products (Canada) Ltd.) Hidden PDF-XChange Editor (HKLM-x32\...\{e563cf57-fc77-4977-83d0-56532d421d33}) (Version: 9.5.366.0 - Tracker Software Products (Canada) Ltd.) Reverso (HKLM-x32\...\{C0D4BC23-E512-47C3-AA47-04A76B4172C1}) (Version: 2.11.0.734 - Reverso) Samsung NVM Express Driver (HKLM-x32\...\{ff94c273-58d5-40b5-b03a-9bd41d5cff1e}) (Version: 3.3.0.2003 - Samsung Electronics) Samsung NVM Express Driver 3.3.0.2003 (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: 3.3.0.2003 - Samsung Electronics Co., Ltd) Hidden Sandboxie 5.63.0 (64-bit) (HKLM\...\Sandboxie) (Version: 5.63.0 - sandboxie-plus.com) Signal 6.36.0 (HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.36.0 - Signal Messenger, LLC) Support- und Wiederherstellungs-Assistent von Microsoft (HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\a1a734b8150c1d83) (Version: 17.0.8640.17 - Microsoft Corporation) tax 2020 (HKLM-x32\...\{911206AE-A132-4258-8DE2-E2A76971EFE6}) (Version: 27.14.2810 - Buhl Data Service GmbH) tax 2021 (HKLM-x32\...\{1B029679-D87C-44BC-B894-D579FD7CA963}) (Version: 28.10.2720 - Buhl Data Service GmbH) tax 2022 (HKLM-x32\...\{B25B40FF-36D8-4AF3-AFB8-491AB11B658B}) (Version: 29.08.3260 - Buhl Data Service GmbH) tax 2023 (HKLM-x32\...\{D7897BE5-064E-4776-818C-5BCD1FC1C385}) (Version: 30.00.3010 - Buhl Data Service GmbH) TeamViewer (HKLM\...\TeamViewer) (Version: 15.26.4 - TeamViewer) Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 11.01 - Ghisler Software GmbH) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.25.9 - IDRIX) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN) XnView 2.51.0 (HKLM-x32\...\XnView_is1) (Version: 2.51.0 - Gougelet Pierre-e) Z-Cron (HKLM-x32\...\{FD57FF4D-7225-4DAC-B15D-9BAE3E8A0E2B}) (Version: 6.1.0.1 - IMU Andreas Baumann) Packages: ========= Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-10-17] () Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-07-04] (Canon Inc.) Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2023-11-02] (Dropbox Inc.) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.21.0_neutral__8xx8rvfyw5nnt [2023-10-29] (Instagram) Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-13] (INTEL CORP) [Startup Task] Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-04] (Microsoft Corporation) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2022-07-04] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0 [2023-10-13] (Spotify AB) [Startup Task] ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{47726565-6e73-686f-7400-000000000000}\localserver32 -> "C:\Program Files\Grafik\Greenshot\Greenshot.exe" -ToastActivated => Keine Datei CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{6FF9B5B6-389F-444A-9FDD-A286C36EA079}\InprocServer32 -> C:\Program Files\MagentaCLOUD\CfApiShellExtensions.dll () [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\User\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe (DeepL SE -> DeepL SE) CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{c1be91f2-446f-4f6e-bf58-da4a82669b3c} -> [MagentaCLOUD] => F:\MagentaCloudLoc [2023-07-26 09:33] CustomCLSID: HKU\S-1-5-21-2359011715-3956498778-3170841144-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => F:\Dropbox [2023-09-21 12:21] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ MagentaCLOUDError] -> {21A727D8-DF75-47AC-9B23-98CA9941E764} => C:\Windows\System32\shellext\NCOverlays.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ MagentaCLOUDOK] -> {5FB43024-D810-463E-8298-25AC18B4D657} => C:\Windows\System32\shellext\NCOverlays.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ MagentaCLOUDOKShared] -> {207E0D58-A4D2-4BEA-B23F-74B275067FF4} => C:\Windows\System32\shellext\NCOverlays.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ MagentaCLOUDSync] -> {B7E41BEC-A46C-4536-A3B8-F20322BC4538} => C:\Windows\System32\shellext\NCOverlays.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ MagentaCLOUDWarning] -> {EC74FC2C-CC25-4FF8-B860-8F98CB200CCE} => C:\Windows\System32\shellext\NCOverlays.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\ToolsHH\Notepad++\NppShell_06.dll [2022-05-29] (Notepad++ -> ) ContextMenuHandlers1: [CirrusShellEx] -> {57FA2D12-D22D-490A-805A-5CB48E84F12A} => C:\Program Files\Tools\BeyondCompare4\BCShellEx64.dll [2022-03-15] (Scooter Software Inc -> Scooter Software) ContextMenuHandlers1: [CopernicFileShellContextMenuExtension] -> {5e8dc0ce-ae15-3dcc-9daf-50487dd495a8} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2023-10-16] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Open Source Developer, Brice Lambson -> Brice Lambson) ContextMenuHandlers1-x32: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\Multimedia\XnView\ShellEx\XnViewShellExt.dll [2022-05-31] (Pierre GOUGELET -> ) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Musik\Mp3tag\Mp3tagShell64.dll [2022-05-30] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files\Fairphone\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert] ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Pdf\XChangeEditor\Shell Extensions\XCShellMenu.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) ContextMenuHandlers2: [CopernicFolderShellContextMenuExtension] -> {bd0a3985-fb0d-3758-a64b-253131d8fe70} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2023-10-16] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Musik\Mp3tag\Mp3tagShell64.dll [2022-05-30] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers3: [MagentaCLOUDContextMenuHandler] -> {C475B1E0-655A-4080-9D13-C3F0905740CF} => C:\Windows\System32\shellext\NCContextMenu.dll [2023-02-17] (Telekom Deutschland GmbH -> Nextcloud GmbH) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [CirrusShellEx] -> {57FA2D12-D22D-490A-805A-5CB48E84F12A} => C:\Program Files\Tools\BeyondCompare4\BCShellEx64.dll [2022-03-15] (Scooter Software Inc -> Scooter Software) ContextMenuHandlers4: [CopernicFolderShellContextMenuExtension] -> {bd0a3985-fb0d-3758-a64b-253131d8fe70} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2023-10-16] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Musik\Mp3tag\Mp3tagShell64.dll [2022-05-30] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncShell64.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [CopernicFolderShellContextMenuExtension] -> {bd0a3985-fb0d-3758-a64b-253131d8fe70} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2023-10-16] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-31] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers6: [CirrusShellEx] -> {57FA2D12-D22D-490A-805A-5CB48E84F12A} => C:\Program Files\Tools\BeyondCompare4\BCShellEx64.dll [2022-03-15] (Scooter Software Inc -> Scooter Software) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\User\Desktop\Ruhezustand SZ-Down.lnk -> D:\ToolsHH\AutoHotkey\Scripte\KonMenu\RuhezustandMitSzDownloadprüfung.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2023-01-16 00:34 - 2023-01-16 00:34 - 001160704 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Copernic\DesktopSearch\CefSharp.BrowserSubprocess.Core.dll 2023-01-16 00:34 - 2023-01-16 00:34 - 001783808 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Copernic\DesktopSearch\CefSharp.Core.Runtime.dll 2022-11-21 16:36 - 2022-08-21 02:44 - 001160192 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll 2023-10-25 20:19 - 2023-10-25 02:15 - 000524800 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@nodert-win10-rs4\windows.data.xml.dom\build\Release\binding.node 2023-10-25 20:19 - 2023-10-25 02:15 - 000678400 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@nodert-win10-rs4\windows.ui.notifications\build\Release\binding.node 2023-10-25 20:19 - 2023-10-25 02:15 - 004708864 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\better-sqlite3\build\Release\better_sqlite3.node 2023-10-25 20:19 - 2023-10-25 02:15 - 004972544 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\libsignal-client\prebuilds\win32-x64\node.napi.node 2023-10-25 20:19 - 2023-10-25 02:15 - 010869760 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\ringrtc\build\win32\libringrtc-x64.node 2023-10-25 20:19 - 2023-10-25 02:15 - 000098304 _____ () [Datei ist nicht signiert] \\?\C:\Users\User\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\windows-dummy-keystroke\build\Release\NativeExtension.node 2023-01-13 10:19 - 2023-01-13 10:19 - 194953728 _____ () [Datei ist nicht signiert] C:\Program Files\Copernic\DesktopSearch\libcef.dll 2023-02-17 15:32 - 2023-02-17 15:32 - 000130560 _____ () [Datei ist nicht signiert] C:\Program Files\MagentaCLOUD\magentacloudsync_vfs_cfapi.dll 2023-02-17 15:32 - 2023-02-17 15:32 - 000031232 _____ () [Datei ist nicht signiert] C:\Program Files\MagentaCLOUD\magentacloudsync_vfs_suffix.dll 2022-11-21 16:37 - 2022-08-19 08:38 - 175591424 _____ () [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll 2022-11-21 16:37 - 2022-08-19 07:11 - 000442880 _____ () [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll 2022-11-21 16:37 - 2022-08-19 07:10 - 006480384 _____ () [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll 2022-11-21 16:37 - 2022-08-19 07:07 - 004077568 _____ () [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll 2022-11-21 16:37 - 2022-08-19 07:10 - 000828928 _____ () [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll 2023-10-17 17:58 - 2023-10-17 17:58 - 000773120 _____ () [Datei ist nicht signiert] C:\Windows\assembly\NativeImages_v4.0.30319_64\LinqBridge\07da31ae08c97a25b82430b8a50afff0\LinqBridge.ni.dll 2022-12-06 18:17 - 2015-09-15 16:07 - 000318464 _____ (CANON INC) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll 2022-12-06 18:17 - 2015-09-01 18:11 - 000194560 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll 2022-12-06 18:17 - 2015-06-17 16:01 - 000008704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_DEU.DLL 2022-12-06 18:17 - 2015-06-17 16:00 - 000104960 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll 2022-12-06 18:17 - 2015-05-26 09:44 - 000141312 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnwidsd.dll 2022-11-28 19:02 - 2021-11-16 12:39 - 000131072 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnalmmod.dll 2022-11-28 19:02 - 2021-11-16 12:37 - 000016384 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\de\cnqtbres.dll 2022-07-07 21:31 - 2009-10-09 07:01 - 000337920 _____ (CANON INC.) [Datei ist nicht signiert] C:\Windows\System32\CNMN6PPM.DLL 2010-03-30 18:32 - 2010-03-30 18:32 - 000073728 _____ (F.J. Wechselberger) [Datei ist nicht signiert] C:\Program Files\Fairphone\MyPhoneExplorer\DLL\ShellMgr.dll 2023-10-17 17:58 - 2023-10-17 17:58 - 001938432 _____ (Greenshot) [Datei ist nicht signiert] C:\Windows\assembly\NativeImages_v4.0.30319_64\GreenshotPlugin\539f6eac1f6bb05e939ab410f34de918\GreenshotPlugin.ni.dll 2022-07-09 13:35 - 2022-07-09 13:35 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Windows\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2\vcomp.dll 2022-07-04 14:37 - 2022-07-04 14:37 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll 2022-07-04 14:37 - 2022-07-04 14:37 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll 2023-06-16 09:55 - 2023-06-16 09:55 - 015921152 _____ (ORPALIS) [Datei ist nicht signiert] C:\Program Files\Copernic\DesktopSearch\GdPicture.NET.14.image.gdimgplug.64.dll 2023-10-17 17:58 - 2023-10-17 17:58 - 000740352 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\b076a29ae3269908f0bbbfc97a84c7ec\log4net.ni.dll 2023-01-13 08:21 - 2023-01-13 08:21 - 001412608 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\Copernic\DesktopSearch\chrome_elf.dll 2022-11-21 16:37 - 2022-08-19 07:16 - 001231872 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Users\User\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll 2022-07-18 14:18 - 2014-12-22 13:54 - 000110207 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Tools\FreeAlarmClock\bass.dll 2022-07-18 14:18 - 2014-11-28 14:54 - 000021772 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Tools\FreeAlarmClock\bassflac.dll 2022-07-18 14:18 - 2014-10-20 14:08 - 000017733 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Tools\FreeAlarmClock\basswma.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData:BDSDRMHK [64] AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64] AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\gs\gs9.56.1\bin;C:\Program Files\gs\gs9.56.1\bin;C:\Program Files\dotnet\ HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) ist aktiviert. Network Binding: ============= Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKU\S-1-5-21-2359011715-3956498778-3170841144-1001\...\StartupApproved\Run: => "OneDrive" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{CD98FCCD-8D10-429B-8ECD-24A1CE761E3A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CC086E83-486E-44C9-A91B-C660AEC514B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{330DBDBF-9357-4D61-88BF-7729CBEB696F}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{7221F3B4-B5F1-490B-BD9E-B44B2563D218}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe => Keine Datei FirewallRules: [UDP Query User{CE421990-379B-430D-964E-E3AAE87A3B04}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe => Keine Datei FirewallRules: [{F015BD45-5BFD-4FC9-A90A-3373B7721AE1}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited) FirewallRules: [{D3F97336-39A6-430D-89EE-A920D153BFAE}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited) FirewallRules: [TCP Query User{2221E2C3-CFD8-43C1-948E-21C1DDC4293C}C:\program files\fairphone\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\fairphone\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger) FirewallRules: [UDP Query User{19F25556-A107-46E2-BDD5-D8DAB36218D5}C:\program files\fairphone\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\fairphone\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger) FirewallRules: [TCP Query User{7D25F8F7-31A6-4859-992F-113C0F1FEDC2}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe => Keine Datei FirewallRules: [UDP Query User{8E223554-68B7-4FAE-9D92-A9B9E420AFCD}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe => Keine Datei FirewallRules: [{77BC55A2-9B6D-48E0-BDE7-C64EAFD0F0E9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{CCF958E6-0404-44DF-A2C4-F1C732BEF6DA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F0B2FAFE-0542-4C8B-B43C-9C421E8BBB38}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{4B1FC9BC-4E49-4EE0-B644-3EC3694821BC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D091F4F9-1048-4285-9E79-05DD41FB8CFD}] => (Allow) C:\Program Files\Fairphone\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger) FirewallRules: [{337A929C-C596-42F2-B716-9E6D54749DC7}] => (Allow) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe (Microsoft Corporation -> Microsoft) FirewallRules: [{8CBF5940-44DF-4B5B-8E17-A2336DF5E29D}] => (Allow) C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe (Canon Inc. -> CANON INC.) FirewallRules: [{9B8F7CFE-2F65-43B3-8359-D9B2954D36DC}] => (Allow) C:\Program Files (x86)\Canon\Wi-Fi Connection Assistant\cnwidadr2.exe (Canon Inc. -> CANON INC.) FirewallRules: [{3F23DD10-3046-4393-9DCC-8909E5E81692}] => (Allow) C:\Program Files (x86)\Canon\Wi-Fi Connection Assistant\cnwiddsu\cnwiddsu2.exe (Canon Inc. -> CANON INC.) FirewallRules: [{2676E89E-7FFA-4C9E-AE3F-7640BCA63004}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4417017F-36D4-4822-9BD9-16C78EE3A7C5}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited) FirewallRules: [{7BC7ABFE-3DC4-4462-8E86-213ACFCFC246}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited) FirewallRules: [{FB65CF3F-484F-4E24-9DC5-8B9747E09D0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{2DD2F7B9-C33B-489C-A484-C0EB0662BC99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{5B154C2A-2B72-428B-B9CB-33A1AD536A59}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{56F0D740-CA37-4A4B-B837-5945DCF06EDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{E19F83DD-6D62-4C3F-8A09-5D6FC1F02F4E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0DBE4A4C-FD49-4DA6-842C-5B180A405832}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{010FC7A7-6E3D-4CBB-BD7A-9CDCE4912959}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{8F0C6DFE-676A-4D94-9DB9-5715C5EEBEE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{F7A1CB0F-8E0E-495B-AD5C-A74EF1E1E33F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3429B54D-2145-4574-84C2-9AE5BBC9EA15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{4878F4F9-BE39-4E4B-8F3B-282329BCEC48}] => (Allow) C:\Program Files\Fairphone\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger) FirewallRules: [{F80D9C6B-40D2-45B4-ACFF-8D053BF7DD7C}] => (Allow) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) FirewallRules: [{4B63070F-46B7-4967-BA93-7BF3F57889AD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{6D7E696C-7E9B-4FDF-B390-D9C3ACA612D1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{7C1510B2-34B2-4BB8-BC29-2DFE7D7AE6F6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{38E4C763-56EC-43C0-B9B6-103CA468916D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{DF4483DF-FB3F-44EB-B608-BF1EF2DD2552}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{45BA7E8A-2A5B-4DB8-BE0D-27DC54361D05}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9EC08F06-7654-470C-8F2B-2B5A98D6ABE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1CF1EBED-BA97-4BA2-87CF-622D06397DA9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Wiederherstellungspunkte ========================= 22-10-2023 20:54:58 Installed Reverso 27-10-2023 12:20:29 Windows Modules Installer 05-11-2023 18:55:12 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/07/2023 12:19:51 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (11/06/2023 11:03:39 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 Error: (11/06/2023 10:00:53 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (11/06/2023 03:25:24 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (11/06/2023 01:30:47 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (11/06/2023 09:44:43 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 Error: (11/06/2023 09:41:45 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (11/05/2023 08:43:22 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Hauf22) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Systemfehler: ============= Error: (11/06/2023 06:26:23 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/06/2023 03:20:16 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/06/2023 10:29:26 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/05/2023 07:34:15 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/05/2023 05:21:55 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/05/2023 04:25:46 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/04/2023 06:07:51 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/03/2023 07:42:57 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Windows Defender: ================ Date: 2023-11-07 12:22:23 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Vigua.A&threatid=232714&enterprise=0 Name: PUA:Win32/Vigua.A Schweregrad: Niedrig Kategorie: Potenziell unerwünschte Software Pfad: file:_D:\Download\zaSetup_92_058_000_de.exe Erkennungsursprung: Lokaler Computer Erkennungstype: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: Prozessname: D:\ToolsHH\WinCmd\TotalCmd.EXE Sicherheitsversion: AV: 1.401.226.0, AS: 1.401.226.0, NIS: 1.401.226.0 Modulversion: AM: 1.1.23100.2009, NIS: 1.1.23100.2009 Date: 2023-11-06 14:49:00 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {0BD430EF-AA52-4C4D-9D45-ED768EE02553} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-11-05 14:53:07 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {33AF3E0A-EF84-4D44-806A-287524663CD8} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-11-04 16:52:23 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {ECEF5F57-6D72-4072-9224-5E900EB710A5} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-11-03 19:02:35 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {31011015-A828-4693-9D09-E70D9706BFF1} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM CodeIntegrity: =============== Date: 2023-11-07 12:45:33 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0797c0ea8580ae89\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends International, LLC. F7 03/25/2022 Hauptplatine: Gigabyte Technology Co., Ltd. B560M DS3H V2 Prozessor: 11th Gen Intel(R) Core(TM) i5-11600K @ 3.90GHz Prozentuale Nutzung des RAM: 53% Installierter physikalischer RAM: 16181.3 MB Verfügbarer physikalischer RAM: 7490.05 MB Summe virtueller Speicher: 18613.3 MB Verfügbarer virtueller Speicher: 7271.14 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:465.13 GB) (Free:354.6 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS Drive d: (Volume) (Fixed) (Total:1562 GB) (Free:818.39 GB) (Model: WDC WD20EZBX-00AYRA0) NTFS Drive e: (Volume) (Fixed) (Total:301 GB) (Free:247.62 GB) (Model: WDC WD20EZBX-00AYRA0) NTFS Drive f: (Volume) (Fixed) (Total:931.51 GB) (Free:368.61 GB) (Model: SAMSUNG HD103SJ) NTFS \\?\Volume{45b75c4d-3f48-4674-b346-3677b392e7b4}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{189c2cda-4921-449e-b996-bc03d80ac4e8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 67F514A4) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= Geändert von cosinus (07.11.2023 um 14:31 Uhr) Grund: code tags |
07.11.2023, 14:30 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows Defender meldet Bedrohung durch Vigua.A und Creprote.AZitat:
adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner bitte wiederholen falls es Funde gab.
__________________ |
07.11.2023, 17:40 | #3 |
| Windows Defender meldet Bedrohung durch Vigua.A und Creprote.A Vielen Dank für die schnelle Antwort. AdwCleaner meldet keine Funde. Windows Defender zeigt immer noch die gleiche Meldung, wie in meinem Beitrag #1. Wenn ich von Euch nichts mehr höre, werde ich die Datei "D:\Download\zaSetup_92_058_000_de.exe" (siehe #2) löschen.
__________________Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2023-07-19.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 11-07-2023 # Duration: 00:00:27 # OS: Windows 10 (Build 19045.3570) # Scanned: 32092 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [1406 octets] - [07/11/2023 17:13:25] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ########## |
09.11.2023, 16:05 | #4 |
/// TB-Ausbilder | Windows Defender meldet Bedrohung durch Vigua.A und Creprote.A Entfernung der verwendeten Tools Führe KpRm gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Dann wären wir durch! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst... Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen. Zum Schluss bitte unbedingt die Sicherheitsmaßnahmen lesen und umsetzen: Hinweis: Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
09.11.2023, 16:05 | #5 |
/// TB-Ausbilder | Windows Defender meldet Bedrohung durch Vigua.A und Creprote.A Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
Themen zu Windows Defender meldet Bedrohung durch Vigua.A und Creprote.A |
antivirus, computer, converter, creprote.a, defender, desktop, firefox, google, home, homepage, internet, internet explorer, mozilla, mp3, port, prozesse, realtek, registry, rundll, scan, software, starten, svchost.exe, system, udp, vigua.a, windows, windows xp |