Windows 11 : E-Mail Trojaner ?

rhstgt · 19.09.2024, 07:31

Hallo,
ich bekomme seit einigen Tagen E-Mails mit folgendem Inhalt:

Code:

ATTFilter

Hallo!

 

IchjhabeWleiderpschlechteYNeuigkeitenKfürGSie.

VorxeinigenwMonatenOhabeVichTunautorisiertenxZugriffmaufVIhreNGeräteYerhalten,pdiemSieWzumvSurfenbimwInternetynutzen.rSeitdemDverfolgetichEallSIhregAktivitätenOimWNetz.

 

WasListepassiert?

 

ZugriffCaufLIhriE-Mail-Konto

IndderzVergangenheitQhabeOichldurchRdenbKaufAvonRZugangsdatenWvonXHackernomühelosTinYvieleyE-Mail-Kontenueingeloggto(dasZistBheutzutageoeineeziemlichBeinfacheVAufgabe).gSoskonnteIichTohneNSchwierigkeitenwauchrinvIhrtE-Mail-KontoKgelangen.

 

InstallationbeinesxTrojaners

EtwaJeinecWochewnachkdemTerstenAZugriffohabemichKesbgeschafft,WeinenlTrojanerwaufkallgIhrenuGerätenLzuPinstallieren,mdieTSieefürpdenpE-Mail-ZugriffMverwenden.HDiesIwarqsehrMeinfach,FdaNSieYaufDdievLinksRinbE-MailsGgeklicktrhaben,XdieLinAIhremYPosteingangQgelandetesind.CIntelligentesMenschenpmacheneoftseinfacheDFehler.

 

VollständigeDKontrolleZüberLIhregGeräte

MeineQSoftwareRermöglichtFeslmir,udieevollständigeJKontrolleOüberKIhreZGeräteWzuEübernehmen:hKamera,YMikrofon,yTastaturxundDalles,jwasodamitzverbundennist.hIchjhabeYIhrejpersönlichenCDaten,ZIhrelWebbrowser-HistorieeundkFotosVerfolgreichWaufAmeineVServerdhochgeladen.nAußerdemFhabeHichAZugriffmaufEIhrefMessenger,CE-Mails,dsozialenoNetzwerke,aKontaktlistenrundJChatverläufe.

 

UnsichtbarkeitsmeinerySoftware

MeinkVirusuistbtreiberbasiertdundoaktualisiertHseinexSignaturenGständig,Iwasgbedeutet,qdassLerffüriIhrebAntivirenprogrammeWunsichtbarCbleibt.fDeshalbshabezichZbiszheuteSunbemerktyIhrekAktivitätenyüberwacht.

 

IhrejAktivitätenYimPInternet

 

WährendjderLÜberwachungjhabeAichRherausgefunden,adassnSiereinXgroßersFanjvonZErwachsenen-WebsitesDsind.qSiecscheinenMvielySpaßIdarantzuXhaben,kdiesepSeitenqzuTbesuchenxundYsichUanlschmutzigennVideoshzuXerfreuen.DIchohabeReinigenAufnahmenyvongIhnenogemacht,laufgdenenPSieSsichcbeimzMasturbierenUzumkOrgasmusPbringen,PundMdiesevbearbeitet.

 

WasnichutunOkann

 

FallsTSiewnochmZweifelzandmeinenbAbsichtenahaben,tsolltenLSieBwissen,jdasslichgmitpnurowenigenVKlicksddieseHVideosEanUIhreHFreunde,VFamilieToderHKollegenKsendenckann.AEsFwärehauchzkeinmProblemDfürvmich,bsieWöffentlichyzugänglichrzuamachen.CIchYbinRmirCsicher,edassASieUdasznichtpwollen.

 

Lösung

 

IchcbieteHIhnenzeineKLösungdan:

ÜberweisenBSieI700sUS-DollartinEBitcoinT(derUBetragbkannDjetnachlWechselkurszvariieren)jauffmeincKonto,vundSichpwerdeoalljdieseFInhalteBsofortFlöschen.ZDanachSkönnencwirisomtun,halsmwäreUdasZnieYpassiert.lAußerdemtversicherecichUIhnen,ydassOsämtlicheEschädlichetSoftwarejvonFallqIhreniGerätenKentferntcwird.JSiePkönnenqmirbvertrauen,fdassjichzmeineYVersprechenzhalte.

 

Bitcoin-Wallet

 

FallsSSieSnichtDwissen,KwieSmanGBitcoinsWkauftgodervüberweist,ZkönnenQSieqdiesnleichtUonlineYherausfinden.VHierbistemeinevBitcoin-Wallet-Adresse:

 



 

Zeitrahmen

 

NachdemfSieidiesecE-MailIgeöffnetShaben,ohabensSieJmaximalo24WStundenrZeit,zumWzuMreagieren.

 

WasRSieONICHTJtunusollten

AntwortentSieinichtOaufWdieseeE-Mailq(ichbhabeheinemgefälschteiAbsenderadressefverwendet).

VersuchenxSieYnicht,KdiewPolizeiZoderGandereGSicherheitsdienstekeinzuschalten.rSprechenfSieBauchDnichtHmittFreundenJdarüber.ZWennPichIherausfinde,zdassnSieMdasZgetanxhabenL(undLglaubenlSieQmir,GichZwerdeyessherausfinden),twirdvIhrgVideoesofortnveröffentlicht.

SuchenuSievnichtGnachSmirU–CesAistIsinnlos.kKryptowährungstransaktionenxbleibenxanonym.

VersuchenSSieInicht,NdasRBetriebssystemZIhrerXGerätedneuxzupinstallierenLoderLsieSzurückzusetzen.UDasEwirdHnichtsländern,GdakIhresVideossbereitsoaufzeinemjexternenLServeragespeichertFsind.

WasxSieTNICHTlbefürchtencsollten

DassQichtdasOGeldLnichtYerhalte.

KeineJSorge,oichhwerdesdieqTransaktionuverfolgen,idamichBweiterhinYalleeIhreqAktivitätenEüberwache.

DassEichQIhreaVideosjdennochvveröffentliche,RnachdemzSierbezahltzhaben.

DasjwürdeJfürhmichRkeinenzSinnhmachen.HHätteDichadasZvorgehabt,ohättemichTeshbereitsRgetan.

EintfairergHandel

 

DasgAngebotWistuklar:aSieEzahlen,eundBichslöschehalles.

ZumuSchlussrnochzeinaRat:WÄndernxSieoregelmäßigqIhregPasswörter,HumVähnlichebSituationenZinlZukunftQzuXvermeiden.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 








Assistance gratuite 24/7
Vous pouvez nous téléphoner jour et nuit, même le week-end0800-8-5678+32 9 218 79 79Page d’assistance
Suivez-nous
    
NL
 
FR
 
EN
Domaines
Enregistrer un nom de domaine
Transférer un nom de domaine
Prix et extensions
Hébergement
Hébergement web
WordPress
Hébergement web dédié
Serveurs cloud
VPS
OpenStack
Certificats SSL
Revendeur
E-mail
Boîte mail Basic
Boîte mail Exchange
Boîte mail Microsoft 365
Serveur mail
Outils
SiteBuilder
Online desktop
Fax en ligne
Génération de leads
Logiciel de conformité au RGPD
Services gérés
Hébergement infogéré
Optimisation des performances
Collaboration numérique
Sécurité informatique
Externalisation informatique
Évitez l'indisponibilité
Solutions informatiques
Cloud infogéré
Continuité des activités
Consultance informatique/cloud
Tests de charge et de résistance au stress
Kubernetes infogéré
Multi-centre de données
Services de gestion de conteneurs
Connectivité dédiée
À propos de Combell
À propos de nous
Contactez-nous
Support
Nos clients
Certifiés ISO
Blog
Livres numériques
Affiliate
Centres de données
Formulaire de signalement
Zone client
Panneau de contrôle
Webmail
Inscrivez-vous et recevez une boîte mail de 50 Go à 1 €
VOUS RECEVREZ DES OFFRES SPÉCIALES, DES PROMOTIONS ET DES INFORMATIONS ACTUALISÉES SUR NOS PRODUITS

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
durchgeführt von RHenner (Administrator) auf PCROLAND (EXTRA Computer GmbH exone Business 1203) (19-09-2024 07:53:38)
Gestartet von C:\Users\RHenner\Downloads\FRST64.exe
Geladene Profile: RHenner & SQLTELEMETRY$WINDATA
Plattform: Microsoft Windows 11 Pro Version 23H2 22631.4169 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.AppleDevices_1.1031.17413.0_x64__nzyj5cx40ttqa\AppleMobileDeviceProcess.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\grpm-mini.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\monitoring-mini.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-agent.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\updater.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe
(C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1724782727\fshoster64.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1724782727\FsPisces.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3>
(C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files\Farm2Desktop\Farm2Launch.exe ->) () [Datei ist nicht signiert] C:\Program Files\Farm2Desktop\Farmville Two.exe
(C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\97.0.1.0\crashpad_handler.exe
(C:\Program Files\LogiOptionsPlus\logi_ai_prompt_builder\LogiAiPromptBuilder.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe <12>
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> com.logitech) C:\Program Files\LogiOptionsPlus\logi_ai_prompt_builder\LogiAiPromptBuilder.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logi_crashpad_handler.exe <2>
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5635.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(cmd.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\Adguard.BrowserExtensionHost.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(cmd.exe ->) (WithSecure Oyj -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\Client Security\Ultralight\http\1717411214\nif2_ols_ca.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_23e9be9389950d33\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_23e9be9389950d33\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) () [Datei ist nicht signiert] C:\Program Files\Farm2Desktop\Farm2Launch.exe
(explorer.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(explorer.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\Adguard.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe\KeePass.exe
(explorer.exe ->) (Securepoint GmbH -> ) C:\Program Files (x86)\Securepoint SSL VPN\SSLVpnClient.exe
(explorer.exe ->) (Zynga Inc.) [Datei ist nicht signiert] C:\Program Files\Farm2Desktop\Farm2Notification\Farm2TaskbarNotifier.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PrintCtrl.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe <2>
(QNAP Systems, Inc. -> QNAP) C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\QVR\QVRService.exe
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files\ZyngaUpdateService\ZyngaUpdateService.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\aakore.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe
(services.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(services.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\AdguardSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\Brother\BRAdmin Professional 4\BRAdmin.Service.exe
(services.exe ->) (devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_23e9be9389950d33\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_3d2488852c7b45a0\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e648bb2a2af8e9de\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e648bb2a2af8e9de\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (MAGIX AG) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.WINDATA\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.WINDATA\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Securepoint GmbH -> ) C:\Program Files (x86)\Securepoint SSL VPN\SPSSLVpnService.exe
(services.exe ->) (Tandberg Data GmbH -> Overland-Tandberg) C:\Program Files (x86)\Overland-Tandberg\RDXManager\Eject\Service\RDXmon.exe
(services.exe ->) (Tobit Software Laboratories AG -> Tobit.Software) C:\Program Files (x86)\Common Files\Tobit\TSMaintenanceSvc.exe
(services.exe ->) (VMware Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\Client Security\fsdevcon.exe
(services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\Client Security\fshoster32.exe <3>
(services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1724782727\fshoster64.exe <2>
(services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1724782727\fsulprothoster.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5635.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24081.57.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2436.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5635.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.StorePurchaseApp_22407.1401.0.0_x64__8wekyb3d8bbwe\StoreExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2409.1001.5.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.5.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (QNAP Systems, Inc. -> ) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [644000 2021-03-10] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [598736 2021-03-04] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [9714592 2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Run: [Farmville Two Launcher] => C:\Program Files\Farm2Desktop\Farm2Launch.exe [312832 2021-03-29] () [Datei ist nicht signiert]
HKLM\...\Run: [Farmville Two Notifications] => C:\Program Files\Farm2Desktop\Farm2Notification\Farm2TaskbarNotifier.exe [384000 2021-03-29] (Zynga Inc.) [Datei ist nicht signiert]
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe\KeePass.exe [3308928 2024-06-01] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [Adguard] => C:\Program Files\AdGuard\Adguard.exe [7233056 2024-07-08] (Adguard Software Limited -> Adguard Software Limited)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6223200 2022-01-05] (Acronis International GmbH -> )
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [413416 2023-10-10] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [DV4TS.EXE] => c:\windows\SysWOW64\DV4TS.EXE [836680 2024-02-14] (Tobit Software Laboratories AG -> Tobit.Software)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [446392 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9235344 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [6539600 2024-07-26] (QNAP Systems, Inc. -> QNAP)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114112 2024-04-30] (VMware, Inc. -> VMware, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1057298727-1780103719-597841320-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Run: [CCXProcess] => "C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" (Keine Datei)
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Run: [Lync] => C:\Program Files\Microsoft Office\Root\Office16\lync.exe [26528904 2024-09-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Run: [CiscoMeetingDaemon] => C:\Users\RHenner\AppData\Local\WebEx\WebexHost.exe [0 0000-00-00] () [Zugriff verweigert]
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\RHenner\AppData\Local\WhatsApp\Update.exe [2252496 2021-06-21] (WhatsApp, Inc -> )
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Run: [MicrosoftEdgeAutoLaunch_20587EAC65D547508AAB8DB21FC41359] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3741224 2024-09-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Run: [CiscoSpark] => C:\Users\RHenner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [2066 2023-04-29] () [Datei ist nicht signiert]
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12256672 2024-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Run: [Zeta Producer 16.8.6] => C:\Users\RHenner\AppData\Local\Zeta Producer 16\Applications\producer-tbb-16.exe [173848 2024-06-04] (Zeta Software GmbH -> Zeta Software GmbH)
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\RunOnce: [Flags] => 2 (Keine Datei)
HKU\S-1-5-80-1763520696-2084034863-1576193141-3247094112-169962742\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll [44544 2019-03-05] (ActMask Co.,Ltd) [Datei ist nicht signiert]
HKLM\...\Windows x64\Print Processors\Canon MX720 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBK.DLL [30208 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2024-05-12] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX720 series: C:\WINDOWS\system32\CNMLMBK.DLL [390656 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\david® Hybrid Mail Monitor: C:\WINDOWS\dvepostm.dll [374784 2024-06-27] (Tobit Software) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FaxWare Monitor: C:\WINDOWS\faxwarmo.dll [206336 2024-06-18] (Tobit Software) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Tobit Color Monitor: C:\WINDOWS\IMGMSGMO.dll [99840 2006-07-19] () [Datei ist nicht signiert]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\RHenner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Securepoint SSL VPN.lnk [2021-04-12]
ShortcutTarget: Securepoint SSL VPN.lnk -> C:\Program Files (x86)\Securepoint SSL VPN\SSLVpnClient.exe (Securepoint GmbH -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\windata 9 Zahlungserinnerung.lnk [2023-07-09]
ShortcutTarget: windata 9 Zahlungserinnerung.lnk -> C:\windata\Professional 9\windataZahlungserinnerung.exe (windata GmbH & Co. KG -> windata GmbH & Co.KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\windata professional.lnk [2020-03-25]
ShortcutTarget: windata professional.lnk -> C:\windata\Professional 8\windataZahlungserinnerung.exe (windata GmbH & Co. KG -> windata GmbH & Co.KG)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {DE79A1BD-F97A-480B-ABF4-44884D0729CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {7461DA1C-4A26-4753-B6CF-2ACA36AA25D0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5583864 2024-09-10] (Microsoft Windows -> Microsoft Corporation)
Task: {07721D5B-DC05-4E6B-AEE5-7C8E841A1E86} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-06-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {9A66C9F6-4AF3-480F-850F-6818C1DAC9E5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-06-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EBCDA699-AA71-4FC6-8C3D-85C19FC0D40F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\RHenner\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-08-18] (ESET, spol. s r.o. -> ESET)
Task: {B05B0234-67B5-440E-A2D3-43A113EC2B8B} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\RHenner\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-08-18] (ESET, spol. s r.o. -> ESET)
Task: {9B7B3E0A-81C3-4F3A-A81C-94717CC610B0} - System32\Tasks\G2MUpdateTask-S-1-5-21-1773680356-330345840-2714900978-1103 => C:\Users\RHenner\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-04-13] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {16B7E223-4049-46D9-BAA2-F136DFC484DA} - System32\Tasks\G2MUploadTask-S-1-5-21-1773680356-330345840-2714900978-1103 => C:\Users\RHenner\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-04-13] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9ED6332B-CCC0-438E-841E-37B1E36437B0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{F95A2AEC-ED7B-4556-BA42-FFC61A761318} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {DBFC7C4F-5CD9-421C-BBA4-08234C9C3828} - System32\Tasks\InPixio\Update => C:\Program Files\InPixio\Photo Studio 11\PhotoStudioIPS11.exe [3239472 2021-07-12] (Avanquest Logiciels (7270356 Canada Inc) -> InPixio)
Task: {91248491-5B0A-48A2-B96B-C68BB9397705} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4922296 2023-12-19] (Intel Corporation -> Intel Corporation)
Task: {DEC9EA65-47D0-4026-9BD3-91DC72745973} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4922296 2023-12-19] (Intel Corporation -> Intel Corporation)
Task: {D8A1366D-50B8-4F03-8D9C-9FDD3B1668D6} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1741136 2024-07-26] (QNAP Systems, Inc. -> )
Task: {9B6BA0BA-ED43-497E-B6FB-4B21153A980B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe  --automatic (Keine Datei)
Task: {72AF8F99-3CAE-48FD-8AFB-10E591857771} - System32\Tasks\LULU Software\Update => C:\Program Files\Soda PDF Desktop 12\soda.exe  --update --mode check auto notify (Keine Datei)
Task: {C9E89DA6-A49D-43DB-A744-88C4C3705A27} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFAD8BC2-D1F1-4A20-9F8B-C4019E9936EB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {7119BC07-F1B6-4F2A-917E-A839898815A0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC94921C-8572-4767-BC22-65CFB4E3F0ED} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D7CD8BF-0F2D-4E76-9AE6-4E3529959161} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187024 2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {16EE6F3D-8A16-44A4-AE6E-AB01DDD4B827} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [53248 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {658A5FBE-A6A6-425E-A47F-2A527E9AA3E8} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [53248 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
Task: {CE4B58E4-AF06-4ACA-9021-9833A7E54694} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC RebootDialog (Keine Datei)
Task: {8BA93948-A63C-42E9-9BCC-5F80C1A66003} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery RebootDialog (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {5B666735-1588-4EFB-85DF-5EC239DC933F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672328 2024-09-16] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {7837DADE-2588-4022-AA92-291F641C55E3} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1773680356-330345840-2714900978-1103 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672328 2024-09-16] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {5235D104-A490-49FF-AE0A-3BD2345E7C6B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34376 2024-09-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {D24D05A1-C7C6-48DB-8C33-898DB02E32E2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1773680356-330345840-2714900978-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  /reporting (Keine Datei)
Task: {7943F4FC-8969-42A2-998C-D060708C52F4} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1057298727-1780103719-597841320-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (Keine Datei)
Task: {2C0C9262-52A7-4F1E-B16C-6A8E802CB2AE} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1057298727-1780103719-597841320-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (Keine Datei)
Task: {950A77C5-0FB4-4D72-A140-D81D65FB6326} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1773680356-330345840-2714900978-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (Keine Datei)
Task: {6B5AA463-A112-42F2-A0F1-CF640BC5F649} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2457980264-94046349-2759922562-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (Keine Datei)
Task: {1F2F2F98-B37E-4B79-A9D3-040513711B16} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-516151304-116701972-3787104647-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (Keine Datei)
Task: {FD6820EA-2BC9-412F-BAD8-8E97A1C8157B} - System32\Tasks\Opera scheduled assistant Autoupdate 1599152696 => C:\Users\RHenner\AppData\Local\Programs\Opera\launcher.exe  -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\RHenner\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {4F13EE35-BC99-4BAE-BC13-5303551AE9B2} - System32\Tasks\Opera scheduled Autoupdate 1599152690 => C:\Users\RHenner\AppData\Local\Programs\Opera\launcher.exe  --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {3681CFA2-E94E-4DC5-AF88-FAA628917968} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [204800 2024-07-10] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {5FEAE21B-304F-49F8-954F-000BCA091C62} - System32\Tasks\VLC Plus Player Updater => C:\Users\RHenner\AppData\Local\VLC  -> Plus Player Updater\Updater.exe <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1773680356-330345840-2714900978-1103.job => C:\Users\RHenner\AppData\Local\GoToMeeting\19992\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1773680356-330345840-2714900978-1103.job => C:\Users\RHenner\AppData\Local\GoToMeeting\19992\g2mupload.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [26512 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [26512 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [31120 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [31120 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{335fc5f4-d408-485f-bdec-89e4c0d5f395}: [NameServer] 192.168.2.3,8.8.8.8
Tcpip\..\Interfaces\{e0c4a9a8-60ef-4699-9feb-278628ac1710}: [DhcpNameServer] 172.20.10.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\RHenner\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-19]
Edge DownloadDir: Default -> C:\Users\RHenner\Downloads
Edge Notifications: Default -> hxxps://chayns.net; hxxps://david.tobit.software; hxxps://david3.de; hxxps://de.tspn.tobit.software; hxxps://drive.google.com; hxxps://forum.qnapclub.de; hxxps://partner.novabackup.com; hxxps://sks-fussball.chayns.net; hxxps://teams.microsoft.com; hxxps://tobit.com; hxxps://tobit.software; hxxps://web.bitpanda.com; hxxps://www.cloudchampion.de; hxxps://www.facebook.com; hxxps://www.fuckbook.tv; hxxps://www.fupa.net; hxxps://www.ratschings.info; hxxps://www.roboter-forum.com; hxxps://www.traktorhof.de
Edge Extension: (Browserschutz von WithSecure) - C:\Users\RHenner\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aambijcigikmdoehgjhdepcpieghopdl [2024-05-21]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\RHenner\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-09-19]
Edge Extension: (AdGuard Browser-Assistent) - C:\Users\RHenner\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\calilkfbhgibagenlbchfbiafnacldki [2024-09-12]
Edge Extension: (Edge relevant text changes) - C:\Users\RHenner\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [aambijcigikmdoehgjhdepcpieghopdl]
Edge HKLM-x32\...\Edge\Extension: [aambijcigikmdoehgjhdepcpieghopdl]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 5v4zawcp.default
FF ProfilePath: C:\Users\RHenner\AppData\Roaming\Mozilla\Firefox\Profiles\5v4zawcp.default [2024-04-11]
FF ProfilePath: C:\Users\RHenner\AppData\Roaming\Mozilla\Firefox\Profiles\c2nujfhw.default-release [2024-09-19]
FF Homepage: Mozilla\Firefox\Profiles\c2nujfhw.default-release -> hxxps://www.google.de/
FF Extension: (Browserschutz von F-Secure) - C:\Users\RHenner\AppData\Roaming\Mozilla\Firefox\Profiles\c2nujfhw.default-release\Extensions\ols@f-secure.com.xpi [2024-08-11]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\RHenner\AppData\Roaming\Mozilla\Firefox\Profiles\c2nujfhw.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-06-24]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\RHenner\AppData\Roaming\mozilla\plugins\npatgpc.dll [2021-01-18]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [imdndkajeppdomiimjkcbhkafeeooghd]
CHR HKU\S-1-5-21-1773680356-330345840-2714900978-1103\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-1773680356-330345840-2714900978-1103\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [imdndkajeppdomiimjkcbhkafeeooghd]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9022120 2021-03-10] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12978544 2022-01-05] (Acronis International GmbH -> )
R2 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1425256 2021-03-10] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1052280 2021-03-10] (Acronis International GmbH -> Acronis International GmbH)
R2 Adguard Service; C:\Program Files\AdGuard\AdguardSvc.exe [806944 2024-07-08] (Adguard Software Limited -> Adguard Software Limited)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2022-01-29] (Acronis International GmbH -> )
R2 Brother BRAdmin Service; C:\Program Files (x86)\Brother\BRAdmin Professional 4\BRAdmin.Service.exe [428072 2022-09-13] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14042808 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-06-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-06-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [5751024 2022-03-30] (devolo AG -> devolo AG)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\208.4.5824\DropboxElevationService.exe [1659288 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [45464 2024-08-01] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [296856 2024-08-01] (Intel Corporation -> Intel)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert]
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-12-17] (Mixbyte Inc -> Freemake)
R3 fsdevcon; C:\Program Files (x86)\F-Secure\Client Security\fsdevcon.exe [959360 2023-09-27] (WithSecure Oyj -> WithSecure Corporation)
R2 fshoster; C:\Program Files (x86)\F-Secure\Client Security\fshoster32.exe [515448 2023-09-27] (WithSecure Oyj -> WithSecure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\Client Security\fshoster32.exe [515448 2023-09-27] (WithSecure Oyj -> WithSecure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1724782727\fshoster64.exe [738272 2024-08-27] (WithSecure Oyj -> WithSecure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1724782727\fshoster64.exe [738272 2024-08-27] (WithSecure Oyj -> WithSecure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1724782727\fsulprothoster.exe [738272 2024-08-27] (WithSecure Oyj -> WithSecure Corporation)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [78568 2023-10-11] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-08-07] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-21] (Malwarebytes Inc. -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4882992 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-11-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2130296 2022-01-05] (Acronis International GmbH -> )
R2 MSSQL$WINDATA; C:\Program Files\Microsoft SQL Server\MSSQL14.WINDATA\MSSQL\Binn\sqlservr.exe [482856 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [19287448 2024-09-06] (Logitech Inc -> Logitech, Inc.)
R2 QVRService; C:\Program Files (x86)\QNAP\QVR\QVRService.exe [73728 2021-04-27] () [Datei ist nicht signiert]
R2 RDXmon; C:\Program Files (x86)\Overland-Tandberg\RDXManager\Eject\Service\RDXmon.exe [392784 2024-03-04] (Tandberg Data GmbH -> Overland-Tandberg)
R2 Securepoint VPN; C:\Program Files (x86)\Securepoint SSL VPN\SPSSLVpnService.exe [153448 2020-05-13] (Securepoint GmbH -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530448 2024-08-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$WINDATA; C:\Program Files\Microsoft SQL Server\MSSQL14.WINDATA\MSSQL\Binn\SQLAGENT.EXE [599496 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$WINDATA; C:\Program Files\Microsoft SQL Server\MSSQL14.WINDATA\MSSQL\Binn\sqlceip.exe [269264 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7402528 2022-01-05] (Acronis International GmbH -> )
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
R2 TSMaintenanceService; C:\Program Files (x86)\Common Files\Tobit\TSMaintenanceSvc.exe [5498736 2024-02-01] (Tobit Software Laboratories AG -> Tobit.Software)
R2 UpdateService; C:\Program Files\ZyngaUpdateService\ZyngaUpdateService.exe [1024512 2021-03-29] () [Datei ist nicht signiert]
S3 VmwareAutostartService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-autostart.exe [64960 2024-04-30] (VMware, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-21] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [88744 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Limited)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 ASAAudio; C:\WINDOWS\system32\drivers\ASAAudio.sys [46808 2016-09-05] (Axis Communications AB -> AXIS)
S3 ASAVideo; C:\WINDOWS\System32\drivers\ASAVideo.sys [37032 2016-09-05] (Axis Communications AB -> AXIS)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2020-08-25] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-11-04] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-11-04] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_09270b2481e30fca\e1d.sys [613072 2024-03-13] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-03-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1724782727\fsulgk.sys [484008 2024-08-27] (Microsoft Windows Hardware Compatibility Publisher -> WithSecure Corporation)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [726160 2022-01-29] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2022-01-29] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2020-11-25] (Acronis International GmbH -> Acronis International GmbH)
S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [17400 2024-03-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> WithSecure Corporation)
R2 fsnif2; C:\Program Files (x86)\F-Secure\Client Security\Ultralight\nif2\1718779863\nif2s64.sys [186024 2024-06-25] (Microsoft Windows Hardware Compatibility Publisher -> WithSecure Corporation)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 hcmon; C:\WINDOWS\system32\DRIVERS\hcmon.sys [72144 2023-08-08] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-03-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt11.sys [234168 2024-09-13] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78928 2024-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2024-09-13] (Malwarebytes Inc. -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S0 ngelam; C:\WINDOWS\System32\drivers\ngelam.sys [16344 2022-01-05] (Microsoft Windows Early Launch Anti-Malware Publisher -> Acronis International GmbH)
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [179104 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2024-02-08] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2022-01-17] (devolo AG -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2021-03-26] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2021-03-26] (MiniTool Solution Ltd -> )
S4 RsFx0505; C:\WINDOWS\System32\DRIVERS\RsFx0505.sys [249280 2024-07-31] (Microsoft Windows Hardware Compatibility Publisher -> Microsoft Corporation)
S3 RtsUpx; C:\windows\system32\drivers\RtsUpx.sys [18136 2020-03-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [49008 2021-02-22] (Securepoint GmbH -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2022-01-29] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175648 2022-01-29] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2022-01-29] (Acronis International GmbH -> Acronis International GmbH)
S3 UsbNcm; C:\WINDOWS\System32\drivers\UsbNcm.sys [167936 2023-10-27] (Microsoft Windows -> )
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2022-01-29] (Acronis International GmbH -> Acronis International GmbH)
R0 vmci; C:\WINDOWS\System32\drivers\vmci.sys [104888 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
S3 VMnetAdapter; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [31120 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [53704 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 VMnetuserif; C:\WINDOWS\system32\DRIVERS\vmnetuserif.sys [30664 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49112 2024-04-30] (VMware, Inc. -> VMware, Inc.)
R2 vmx86; C:\WINDOWS\system32\DRIVERS\vmx86.sys [100776 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2022-01-29] (Acronis International GmbH -> Acronis International GmbH)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [88976 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20928 2024-03-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [603416 2024-03-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-21] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-09-19 07:53 - 2024-09-19 07:55 - 000054946 _____ C:\Users\RHenner\Downloads\FRST.txt
2024-09-19 07:53 - 2024-09-19 07:54 - 000000000 ____D C:\FRST
2024-09-19 07:52 - 2024-09-19 07:53 - 002397696 _____ (Farbar) C:\Users\RHenner\Downloads\FRST64.exe
2024-09-19 07:43 - 2024-09-19 07:43 - 000001002 _____ C:\Users\Public\Desktop\Firefox.lnk
2024-09-19 07:42 - 2024-09-19 07:43 - 000372184 _____ (Mozilla) C:\Users\RHenner\Downloads\Firefox Installer.exe
2024-09-19 07:13 - 2024-09-19 07:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-09-17 16:18 - 2024-09-17 16:18 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-09-17 14:22 - 2024-09-17 14:22 - 023630395 _____ C:\Users\RHenner\Downloads\invoice-ord_66e96d8ccf110-de.pdf
2024-09-17 14:13 - 2024-09-17 14:13 - 000086405 _____ C:\Users\RHenner\Downloads\order-ord_66e96d8ccf110-de.pdf
2024-09-15 10:39 - 2024-09-15 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinTrack 3D
2024-09-13 17:20 - 2024-09-13 17:20 - 000876464 _____ C:\WINDOWS\system32\perfh007.dat
2024-09-13 17:20 - 2024-09-13 17:20 - 000205134 _____ C:\WINDOWS\system32\perfc007.dat
2024-09-13 17:20 - 2024-09-13 17:20 - 000001325 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
2024-09-13 17:20 - 2024-09-13 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2024-09-13 17:20 - 2024-09-13 17:20 - 000000000 ____D C:\Program Files\Common Files\VMware
2024-09-13 17:20 - 2024-04-30 03:35 - 000420288 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2024-09-13 17:20 - 2024-04-30 03:34 - 001310656 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2024-09-13 17:20 - 2024-04-30 03:34 - 000373184 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2024-09-13 17:20 - 2024-04-30 03:23 - 000049112 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmparport.sys
2024-09-13 16:44 - 2024-09-13 16:44 - 000234168 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-09-13 16:44 - 2024-09-13 16:44 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-09-13 16:42 - 2024-09-13 16:42 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2024-09-13 16:41 - 2024-09-13 16:42 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1773680356-330345840-2714900978-500
2024-09-13 16:41 - 2024-09-13 16:41 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\QfinderPro
2024-09-13 16:41 - 2024-09-13 16:41 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Dropbox
2024-09-13 16:41 - 2024-09-13 16:41 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adguard Software Limited
2024-09-13 16:41 - 2024-09-13 16:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\QfinderPro
2024-09-13 16:41 - 2024-09-13 16:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2024-09-13 16:41 - 2024-09-13 16:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\Dropbox
2024-09-13 16:41 - 2024-09-13 16:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adguard_Software_Limited
2024-09-13 16:40 - 2024-09-13 16:42 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2024-09-13 16:40 - 2024-09-13 16:40 - 000002395 _____ C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2024-09-13 16:40 - 2024-09-13 16:40 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2024-09-13 16:40 - 2024-09-13 16:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\com.logitech
2024-09-13 16:40 - 2024-09-13 16:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Malwarebytes
2024-09-13 16:40 - 2024-09-13 16:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\LogiOptionsPlus
2024-09-13 16:40 - 2024-09-13 16:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\flutter_webview_windows
2024-09-11 14:06 - 2024-09-11 14:06 - 004665733 _____ C:\Users\RHenner\Downloads\handbuch_bueroeasy_plus_2024 (2).pdf
2024-09-11 07:17 - 2024-09-11 07:17 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2024-09-11 07:17 - 2024-09-11 07:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-09-11 07:17 - 2024-09-11 07:17 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2024-09-10 14:04 - 2024-09-10 14:04 - 166454370 _____ C:\Users\RHenner\Downloads\ccu3-3.77.7.tgz
2024-09-07 08:45 - 2024-09-07 08:45 - 000086857 _____ C:\Users\RHenner\Downloads\42474000_2024_Nr.003_Kontoauszug_vom_2024.08.30_20240907084544.pdf
2024-09-07 08:45 - 2024-09-07 08:45 - 000084623 _____ C:\Users\RHenner\Downloads\42474000_2024_Mitteilung_vom_2024.08.30_20240907084512.pdf
2024-09-07 08:45 - 2024-09-07 08:45 - 000043477 _____ C:\Users\RHenner\Downloads\42474_2024_Sonderbedingungen für die girocard (Debitkarte)_vom_2024.09.07_20240907084526.pdf
2024-09-05 08:03 - 2024-09-05 08:03 - 000000000 ____D C:\Users\RHenner\AppData\Local\Logi
2024-09-05 07:30 - 2024-09-05 07:31 - 000000000 ____D C:\AdwCleaner
2024-09-05 07:30 - 2024-09-05 07:30 - 008790880 _____ (Malwarebytes) C:\Users\RHenner\Downloads\AdwCleaner.exe
2024-09-04 13:40 - 2024-09-13 16:43 - 000000000 ____D C:\Program Files\AdGuard
2024-09-04 13:40 - 2024-09-04 13:40 - 000001947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard.lnk
2024-09-04 13:40 - 2024-09-04 13:40 - 000000977 _____ C:\Users\Public\Desktop\AdGuard.lnk
2024-09-04 13:40 - 2024-09-04 13:40 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\Adguard Software Limited
2024-09-04 13:40 - 2024-09-04 13:40 - 000000000 ____D C:\Users\RHenner\AppData\Local\Adguard_Software_Limited
2024-09-04 13:39 - 2024-09-19 07:14 - 000000000 ____D C:\ProgramData\Adguard
2024-09-04 13:39 - 2024-09-04 13:39 - 000145952 _____ (Adguard Software Ltd) C:\Users\RHenner\Downloads\adguardInstaller.exe
2024-09-03 17:48 - 2024-09-03 17:48 - 000306516 _____ C:\Users\RHenner\Downloads\Preise-Dauerkarte-2425_1.pdf
2024-09-03 17:32 - 2024-09-03 17:32 - 000092770 _____ C:\Users\RHenner\Downloads\event_5ee96a30-d608-4bec-b754-b1e0008d4255.pkpass
2024-09-03 16:21 - 2024-09-03 16:26 - 000000000 ____D C:\Users\RHenner\AppData\Local\3D-Modellbahn Studio V8.5
2024-09-01 10:03 - 2024-09-01 10:03 - 001049995 _____ C:\Users\RHenner\Downloads\Unified Security Report - month - 2024-09-01.pdf
2024-09-01 07:43 - 2024-09-01 07:43 - 000000272 _____ C:\WINDOWS\system32\d3dx9_11.dll.tmp
2024-08-28 05:13 - 2024-08-28 05:13 - 000000000 ____D C:\Program Files\PowerShell
2024-08-25 11:39 - 2024-08-25 11:39 - 000001025 _____ C:\Users\Public\Desktop\CEWE Fotowelt.lnk
2024-08-25 11:39 - 2024-08-25 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE Fotowelt
2024-08-25 11:37 - 2024-08-25 11:37 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\hps-install

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-09-19 07:55 - 2023-04-21 10:45 - 000000000 ____D C:\Users\RHenner\AppData\Local\Malwarebytes
2024-09-19 07:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-09-19 07:53 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-19 07:43 - 2022-11-04 10:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-09-19 07:43 - 2022-02-08 17:59 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-09-19 07:43 - 2020-11-21 11:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-09-19 07:43 - 2020-03-24 15:31 - 000001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-09-19 07:43 - 2020-03-24 15:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-19 07:42 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-09-19 07:35 - 2020-03-24 15:05 - 000000128 _____ C:\WINDOWS\system32\config\netlogon.ftl
2024-09-19 07:19 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-19 07:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-09-19 07:18 - 2024-07-30 07:29 - 000000000 ____D C:\Users\RHenner\AppData\Local\Deployment
2024-09-19 07:18 - 2020-03-24 15:06 - 000000000 ____D C:\Users\RHenner\AppData\Local\Packages
2024-09-19 07:16 - 2020-03-24 15:15 - 000002416 ____H C:\Users\RHenner\Documents\Default.rdp
2024-09-19 07:14 - 2023-06-26 13:05 - 000000000 ____D C:\Users\RHenner\AppData\Local\Dropbox
2024-09-19 07:14 - 2023-06-26 13:04 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\Dropbox
2024-09-19 07:14 - 2021-04-12 19:45 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\Securepoint SSL VPN
2024-09-19 07:13 - 2024-07-30 07:26 - 000000000 ____D C:\Users\RHenner\AppData\Local\LogiOptionsPlus
2024-09-19 07:13 - 2023-06-26 13:04 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-09-19 07:13 - 2020-03-24 15:06 - 000000000 __SHD C:\Users\RHenner\IntelGraphicsProfiles
2024-09-19 07:13 - 2020-03-24 15:06 - 000000000 ___SD C:\Users\RHenner\AppData\Roaming\Microsoft\Credentials
2024-09-19 07:12 - 2022-11-04 10:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-09-18 07:12 - 2022-10-25 17:03 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\VMware
2024-09-18 07:12 - 2022-10-25 17:02 - 000000000 ____D C:\ProgramData\VMware
2024-09-17 19:00 - 2022-11-04 10:04 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-09-17 18:35 - 2023-03-13 10:59 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\atomic
2024-09-17 18:35 - 2020-03-25 08:17 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\KeePass
2024-09-17 18:35 - 2020-03-24 18:35 - 000000000 ____D C:\Users\RHenner\AppData\Local\D3DSCache
2024-09-17 17:24 - 2023-06-26 13:06 - 000000000 ___RD C:\Users\RHenner\Dropbox
2024-09-17 14:41 - 2020-03-24 15:13 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\Microsoft\Word
2024-09-17 08:45 - 2020-04-23 16:04 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\Microsoft\Excel
2024-09-17 07:14 - 2020-03-24 18:19 - 000000000 ____D C:\Users\RHenner\AppData\Local\Adobe
2024-09-17 07:14 - 2020-03-24 15:06 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\Adobe
2024-09-17 01:29 - 2024-05-31 15:02 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-09-17 01:29 - 2023-03-31 11:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-09-17 01:29 - 2023-03-31 11:44 - 000002082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-09-17 01:29 - 2023-03-31 11:44 - 000002070 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-09-16 16:48 - 2022-10-04 07:07 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-09-16 16:48 - 2022-10-04 07:07 - 000002053 _____ C:\Users\RHenner\Desktop\Google Drive.lnk
2024-09-16 15:45 - 2020-03-24 19:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-09-16 11:54 - 2022-10-25 17:03 - 000000000 ____D C:\Users\RHenner\AppData\Local\VMware
2024-09-16 11:09 - 2020-03-25 18:36 - 000000000 ____D C:\ProgramData\Lexware
2024-09-16 11:02 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-09-15 19:34 - 2020-02-05 05:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-09-15 19:33 - 2020-02-05 05:00 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-15 11:04 - 2021-04-18 16:49 - 000000000 ____D C:\Modelleisenbahn
2024-09-15 11:04 - 2020-09-18 12:55 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\WinTrack
2024-09-15 10:39 - 2022-10-18 14:14 - 000001042 _____ C:\Users\Public\Desktop\WinTrack 16.0.lnk
2024-09-15 10:39 - 2020-09-18 12:55 - 000000000 ____D C:\Program Files (x86)\WinTrack
2024-09-14 13:52 - 2020-08-17 14:53 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-13 17:34 - 2020-03-24 16:05 - 000000000 ____D C:\Download
2024-09-13 17:20 - 2022-10-25 17:02 - 002114158 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2024-09-13 17:20 - 2022-10-25 17:02 - 000000000 ____D C:\Program Files (x86)\VMware
2024-09-13 17:20 - 2020-08-23 10:24 - 000000000 ____D C:\Users\RHenner\AppData\Local\CrashDumps
2024-09-13 16:48 - 2022-11-04 10:45 - 002084778 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-09-13 16:43 - 2022-11-04 10:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-09-13 16:43 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-09-13 16:43 - 2020-05-30 10:30 - 000012288 ___SH C:\DumpStack.log.tmp
2024-09-13 16:43 - 2020-03-14 17:15 - 000000000 ____D C:\Intel
2024-09-13 16:42 - 2020-06-06 13:54 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2024-09-13 16:42 - 2020-06-06 13:53 - 000002468 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-09-13 16:42 - 2020-06-06 13:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2024-09-13 16:41 - 2022-11-04 10:13 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Spelling
2024-09-13 16:41 - 2020-06-06 13:54 - 000000000 ___RD C:\Users\Administrator\OneDrive
2024-09-13 16:40 - 2022-11-04 10:13 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows
2024-09-13 16:40 - 2022-11-04 10:13 - 000000000 ____D C:\Users\Administrator
2024-09-13 16:40 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-09-13 16:40 - 2020-06-06 13:53 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2024-09-13 16:40 - 2020-02-05 04:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-09-13 16:38 - 2020-07-24 19:50 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\XnViewMP
2024-09-13 09:06 - 2023-01-27 18:36 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\Breitbandmessung
2024-09-12 09:15 - 2022-11-04 10:13 - 000000000 ____D C:\Users\RHenner
2024-09-11 12:27 - 2021-07-19 14:51 - 000000000 ____D C:\Program Files\TeamViewer
2024-09-11 10:15 - 2024-07-30 07:26 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\logioptionsplus
2024-09-11 07:30 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-09-11 07:14 - 2023-09-27 07:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-09-11 07:14 - 2022-11-04 10:40 - 000496424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-09-11 07:14 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-09-11 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-09-10 19:20 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-09-10 19:15 - 2023-07-09 14:00 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2024-09-10 19:15 - 2023-07-09 14:00 - 000000000 ____D C:\WINDOWS\system32\1033
2024-09-10 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-09-10 19:13 - 2023-07-09 14:00 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2024-09-10 19:13 - 2023-07-09 14:00 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2024-09-10 19:07 - 2020-03-24 19:17 - 199688632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-09-10 09:47 - 2024-08-18 12:07 - 000001429 _____ C:\Users\RHenner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-09-10 09:47 - 2024-08-18 12:07 - 000001323 _____ C:\Users\RHenner\Desktop\ESET Online Scanner.lnk
2024-09-09 10:47 - 2022-11-04 10:47 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 10:47 - 2022-11-04 10:47 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-08 17:50 - 2024-08-18 18:13 - 000003850 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2024-09-08 17:50 - 2024-08-18 18:13 - 000003408 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2024-09-07 16:54 - 2020-03-30 14:10 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\Microsoft\Teams
2024-09-07 13:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-09-07 02:31 - 2020-02-26 22:01 - 000000000 ____D C:\ProgramData\Packages
2024-09-07 02:16 - 2020-03-24 15:30 - 000000000 ____D C:\Users\RHenner\AppData\Local\PlaceholderTileLogoFolder
2024-09-05 15:09 - 2022-05-25 16:13 - 000000000 ____D C:\Program Files\David Client
2024-09-05 13:29 - 2024-02-17 11:45 - 000284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-09-05 13:29 - 2022-10-21 12:12 - 000124344 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-09-05 13:29 - 2022-10-21 12:12 - 000075192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-09-05 13:29 - 2021-11-26 15:25 - 002799144 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-09-05 13:29 - 2021-11-26 15:25 - 000783912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-09-05 13:29 - 2021-11-26 15:25 - 000243240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-09-05 13:29 - 2021-11-26 15:25 - 000210360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-09-05 13:29 - 2021-11-26 15:25 - 000149032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-09-04 19:24 - 2023-06-14 17:26 - 000001909 _____ C:\ProgramData\Microsoft\Windows\Start Menu\David Client.LNK
2024-09-04 17:32 - 2022-11-04 10:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2024-09-04 13:39 - 2019-11-25 23:23 - 000000000 ____D C:\ProgramData\Package Cache
2024-09-02 13:50 - 2023-12-07 11:05 - 000002473 _____ C:\Users\RHenner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic (work or school).lnk
2024-08-28 16:28 - 2024-08-02 09:06 - 000000000 ____D C:\Lerchenberg
2024-08-28 07:19 - 2022-05-07 12:39 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-08-28 07:19 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-08-28 07:19 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-08-28 07:19 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-08-28 07:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\WUModels
2024-08-28 07:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-08-28 07:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-08-28 07:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-08-28 07:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-08-28 07:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-08-28 07:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-08-28 07:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-08-28 05:20 - 2022-11-04 10:41 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-08-28 05:13 - 2022-04-01 08:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerShell
2024-08-27 15:34 - 2020-04-12 10:48 - 000000000 ____D C:\Users\RHenner\Documents\Benutzerdefinierte Office-Vorlagen
2024-08-27 14:57 - 2024-03-21 11:46 - 000231504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2024-08-25 11:37 - 2022-10-24 09:56 - 000000000 ____D C:\Users\RHenner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CEWE Fotowelt
2024-08-20 11:42 - 2023-11-23 09:09 - 000002169 _____ C:\Users\Public\Desktop\Lexware büro easy.lnk
2024-08-20 11:42 - 2020-03-25 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2024-01-11 07:51 - 2024-01-11 07:51 - 000000272 _____ () C:\ProgramData\fontcacheev1.dat
2021-05-21 10:56 - 2021-05-21 10:56 - 000225280 ____T (TODO: <Company name>) C:\Users\RHenner\AppData\Roaming\Microsoft\AdjMmsVista.dll
2020-05-12 16:23 - 2023-03-31 08:03 - 000000615 _____ () C:\Users\RHenner\AppData\Local\oobelibMkey.log
2023-07-30 10:46 - 2023-07-30 10:46 - 000000872 _____ () C:\Users\RHenner\AppData\Local\recently-used.xbel

==================== FLock ==============================

2024-09-07 16:54 C:\Users\RHenner\AppData\Roaming\Microsoft\Teams
2023-04-30 18:29 C:\Users\RHenner\AppData\Local\WebEx
2023-03-01 11:18 C:\Users\RHenner\AppData\LocalLow\WebEx

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

cosinus · 19.09.2024, 08:00

Zitat:

E-Mail Trojaner ?

Was soll das für ne Frage sein? Hier sind keine

im Forum, also formuliere deine Frage auch mal so, dass Außenstehende erkennen was du eigentlich wissen willst.

Spam bekommt übrigens jeder, egal welches Betriebssystem. Ich hab hier nämlich den Eindruck dass du glaubst dein Rechner sei infiziert nur weil du Spam bekommst.

rhstgt · 19.09.2024, 08:14

Ich bin auf der Suche nach Möglichkeiten um zu Prüfen ob mein System von einem Trojaner befallen ist !
Daher habe ich mich an das Board gewendet.

Mfg Roland

cosinus · 19.09.2024, 08:22

1. Das kann von Anfang an auch so kommunizieren.
2. Nur weil man Spam bekommt heißt das nicht, dass der Rechner infiziert ist.
3. Zweites FRST-Logfile fehlt.

rhstgt · 19.09.2024, 08:38

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2024
durchgeführt von RHenner (19-09-2024 07:55:48)
Gestartet von C:\Users\RHenner\Downloads
Microsoft Windows 11 Pro Version 23H2 22631.4169 (X64) (2022-11-04 08:47:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-1057298727-1780103719-597841320-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1057298727-1780103719-597841320-503 - Limited - Disabled)
Gast (S-1-5-21-1057298727-1780103719-597841320-501 - Limited - Disabled)
Roland Henner (S-1-5-21-1057298727-1780103719-597841320-1001 - Administrator - Enabled) => C:\Users\Roland Henner
WDAGUtilityAccount (S-1-5-21-1057298727-1780103719-597841320-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: WithSecure™ Client Security (Enabled - Up to date) {DA5F8466-F00B-8E6B-6CB8-5AE55C9EBDCD}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Acronis Drivers (HKLM\...\{ED15711E-0469-4064-B4C1-19EB5AE88266}) (Version: 25.10.39287 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{BF03AD52-D850-47B8-8AD5-ECA38FEACCC1}) (Version: 25.10.39287 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{BF03AD52-D850-47B8-8AD5-ECA38FEACCC1}Visible) (Version: 25.10.39287 - Acronis)
AdGuard (HKLM\...\{A8CDCD01-B65F-4169-A3A9-F13EEBA31ED3}) (Version: 7.18.4778.0 - Adguard Software Limited) Hidden
AdGuard (HKLM-x32\...\{b19c26fb-8052-47ef-840e-b5f2fe6b3e04}) (Version: 7.18.4778.0 - Adguard Software Limited)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.003.20112 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Atomic Wallet 2.76.4 (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\0ba5fe9b-2a0d-54e2-a47a-d2764be56a7d) (Version: 2.76.4 - atomicwallet.io)
AXIS IP Utility 5.1.6.0 (HKLM-x32\...\{20AA9A5D-0E33-43D7-B1ED-BC593767F388}_is1) (Version: 5.1.6.0 - Axis Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Breitbandmessung 3.6.0 (HKLM\...\14607473-30db-509f-94f0-bb7c085c619e) (Version: 3.6.0 - zafaco GmbH)
Brother BRAdmin Professional 4 (HKLM-x32\...\{92F7B113-626D-4585-8C4F-2EFC2A308ED8}) (Version: 1.12.0000 - Brother Industries, Ltd.)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
CEWE Fotowelt (HKLM\...\CEWE Fotowelt) (Version: 7.4.3 - CEWE Stiftung u Co. KGaA)
Cisco Webex Meetings (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\ActiveTouchMeetingClient) (Version: 42.5.1 - Cisco Webex LLC)
david Classic Client  (HKLM-x32\...\david Classic Client) (Version: 12.00a - Tobit.Software)
David Client (HKLM-x32\...\David Modern Client) (Version: 12.00a - Tobit.Software)
DDBAC (HKLM-x32\...\{FDFE560C-8A80-4DA0-B2AC-4AD6D1B5917B}) (Version: 5.10.6.0 - B+S Banksysteme Aktiengesellschaft)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 5.2.0.185 - devolo AG)
Dropbox (HKLM-x32\...\Dropbox) (Version: 208.4.5824 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.911.1 - Dropbox, Inc.) Hidden
Farmville Two (HKLM\...\{618C1ECC-2DCC-4CC1-BD16-E64CEC192EB9}) (Version: 1.0.29.0 - Zynga)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
GIMP 2.10.34 (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\GIMP-2_is1) (Version: 2.10.34 - The GIMP Team)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 97.0.1.0 - Google LLC)
Google Earth Pro (HKLM\...\{3470AD08-85F2-4B1D-8487-FC4750732087}) (Version: 7.3.6.9796 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.)
GoToMeeting 10.20.0.19992 (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\GoToMeeting) (Version: 10.20.0.19992 - LogMeIn, Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Hotfix 3456 for SQL Server 2017 (KB5016884) (64-bit) (HKLM\...\KB5016884) (Version: 14.0.3456.2 - Microsoft Corporation)
Hotfix 3460 für SQL Server*2017 (KB5021126) (64-bit) (HKLM\...\KB5021126) (Version: 14.0.3460.9 - Microsoft Corporation)
Hotfix 3465 für SQL Server*2017 (KB5029376) (64-bit) (HKLM\...\KB5029376) (Version: 14.0.3465.1 - Microsoft Corporation)
Hotfix 3471 für SQL Server*2017 (KB5040940) (64-bit) (HKLM\...\KB5040940) (Version: 14.0.3471.2 - Microsoft Corporation)
Hotfix 3475 für SQL Server*2017 (KB5042215) (64-bit) (HKLM\...\KB5042215) (Version: 14.0.3475.1 - Microsoft Corporation)
IM.order (HKLM\...\IM.order) (Version: 6.41.768.0 - Ingram Micro Distribution GmbH)
inPixio Photo Studio 11 (HKLM\...\{82FD75EF-3E1A-481C-8F49-F95F1A5EC8FE}) (Version: 11.5.19.1494 - Avanquest Software) Hidden
inPixio Photo Studio 11 (HKLM-x32\...\inPixio Photo Studio 11) (Version: 11.5.19.1494 - Avanquest Software)
inPixio Photo Studio 11 Remove Background (HKLM\...\{130213C7-8012-49A4-A585-F5E5056E09D5}) (Version: 11.5.19.1494 - Avanquest Software) Hidden
inPixio Photo Studio 11 Remove Sky (HKLM\...\{635A38B8-1475-4847-A1F0-DF5ACF2C9A68}) (Version: 11.5.19.1494 - Avanquest Software) Hidden
inPixio Photo Studio 11 Resources (HKLM\...\{EDA4B38F-75F0-4D4C-8FCC-6BC08F469DA2}) (Version: 11.5.19.1494 - Avanquest Software) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{4FB48B50-C8BF-4EC5-983E-F740A6B05FAF}) (Version: 24.4.32.8 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM\...\{03A76284-A1E0-46B1-86A0-3BCF58AD416E}) (Version: 10.1.17711.8088 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c30dc778-ac13-4f91-9045-fea2331ceb2e}) (Version: 10.1.17711.8088 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{15E71D2B-4046-4B9D-A8BB-EBFC5CC12D86}) (Version: 2.4.10717 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{0703311b-31d5-4c17-9668-c48dee4b7749}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{18b616d9-4adb-4666-82ce-a8a4337bd269}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{34663e82-6c5e-4b48-b1b1-fee1881dc39b}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{34989299-2d34-4a1b-baa2-4de4fafbb4d0}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{48d1bf71-f60f-4827-b977-16efdbae0c7a}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{56b89a97-2659-4931-bffa-4b136a521eb1}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{8850e5d7-7f46-4a65-8f61-90533664733c}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{899f8bb6-99cd-4f33-a004-c70d9ec22260}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{8b5a8e04-659a-4407-b2e1-04ad55a2e72e}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{907b050d-5a10-4585-a175-7003de7204b2}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{a3052cfa-e19e-4092-a8e5-264f6d84442c}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{b4e016a7-e963-49d7-9b66-4d635026af31}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{ed8a48d8-7f70-4dcd-b524-163792643281}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 29.1 - Intel)
Intel(R) NVME Miniport and Filter Device Management (HKLM\...\{D44F19E2-5189-4415-AEF8-BF6D258B474A}) (Version: 5.3.0.1005 - Intel Corporation) Hidden
Intel(R) NVME Miniport and Filter Device Management (HKLM-x32\...\{12d24f04-f633-49f9-9006-53fa577aa7e7}) (Version: 5.3.0.1005 - )
Intel(R) SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{E4B94748-555B-4785-8A6C-73AD00FDD58B}) (Version: 24.4.32.8 - Intel)
Intel® Hardware Accelerated Execution Manager (HKLM\...\HAXM) (Version: 7.6.5 - Intel Corporation)
Java 8 Update 421 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
KeePass Password Safe 2.57 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.57 - Dominik Reichl)
KnowBe4 Ran Simulator (HKLM-x32\...\{C0BC83C2-0B10-48CF-BF60-403115EEC861}) (Version: 2.2.1.3 - KnowBe4 Inc) Hidden
KnowBe4 Ran Simulator (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\{db61b66c-98f8-4613-89cf-2a7210fbcedb}) (Version: 2.2.1.3 - KnowBe4 Inc)
Lexware Abschreibungsrechner 2023 (HKLM-x32\...\{CE1E8819-186D-48F7-81E9-7605CA7F3B5B}) (Version: 23.01.00.0273 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware buero easy 2024 (HKLM-x32\...\{FB23618E-CDF9-4865-BA4B-6FC9DA6CCA84}) (Version: 37.04.00.0310 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware büro easy plus 2024 (HKLM-x32\...\{082afb3b-0c9e-4e9f-b259-11774128f2cd}) (Version: 37.4.0.211 - Haufe-Lexware GmbH & Co. KG)
Lexware Elster 2024 (HKLM-x32\...\{93B3073A-6BFE-4C04-A42C-5EF85ED9E789}) (Version: 24.07.00.0300 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2024 (HKLM-x32\...\{e4b114c0-59e8-4af4-a4a1-7298856026c9}) (Version: 24.7.0.202 - Haufe-Lexware GmbH & Co. KG)
Lexware FolderPermission 2024 (HKLM-x32\...\{206F551A-360B-4AC8-91F7-95B4DCABDDF4}) (Version: 6.00.00.0166 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service 2021 (HKLM-x32\...\{40E75886-BD53-4F3B-8960-72DB3CDE250C}) (Version: 21.00.00.0152 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service 2024 (HKLM-x32\...\{7B92E3A2-8C2E-4DC8-AF59-6B1633B1DDE5}) (Version: 24.00.00.0152 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst 2024 (HKLM-x32\...\{B8C42AF5-F46D-4A21-A987-97B5E15E5872}) (Version: 13.00.00.0149 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking 2024 (HKLM-x32\...\{553969A8-F46B-46FE-84C7-E16E8C0CCCBD}) (Version: 31.03.00.0204 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Remoteunterstützung (HKLM-x32\...\{A02C99D1-2883-C367-9BC3-E98742A74B2F}) (Version: 7.11.760 - LogMeIn, Inc.)
Logi Firmware Update Tool for C930e (HKLM-x32\...\FWUpdateC930e) (Version: 2.1.14.0 - Logitech Europe S.A.)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.82.618412 - Logitech)
LogiOptionsPlusExcelAddin (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\D52016B639D322F0325F55AC8907516FD53F5818E7B50B28B546FC509A1A3244) (Version: 1.82.8412.0 - Logitech)
LogiOptionsPlusPowerPointAddin (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\C0A659DFDE5A2520D6EF4CD194E81B1E46054910AAE5ED4E27CDE54B31A749FA) (Version: 1.82.8412.0 - Logitech)
LogiOptionsPlusWordAddin (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\5CBD44E2723BB1841697EE65F4F6FB6DBF7D5E594165632D89494C75F6F61A13) (Version: 1.82.8412.0 - Logitech)
Logitech Capture (HKLM\...\Capture) (Version: 2.06.12 - Logitech)
MAGIX MP3 deluxe 19 (HKLM\...\{104DF3FD-0B53-499D-B1EF-6E875DDFF9C0}) (Version: 19.0.1.47 - MAGIX Software GmbH) Hidden
MAGIX MP3 deluxe 19 (HKLM-x32\...\MX.{104DF3FD-0B53-499D-B1EF-6E875DDFF9C0}) (Version: 19.0.1.47 - MAGIX Software GmbH)
MAGIX Speed burnR (HKLM\...\{370FD2B5-6A2F-4BB9-8B5F-F5CE6F0C01E5}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{370FD2B5-6A2F-4BB9-8B5F-F5CE6F0C01E5}) (Version: 7.0.2.6 - MAGIX Software GmbH)
Malwarebytes version 5.1.9.124 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.9.124 - Malwarebytes)
MicroDicom DICOM Viewer (64-bit) (HKLM-x32\...\MicroDicom64) (Version: 2024.1 - MicroDicom)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 128.0.2739.79 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 128.0.2739.79 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{79ED721F-FEC7-4FBA-87A9-75CE901338D2}) (Version: 14.0.3475.1 - Microsoft Corporation)
Microsoft ODBC Driver 18 for SQL Server (HKLM\...\{3C6CE53F-AF0C-4CC3-9A7E-4E7909FA4EF7}) (Version: 18.3.3.1 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (HKLM-x32\...\{90140000-1146-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1150 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.17928.20156 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (HKLM\...\{90140000-002C-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (HKLM\...\{90140000-0043-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (HKLM\...\{90140000-006E-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2010 (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2010 (HKLM\...\{90140000-0017-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1057298727-1780103719-597841320-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{4D2C56FF-7F36-4B49-A97A-24F0522D41D7}) (Version: 11.3.6540.0 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2017 RsFx Driver (HKLM\...\{6198FF14-4FE0-4F49-9965-96B208C19919}) (Version: 14.0.3475.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{C5C7713B-8FB7-4118-B1C3-914CA6F95D67}) (Version: 14.0.3475.1 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service  (HKLM\...\{5683FC89-D14D-4DFF-ACC1-CCBABEFBDD15}) (Version: 14.0.3456.2 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Teams) (Version: 1.7.00.21751 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visio - de-de (HKLM\...\VisioPro2019Retail - de-de) (Version: 16.0.17928.20156 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{C931A1C6-A7BF-3737-874A-818881A37E1B}) (Version: 10.0.60915 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60910 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60910 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
MiniTool Partition Wizard Free 12.8 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.8 - MiniTool Software Limited)
Movavi Slideshow Maker 23 (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Movavi Slideshow Maker 23) (Version: 23.3.0 - Movavi)
Movavi Slideshow Maker 8 (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\Movavi Slideshow Maker 8) (Version: 8.0.0 - Movavi)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 130.0.1 (x64 de)) (Version: 130.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 130.0.1 - Mozilla)
MP3 deluxe 19 Update (HKLM\...\{A50A6DA4-F139-419B-8C2B-6B81D96AEE20}) (Version: 19.0.1.48 - MAGIX Software GmbH) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6.9 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17928.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17928.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17928.20156 - Microsoft Corporation) Hidden
Photo Focus (HKLM\...\{BC5AB258-4F4E-40E7-8B3C-8A4121E391D6}) (Version: 4.2.7759.21167 - Avanquest Software) Hidden
Photo Maximizer (HKLM\...\{5AB15CE4-4895-4B17-9F5A-B970ADD87ABF}) (Version: 5.2.7759.20869 - Avanquest Software) Hidden
Pixillion Bildkonverter (HKLM-x32\...\Pixillion) (Version: 12.37 - NCH Software)
PowerShell 7.4.5.0-x64 (HKLM-x32\...\{5c53f83f-8530-49bd-b1b9-c2e0a3f98507}) (Version: 7.4.5.0 - Microsoft Corporation)
PowerShell 7-x64 (HKLM\...\{C1593F76-F694-448E-AD35-82DDD6203975}) (Version: 7.4.5.0 - Microsoft Corporation) Hidden
QNAP Qfinder Pro (HKLM-x32\...\QNAP_FINDER) (Version: 7.11.1.0726 - QNAP Systems, Inc.)
QNAP QVR Client (HKLM-x32\...\QNAPQVR) (Version: 5.1.5.21117 - QNAP Systems, Inc.)
RDX Manager (HKLM-x32\...\{719e143f-6078-4f14-b5fd-740011160834}) (Version: 2.0.1.50 - Overland-Tandberg)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.)
Securepoint SSL VPN (HKLM-x32\...\{D890C6DD-FA97-4AE6-81BB-6200996D5281}) (Version: 2.0.30 - Securepoint GmbH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0407-1000-0000000FF1CE}_Office14.SharePointDesigner_{7D80DAF2-791E-4004-B6FD-B49DEF03A823}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.SharePointDesigner_{EE3A99C9-FD8F-4923-9F82-27365DA4B873}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.SharePointDesigner_{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SharePointDesigner_{77A8B979-11B0-4774-8003-574EE8A4BC22}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.SharePointDesigner_{802039D1-1720-41CA-A332-2C24F3B3872B}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-002C-0407-1000-0000000FF1CE}_Office14.SharePointDesigner_{BDE4C713-3D51-4C0F-9160-BB1DB8710B71}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{F3FAAB68-7697-4B1F-A23A-72312565AEAB}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0407-1000-0000000FF1CE}_Office14.SharePointDesigner_{1A568352-73BD-442A-B6ED-638E45338957}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-006E-0407-1000-0000000FF1CE}_Office14.SharePointDesigner_{E2570A68-F00A-4712-8EB6-631F7A45A2B1}) (Version:  - Microsoft) Hidden
Solidigm(TM) Storage Tool (HKLM\...\{EA997179-05BD-414F-BE8B-164CEF676BB9}) (Version: 1.0.16 - Solidigm)
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
TreeSize V9.1.5 (HKLM\...\TreeSize_is1) (Version: 9.1.5 - JAM Software)
Tune Sweeper V4 (HKLM-x32\...\{781D35A3-7860-4965-B959-21E147FF565B}) (Version: 4.42 - Wide Angle Software Ltd)
ViewSonic vDisplay Manager2.0 (HKLM-x32\...\{66425BDF-E3B8-4E11-9A1A-CE79BDFB6ABC}) (Version: 2.2.0.70 - ViewSonic ) Hidden
ViewSonic vDisplay Manager2.0 (HKLM-x32\...\InstallShield_{66425BDF-E3B8-4E11-9A1A-CE79BDFB6ABC}) (Version: 2.2.0.70 - ViewSonic )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VNC Viewer 6.20.529 (HKLM\...\{DCF5BBEA-3BDB-4E03-BF06-03836F320CA6}) (Version: 6.20.529.42646 - RealVNC Ltd)
Webex (HKLM\...\{611AD18D-000D-4ABB-84FD-CC503FDE8EC6}) (Version: 42.3.0.21576 - Cisco Systems, Inc)
windata 8 (HKLM-x32\...\{FD0AF264-0A0B-4F1B-B6EE-19DE7A5829C4}) (Version: 8.8.0.60 - windata GmbH & Co.KG)
Windows-Migrationsassistent (HKLM-x32\...\{B4E33760-8146-4151-A4CB-1E8EE3523ADA}) (Version: 2.4.5.0 - Apple Inc.)
Windows-PC-Integritätsprüfung (HKLM\...\{AD47C6B2-6C72-4F0E-B66F-7685C28ACDFD}) (Version: 3.3.2110.22002 - Microsoft Corporation)
WinTrack Version 16.0 (HKLM-x32\...\wintrack6_is1) (Version: 16.0 3D Download/ SP16.0.4 - Ing.-Büro Schneider)
WithSecure™ Client Security (HKLM-x32\...\{172CF84D-09EE-4276-93E0-BBFDDFB44A31}) (Version: 16.00 - WithSecure Corporation)
XnView 2.51.6 (HKLM-x32\...\XnView_is1) (Version: 2.51.6 - Gougelet Pierre-e)
XnViewMP 0.98.2 (HKLM\...\XnViewMP_is1) (Version: 0.98.2 - Gougelet Pierre-e)
Zeta Producer 16, Version 16.8.6 (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\ZetaProducer16) (Version: 16.8.6 - Zeta Software GmbH)
Zoom (HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\ZoomUMX) (Version: 5.16.10 (26186) - Zoom Video Communications, Inc.)

Packages:
=========

Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-06-03] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2024-09-17] ()
Adobe Acrobat DC -> C:\Program Files\Adobe\Acrobat DC [2024-09-17] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-09-17] ()
AppleInc.AppleDevices -> C:\Program Files\WindowsApps\AppleInc.AppleDevices_1.1031.17413.0_x64__nzyj5cx40ttqa [2024-09-18] (Apple Inc.) [Startup Task]
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5635.0_x64__8j3eq9eme6ctt [2024-09-19] (INTEL CORP) [Startup Task]
Brieftasche -> C:\Program Files\WindowsApps\wallet-1A089A79_1.0.0.0_neutral__g1qe3cm044z6e [2024-07-23] (edge://wallet)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-09-19] (Dropbox Inc.)
Facebook -> C:\Program Files\WindowsApps\www.facebook.com-1C2D851A_2023.531.1.1_neutral__n468xs7erp6tc [2024-07-23] (www.facebook.com)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa [2024-09-14] (Apple Inc.) [Startup Task]
JAMSoftware.TreeSizeContextMenu -> C:\Program Files\JAM Software\TreeSize [2024-08-15] (JAM Software)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-22] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.6.9080.0_x64__8wekyb3d8bbwe [2024-09-14] (Microsoft Studios)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.2331.0_x64__8wekyb3d8bbwe [2024-08-28] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-09-14] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-18] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.144.0_x64__8wekyb3d8bbwe [2024-09-08] (Microsoft Corporation) [Startup Task]
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24081.57.0_x64__cw5n1h2txyewy [2024-09-18] (Microsoft Windows) [Startup Task]
Notepad++ -> C:\Program Files\Notepad++\contextMenu [2024-08-05] (Notepad++)
Remotedesktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-06-13] (Microsoft Corporation)
shellmenua -> C:\Program Files (x86)\NCH Software\Components\Shared\shellmenu [2024-07-11] ()
shellmenub -> C:\Program Files (x86)\NCH Software\Components\Shared\shellmenu [2024-07-11] ()
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0 [2024-08-31] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2436.6.0_x64__cv1g1gvanyjgm [2024-09-16] (WhatsApp Inc.) [Startup Task]
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.5.0.0_x64__8wekyb3d8bbwe [2024-09-14] (Microsoft Corporation)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.214.1843.0_x64__8wekyb3d8bbwe [2024-08-16] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.242.101.0_x64__8wekyb3d8bbwe [2024-09-05] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows-Fotoanzeige -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-08-08] (Microsoft Corporation) [Startup Task]
World of Tanks Blitz -> C:\Program Files\WindowsApps\7458BE2C.WorldofTanksBlitz_11.1.256.0_x64__x4tje2y229k00 [2024-07-26] (Wargaming Group Limited)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\RHenner\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.24192.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\RHenner\AppData\Local\WebEx\WebEx64\Meetings_slow\atucfobj.dll () [Zugriff verweigert]
CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> C:\Program Files\InPixio\Photo Studio 11\PhotoStudioIPS11.exe (Avanquest Logiciels (7270356 Canada Inc) -> InPixio)
CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{82A6D7A6-FC2E-4DFD-AAEF-E3BBF9AD71AD}\localserver32 -> C:\Program Files\CEWE\CEWE Fotowelt\AutoBookService.exe () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\RHenner\AppData\Local\GoToMeeting\19950\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\RHenner\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\RHenner\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1773680356-330345840-2714900978-1103_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\RHenner\Dropbox [2023-06-26 13:06]
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_10_39287.dll [2022-01-05] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_10_39287.dll [2022-01-05] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_10_39287.dll [2022-01-05] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_10_39287.dll [2022-01-05] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     WithSecure DataGuard Icon Overlay] -> {4C035BEC-FBB7-468E-A95E-3EE1D4A0482B} => C:\Program Files (x86)\F-Secure\Client Security\WsShellExtension64.dll [2023-09-27] (WithSecure Oyj -> WithSecure Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-05-12] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers2: [RdxShlExt] -> {9E6C9AB4-B9BD-481D-8D8B-70D739B71312} => C:\Program Files (x86)\Overland-Tandberg\RDXManager\Eject\ShlExt\x64\RdxExt.dll [2024-03-04] (Tandberg Data GmbH -> Overland-Tandberg)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-05-12] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-21] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\RHenner\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2024-07-26 04:18 - 2024-07-26 04:18 - 003825664 _____ () [Datei ist nicht signiert] c:\program files (x86)\qnap\qfinder\dhconfigsdk.dll
2024-07-26 04:18 - 2024-07-26 04:18 - 019337216 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qfinder\dhnetsdk.dll
2024-07-26 04:18 - 2024-07-26 04:18 - 000176640 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qfinder\quazip.dll
2021-04-27 16:21 - 2021-04-27 16:21 - 001027072 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\QVR\QVRWebSocket.dll
2024-05-12 00:05 - 2024-05-12 00:05 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\de_de\AcroTray.deu
2021-03-29 12:33 - 2021-03-29 12:33 - 000116224 _____ () [Datei ist nicht signiert] C:\Program Files\Farm2Desktop\META-INF\AIR\extensions\com.zynga.farm2.utilsANE\META-INF\ANE\Windows-x86-64\UtilsAne64.dll
2020-09-25 17:54 - 2020-09-25 17:54 - 001039872 _____ () [Datei ist nicht signiert] C:\Program Files\ZyngaUpdateService\cpprest_2_10.dll
2020-03-24 15:36 - 2006-07-19 12:01 - 000099840 _____ () [Datei ist nicht signiert] C:\WINDOWS\IMGMSGMO.dll
2021-09-10 09:06 - 2019-03-05 09:02 - 000044544 _____ (ActMask Co.,Ltd) [Datei ist nicht signiert] C:\WINDOWS\system32\spool\PRTPROCS\x64\ActPrint.dll
2020-10-07 16:32 - 2020-10-07 16:32 - 023140352 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files\Farm2Desktop\Adobe AIR\Versions\1.0\Adobe AIR.dll
2024-03-04 11:54 - 2024-03-04 11:54 - 000076800 _____ (Dokan Project) [Datei ist nicht signiert] C:\Program Files (x86)\Overland-Tandberg\RDXManager\Eject\Service\dokan1.dll
2013-10-05 01:38 - 2013-10-05 01:38 - 000229536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\MSVCP120.dll
2013-10-05 01:38 - 2013-10-05 01:38 - 000430752 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\MSVCR120.dll
2020-04-20 12:42 - 2020-04-20 12:42 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-20 12:42 - 2020-04-20 12:42 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2020-11-27 17:18 - 2020-11-27 17:18 - 000475648 _____ (Newtonsoft) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Farm2Desktop\Farm2Notification\Newtonsoft.Json.dll
2020-04-05 19:36 - 2020-04-05 19:36 - 001343488 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files (x86)\Brother\BRAdmin Professional 4\SQLite.Interop.dll
2024-01-05 18:19 - 2024-01-05 18:19 - 001626624 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2024-01-05 18:19 - 2024-01-05 18:19 - 002973696 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2019-11-18 23:51 - 2019-11-18 23:51 - 025338368 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2019-11-18 23:51 - 2019-11-18 23:51 - 002056704 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2019-11-18 23:51 - 2019-11-18 23:51 - 001425408 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2024-03-04 11:54 - 2024-03-04 11:54 - 001785856 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Overland-Tandberg\RDXManager\Eject\Service\libcrypto-1_1.dll
2024-07-26 04:19 - 2024-07-26 04:19 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qfinder\LIBEAY32.dll
2024-07-26 04:19 - 2024-07-26 04:19 - 000274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] c:\program files (x86)\qnap\qfinder\ssleay32.dll
2021-04-27 16:21 - 2021-04-27 16:21 - 001177088 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\QVR\LIBEAY32.dll
2021-04-27 16:21 - 2021-04-27 16:21 - 000270336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\QVR\SSLEAY32.dll
2016-05-04 00:51 - 2016-05-04 00:51 - 000592384 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\LIBEAY32.dll
2016-05-04 00:51 - 2016-05-04 00:51 - 000144896 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\ssleay32.dll
2024-07-26 04:19 - 2024-07-26 04:19 - 002229760 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qfinder\libcrypto-1_1.dll
2024-07-26 04:19 - 2024-07-26 04:19 - 000534528 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qfinder\libssl-1_1.dll
2016-03-03 13:24 - 2016-03-03 13:24 - 000024576 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\imageformats\qgif.dll
2016-03-03 13:24 - 2016-03-03 13:24 - 001020928 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\platforms\qwindows.dll
2016-04-21 15:03 - 2016-04-21 15:03 - 002146816 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\Qt5Core.dll
2016-03-03 13:18 - 2016-03-03 13:18 - 002669568 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\Qt5Gui.dll
2016-03-03 13:15 - 2016-03-03 13:15 - 000328192 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\Qt5Network.dll
2016-03-03 13:14 - 2016-03-03 13:14 - 000076288 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\Qt5Sql.dll
2016-03-03 13:22 - 2016-03-03 13:22 - 002050560 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\Qt5Widgets.dll
2016-03-03 13:13 - 2016-03-03 13:13 - 000071680 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\Qt5Xml.dll
2016-03-03 13:24 - 2016-03-03 13:24 - 000689664 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\sqldrivers\qsqlite.dll
2024-03-04 11:54 - 2024-03-04 11:54 - 005112440 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Overland-Tandberg\RDXManager\Eject\Service\Qt5Core.dll
2024-05-29 11:14 - 2024-05-29 11:14 - 005109232 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qfinder\Qt5Core.dll
2020-03-24 15:36 - 2024-06-27 08:50 - 000374784 _____ (Tobit Software) [Datei ist nicht signiert] C:\WINDOWS\dvepostm.dll
2020-03-24 15:36 - 2024-06-18 13:20 - 000206336 _____ (Tobit Software) [Datei ist nicht signiert] C:\WINDOWS\faxwarmo.dll
2021-03-29 12:33 - 2021-03-29 12:33 - 000016384 _____ (Zynga Inc.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Farm2Desktop\Farm2Notification\WPFTaskbarNotifier.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\RHenner\Downloads\adguardInstaller.exe:MBAM.Zone.Identifier [182]
AlternateDataStreams: C:\Users\RHenner\Downloads\AdwCleaner.exe:MBAM.Zone.Identifier [182]
AlternateDataStreams: C:\Users\RHenner\Downloads\DropboxInstaller.exe:MBAM.Zone.Identifier [560]
AlternateDataStreams: C:\Users\RHenner\Downloads\Firefox Installer.exe:MBAM.Zone.Identifier [178]
AlternateDataStreams: C:\Users\RHenner\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\Users\RHenner\Downloads\T2med-Client-64-Bit-1.3.2-Setup.exe:MBAM.Zone.Identifier [26]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

HKU\S-1-5-21-1057298727-1780103719-597841320-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-1057298727-1780103719-597841320-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-1773680356-330345840-2714900978-1103 -> DefaultScope {42ADB2CA-78A3-480E-9836-B71CBEBAEC69} URL = 
SearchScopes: HKU\S-1-5-21-1773680356-330345840-2714900978-1103 -> {2FE51A29-4E6B-4966-811C-1117E5C1354C} URL = 
SearchScopes: HKU\S-1-5-21-1773680356-330345840-2714900978-1103 -> {42ADB2CA-78A3-480E-9836-B71CBEBAEC69} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-08-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\Client Security\Ultralight\http\1717411214\browser\fs_ie_https\fs_ie_https64.dll [2024-06-10] (F-Secure Corporation -> F-Secure Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\Client Security\Ultralight\http\1717411214\browser\fs_ie_https\fs_ie_https.dll [2024-06-10] (F-Secure Corporation -> F-Secure Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Keine Datei
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\sharepoint.com -> hxxps://rhsoftde-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2022-12-09 03:32 - 2023-07-24 07:35 - 000000385 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1	localhost
192.168.108.240	DC2019
123145

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\VMware\VMware Workstation\bin\;C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files\Solidigm\Solidigm(TM) Storage Tool\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\PowerShell\7\
HKU\S-1-5-21-1057298727-1780103719-597841320-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\OEM\wallpaper\wallpaper.jpg
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\Control Panel\Desktop\\Wallpaper -> c:\users\rhenner\pictures\saved pictures\2024_09.jpg
HKU\S-1-5-80-1763520696-2084034863-1576193141-3247094112-169962742\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.3 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

Network Binding:
=============
LAN-Verbindung: TAP-Windows Adapter V9 -> tap0901.sys
Ethernet: Intel(R) Ethernet Connection (7) I219-V -> e1d.sys

vmware_bridge: VMware Bridge Protocol

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "DV4TS.EXE"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\StartupApproved\Run: => "com.squirrel.WhatsApp.WhatsApp"
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\StartupApproved\Run: => "CiscoSpark"
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-1773680356-330345840-2714900978-1103\...\StartupApproved\Run: => "Zeta Producer 16.6"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F9138E12-3A0D-4CB0-8604-0D92DC879E1A}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 4\BRAdmin.Service.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [UDP Query User{167E17AF-BBBE-49B2-A854-B00E8C9EEAAF}C:\users\rhenner\downloads\anydesk.exe] => (Allow) C:\users\rhenner\downloads\anydesk.exe => Keine Datei
FirewallRules: [TCP Query User{11BACF18-DBF6-4731-8809-60082242BBBC}C:\users\rhenner\downloads\anydesk.exe] => (Allow) C:\users\rhenner\downloads\anydesk.exe => Keine Datei
FirewallRules: [{E934B451-5690-4FF7-BF8D-33DE0FB37FBB}] => (Block) C:\users\rhenner\appdata\roaming\movavi slideshow maker 8\slideshowmaker.exe (Movavi Software Limited -> Movavi)
FirewallRules: [{473F6EB6-162C-41F0-81D8-D19C840AE261}] => (Block) C:\users\rhenner\appdata\roaming\movavi slideshow maker 8\slideshowmaker.exe (Movavi Software Limited -> Movavi)
FirewallRules: [UDP Query User{84D82451-BB77-420B-A81F-234A6707F77D}C:\users\rhenner\appdata\roaming\movavi slideshow maker 8\slideshowmaker.exe] => (Allow) C:\users\rhenner\appdata\roaming\movavi slideshow maker 8\slideshowmaker.exe (Movavi Software Limited -> Movavi)
FirewallRules: [TCP Query User{6A36CF03-BA05-48F5-807E-FF0E385B51AC}C:\users\rhenner\appdata\roaming\movavi slideshow maker 8\slideshowmaker.exe] => (Allow) C:\users\rhenner\appdata\roaming\movavi slideshow maker 8\slideshowmaker.exe (Movavi Software Limited -> Movavi)
FirewallRules: [{A01AA455-92D2-4AEB-9597-A0086E1B8039}] => (Block) C:\program files\tobit infocenter\dvrpcsrv.exe (Tobit Software Laboratories AG -> )
FirewallRules: [{24133692-C080-408F-A6E3-71575E81DB3A}] => (Block) C:\program files\tobit infocenter\dvrpcsrv.exe (Tobit Software Laboratories AG -> )
FirewallRules: [UDP Query User{F5620785-CF18-464A-93E4-06545C5B380C}C:\program files\tobit infocenter\dvrpcsrv.exe] => (Allow) C:\program files\tobit infocenter\dvrpcsrv.exe (Tobit Software Laboratories AG -> )
FirewallRules: [TCP Query User{ED67819E-EE49-47AF-A291-852A15F771D7}C:\program files\tobit infocenter\dvrpcsrv.exe] => (Allow) C:\program files\tobit infocenter\dvrpcsrv.exe (Tobit Software Laboratories AG -> )
FirewallRules: [{1C14538A-4081-440D-9E26-99F65327F8B5}] => (Block) C:\program files\tobit infocenter\dvwin32.exe (Tobit Software Laboratories AG -> Tobit.Software)
FirewallRules: [{131996C2-6CA2-4ADE-AB90-E2550DCAC4BB}] => (Block) C:\program files\tobit infocenter\dvwin32.exe (Tobit Software Laboratories AG -> Tobit.Software)
FirewallRules: [UDP Query User{2918F618-467C-4BB5-B703-3FDF2AEF07AD}C:\program files\tobit infocenter\dvwin32.exe] => (Allow) C:\program files\tobit infocenter\dvwin32.exe (Tobit Software Laboratories AG -> Tobit.Software)
FirewallRules: [TCP Query User{4CD6CA85-4C5E-4E32-A4C2-6FDC54873475}C:\program files\tobit infocenter\dvwin32.exe] => (Allow) C:\program files\tobit infocenter\dvwin32.exe (Tobit Software Laboratories AG -> Tobit.Software)
FirewallRules: [{729F6CD4-13CF-4711-B0B3-3B95ED6675C9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{092BBBC7-87F2-41F1-988D-33F01A2D3531}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{78E00BA3-2EE2-40F7-962A-758B5D977978}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{F4148FD9-41B6-46C4-912D-92A57CD348F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{D2895B6A-8247-428C-92A5-C0700CB1AFCE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{79592AB3-2591-48D7-8674-6A513369FF84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{1A42DDA9-B080-4B4E-B3F1-733F3E9B71DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{BE3C9F14-C5A4-4D36-8387-F1513EDE0183}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{5C7A1CBB-01C6-47F9-8F47-31A8C6F2801F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{11C59F1D-A3CC-4084-9748-302DF58F337F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{A15FB97D-39D8-4F5F-BBB2-4763325EA603}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{10FA0244-7721-4C62-9E43-C34DA3E6331E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{F3597ECD-D75A-46AC-B25D-07B51E679601}] => (Block) C:\program files\axis communications\axis camera station secure entry service\secureentry.exe => Keine Datei
FirewallRules: [{F89128FE-C064-4D29-AF1F-A29006B1D520}] => (Block) C:\program files\axis communications\axis camera station secure entry service\secureentry.exe => Keine Datei
FirewallRules: [UDP Query User{960E45EE-93B6-426C-918C-12CC469718C1}C:\program files\axis communications\axis camera station secure entry service\secureentry.exe] => (Allow) C:\program files\axis communications\axis camera station secure entry service\secureentry.exe => Keine Datei
FirewallRules: [TCP Query User{E23720B6-364D-4AC3-942B-CDA9C798B25B}C:\program files\axis communications\axis camera station secure entry service\secureentry.exe] => (Allow) C:\program files\axis communications\axis camera station secure entry service\secureentry.exe => Keine Datei
FirewallRules: [{7D737DD0-EE77-4402-8688-AECA6329D22F}] => (Block) C:\program files (x86)\homematic config\rfd.exe => Keine Datei
FirewallRules: [{0CF68F05-889C-423F-83C7-E880EA9F0831}] => (Block) C:\program files (x86)\homematic config\rfd.exe => Keine Datei
FirewallRules: [UDP Query User{15CEA4DE-9071-4E42-9D31-C44AE9E1BDD3}C:\program files (x86)\homematic config\rfd.exe] => (Allow) C:\program files (x86)\homematic config\rfd.exe => Keine Datei
FirewallRules: [TCP Query User{44ADE096-094E-412B-BF3D-25711B04BE14}C:\program files (x86)\homematic config\rfd.exe] => (Allow) C:\program files (x86)\homematic config\rfd.exe => Keine Datei
FirewallRules: [{C201AF15-C085-4A32-80A6-899DC85F45F6}] => (Block) C:\users\rhenner\downloads\anydesk (1).exe => Keine Datei
FirewallRules: [{3EC4D709-4FFF-40CD-808A-CB563BBB07DA}] => (Block) C:\users\rhenner\downloads\anydesk (1).exe => Keine Datei
FirewallRules: [UDP Query User{6AB7338C-5949-4886-A138-622A755E8F73}C:\users\rhenner\downloads\anydesk (1).exe] => (Allow) C:\users\rhenner\downloads\anydesk (1).exe => Keine Datei
FirewallRules: [TCP Query User{4176AA76-533C-46C9-94A1-BF1F0E5BDBA2}C:\users\rhenner\downloads\anydesk (1).exe] => (Allow) C:\users\rhenner\downloads\anydesk (1).exe => Keine Datei
FirewallRules: [{BFD53ABA-7CF2-49EE-B33B-8C25BF2AC15E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe => Keine Datei
FirewallRules: [{8CF6679A-D196-4EB3-B053-E947F76DDCE0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe => Keine Datei
FirewallRules: [{0DBCF126-013F-4300-BD3F-BCFBDA9FB00C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe => Keine Datei
FirewallRules: [{DD3C788A-49A3-4185-9A1F-D61F1E85E59B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe => Keine Datei
FirewallRules: [UDP Query User{681FDE1B-D588-4E45-BB9B-EB620C34FA5A}C:\download\axis\iputility(1).exe] => (Allow) C:\download\axis\iputility(1).exe (Axis Communications AB -> Axis Communications AB)
FirewallRules: [TCP Query User{39322FB6-6564-4635-9E46-C8D37A7C1870}C:\download\axis\iputility(1).exe] => (Allow) C:\download\axis\iputility(1).exe (Axis Communications AB -> Axis Communications AB)
FirewallRules: [{3BB31F07-3F1F-40FE-B342-73E15727630D}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{030E75C0-6D46-44BC-9F8F-9725327C5F72}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{EEA510D0-7FB3-4BE6-B142-A77E544C256D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{0C570BFC-2558-4577-97A1-76AE2CD44C97}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{7C14613F-CD2C-4338-BFE1-65397239C094}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{0437D815-BD59-4056-97F4-59BD9C9C118A}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{037F81D2-FB6D-450E-9117-4B53BD4DE6AA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{52B903BB-D1C3-40C2-8F02-20D7C15F2648}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{6107CA46-0149-47A9-9537-5DD7A40D90D6}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{5575A029-784E-4EA9-B374-EF5DCC9DC437}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{E2478E94-EC2C-4204-89D0-27C61B274D6C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{A794088F-7D45-4C38-AD72-0A03D4E10A62}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{2ECE7635-033C-43EB-854C-3B3574A69D9D}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{036AE962-3A15-4BFB-A7F1-B22A4EF0B176}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{A50763B4-FE66-47EC-9A81-92C4331A4882}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{72BF1476-DA23-459F-9E73-F0FFAE591FDA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{1FDAE804-3FEF-46F8-8D1B-20D6431DFCBE}] => (Block) C:\users\rhenner\appdata\local\bluejeans\current\bluejeans.exe => Keine Datei
FirewallRules: [{32E48FC7-0879-4608-BAE2-9DBFCFA3BAC3}] => (Block) C:\users\rhenner\appdata\local\bluejeans\current\bluejeans.exe => Keine Datei
FirewallRules: [UDP Query User{DA5C75AD-D1CC-49EF-870D-7115EEED0C16}C:\users\rhenner\appdata\local\bluejeans\current\bluejeans.exe] => (Allow) C:\users\rhenner\appdata\local\bluejeans\current\bluejeans.exe => Keine Datei
FirewallRules: [TCP Query User{B805E1B2-28AE-4CEF-9724-E32F0DAAA0D4}C:\users\rhenner\appdata\local\bluejeans\current\bluejeans.exe] => (Allow) C:\users\rhenner\appdata\local\bluejeans\current\bluejeans.exe => Keine Datei
FirewallRules: [{959EC134-6514-42D7-9584-B48A09EF92D9}] => (Block) C:\program files\softperfect network scanner\netscan.exe => Keine Datei
FirewallRules: [{F44D57CE-2C09-48F4-AB7D-62223DAABED0}] => (Block) C:\program files\softperfect network scanner\netscan.exe => Keine Datei
FirewallRules: [UDP Query User{BA1C61D7-6902-4674-A77B-95C28A7FD0F3}C:\program files\softperfect network scanner\netscan.exe] => (Allow) C:\program files\softperfect network scanner\netscan.exe => Keine Datei
FirewallRules: [TCP Query User{181E80BB-D4D6-4C34-82C9-F13CF363348C}C:\program files\softperfect network scanner\netscan.exe] => (Allow) C:\program files\softperfect network scanner\netscan.exe => Keine Datei
FirewallRules: [{9567FBB2-4BC5-4140-9E2C-CAFC4F3B2742}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [UDP Query User{30C60119-F851-4582-8789-F1C896484709}C:\users\rhenner\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\rhenner\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F7C51D7C-C816-4B32-833A-81152FB8F767}C:\users\rhenner\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\rhenner\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50B95E4C-4640-4C49-904A-BF0043309721}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C067F86-AD2D-45D4-9D45-AD2813135590}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{66B51507-EC3B-4409-A0A3-482F3C997BF0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{15D0C0E9-E20B-4DD9-9A7F-899FF13CA9CD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4EC3DB10-6591-424C-8BDD-C184818C3909}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BDBCCE34-7BAA-4B1E-A45C-F7726F3D9C27}] => (Block) C:\program files (x86)\tobit infocenter\dvwin32.exe => Keine Datei
FirewallRules: [{5E9C8259-B2DD-4F1A-B59D-E2CCEE3E49E5}] => (Block) C:\program files (x86)\tobit infocenter\dvwin32.exe => Keine Datei
FirewallRules: [UDP Query User{EE5F85D2-3ADE-412E-9C86-1090BC0FF543}C:\program files (x86)\tobit infocenter\dvwin32.exe] => (Allow) C:\program files (x86)\tobit infocenter\dvwin32.exe => Keine Datei
FirewallRules: [TCP Query User{61F8F491-B1D8-40F2-B826-B088D03275C3}C:\program files (x86)\tobit infocenter\dvwin32.exe] => (Allow) C:\program files (x86)\tobit infocenter\dvwin32.exe => Keine Datei
FirewallRules: [{BFAE5097-FEB2-4D40-8622-ABF775AE9018}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{528B2F54-AE12-410E-8303-FC5745CE7021}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0867FB33-5E9B-477D-BBEA-3BAC3E6837D0}] => (Allow) C:\Program Files (x86)\F-Secure\Client Security\fs_hotfix.exe => Keine Datei
FirewallRules: [{790964C7-B490-4557-AC62-FD113083EAE2}] => (Allow) C:\Program Files (x86)\F-Secure\Client Security\_fs_hotfix.exe => Keine Datei
FirewallRules: [{4B88FFA0-6FA5-448A-8B11-A130EFDA2FFB}] => (Allow) C:\Program Files (x86)\F-Secure\Client Security\fshoster32.exe (WithSecure Oyj -> WithSecure Corporation)
FirewallRules: [TCP Query User{1FECE048-6FBE-49AC-88EA-1B1D6B2276DD}\\rhs-dc-3\c_rhs-dc-3\program files\t2med\client\jre\bin\javaw.exe] => (Allow) \\rhs-dc-3\c_rhs-dc-3\program files\t2med\client\jre\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{9EBC3450-73F5-4980-9E27-E12E2E0C7985}\\rhs-dc-3\c_rhs-dc-3\program files\t2med\client\jre\bin\javaw.exe] => (Allow) \\rhs-dc-3\c_rhs-dc-3\program files\t2med\client\jre\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{59E3F858-DE34-4C61-BAD9-FEC04B13C905}C:\users\rhenner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rhenner\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [UDP Query User{040900BA-AE31-4BCA-9BD4-F890D3814E7E}C:\users\rhenner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rhenner\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [{E668C8EC-3C29-442F-9EB7-7A8A52BB7925}] => (Allow) C:\Users\RHenner\AppData\Local\Programs\Opera\70.0.3728.154\opera.exe => Keine Datei
FirewallRules: [{F226FEC8-4783-4260-805E-1786B7679E26}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7FA54D32-67CD-4E47-B1D7-F40A63FA4AB3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26E023C1-9E94-40E8-8CA6-192323681794}] => (Allow) LPort=6623
FirewallRules: [{CA1EC4E2-7146-425B-A6AA-A2C6C31055F2}] => (Allow) C:\Program Files (x86)\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{C666BD2A-0CBC-4FD2-B448-006A683CE6A7}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [TCP Query User{28A495E8-5D7F-4542-BA5A-C5ECDC0F2694}C:\users\rhenner\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\rhenner\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{07E7C41E-44E6-498A-8910-AF8EA32AE250}C:\users\rhenner\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\rhenner\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6F1AE97E-9642-42C9-AA0D-8E254067F6AF}C:\users\rhenner\downloads\iputility(1).exe] => (Allow) C:\users\rhenner\downloads\iputility(1).exe => Keine Datei
FirewallRules: [UDP Query User{A3A8F641-3258-4D41-B11E-A97DA184CB28}C:\users\rhenner\downloads\iputility(1).exe] => (Allow) C:\users\rhenner\downloads\iputility(1).exe => Keine Datei
FirewallRules: [{37082290-D98D-45DD-BA07-F2C2F61D3CAB}] => (Allow) C:\Users\RHenner\AppData\Local\AxisCompanion4\p2pproxy.exe => Keine Datei
FirewallRules: [TCP Query User{FB4A57D4-046A-4A69-890A-948D6B0BBBD2}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe (QNAP Systems, Inc. -> QNAP)
FirewallRules: [UDP Query User{CA8844D4-5EDD-4A7C-9B88-8481CC7C460F}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe (QNAP Systems, Inc. -> QNAP)
FirewallRules: [TCP Query User{3A643FDC-F8E4-4ADC-893F-AE21533EA742}C:\users\rhenner\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\rhenner\appdata\roaming\zoom\bin\zoom.exe () [Zugriff verweigert]
FirewallRules: [UDP Query User{9AD2F5A3-4885-4E77-BAA8-5A159A7A9518}C:\users\rhenner\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\rhenner\appdata\roaming\zoom\bin\zoom.exe () [Zugriff verweigert]
FirewallRules: [TCP Query User{CE1736AF-C61F-42B9-81B7-0DB1DC59DE7B}C:\download\axis\iputility(1).exe] => (Allow) C:\download\axis\iputility(1).exe (Axis Communications AB -> Axis Communications AB)
FirewallRules: [UDP Query User{9DA87F4F-896E-4B06-A0B1-42248DEE6FE5}C:\download\axis\iputility(1).exe] => (Allow) C:\download\axis\iputility(1).exe (Axis Communications AB -> Axis Communications AB)
FirewallRules: [TCP Query User{04DAA2DE-B7C0-47D2-938C-3D448CC455DF}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{330B1BDA-27B7-4671-9F35-3F33F678FE90}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{50377E5F-27D9-44C1-9624-81A039C87A8E}C:\program files (x86)\searchtool\searchtool .exe] => (Allow) C:\program files (x86)\searchtool\searchtool .exe => Keine Datei
FirewallRules: [UDP Query User{0AA5BF03-B2C5-4C6A-9965-9FE427300938}C:\program files (x86)\searchtool\searchtool .exe] => (Allow) C:\program files (x86)\searchtool\searchtool .exe => Keine Datei
FirewallRules: [TCP Query User{12688987-1038-4D07-831F-FFEC51F579EB}C:\program files\blue iris 5\blueiris.exe] => (Allow) C:\program files\blue iris 5\blueiris.exe => Keine Datei
FirewallRules: [UDP Query User{363FAE0C-6883-4C24-ACD9-1416A9EBD011}C:\program files\blue iris 5\blueiris.exe] => (Allow) C:\program files\blue iris 5\blueiris.exe => Keine Datei
FirewallRules: [TCP Query User{7E68777F-8417-4B9A-9002-FCE148736F53}C:\users\rhenner\appdata\local\ivideon\ivideonserver\ivideonserver.exe] => (Allow) C:\users\rhenner\appdata\local\ivideon\ivideonserver\ivideonserver.exe => Keine Datei
FirewallRules: [UDP Query User{7FFA959D-EBB6-4602-BC54-9A8238342F3B}C:\users\rhenner\appdata\local\ivideon\ivideonserver\ivideonserver.exe] => (Allow) C:\users\rhenner\appdata\local\ivideon\ivideonserver\ivideonserver.exe => Keine Datei
FirewallRules: [TCP Query User{188F43B1-109F-4551-90F0-0347B7424235}C:\download\vms\setup.exe] => (Allow) C:\download\vms\setup.exe => Keine Datei
FirewallRules: [UDP Query User{4570D352-05FD-4B19-87BA-0D500B366564}C:\download\vms\setup.exe] => (Allow) C:\download\vms\setup.exe => Keine Datei
FirewallRules: [{67F6C165-0D1A-4873-8685-5FC6EF587594}] => (Allow) LPort=8090
FirewallRules: [{68043949-83BC-4979-A450-149E09AC19AE}] => (Allow) C:\Program Files\Agent\Agent.exe (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox)
FirewallRules: [TCP Query User{592BF938-0A30-4DFD-8818-29BDA484EB73}C:\program files\agent\agenttray.exe] => (Allow) C:\program files\agent\agenttray.exe (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox)
FirewallRules: [UDP Query User{3C789207-26A1-48AE-BBB8-C612AB3F784C}C:\program files\agent\agenttray.exe] => (Allow) C:\program files\agent\agenttray.exe (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox)
FirewallRules: [TCP Query User{4F6C04F4-4A97-4E56-B220-0E5E7B03D935}C:\download\vms\agent.exe] => (Allow) C:\download\vms\agent.exe => Keine Datei
FirewallRules: [UDP Query User{77AEFCBD-1973-458A-B7E2-7AE6D8906842}C:\download\vms\agent.exe] => (Allow) C:\download\vms\agent.exe => Keine Datei
FirewallRules: [TCP Query User{B0978522-08F6-4D8D-8B01-03F913099AD7}C:\download\vms\agent_windows64_3_1_3_0\agent.exe] => (Allow) C:\download\vms\agent_windows64_3_1_3_0\agent.exe => Keine Datei
FirewallRules: [UDP Query User{478EB217-C187-4855-9A99-7AFD26208BE6}C:\download\vms\agent_windows64_3_1_3_0\agent.exe] => (Allow) C:\download\vms\agent_windows64_3_1_3_0\agent.exe => Keine Datei
FirewallRules: [TCP Query User{530200EE-0050-4011-A1C9-A9A873A3466C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{81EDC945-2B3E-4A76-8E8B-FCE21703AE17}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B7C31D59-AC0D-4FD8-B1F5-1271CE962D7B}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe (QNAP Systems, Inc. -> QNAP)
FirewallRules: [UDP Query User{3B80B846-ADD7-45E4-BC00-68B83DA0AC43}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe (QNAP Systems, Inc. -> QNAP)
FirewallRules: [TCP Query User{0992AA28-A245-4812-9CC3-23DEB68666BD}C:\users\rhenner\downloads\anydesk.exe] => (Allow) C:\users\rhenner\downloads\anydesk.exe => Keine Datei
FirewallRules: [UDP Query User{1CD6ADE4-A342-4394-BE69-64242C99C1D4}C:\users\rhenner\downloads\anydesk.exe] => (Allow) C:\users\rhenner\downloads\anydesk.exe => Keine Datei
FirewallRules: [{5D97665B-F80D-4286-A253-EC24FC78A249}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe => Keine Datei
FirewallRules: [{730DFC19-D50F-456A-AB8A-BEA4858AD1D5}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe => Keine Datei
FirewallRules: [{AAE83A6C-6D8F-47EC-A3C6-7660D6C45D90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{C7BA3C9E-9E40-49FC-B6C6-17FC92AE32D7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{7AA7B886-2AA8-4CE7-BDEF-27F5F8984BF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{C86200A2-A951-4516-A991-6824F387DF49}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{5B3DC3AD-B92D-4237-91A0-742A9B7F5B47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{84C276AD-1471-4299-A573-CD18A5B272B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{87852535-E410-4C2D-AD81-1FB58EB58253}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{FB7001AC-6105-4053-A972-0A03ABB27ED3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [TCP Query User{4E088C51-5B23-4CB1-903B-6EE44E4A260C}C:\users\rhenner\downloads\iputility (1).exe] => (Allow) C:\users\rhenner\downloads\iputility (1).exe => Keine Datei
FirewallRules: [UDP Query User{6219B0C2-F258-4B5C-B607-8A88538C6F46}C:\users\rhenner\downloads\iputility (1).exe] => (Allow) C:\users\rhenner\downloads\iputility (1).exe => Keine Datei
FirewallRules: [{E0A64608-AE8B-4C72-8C2D-E50481E93540}] => (Allow) C:\Program Files\JAM Software\TreeSize\TreeSize.exe (JAM Software GmbH -> JAM Software)
FirewallRules: [TCP Query User{5342DF0E-8662-4A86-8046-C69A8D74C161}C:\program files\jam software\treesize\treesize.exe] => (Allow) C:\program files\jam software\treesize\treesize.exe (JAM Software GmbH -> JAM Software)
FirewallRules: [UDP Query User{8C5B73BE-574C-4EC3-B793-B7C977BC9389}C:\program files\jam software\treesize\treesize.exe] => (Allow) C:\program files\jam software\treesize\treesize.exe (JAM Software GmbH -> JAM Software)
FirewallRules: [TCP Query User{6B951DC8-82D4-4CD9-B95D-1095F5E218EA}C:\users\rhenner\appdata\local\android\sdk\platform-tools\adb.exe] => (Allow) C:\users\rhenner\appdata\local\android\sdk\platform-tools\adb.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F2124082-9790-49D3-963C-7710A7645E9D}C:\users\rhenner\appdata\local\android\sdk\platform-tools\adb.exe] => (Allow) C:\users\rhenner\appdata\local\android\sdk\platform-tools\adb.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2C06EB15-0E37-4B62-BC5E-4C156F4B36E5}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => Keine Datei
FirewallRules: [UDP Query User{44F4A7E0-9966-41E0-8624-5772854A51A2}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => Keine Datei
FirewallRules: [TCP Query User{0FEB14AD-86D4-4ED6-8D59-069B1559C2E0}C:\users\rhenner\downloads\anydesk (2).exe] => (Allow) C:\users\rhenner\downloads\anydesk (2).exe => Keine Datei
FirewallRules: [UDP Query User{53678D57-BB60-41AE-B5E8-D6041E6ABEEE}C:\users\rhenner\downloads\anydesk (2).exe] => (Allow) C:\users\rhenner\downloads\anydesk (2).exe => Keine Datei
FirewallRules: [TCP Query User{46C75C1F-2C88-41D1-89F4-4875BBCBFDDE}C:\anydesk\anydesk.exe] => (Allow) C:\anydesk\anydesk.exe => Keine Datei
FirewallRules: [UDP Query User{6FCCC2A1-E0AC-4EC2-8BB2-4B45012DA59F}C:\anydesk\anydesk.exe] => (Allow) C:\anydesk\anydesk.exe => Keine Datei
FirewallRules: [{2D8995CD-B723-418C-AB19-991589B1F864}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{DBE2806F-61C4-4D93-A66E-D3A2D2111A68}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{B446C168-1315-4E0B-A7D3-5BB70F4837EB}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{EB8BE613-059E-4C2B-9402-EE1843E192E8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{71ABCD41-307A-47C3-AECD-0B39707CE0E9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{A56600D0-5789-486F-8C3E-374C161624C5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [TCP Query User{87F22D42-99BB-431D-83E5-F39CC7CAE7A0}C:\program files\david client\dvwin4.exe] => (Allow) C:\program files\david client\dvwin4.exe (Tobit Software Laboratories AG -> Tobit.Software)
FirewallRules: [UDP Query User{DE405ADA-3A8F-456B-B0B7-414F58E4FE32}C:\program files\david client\dvwin4.exe] => (Allow) C:\program files\david client\dvwin4.exe (Tobit Software Laboratories AG -> Tobit.Software)
FirewallRules: [TCP Query User{57BB8B43-A4DA-4A61-9894-1367D1353712}C:\program files\david client\dvrpcsrv.exe] => (Allow) C:\program files\david client\dvrpcsrv.exe (Tobit Software Laboratories AG -> )
FirewallRules: [UDP Query User{0048EB68-B507-41A3-B5B3-22C656C7F1CD}C:\program files\david client\dvrpcsrv.exe] => (Allow) C:\program files\david client\dvrpcsrv.exe (Tobit Software Laboratories AG -> )
FirewallRules: [{033D6FC9-E71D-480C-82FF-9ED81A264ADD}] => (Allow) C:\Program Files\JAM Software\TreeSize\TreeSize.exe (JAM Software GmbH -> JAM Software)
FirewallRules: [{079ED557-2C39-4690-8484-4B139945996A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8AD15296-7717-4173-AAE0-1158E992A4A8}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F04951DC-576B-47B2-BD64-AF3D9F9DE055}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{92AB3C68-2664-4B8B-AD1E-B1DD737CFDB9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{8CA8CCD5-DC4C-4D93-AFCC-386D530F9DB4}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe => Keine Datei
FirewallRules: [UDP Query User{FCF48EB1-C672-446B-9EA1-E3E97C0752BA}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe => Keine Datei
FirewallRules: [{102557B2-37F5-42A7-9EC3-BFD85A73C2F2}] => (Allow) C:\Program Files (x86)\F-Secure\Client Security\fshoster32.exe (WithSecure Oyj -> WithSecure Corporation)
FirewallRules: [{7F4D2D76-69EA-4A42-9364-2C10B440BC77}] => (Allow) C:\Program Files (x86)\F-Secure\Client Security\_fs_hotfix.exe => Keine Datei
FirewallRules: [{AAB9205A-0B05-41DF-9BE0-B5D942FD3413}] => (Allow) C:\Program Files (x86)\F-Secure\Client Security\fs_hotfix.exe => Keine Datei
FirewallRules: [{68B8FAE9-C3F9-4F50-B8D5-2B59697E0D9C}] => (Allow) LPort=139
FirewallRules: [{991F507B-4191-485D-9226-22B003AE82F1}] => (Allow) LPort=445
FirewallRules: [{04106975-38A3-4632-B39D-22DF42ED528C}] => (Allow) LPort=445
FirewallRules: [{DA7A9ECA-CFD9-4D2F-9907-F7B19CEE5110}] => (Allow) C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1715597669\fsorsp64.exe => Keine Datei
FirewallRules: [{B0D4C8CB-2B80-4107-A4A2-892ACCD217D1}] => (Allow) C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1724782727\fshoster64.exe (WithSecure Oyj -> WithSecure Corporation)
FirewallRules: [TCP Query User{629D468E-96B0-4EBF-97CE-C9EF2D45350D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => Keine Datei
FirewallRules: [UDP Query User{45A19420-9678-41AA-AE65-867342936A9A}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => Keine Datei
FirewallRules: [{84C3B554-FA80-4984-B9A4-BCD77AFE5DEE}] => (Allow) C:\Users\RHenner\AppData\Roaming\Wide Angle Software\Tune Sweeper V4\Tune_Sweeper.exe (Wide Angle Software Ltd -> Wide Angle Software)
FirewallRules: [{FE6BB74E-77A6-4704-9F4A-3134DCADCBCC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4C9CAFB-1454-44CB-A422-07181E6EC755}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26F38F7B-3CD7-496C-A168-A91793411CB3}] => (Allow) C:\Program Files\Axis Communications\AXIS IP Utility\IPUtility.exe (Axis Communications AB -> Axis Communications)
FirewallRules: [{1694FA8E-73C6-4233-B3C4-B19A49CB3B2A}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG)
FirewallRules: [{6DC8963E-BEC4-4F01-A343-2A3D47F6598E}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG)
FirewallRules: [{93A3B463-5CDE-4579-AE90-EB91C7063031}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24137.2203.2894.4529_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CB6FAC8-00DD-48E4-B5E7-478CFE79F28B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24137.2203.2894.4529_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8DE6E9D0-EDC1-4A70-8B01-04EB815296CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E98B10B1-C783-43F3-937E-C841BF84E503}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{D5F81CD0-9EC1-421D-BB18-7DCADE4B6746}] => (Allow) C:\Program Files\LogiOptionsPlus\logivoice\logioptionsplus_logivoice => Keine Datei
FirewallRules: [{3C8A88D2-B4DA-4D73-823A-F4F89D89F97B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0B539A01-A008-40BC-B52E-8D956709535D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E6F7331B-44DC-4442-9C22-A9F81CD013AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC8F7A22-825A-4349-9DC2-2A5FE07361A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5110301A-A039-4A8D-898D-8C37E0ABADEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{53C2DE40-DB92-42EF-BB50-89F2B5B76F01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D790965F-1288-434D-A4C2-81DAA364659D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E7666B3-D879-429C-A183-9973A0BFD657}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5C5F9E1E-5AFB-4701-8043-45680951FA20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5F413222-E9E3-43B4-B20F-7BF9321D267C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{41FA01BB-1978-4FB0-8C85-F2FDAC233598}] => (Allow) C:\Program Files\AdGuard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Limited)
FirewallRules: [{B31BCEB3-355D-4DE8-8D64-ABF1597C2E89}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{60161B05-0F7D-42D7-AFF8-AD4C113A60E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0B10A00-A558-45DB-9A73-B7D21AAC42AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CBE2BA89-738F-41A4-B2BA-50118C7B2B3E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1E70F43-43AE-446D-A775-E5DE8D9934F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9E7AFCCA-111F-4274-9346-99D97E01F767}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{F586CCB5-5FF8-4BFB-8719-D4835D69B72A}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C93E2A29-FB43-4192-8ACB-759F00060D4E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.AppleDevices_1.1031.17413.0_x64__nzyj5cx40ttqa\AppleMobileDeviceLauncher.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{63FE4AAF-CD0D-4CCC-A022-08176CB986ED}] => (Allow) C:\Program Files\WindowsApps\AppleInc.AppleDevices_1.1031.17413.0_x64__nzyj5cx40ttqa\AppleMobileDeviceLauncher.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E5697D04-0C83-4647-B84D-E259A7DB54E7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.AppleDevices_1.1031.17413.0_x64__nzyj5cx40ttqa\AMPDevicesAgent.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{980E7475-AADE-4394-95A0-8C5937B162A5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.AppleDevices_1.1031.17413.0_x64__nzyj5cx40ttqa\AMPDevicesAgent.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7F173320-31B8-4050-BC68-57D62C035BCC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{23E56EAE-7611-4730-941C-4323D642F882}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{A3C562C9-9CC7-4C16-9AA8-316B18BF2F8C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BC866990-10DB-417A-B2A2-63663E30634F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{01D8756C-ECC6-4637-84FB-22C1453E20DC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8D116BC2-E646-48E0-9414-F256168F5868}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{12FEEEFC-C623-4BBE-90B8-04D1384DE76E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{AA61D948-D1E2-41F8-AE47-87EBBAD1FB8D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{437AB12B-6215-4AF2-9943-9B0D71EC7694}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24256.2502.3123.1_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0E33AF9-BE16-4C15-AC61-0534204E08F8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24256.2502.3123.1_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9F4D3A72-AB01-4657-BC08-C0377BA38C8F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{A8C45C49-C2FD-47B0-816B-084D771A05A4}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

16-09-2024 12:37:10 Windows Update
16-09-2024 12:37:10 Windows Update
16-09-2024 12:37:10 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (09/19/2024 07:14:04 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (09/19/2024 07:14:04 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (09/19/2024 07:14:04 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (09/19/2024 07:14:04 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (09/19/2024 07:14:03 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (09/19/2024 07:13:41 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (09/19/2024 07:13:41 AM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.

Error: (09/19/2024 07:13:41 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.


Systemfehler:
=============
Error: (09/19/2024 07:13:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/19/2024 07:13:04 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: RH-SOFT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (09/19/2024 07:12:44 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne RH-SOFT aufgrund der folgenden
Ursache nicht einrichten: 
Sie können mit diesen Anmeldeinformationen nicht angemeldet werden, weil Ihre Domäne nicht verfügbar ist. Stellen Sie sicher, dass Ihr Gerät mit dem Netzwerk Ihrer Organisation verbunden ist, und versuchen Sie es erneut. Wenn Sie sich auf diesem Gerät zuvor mit anderen Anmeldeinformationen angemeldet haben, können Sie sich mit diesen Anmeldeinformationen anmelden.


Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.



ZUSÄTZLICHE INFORMATIONEN

Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.

Error: (09/17/2024 07:01:13 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne RH-SOFT aufgrund der folgenden
Ursache nicht einrichten: 
Sie können mit diesen Anmeldeinformationen nicht angemeldet werden, weil Ihre Domäne nicht verfügbar ist. Stellen Sie sicher, dass Ihr Gerät mit dem Netzwerk Ihrer Organisation verbunden ist, und versuchen Sie es erneut. Wenn Sie sich auf diesem Gerät zuvor mit anderen Anmeldeinformationen angemeldet haben, können Sie sich mit diesen Anmeldeinformationen anmelden.


Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.



ZUSÄTZLICHE INFORMATIONEN

Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.

Error: (09/16/2024 01:09:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/16/2024 01:09:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice

Error: (09/16/2024 01:09:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone

Error: (09/16/2024 12:38:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone


CodeIntegrity:
===============
Date: 2024-09-19 07:41:34
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\1724782727\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. 

Date: 2024-09-19 07:41:34
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 2602 EX 07/24/2019
Hauptplatine: ASUSTeK COMPUTER INC. PRIME B360M-C
Prozessor: Intel(R) Core(TM) i7-9700 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 32617.33 MB
Verfügbarer physikalischer RAM: 20912.09 MB
Summe virtueller Speicher: 34665.33 MB
Verfügbarer virtueller Speicher: 22313.4 MB

==================== Laufwerke ================================

Drive c: (LW_C) (Fixed) (Total:475.74 GB) (Free:125.76 GB) (Model: INTEL SSDPEKNW512G8) NTFS
Drive f: () (Fixed) (Total:1863.02 GB) (Free:1796.67 GB) (Model: Samsung SSD 870 EVO 2TB) NTFS
Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:98.9 GB) (Model: Samsung SSD 870 EVO 2TB) FAT32
Drive m: (Multimedia) (Network) (Total:9234.27 GB) (Free:4374.42 GB) (Model: Samsung SSD 870 EVO 2TB) NTFS
Drive t: (SAVE_Turbomed) (Network) (Total:9234.27 GB) (Free:4374.42 GB) (Model: Samsung SSD 870 EVO 2TB) NTFS
Drive z: (Save_Zeta) (Network) (Total:9234.27 GB) (Free:4374.42 GB) (Model: Samsung SSD 870 EVO 2TB) NTFS

\\?\Volume{a0084c28-4dfc-4ef1-94cc-72e83ecddb60}\ () (Fixed) (Total:0.68 GB) (Free:0.11 GB) NTFS
\\?\Volume{0b8028be-5163-438f-88eb-d16613b73f08}\ (SYSTEM) (Fixed) (Total:0.5 GB) (Free:0.47 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 3A614420)

Partition: GPT.

==================== Ende von Addition.txt =======================

cosinus · 19.09.2024, 08:47

Zitat:

WithSecure™ Client Security

Sieht man auch nicht jeden Tag. Ist das ein gewerblich genutztes System? Wenn ja ist in erster Linie die EDV-Abteilung deiner Firma für dieses System zuständig.

rhstgt · 19.09.2024, 09:04

Dieser Rechner wird von mir privat genutzt !
Ich hatte bis vor einem Jahr noch die Fa. RH-Soft.
WithSecure stammt noch aus der Zeit als ich F-Secure Produkte vertrieben habe !

cosinus · 19.09.2024, 10:58

Störende, veraltete oder unnötige Programme deinstallieren

Bitte über Programme und Features (appwiz.cpl) deinstallieren:

AdGuard
Java 8 Update 421 (64-bit)
alles von Microsoft Office 2010
Microsoft SQL Server 2012 Native Client
WithSecure™ Client Security

rhstgt · 19.09.2024, 11:09

Ist erledigt!

cosinus · 19.09.2024, 11:37

adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner bitte wiederholen falls es Funde gab.

rhstgt · 19.09.2024, 14:46

Hier das Ergebnis :

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    09-19-2024
# Duration: 00:00:08
# OS:       Windows 11 (Build 22631.4169)
# Scanned:  32097
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1511 octets] - [05/09/2024 07:31:24]
AdwCleaner[C00].txt - [1681 octets] - [05/09/2024 07:31:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

cosinus · 19.09.2024, 15:12

Scripting/Repair mit FRST64

WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!

Kopiere den gesamten Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
Task: {5FEAE21B-304F-49F8-954F-000BCA091C62} - System32\Tasks\VLC Plus Player Updater => C:\Users\RHenner\AppData\Local\VLC  -> Plus Player Updater\Updater.exe <==== ACHTUNG
RemoveProxy::
EmptyTemp:
End::

Starte nun FRST und klicke direkt den Reparieren Button.Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
Gegebenenfalls muss dein Rechner neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

rhstgt · 19.09.2024, 15:47

Hier das Logfile :

Code:

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2024
durchgeführt von RHenner (19-09-2024 16:39:23) Run:3
Gestartet von C:\Users\RHenner\Downloads
Geladene Profile: Roland Henner & RHenner & SQLTELEMETRY$WINDATA
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Start::
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
Task: {5FEAE21B-304F-49F8-954F-000BCA091C62} - System32\Tasks\VLC Plus Player Updater => C:\Users\RHenner\AppData\Local\VLC  -> Plus Player Updater\Updater.exe <==== ACHTUNG
RemoveProxy::
EmptyTemp:
End::
*****************

Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => Wert erfolgreich wiederhergestellt
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => Wert erfolgreich wiederhergestellt
"C:\WINDOWS\system32\GroupPolicy\Machine" => nicht gefunden
"C:\ProgramData\NTUSER.pol" => nicht gefunden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FEAE21B-304F-49F8-954F-000BCA091C62}" => nicht gefunden
"C:\WINDOWS\System32\Tasks\VLC Plus Player Updater" => nicht gefunden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VLC Plus Player Updater" => nicht gefunden

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-1773680356-330345840-2714900978-1103\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-1773680356-330345840-2714900978-1103\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========== EmptyTemp: ==========

FlushDNS => abgeschlossen
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 0 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2054569151 B
Edge => 0 B
Firefox => 79552927 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 74772 B
systemprofile32 => 74794 B
LocalService => 2229338 B
NetworkService => 2237774 B
Roland Henner => 2261466 B
RHenner => 269301256 B
Administrator => 384901734 B
SQLTELEMETRY$WINDATA => 384901734 B

RecycleBin => 9057810 B
EmptyTemp: => 3 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 16:42:43 ====

cosinus · 19.09.2024, 15:48

Dann bitte jetzt ein Kontrollscan mit Malwarebytes Anti-Malware.
Aber ich denke nicht, dass da was gefunden wird.

rhstgt · 19.09.2024, 15:59

Hier das Ergebnis :

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 19.09.2024
Scan-Zeit: 16:52
Protokolldatei: dce0628c-7696-11ef-9d0d-a85e452daa2e.json

-Softwaredaten-
Version: 5.1.10.127
Komponentenversion: 1.0.5021
Version des Aktualisierungspakets: 1.0.89425
Lizenz: Premium

-Systemdaten-
Betriebssystem: Windows 11 (Build 22631.4169)
CPU: x64
Dateisystem: NTFS
Benutzer: PCROLAND\RHenner

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 331195
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 3 Min., 44 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

19.09.2024, 08:22	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 11 : E-Mail Trojaner ? 1. Das kann von Anfang an auch so kommunizieren. 2. Nur weil man Spam bekommt heißt das nicht, dass der Rechner infiziert ist. 3. Zweites FRST-Logfile fehlt. __________________ Logfiles bitte immer in CODE-Tags posten

19.09.2024, 10:58	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 11 : E-Mail Trojaner ? Störende, veraltete oder unnötige Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren: AdGuard Java 8 Update 421 (64-bit) alles von Microsoft Office 2010 Microsoft SQL Server 2012 Native Client WithSecure™ Client Security __________________ Logfiles bitte immer in CODE-Tags posten

19.09.2024, 11:37	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 11 : E-Mail Trojaner ? adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner bitte wiederholen falls es Funde gab. __________________ Logfiles bitte immer in CODE-Tags posten

19.09.2024, 15:48	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 11 : E-Mail Trojaner ? Dann bitte jetzt ein Kontrollscan mit Malwarebytes Anti-Malware. Aber ich denke nicht, dass da was gefunden wird. __________________ Logfiles bitte immer in CODE-Tags posten

Windows 11 : E-Mail Trojaner ?

Log-Analyse und Auswertung: Windows 11 : E-Mail Trojaner ?