Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   bei sind mehrere Datenpannen vorgekommen (https://www.trojaner-board.de/214438-mehrere-datenpannen-vorgekommen.html)

cosinus 15.01.2025 16:06
Instruktionen bitte auch KOMPLETT lesen und umsetzen!

prie54 15.01.2025 16:20
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-15-2025
# Duration: 00:00:01
# OS:      Windows 10 (Build 19045.5371)
# Cleaned:  23
# Failed:  0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted      C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster
Deleted      C:\Users\Peter\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}
Deleted      C:\Users\Peter\AppData\Local\DOWNLOADED INSTALLATIONS\{63275DC3-9FB1-4159-97BC-E160CCAE30F0}
Deleted      C:\Users\Peter\AppData\Local\Startfenster
Deleted      C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC Plus Player

***** [ Files ] *****

Deleted      C:\ProgramData\Microsoft\Windows\Start Menu\Startfenster.lnk
Deleted      C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
Deleted      C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Startfenster.lnk
Deleted      C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
Deleted      C:\Users\Public\Desktop\ASHAMPOO DEALS.URL
Deleted      C:\Users\Public\Desktop\Startfenster.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted      HKCU\Software\Lavasoft\Web Companion
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted      HKCU\Software\Startfenster
Deleted      HKLM\Software\Classes\Installer\Features\DE9429122159FCC49A4DB945A3930DF7
Deleted      HKLM\Software\Classes\Installer\Products\DE9429122159FCC49A4DB945A3930DF7
Deleted      HKLM\Software\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
Deleted      HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DE9429122159FCC49A4DB945A3930DF7
Deleted      HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted      HKLM\Software\Wow6432Node\\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
Deleted      HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4475 octets] - [15/01/2025 14:58:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

cosinus 15.01.2025 16:22
Falsch. Lies meinen Beitrag #14 nochmal richtig.
Das sind zwei Zeilen + Titel. Sollte machbar sein.

prie54 15.01.2025 16:31
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-03-04.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-15-2025
# Duration: 00:00:02
# OS:      Windows 10 (Build 19045.5371)
# Cleaned:  6
# Failed:  0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted      Preinstalled.SamsungSmartSwitch  File  C:\Users\Public\Desktop\Smart Switch.lnk
Deleted      Preinstalled.SamsungSmartSwitch  Folder  C:\Program Files (x86)\SAMSUNG\SMART SWITCH PC
Deleted      Preinstalled.SamsungSmartSwitch  Folder  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Deleted      Preinstalled.SamsungSmartSwitch  Folder  C:\Users\Peter\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Deleted      Preinstalled.SamsungSmartSwitch  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Deleted      Preinstalled.SamsungSmartSwitch  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4475 octets] - [15/01/2025 14:58:40]
AdwCleaner[C00].txt - [3544 octets] - [15/01/2025 15:00:16]
AdwCleaner[S01].txt - [2233 octets] - [15/01/2025 15:04:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

cosinus 15.01.2025 16:41
Dann jetzt neue FRST-Logs.

prie54 15.01.2025 16:58
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2025
durchgeführt von Peter (Administrator) auf PETERSPC (MSI MS-7817) (15-01-2025 16:53:28)
Gestartet von D:\Users\Peter\Downloads\FRST64.exe
Geladene Profile: Peter
Plattform: Windows 10 Version 22H2 19045.5371 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2025.109.100_x64__8wekyb3d8bbwe\olk.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <20>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(services.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\ProgramData\MB3Install\MBAMIService.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11103992 2024-08-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-20] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [641752 2025-01-13] (Geek Software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3671040 2023-01-09] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3591168 2022-10-09] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ABNotify] => C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe [89968 2016-12-23] (CHENGDU AOMEI Tech Co., Ltd. -> )
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Keine Datei)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Keine Datei)
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Run: [Dropbox Update] => C:\Users\Peter\AppData\Local\DropboxUpdate\Update\DropboxUpdate.exe [130320 2023-05-04] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Run: [Amazon Music] => C:\Users\Peter\AppData\Local\Amazon Music\Amazon Music.exe [19781576 2020-10-29] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Run: [Amazon Music Helper] => C:\Users\Peter\AppData\Local\Amazon Music\Amazon Music Helper.exe [2106312 2020-10-29] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Run: [Amazon Photos] => C:\Users\Peter\AppData\Local\Amazon Drive\AmazonPhotos.exe [11031664 2024-10-14] (Amazon.com Services LLC -> Amazon.com Inc.)
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Run: [MicrosoftEdgeAutoLaunch_70ABF69C36125B78732041588D6A0A36] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911208 2025-01-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Run: [] => [X]
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Run: [Snip] => C:\Users\Peter\AppData\Local\Snip\Snip.exe [1713312 2015-10-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Run: [Surfshark] => C:\Program Files\Surfshark\Surfshark.exe  (Keine Datei)
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Policies\system: [shell] explorer.exe <==== ACHTUNG
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Keine Datei)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2009-07-14] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Windows x64\Print Processors\LMUD1N4C: C:\Windows\System32\spool\prtprocs\x64\LMUD1N4C.DLL [274432 2024-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Windows x64\Print Processors\LMUD1P4C: C:\Windows\System32\spool\prtprocs\x64\LMUD1P4C.DLL [273920 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Windows x64\Print Processors\LXKPTPRC: C:\Windows\System32\spool\prtprocs\x64\LXKPTPRC.DLL [99840 2009-07-14] (Lexmark International Inc.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: C:\WINDOWS\system32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: C:\WINDOWS\system32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\KM Language Monitor: KMPJL64.DLL (Keine Datei)
HKLM\...\Print\Monitors\LM_LMUD1P: C:\WINDOWS\system32\LMUD1PLANG.DLL [3055616 2013-04-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-12-14]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Keine Datei)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-10-15]
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {95CCA9F2-3A2D-4E45-89BD-CACD516E1B5E} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {4147F540-0019-48C5-8B75-4B65B07359C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {B30BB263-BD3F-49C1-9C28-3A763025A193} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {DB57341D-FCEF-4D46-A1EA-63BC088EBDB0} - System32\Tasks\avastBCLRestartS-1-5-21-2926960992-1055115158-727447495-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe  (Keine Datei)
Task: {DBE5E84B-914C-4F99-8F8C-155D4C2D1AFF} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2023-08-01] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {785479CB-140E-49FE-A8F5-1F553980E958} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5974480 2024-12-11] (Microsoft Windows -> Microsoft Corporation)
Task: {B907D8D7-02D9-4548-BF4C-9242FEAAA572} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2926960992-1055115158-727447495-1000Core1d238f2cc729583 => C:\Users\Peter\AppData\Local\DropboxUpdate\Update\DropboxUpdate.exe [130320 2023-05-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A9C254AE-700E-42D0-A383-999E08879B30} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2926960992-1055115158-727447495-1000UA1d238f2cc775a38 => C:\Users\Peter\AppData\Local\DropboxUpdate\Update\DropboxUpdate.exe [130320 2023-05-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {704E3578-A832-4435-A76E-B6F21809B4B9} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39848 2017-03-28] (Garmin International, Inc. -> )
Task: {A7A62639-DE19-4E7F-B474-60691AC82E0A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{0642EEBF-C8DD-463E-A150-FE9CCC470F56} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {AA8345A9-3C98-4911-9FC0-F01FA2EFA687} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2024-08-01] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {E5A74249-2B38-4CD6-A3B2-868E71AF6C2A} - System32\Tasks\Intel(R) Small Business Advantage\Notifier => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\SBA_Notifier.exe [27840 2013-03-13] (Intel Corporation - Business Client Platform Division -> Intel Corporation)
Task: {1FD09381-C915-41DF-B9D5-69F05F998A22} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe  /DoActivateWindowsSearch (Keine Datei)
Task: {14D89C9C-EAAC-4D2E-8B72-CD51470E5173} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe  /DoConfigureInternetTimeService (Keine Datei)
Task: {BB284631-740C-416A-901E-5B168A9F3821} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe  /DoRecoveryTasks $(Arg0) (Keine Datei)
Task: {CD22ACB3-31F3-4296-88DF-C672A4196AC5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe  /DRMInit (Keine Datei)
Task: {54F11938-0824-4354-B3E5-68A88021FCBA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe  /InstallPlayReady $(Arg0) (Keine Datei)
Task: {D167A38D-4C68-4207-8D25-308CAFDFB67F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate  $(Arg0) (Keine Datei)
Task: {79455702-761A-41DA-A5C6-A645D93D6ECE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate  -crl -hms -pscn 15 (Keine Datei)
Task: {43DC4DB6-2BC4-44E5-A080-602E91E29466} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -MediaCenterRecoveryTask (Keine Datei)
Task: {977064DE-DC98-4867-A4B7-1B241509DA31} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -ObjectStoreRecoveryTask (Keine Datei)
Task: {0D331922-8FD7-4334-B99C-4C49304A4CE0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe  /OCURActivate (Keine Datei)
Task: {2C5F4860-1CE2-44CF-B234-508FCFA6BBA7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe  /OCURDiscovery $(Arg0) (Keine Datei)
Task: {56C6FCBB-35C9-4F78-B298-5FD82474F27F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe  /PBDADiscovery (Keine Datei)
Task: {E5505448-7B21-4037-B83D-E1F2EEC0F7DA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe  /wait:7 /PBDADiscovery (Keine Datei)
Task: {ED5ED8F9-B038-4C7D-935D-8FC717A3E933} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe  /wait:90 /PBDADiscovery (Keine Datei)
Task: {32CECBBE-03A0-4588-AEEC-39E8D5AE03CC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe  -pscn 0 (Keine Datei)
Task: {2CE0C5B6-FADC-48C5-95CD-A2B9AA029DBF} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -PvrRecoveryTask (Keine Datei)
Task: {7760C395-2576-492E-91AE-14F393A0877E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe  -PvrSchedule (Keine Datei)
Task: {70118257-A4CF-470A-963F-48471BE15900} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec  /RestartRecording (Keine Datei)
Task: {23B015AF-93E0-4824-839A-9EB81646896C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe  /DoRegisterSearch $(Arg0) (Keine Datei)
Task: {2A979D9B-B7B8-4B8D-AF85-71AA91C7446F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe  /DoReindexSearchRoot (Keine Datei)
Task: {4AB081A7-D88F-4C80-99E2-09ED4CDA5D38} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -SqlLiteRecoveryTask (Keine Datei)
Task: {9D989159-BC6C-472A-8682-300DC264C101} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec  /StartRecording (Keine Datei)
Task: {120C6F93-61ED-40ED-9E94-447DB83ECACB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe  /DoUpdateRecordPath $(Arg0) (Keine Datei)
Task: {36903A0C-7EAF-4718-8DF6-DE23068652BE} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {0972F022-0144-4F86-A6DB-6079C7519C37} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {F260E4CE-D094-4541-AD1F-4292634EE0FC} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {EA3D3341-DB85-4257-9B60-B5778C970DB1} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {03566C49-DCE7-4F77-BBA2-3F3C3DDE65FF} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1F03F2D2-57E9-42E4-A030-444AA8E25C2A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2025-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E044F70-69BF-4C3A-87E6-D2CE01CB06D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2025-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F94B5F1-BA3F-4F64-B497-387FB3C36FF7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2025-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E4E3680-3389-4632-9B93-AA427E5F4A62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2025-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {042933DB-03FE-4758-A8AB-EC986281A016} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {1513AC7F-DA73-4326-82EF-F05C16956D47} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2926960992-1055115158-727447495-1000 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {1A3EC9F3-A49E-496C-968B-0325312599ED} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {6DEBADF5-E36A-4D85-B2FA-9316A17AA87B} - System32\Tasks\Sperrbildschirm deaktivieren => C:\WINDOWS\system32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData /t REG_DWORD /v AllowLockScreen /d 0 /f
Task: {1D948A2C-8EBC-42CC-A831-4CFB4013C285} - System32\Tasks\VLC Plus Player Updater => "C:\Users\Peter\AppData\Local\VLC Plus Player Updater\Updater.exe"  (Keine Datei) <==== ACHTUNG
Task: {17FD380E-4B18-49A5-BA97-08A1249CB1EC} - System32\Tasks\XMLDSB => %localappdata%\Startfenster\setupbds.exe  (Keine Datei) <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2926960992-1055115158-727447495-1000Core1d238f2cc729583.job => C:\Users\Peter\AppData\Local\DropboxUpdate\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2926960992-1055115158-727447495-1000UA1d238f2cc775a38.job => C:\Users\Peter\AppData\Local\DropboxUpdate\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{45412373-b0b9-4fe1-a8aa-8bbaedd622b1}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{45412373-b0b9-4fe1-a8aa-8bbaedd622b1}: [DhcpDomain] fritz.box

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Peter\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-15]
Edge HomePage: Default -> hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
Edge Extension: (Avira Safe Shopping) - C:\Users\Peter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2024-10-22]
Edge Extension: (Avira Password Manager) - C:\Users\Peter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2024-10-22]
Edge Extension: (Google Docs Offline) - C:\Users\Peter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Peter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-01]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF DefaultProfile: xxxkqlhf.default-1464631994350-1612714140707
FF ProfilePath: C:\Users\Peter\AppData\Roaming\TomTom\HOME\Profiles\y9bcx6ce.default [2024-08-13]
FF Extension: (Kein Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden]
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\wdj9a94p.Neues_Testprofil [2021-02-08]
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\xxxkqlhf.default-1464631994350-1612714140707 [2021-02-08]
FF Homepage: Mozilla - Kopie\Firefox\Profiles\xxxkqlhf.default-1464631994350-1612714140707 -> hxxps://www.kadaza.de/
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cxeq1w7b.default-release [2023-12-10]
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\wdj9a94p.Neues_Testprofil [2023-12-10]
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xxxkqlhf.default-1464631994350-1612714140707 [2023-12-10]
FF Homepage: Mozilla\Firefox\Profiles\xxxkqlhf.default-1464631994350-1612714140707 -> hxxps://www.kadaza.de/
FF Notifications: Mozilla\Firefox\Profiles\xxxkqlhf.default-1464631994350-1612714140707 -> hxxps://www.finanzen.net; hxxps://www.druckerchannel.de
FF Extension: (AdGuard Werbeblocker) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xxxkqlhf.default-1464631994350-1612714140707\Extensions\adguardadblocker@adguard.com.xpi [2021-05-27]
FF Extension: (I don't care about cookies) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xxxkqlhf.default-1464631994350-1612714140707\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-04-19]
FF Extension: (uBlock Origin) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xxxkqlhf.default-1464631994350-1612714140707\Extensions\uBlock0@raymondhill.net.xpi [2021-05-11]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xxxkqlhf.default-1464631994350-1612714140707\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-20]
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722 [2025-01-15]
FF Homepage: Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722 -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722 -> hxxps://www.dasheimwerkerforum.de; hxxps://sportdaten.n-tv.de; hxxps://www.mailhilfe.de; hxxps://www.msn.com; hxxps://www.n-tv.de; hxxps://web.whatsapp.com; hxxps://www.youtube.com; hxxps://www.sport1.de; hxxps://www.werkzeug-news.de; hxxps://www.facebook.com; hxxps://www.druckerchannel.de
FF Extension: (Translate Now) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\@translatenow.xpi [2024-08-25]
FF Extension: (Save time by asking Buster to solve captchas for you.) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\buster-captcha@jeelsboobz.id.xpi [2022-06-14]
FF Extension: (I don't care about cookies) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-12-07]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2024-10-30]
FF Extension: (SponsorBlock für YouTube – Überspringe gesponserte Videosegmente) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\sponsorBlocker@ajay.app.xpi [2025-01-10]
FF Extension: (WEB.DE MailCheck) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\toolbar@web.de.xpi [2024-01-08]
FF Extension: (uBlock Origin) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\uBlock0@raymondhill.net.xpi [2024-11-26]
FF Extension: (C021) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\{1e18511d-6b72-4952-8ff8-4ec83a73fd45}.xpi [2021-12-29]
FF Extension: (new-tab-url) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\{6a8c548b-2564-4f90-a6a3-607268659983}.xpi [2022-10-17]
FF Extension: (Surfshark VPN-Erweiterung) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\{732216ec-0dab-43bb-ac85-4b5e1977599d}.xpi [2025-01-10]
FF Extension: (Ruffle - Flash Emulator) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\{b5501fd1-7084-45c5-9aa6-567c2fcf5dc6}.xpi [2025-01-09]
FF Extension: (Buster: Captcha Solver for Humans) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lzsgyy19.default-esr-1640779990722\Extensions\{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2024-06-08]
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\145fz91s.default-esr-1 [2023-12-10]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2021-10-26] [ist nicht signiert]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @vlc.de/vlc,version=3.0.17.4 -> C:\Program Files\VLC Plus Player\npvlc.dll [Keine Datei]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-09-14] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-09-14] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-09-14] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-09-14] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-09-14] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-05-24] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-05-24] <==== ACHTUNG

Chrome:
=======
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default [2025-01-01]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Präsentationen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-07]
CHR Extension: (Docs) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-07]
CHR Extension: (Google Drive) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-04]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Google-Suche) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-04]
CHR Extension: (Tabellen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-07]
CHR Extension: (AVG SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-11-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-07]
CHR Extension: (Google Mail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-07]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc. -> Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2016-12-23] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [372736 2023-01-04] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-06-29] (Bayerisches Landesamt fuer Steuern -> )
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-01-14] (HP Inc. -> HP Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] (Canon Inc. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-03-13] (Intel Corporation - Business Client Platform Division -> Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] (Intel(R) Smart Connect software -> )
R2 MBAMIService; C:\ProgramData\MB3Install\MBAMIService.exe [231120 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2025-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
S3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [641752 2025-01-13] (Geek Software GmbH -> geek software GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
S2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [11776 2024-03-29] () [Datei ist nicht signiert]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2025-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2025-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [18944 2024-03-29] () [Datei ist nicht signiert]
S2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 CsrBtOBEX-Dienst; "C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe" [X]
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75712 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
S3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBthAudioHF; C:\WINDOWS\System32\drivers\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [20872 2014-07-01] (eSupport.com, Inc -> Phoenix Technologies)
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [126168 2024-08-01] (Genesys Logic, Inc. -> GenesysLogic)
S3 GigasetGenericUSB_x64; C:\WINDOWS\system32\DRIVERS\GigasetGenericUSB_x64.sys [54272 2015-12-21] (Siemens AG -> Siemens Home and Office Communication Devices GmbH & Co. KG)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [544704 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [385984 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85944 2020-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522176 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1027520 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116672 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
S4 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252352 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R3 MpKsl14779d6d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7115042F-CCC7-4726-82EC-8BC86A0648FF}\MpKslDrv.sys [267552 2025-01-15] (Microsoft Windows -> Microsoft Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [91584 2024-05-22] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2023-11-15] (Microsoft Corporation) [Datei ist nicht signiert]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2025-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2025-01-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2025-01-10] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2025-01-10] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-01-15 15:27 - 2025-01-15 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Outlook
2025-01-15 15:27 - 2025-01-15 15:31 - 000000000 ____D C:\Program Files (x86)\Kutools for Outlook
2025-01-15 14:57 - 2025-01-15 15:00 - 000000000 ____D C:\AdwCleaner
2025-01-15 12:53 - 2025-01-15 12:53 - 000000000 ___HD C:\$WinREAgent
2025-01-15 09:39 - 2025-01-15 16:53 - 000000000 ____D C:\FRST
2025-01-14 21:26 - 2025-01-15 08:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-14 10:57 - 2025-01-14 10:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-01-14 10:33 - 2025-01-14 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2025-01-14 10:32 - 2025-01-14 10:33 - 000000000 ____D C:\Program Files\PDF24
2025-01-10 03:11 - 2025-01-10 03:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2025-01-10 03:07 - 2025-01-10 03:07 - 000000000 ____D C:\Users\Peter\AppData\Local\AdvinstAnalytics
2025-01-07 11:49 - 2025-01-07 11:49 - 000000000 ____D C:\Users\Peter\AppData\Roaming\DropboxElectron
2025-01-06 13:05 - 2025-01-06 21:18 - 000000000 ____D C:\Users\Peter\AppData\Local\photoOptimizeHistoryDataBase
2025-01-06 13:05 - 2025-01-06 13:05 - 000000000 ____D C:\Users\Peter\AppData\Local\Ashampoo
2025-01-06 12:19 - 2025-01-06 12:19 - 000000000 ____D C:\ProgramData\Ashampoo
2025-01-06 12:03 - 2025-01-06 12:03 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Avanquest
2025-01-06 11:38 - 2025-01-06 11:38 - 000001566 _____ C:\Users\Peter\AppData\Local\recently-used.xbel
2024-12-31 16:51 - 2025-01-15 15:00 - 000075522 _____ C:\Users\Peter\AppData\Local\SnipUsages.txt
2024-12-31 16:51 - 2025-01-15 14:51 - 821769326 _____ C:\Users\Peter\AppData\Local\SnipUsagesUpload.txt
2024-12-17 05:23 - 2025-01-15 15:00 - 000296006 _____ C:\Users\Peter\AppData\Local\Snip.txt
2024-12-17 05:23 - 2024-12-17 05:23 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snip
2024-12-17 05:23 - 2024-12-17 05:23 - 000000000 ____D C:\Users\Peter\AppData\Local\Snip
2024-12-17 05:23 - 2024-12-17 05:23 - 000000000 ____D C:\Users\Peter\AppData\Local\Package Cache
2024-12-17 05:23 - 2024-12-17 05:23 - 000000000 ____D C:\Users\Peter\AppData\Local\Microsoft_Corporation

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-01-15 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-15 15:16 - 2014-04-08 19:10 - 000000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2025-01-15 15:09 - 2022-02-09 11:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-15 15:05 - 2023-11-13 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2025-01-15 15:05 - 2023-11-06 08:41 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Samsung
2025-01-15 15:05 - 2023-11-06 08:41 - 000000000 ____D C:\Program Files (x86)\Samsung
2025-01-15 15:05 - 2017-01-04 09:22 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2025-01-15 15:00 - 2014-04-20 16:45 - 000000000 ____D C:\Users\Peter\AppData\Local\Downloaded Installations
2025-01-15 14:51 - 2020-07-27 08:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-15 13:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-15 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-15 12:54 - 2020-07-27 08:25 - 001917390 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-15 12:54 - 2019-12-07 15:51 - 000805550 _____ C:\WINDOWS\system32\perfh007.dat
2025-01-15 12:54 - 2019-12-07 15:51 - 000173024 _____ C:\WINDOWS\system32\perfc007.dat
2025-01-15 12:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-01-15 12:52 - 2017-05-17 09:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2025-01-15 12:52 - 2015-12-27 15:12 - 000000000 __SHD C:\Users\Peter\IntelGraphicsProfiles
2025-01-15 12:50 - 2020-07-27 08:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-15 12:50 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-01-15 12:50 - 2017-01-04 09:22 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2025-01-15 12:50 - 2013-11-23 19:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-15 12:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-15 12:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-15 12:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-15 12:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-15 12:49 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-15 12:46 - 2020-07-27 08:20 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-01-15 12:35 - 2021-12-17 20:49 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-15 12:34 - 2024-10-15 18:40 - 000309088 _____ C:\WINDOWS\system32\rtp.db
2025-01-15 12:34 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-01-15 12:27 - 2022-09-21 02:22 - 000000000 ____D C:\Program Files\VideoLAN
2025-01-15 12:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-15 12:23 - 2015-09-25 08:09 - 000000000 ____D C:\Program Files (x86)\Java
2025-01-15 12:22 - 2024-08-01 19:25 - 000000000 ____D C:\ProgramData\ProductData
2025-01-15 12:22 - 2024-08-01 19:23 - 000000000 ____D C:\Users\Peter\AppData\Roaming\IObit
2025-01-15 12:21 - 2023-04-18 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2025-01-15 12:09 - 2013-11-23 22:35 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Word
2025-01-15 11:48 - 2013-11-23 20:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-15 11:45 - 2013-11-23 20:36 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-15 08:57 - 2021-12-13 20:11 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2926960992-1055115158-727447495-1000
2025-01-15 08:57 - 2020-07-27 08:28 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2926960992-1055115158-727447495-1000
2025-01-15 08:57 - 2020-07-27 08:18 - 000002441 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-14 11:00 - 2024-10-17 11:16 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-01-14 09:50 - 2016-05-22 13:15 - 000000000 ____D C:\Users\Peter\AppData\Local\ElevatedDiagnostics
2025-01-14 09:48 - 2013-11-23 18:57 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\MMC
2025-01-13 21:06 - 2013-11-23 22:30 - 000000000 ____D C:\Users\Peter\AppData\Roaming\TVgenial
2025-01-13 12:29 - 2020-07-27 08:18 - 000000000 ____D C:\Users\Peter
2025-01-13 09:24 - 2014-02-03 19:50 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Canon
2025-01-12 22:19 - 2013-11-23 21:28 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Outlook
2025-01-12 22:17 - 2020-07-27 08:28 - 000004158 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6018F7FE-2866-449D-97C9-0820B87AB26E}
2025-01-12 20:24 - 2023-11-29 17:52 - 000002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-11 16:26 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2025-01-10 03:21 - 2018-05-25 11:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-01-07 21:49 - 2022-09-21 02:08 - 000000000 ____D C:\Users\Peter\.mediathek3
2025-01-07 21:32 - 2013-11-28 20:35 - 000000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2025-01-07 11:49 - 2015-06-17 11:19 - 000000000 ____D C:\Users\Peter\AppData\Local\Dropbox
2025-01-07 11:49 - 2014-02-02 18:34 - 000000000 ____D C:\Users\Peter\Dropbox
2025-01-06 12:20 - 2015-07-23 09:41 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-04 18:36 - 2018-07-11 09:05 - 000000000 ____D C:\ProgramData\Packages
2025-01-04 18:36 - 2018-01-21 18:14 - 000000000 ____D C:\Users\Peter\AppData\Local\PlaceholderTileLogoFolder
2025-01-04 18:36 - 2017-12-12 11:28 - 000000000 ____D C:\Users\Peter\AppData\Local\Packages
2025-01-04 15:34 - 2024-10-15 18:41 - 000000000 ____D C:\Users\Public\Security Sessions
2024-12-22 16:22 - 2017-01-04 09:22 - 000000000 ____D C:\ProgramData\AomeiBR
2024-12-22 11:56 - 2017-01-04 09:24 - 000001024 ____H C:\SYSTAG.BIN
2024-12-21 20:43 - 2020-07-27 08:28 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-21 20:43 - 2020-07-27 08:28 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-20 16:02 - 2024-10-15 09:34 - 000000000 ____D C:\Users\Peter\AppData\Local\babl-0.1

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2019-10-20 17:01 - 2019-10-20 17:01 - 000000258 _____ () C:\ProgramData\fontcacheev1.dat
2014-08-05 17:22 - 2014-08-05 17:22 - 000000339 _____ () C:\Users\Peter\AppData\Roaming\dpdhl.versandhelfer_state.xml
2013-12-28 20:07 - 2013-12-28 20:14 - 000022246 _____ () C:\Users\Peter\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2016-05-15 18:51 - 2016-05-15 19:04 - 000000115 _____ () C:\Users\Peter\AppData\Roaming\LogFile.txt
2021-03-07 13:53 - 2021-04-22 15:05 - 000002558 _____ () C:\Users\Peter\AppData\Local\krita-sysinfo.log
2021-03-07 13:53 - 2021-04-22 15:05 - 000002434 _____ () C:\Users\Peter\AppData\Local\krita.log
2021-03-11 16:08 - 2021-03-11 16:08 - 000000039 _____ () C:\Users\Peter\AppData\Local\kritadisplayrc
2021-03-07 13:53 - 2021-03-07 14:09 - 000016197 _____ () C:\Users\Peter\AppData\Local\kritarc
2025-01-06 11:38 - 2025-01-06 11:38 - 000001566 _____ () C:\Users\Peter\AppData\Local\recently-used.xbel
2024-12-17 05:23 - 2025-01-15 15:00 - 000296006 _____ () C:\Users\Peter\AppData\Local\Snip.txt
2024-12-31 16:51 - 2025-01-15 15:00 - 000075522 _____ () C:\Users\Peter\AppData\Local\SnipUsages.txt
2024-12-31 16:51 - 2025-01-15 14:51 - 821769326 _____ () C:\Users\Peter\AppData\Local\SnipUsagesUpload.txt

==================== FLock ==============================

2019-05-14 18:53 C:\ProgramData\Brother

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

prie54 15.01.2025 17:33
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-01-2025
durchgeführt von Peter (15-01-2025 16:55:40)
Gestartet von D:\Users\Peter\Downloads
Windows 10 Version 22H2 19045.5371 (X64) (2020-07-27 07:29:11)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2926960992-1055115158-727447495-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2926960992-1055115158-727447495-503 - Limited - Disabled)
Gast (S-1-5-21-2926960992-1055115158-727447495-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2926960992-1055115158-727447495-1002 - Limited - Enabled)
Peter (S-1-5-21-2926960992-1055115158-727447495-1000 - Administrator - Enabled) => C:\Users\Peter
WDAGUtilityAccount (S-1-5-21-2926960992-1055115158-727447495-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: 1.23.1.50133 - Amazon)
Amazon Kindle (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Amazon Kindle) (Version: 1.39.1.65323 - Amazon)
Amazon Music (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Amazon Amazon Music) (Version: 8.0.0.2229 - Amazon.com Services LLC)
Amazon Photos (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Amazon Photos) (Version: 10.6.0 - Amazon.com, Inc.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother IPPoverUSB Driver (HKLM-x32\...\{F461DE2F-0FE0-4749-80F1-76FA8C423FE5}) (Version: 1.2.0.0 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{89208d05-31fd-46e1-a160-6cba7ec49844}) (Version: 11.1.1.1 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{C86D9011-7AE0-4329-AEED-17C69CD84E88}) (Version: 11.1.1.1 - Brother Industries, Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{D2980B5A-61DE-4C04-A65C-FE888CDB88E0}) (Version: 1.9.0.0 - Brother Industries Ltd.) Hidden
BrowserStart (HKLM-x32\...\BrowserStart) (Version: 3.2 - BrowserStart)
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version:  - Canon Inc.)
Dropbox (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Dropbox) (Version: 173.4.6706 - Dropbox, Inc.)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 21.3 - Thüringer Landesfinanzdirektion)
etope Lister 2 (HKLM-x32\...\etope Lister_is1) (Version:  - Freshworx GmbH & Co.KG)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2024.2.3.25184 - Foxit Software Inc.)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Gigaset QuickSync (HKLM\...\{5f46d2d1-51d8-4682-8092-c7d8964f9cfc}) (Version: 8.6.0881.1 - Gigaset Communications GmbH)
GIMP 2.10.38 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Earth Pro (HKLM\...\{3470AD08-85F2-4B1D-8487-FC4750732087}) (Version: 7.3.6.9796 - Google)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HttpToUsbBridge (HKLM-x32\...\{999245BB-F187-45E8-95C9-4AE0CC8639D7}) (Version: 2.1.67.1 - Brother Industries Ltd.)
IncrediMail (HKLM-x32\...\{C8842F80-0E07-4424-916D-9F6B6A9968E4}) (Version: 6.6.0.5288 - IncrediMail) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5171 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{35069AA3-F7B2-4759-96F0-9EE43AACB690}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel® RealSense™ SDK 2014 Runtime  (x64): Core (HKLM\...\{37D41A97-6B02-4C30-8753-85107BE1D674}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Kutools for Outlook (HKLM-x32\...\{2EF028A9-BCAE-4DA8-807A-64EAD9B747A7}) (Version: 22.50.03 - ExtendOffice.com) Hidden
Kutools for Outlook (HKLM-x32\...\Kutools for Outlook 22.50.03) (Version: 22.50.03 - ExtendOffice.com)
Lexmark Universal v2 Deinstallationsprogamm (HKLM\...\Lexmark Universal v2) (Version:  - Lexmark International, Inc.)
Logitech SetPoint 6.70 (HKLM\...\sp6) (Version: 6.70.55 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
MaxCut (HKLM-x32\...\{17867520-249F-4491-9E62-22DECEA513C1}) (Version: 2.9.3.5 - MaxCut Software (Pty) Ltd) Hidden
MaxCut (HKLM-x32\...\{50bc7846-8df0-4979-9b83-f2d05b17d753}) (Version: 2.9.3.5 - MaxCut Software Ltd)
MediathekView 14.1.0 (HKLM\...\1927-5045-2127-3394) (Version: 14.1.0 - MediathekView Team)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.2 (DEU) (HKLM\...\{1DB0C90B-2A9F-3A1E-B1DF-616C5A2A1417}) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) (HKLM\...\{25E80DAA-FD87-DCE5-202C-CC02F6673002}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.146 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\OneDriveSetup.exe) (Version: 24.232.1118.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 134.0.1 (x64 de)) (Version: 134.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0.1 - Mozilla)
Mozilla Thunderbird 68.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 68.1.0 (x86 de)) (Version: 68.1.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
PDF24 Creator 11.23.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.23.0 - geek software GmbH)
Photo Notifier and Animation Creator (HKLM-x32\...\{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}) (Version: 1.0.0.1009 - Ihr Firmenname) Hidden
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.59.0 - Samsung Electronics Co., Ltd.)
Sky Go 22.11.2.0 (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\com.bskyb.skygoplayer_is1) (Version: 22.11.2.0 - Sky)
Snip (HKLM-x32\...\{DE935EF7-6CE4-471E-9C73-0AE1A2E7D0D6}) (Version: 0.1.5119.0 - Microsoft) Hidden
Snip (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\{525d439e-e22a-4221-8fd1-25b845fe0038}) (Version: 0.1.5119.0 - Microsoft Corporation)
SoftwareUpdateNotification (HKLM-x32\...\{3D1AD910-B82B-4635-B1C3-0CEF9F6F3D34}) (Version: 1.0.21.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{2CA4537C-19BA-47F5-88A6-7C9DB6BD37B4}) (Version: 1.35.1.0 - Brother Industries, Ltd.) Hidden
TextMaker Viewer (HKLM-x32\...\TextMaker Viewer) (Version:  - SoftMaker Software GmbH)
TVgenial 5.70 (HKLM-x32\...\TVgenial) (Version:  - )
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Virtual WiFi Router version 3.0 (HKLM-x32\...\{F5F33265-5CAA-4F12-AA8F-7F8384BF2A57}_is1) (Version: 3.0 - Virtual WiFi Router, Inc.)
WhatsApp (Outdated) (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\WhatsApp) (Version: 2.2326.10 - WhatsApp)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Lexmark International Printer  (05/03/2013 2.9.1.0) (HKLM\...\1E475DE70DA7DD9952D632639EB4729E88E705AC) (Version: 05/03/2013 2.9.1.0 - Lexmark International)

Packages:
=========
DuckDuckGo -> C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.97.3.0_x64__ya2fgkz3nks94 [2024-12-19] (DuckDuckGo) [Startup Task]
EasyCast - Screen Mirroring Receiver -> C:\Program Files\WindowsApps\53887HaoCai.EasyCast-MirrorDisplay_1.7.1.0_x64__qrw73ppzkf79y [2025-01-12] (Hao Cai)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-14] (HP Inc.)
KYOCERA Print Center -> C:\Program Files\WindowsApps\A97ECD55.KYOCERAPrintCenter_4.4.11210.0_x64__kqmhh0ktdt7dg [2025-01-08] (KYOCERA Document Solutions Inc)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-12-25] (Microsoft Corporation)
QR Code for Windows 10 -> C:\Program Files\WindowsApps\17036IYIA.QRCodeforWindows10_9.2.1.0_x64__dggz0n4pnn0ge [2024-12-25] (IYIA)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-11-29] (Adobe Systems Incorporated)
testPen -> C:\Program Files\WindowsApps\5C89B014.testPen_1.0.6.0_x64__2ztr0f5k8f37a [2024-09-18] (北京科加触控技术有限公司)
TV Programm Free -> C:\Program Files\WindowsApps\60934FLWebsolutions.TVProgrammFree_3.4.4.0_x64__0j38hvxvj7hat [2022-01-28] (FL Websolutions) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm [2025-01-15] (WhatsApp Inc.) [Startup Task]
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2024-09-18] (Microsoft Corporation)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2024-12-25] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Peter\Dropbox [2014-02-02 18:34]
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Dropbox] =>
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} =>  -> Keine Datei
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} =>  -> Keine Datei
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2024-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers1_S-1-5-21-2926960992-1055115158-727447495-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2926960992-1055115158-727447495-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2926960992-1055115158-727447495-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2017-03-28 14:32 - 2017-03-28 14:32 - 000073216 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000326144 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2016-09-14 10:35 - 2006-02-23 10:35 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzColorPort64.dll
2016-09-14 10:35 - 2006-02-22 09:39 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzPort64.dll
2017-01-04 09:22 - 2015-05-20 22:32 - 002403504 _____ (Aomei Technology Co., Limited -> ) [Datei ist nicht signiert] C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 001976832 _____ (Apache Software Foundation) [Datei ist nicht signiert] C:\Program Files (x86)\Garmin\Device Interaction Service\XercesLib.dll
2014-10-13 20:48 - 2009-07-14 02:40 - 000084992 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2017-03-28 14:34 - 2017-03-28 14:34 - 000234496 _____ (Dynastream Innovations Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Garmin\Device Interaction Service\ANT_WrappedLib.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 002711552 _____ (Garmin International) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Garmin\Device Interaction Service\legacyio.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000343552 _____ (Garmin International, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Garmin\Device Interaction Service\IMG_GPSMAP.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000425472 _____ (Garmin) [Datei ist nicht signiert] C:\Program Files (x86)\Garmin\Device Interaction Service\XMLdll.dll
2020-05-11 23:48 - 2020-05-11 23:48 - 000794112 _____ (Gigaset Communications GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\GQSTSP.tsp
2013-11-23 18:56 - 2009-07-14 02:41 - 000099840 _____ (Lexmark International Inc.) [Datei ist nicht signiert] C:\WINDOWS\system32\spool\PRTPROCS\x64\LXKPTPRC.DLL
2020-07-27 08:19 - 2020-07-27 08:19 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2020-07-27 08:19 - 2020-07-27 08:19 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80DEU.DLL
2020-07-27 08:20 - 2020-07-27 08:20 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Garmin\Device Interaction Service\DSI_SiUSBXp_3_1.DLL
2016-09-14 10:35 - 2006-02-23 11:16 - 000047616 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmColorFax.dll
2016-09-14 10:35 - 2006-02-22 09:53 - 000043520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmFax.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2020-11-20] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2020-11-20] (Logitech Inc -> Logitech, Inc.)
Toolbar: HKU\S-1-5-21-2926960992-1055115158-727447495-1000 -> Kein Name - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} -  Keine Datei
Toolbar: HKU\S-1-5-21-2926960992-1055115158-727447495-1000 -> Kein Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\garmin.com -> hxxps://my.garmin.com
IE trusted site: HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\localhost -> localhost

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2021-02-07 12:49 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1      localhost

2024-10-03 15:22 - 2024-10-03 15:22 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\DATA;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
 ist aktiviert.

Network Binding:
=============
LAN-Verbindung 2: OpenVPN Data Channel Offload -> ovpn-dco.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
LAN-Verbindung: Realtek PCIe GbE Family Controller -> rt640x64.sys

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: CanonSolutionMenuEx =>
MSCONFIG\startupreg: HotKeysCmds =>
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: IncrediMail => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
MSCONFIG\startupreg: Persistence =>
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Super-Charger => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: USB3MON =>
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "vksts"
HKLM\...\StartupApproved\Run: => "TrayApplication"
HKLM\...\StartupApproved\Run: => "HarmonyUserStartup"
HKLM\...\StartupApproved\Run: => "CsrHCRPServer"
HKLM\...\StartupApproved\Run: => "CsrAudioguiCtrl"
HKLM\...\StartupApproved\Run: => "CsrSyncMLServer"
HKLM\...\StartupApproved\Run: => "CSRHarmonySkypePlugin"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BrStsInd00"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ABNotify"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "Amazon Photos"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "VLC Plus Player Updater"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_70ABF69C36125B78732041588D6A0A36"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "AusweisApp2"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{76A68012-03DA-462E-A8C3-74C2890AC087}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [{C9DE9B1F-9D3B-4D63-BA2E-6C310ABB9355}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [UDP Query User{A6820E05-014A-42C0-9325-D1A9BA28DDDA}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{1BFDC15D-5E1F-4041-B982-D8B04293266B}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{A315FD63-A9E9-413A-9D2D-848848CB93E7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{D08D4CEC-76E1-4662-BC41-0B010E8F605A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{D92DBB30-03F7-4674-9076-2A204551C905}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{2E8D6CEF-36FA-406A-8659-8D9375E9A288}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{E342D332-10AD-4FAD-9E1B-DD58A36EFACA}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{6C33D454-E513-4A5F-91EF-86C981220EAD}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{4F8D723E-D2A2-4A8C-8C49-2806E53E630F}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe () [Datei ist nicht signiert]
FirewallRules: [{6FEE408A-08BE-4690-AAB5-02A3F647BDCE}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe () [Datei ist nicht signiert]
FirewallRules: [{10D50A56-52DC-40C8-9ECC-E83E8DCFF213}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe () [Datei ist nicht signiert]
FirewallRules: [{13962A41-D282-485C-9F3F-704672A2865A}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe () [Datei ist nicht signiert]
FirewallRules: [{FB690228-5A26-4FE1-A104-6E587DE06C29}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{0A06D223-D0A3-4E23-8FCA-82C435BE6E73}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{2CD95023-BF5F-4AD9-A7E8-51619388D5A5}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{8451C290-172D-4F91-B345-3073E370236F}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{8C85A527-B0F5-4D02-8728-4F190D6CFFCA}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll () [Datei ist nicht signiert]
FirewallRules: [{ED4D1BEA-88AF-4CAF-AC92-EF812514B449}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll () [Datei ist nicht signiert]
FirewallRules: [{C849AC2A-DDAA-44A9-8879-F7AF95312042}] => (Allow) LPort=35722
FirewallRules: [{46F8E08A-FBCC-4DB8-B8A1-2433EDF60A9D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe => Keine Datei
FirewallRules: [{63B7F3F9-F58C-45DE-897F-63BF2A0D2FF8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe => Keine Datei
FirewallRules: [TCP Query User{90B9F8BC-0B18-42E0-AD84-4A396E5D931C}D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe] => (Block) D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe (F.J. Wechselberger) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{9900669B-ED12-4EC2-A0AB-839B719C603E}D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe] => (Block) D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe (F.J. Wechselberger) [Datei ist nicht signiert]
FirewallRules: [{9F098E21-E58A-4440-81B1-FDC756C7AF6B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{33DA7465-8FC1-4485-B286-76D65996BE9F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{9F29CC50-E21E-4A51-9188-8DC6E2988FC9}D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe] => (Allow) D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe (F.J. Wechselberger) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{01D22D19-92F9-4442-A393-6D7DD42F7567}D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe] => (Allow) D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe (F.J. Wechselberger) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{11EF91BD-D92F-4668-A462-CCFC23B284BF}C:\program files\vlc plus player\vlc.exe] => (Allow) C:\program files\vlc plus player\vlc.exe => Keine Datei
FirewallRules: [UDP Query User{BB473CAB-7E5F-4E41-9091-3EF7F48D5930}C:\program files\vlc plus player\vlc.exe] => (Allow) C:\program files\vlc plus player\vlc.exe => Keine Datei
FirewallRules: [{BFF0B4A7-FE94-4B86-A3A0-7F2CEBBD7833}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{1D47D36D-FA61-4902-81D0-D731525841D1}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [TCP Query User{5C818DEB-544B-470F-94E7-7AB2D4649AEC}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => Keine Datei
FirewallRules: [UDP Query User{DB25964C-B797-468B-ABC6-95279AC9E695}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => Keine Datei
FirewallRules: [{B5106500-4980-4A7F-BE8F-3EA4B546118C}] => (Allow) LPort=54950
FirewallRules: [{EA18EC71-CA1A-4C41-B9F6-09522A4D977E}] => (Allow) LPort=54955
FirewallRules: [{18E807A8-A68A-4E3C-95CF-D6A6DA1EF5C4}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.97.3.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
FirewallRules: [{DCE0447F-5C60-41A9-8CFD-8D2D72497465}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.97.3.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
FirewallRules: [{F7EFC1CE-B70B-4F44-BE83-8B77B4C28CC2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{78887851-30C8-4AEE-8BF7-0DAF25F2F520}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EB80963-211E-4AA9-94A9-0EB94DAA68E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDD5B848-741E-4792-B3C6-9C11D6E00F16}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F424104-37E4-4235-A06C-86D580A4B239}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

15-01-2025 12:20:44 Removed 7-Zip 22.01 (x64 edition)
15-01-2025 15:05:29 AdwCleaner_BeforeCleaning_15/01/2025_15:05:28

==================== Fehlerhafte Geräte im Gerätemanager ============

==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (01/15/2025 03:16:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WebViewHost.exe, Version: 18.2501.1083.0, Zeitstempel: 0x677e8438
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.5369, Zeitstempel: 0xc3ec0adc
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000001341c2
ID des fehlerhaften Prozesses: 0x17f4
Startzeit der fehlerhaften Anwendung: 0x01db675816847046
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2501.1083.0_x64__8wekyb3d8bbwe\WebViewHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 07ff78ef-f670-4c35-9b2f-0eed4804eb77
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftOfficeHub_18.2501.1083.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.MicrosoftOfficeHub

Error: (01/15/2025 12:53:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WhatsApp.exe, Version: 0.0.0.0, Zeitstempel: 0x67696a7e
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.5007, Zeitstempel: 0x688f8c4b
Ausnahmecode: 0x060c201e
Fehleroffset: 0x00000000000cb520
ID des fehlerhaften Prozesses: 0x2754
Startzeit der fehlerhaften Anwendung: 0x01db674415b86c0a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 2be56b08-6265-4409-80de-e941c0c6fe6c
Vollständiger Name des fehlerhaften Pakets: 5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[3]: 192.168.10.25

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[2]: 2003:ea:9f30:bf00:ce9:8015:9a9c:f98c


Systemfehler:
=============
Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "PDF24" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Print Scan Doctor Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "AOMEI Backupper Scheduler Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "SAMSUNG Mobile Connectivity Service V2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:00:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
================
Date: 2025-01-15 16:56:37
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Perion&threatid=226948&enterprise=0
Name: PUA:Win32/Perion
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: PetersPC\Peter
Prozessname: D:\Users\Peter\Downloads\FRST64.exe
Sicherheitsversion: AV: 1.421.1374.0, AS: 1.421.1374.0, NIS: 1.421.1374.0
Modulversion: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2025-01-14 13:33:15
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5DE5D5E1-AF9B-4A76-9103-FD1C00D9E31D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2025-01-14 10:59:37
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A620B183-879B-4FFE-BAE0-1D2AFDC73858}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2025-01-14 10:08:45
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {7729DB8B-DE34-4EE0-9258-D52B783EAA32}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\Netzwerkdienst

Date: 2025-01-13 09:47:11
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {D9C5F626-3F56-4072-BA78-BCFFD8A3ACD8}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===============
Date: 2025-01-15 12:53:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm\WhatsApp.dll that did not meet the Store signing level requirements.

Date: 2025-01-15 12:19:47
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Surfshark\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. V10.9 04/21/2015
Hauptplatine: MSI B85M-E45 (MS-7817)
Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 16246 MB
Verfügbarer physikalischer RAM: 8666.66 MB
Summe virtueller Speicher: 16246 MB
Verfügbarer virtueller Speicher: 7939.6 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:111.17 GB) (Free:5.28 GB) NTFS
Drive d: (Daten) (Fixed) (Total:537.11 GB) (Free:412.15 GB) NTFS
Drive e: (Backup) (Fixed) (Total:394.28 GB) (Free:393.55 GB) NTFS

\\?\Volume{786d2e44-5468-11e3-9573-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS
\\?\Volume{fb2037d3-0000-0000-0000-60d11b000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: FB2037D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=530 MB) - (Type=27)

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-01-2025
durchgeführt von Peter (15-01-2025 16:55:40)
Gestartet von D:\Users\Peter\Downloads
Windows 10 Version 22H2 19045.5371 (X64) (2020-07-27 07:29:11)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2926960992-1055115158-727447495-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2926960992-1055115158-727447495-503 - Limited - Disabled)
Gast (S-1-5-21-2926960992-1055115158-727447495-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2926960992-1055115158-727447495-1002 - Limited - Enabled)
Peter (S-1-5-21-2926960992-1055115158-727447495-1000 - Administrator - Enabled) => C:\Users\Peter
WDAGUtilityAccount (S-1-5-21-2926960992-1055115158-727447495-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: 1.23.1.50133 - Amazon)
Amazon Kindle (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Amazon Kindle) (Version: 1.39.1.65323 - Amazon)
Amazon Music (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Amazon Amazon Music) (Version: 8.0.0.2229 - Amazon.com Services LLC)
Amazon Photos (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Amazon Photos) (Version: 10.6.0 - Amazon.com, Inc.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother IPPoverUSB Driver (HKLM-x32\...\{F461DE2F-0FE0-4749-80F1-76FA8C423FE5}) (Version: 1.2.0.0 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{89208d05-31fd-46e1-a160-6cba7ec49844}) (Version: 11.1.1.1 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{C86D9011-7AE0-4329-AEED-17C69CD84E88}) (Version: 11.1.1.1 - Brother Industries, Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{D2980B5A-61DE-4C04-A65C-FE888CDB88E0}) (Version: 1.9.0.0 - Brother Industries Ltd.) Hidden
BrowserStart (HKLM-x32\...\BrowserStart) (Version: 3.2 - BrowserStart)
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version:  - Canon Inc.)
Dropbox (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\Dropbox) (Version: 173.4.6706 - Dropbox, Inc.)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 21.3 - Thüringer Landesfinanzdirektion)
etope Lister 2 (HKLM-x32\...\etope Lister_is1) (Version:  - Freshworx GmbH & Co.KG)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2024.2.3.25184 - Foxit Software Inc.)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Gigaset QuickSync (HKLM\...\{5f46d2d1-51d8-4682-8092-c7d8964f9cfc}) (Version: 8.6.0881.1 - Gigaset Communications GmbH)
GIMP 2.10.38 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Earth Pro (HKLM\...\{3470AD08-85F2-4B1D-8487-FC4750732087}) (Version: 7.3.6.9796 - Google)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HttpToUsbBridge (HKLM-x32\...\{999245BB-F187-45E8-95C9-4AE0CC8639D7}) (Version: 2.1.67.1 - Brother Industries Ltd.)
IncrediMail (HKLM-x32\...\{C8842F80-0E07-4424-916D-9F6B6A9968E4}) (Version: 6.6.0.5288 - IncrediMail) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5171 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{35069AA3-F7B2-4759-96F0-9EE43AACB690}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel® RealSense™ SDK 2014 Runtime  (x64): Core (HKLM\...\{37D41A97-6B02-4C30-8753-85107BE1D674}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Kutools for Outlook (HKLM-x32\...\{2EF028A9-BCAE-4DA8-807A-64EAD9B747A7}) (Version: 22.50.03 - ExtendOffice.com) Hidden
Kutools for Outlook (HKLM-x32\...\Kutools for Outlook 22.50.03) (Version: 22.50.03 - ExtendOffice.com)
Lexmark Universal v2 Deinstallationsprogamm (HKLM\...\Lexmark Universal v2) (Version:  - Lexmark International, Inc.)
Logitech SetPoint 6.70 (HKLM\...\sp6) (Version: 6.70.55 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
MaxCut (HKLM-x32\...\{17867520-249F-4491-9E62-22DECEA513C1}) (Version: 2.9.3.5 - MaxCut Software (Pty) Ltd) Hidden
MaxCut (HKLM-x32\...\{50bc7846-8df0-4979-9b83-f2d05b17d753}) (Version: 2.9.3.5 - MaxCut Software Ltd)
MediathekView 14.1.0 (HKLM\...\1927-5045-2127-3394) (Version: 14.1.0 - MediathekView Team)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.2 (DEU) (HKLM\...\{1DB0C90B-2A9F-3A1E-B1DF-616C5A2A1417}) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) (HKLM\...\{25E80DAA-FD87-DCE5-202C-CC02F6673002}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.146 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\OneDriveSetup.exe) (Version: 24.232.1118.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 134.0.1 (x64 de)) (Version: 134.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0.1 - Mozilla)
Mozilla Thunderbird 68.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 68.1.0 (x86 de)) (Version: 68.1.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
PDF24 Creator 11.23.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.23.0 - geek software GmbH)
Photo Notifier and Animation Creator (HKLM-x32\...\{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}) (Version: 1.0.0.1009 - Ihr Firmenname) Hidden
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.59.0 - Samsung Electronics Co., Ltd.)
Sky Go 22.11.2.0 (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\com.bskyb.skygoplayer_is1) (Version: 22.11.2.0 - Sky)
Snip (HKLM-x32\...\{DE935EF7-6CE4-471E-9C73-0AE1A2E7D0D6}) (Version: 0.1.5119.0 - Microsoft) Hidden
Snip (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\{525d439e-e22a-4221-8fd1-25b845fe0038}) (Version: 0.1.5119.0 - Microsoft Corporation)
SoftwareUpdateNotification (HKLM-x32\...\{3D1AD910-B82B-4635-B1C3-0CEF9F6F3D34}) (Version: 1.0.21.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{2CA4537C-19BA-47F5-88A6-7C9DB6BD37B4}) (Version: 1.35.1.0 - Brother Industries, Ltd.) Hidden
TextMaker Viewer (HKLM-x32\...\TextMaker Viewer) (Version:  - SoftMaker Software GmbH)
TVgenial 5.70 (HKLM-x32\...\TVgenial) (Version:  - )
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Virtual WiFi Router version 3.0 (HKLM-x32\...\{F5F33265-5CAA-4F12-AA8F-7F8384BF2A57}_is1) (Version: 3.0 - Virtual WiFi Router, Inc.)
WhatsApp (Outdated) (HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\WhatsApp) (Version: 2.2326.10 - WhatsApp)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Lexmark International Printer  (05/03/2013 2.9.1.0) (HKLM\...\1E475DE70DA7DD9952D632639EB4729E88E705AC) (Version: 05/03/2013 2.9.1.0 - Lexmark International)

Packages:
=========
DuckDuckGo -> C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.97.3.0_x64__ya2fgkz3nks94 [2024-12-19] (DuckDuckGo) [Startup Task]
EasyCast - Screen Mirroring Receiver -> C:\Program Files\WindowsApps\53887HaoCai.EasyCast-MirrorDisplay_1.7.1.0_x64__qrw73ppzkf79y [2025-01-12] (Hao Cai)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-14] (HP Inc.)
KYOCERA Print Center -> C:\Program Files\WindowsApps\A97ECD55.KYOCERAPrintCenter_4.4.11210.0_x64__kqmhh0ktdt7dg [2025-01-08] (KYOCERA Document Solutions Inc)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-12-25] (Microsoft Corporation)
QR Code for Windows 10 -> C:\Program Files\WindowsApps\17036IYIA.QRCodeforWindows10_9.2.1.0_x64__dggz0n4pnn0ge [2024-12-25] (IYIA)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-11-29] (Adobe Systems Incorporated)
testPen -> C:\Program Files\WindowsApps\5C89B014.testPen_1.0.6.0_x64__2ztr0f5k8f37a [2024-09-18] (北京科加触控技术有限公司)
TV Programm Free -> C:\Program Files\WindowsApps\60934FLWebsolutions.TVProgrammFree_3.4.4.0_x64__0j38hvxvj7hat [2022-01-28] (FL Websolutions) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm [2025-01-15] (WhatsApp Inc.) [Startup Task]
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2024-09-18] (Microsoft Corporation)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2024-12-25] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Peter\Dropbox [2014-02-02 18:34]
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Dropbox] =>
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2926960992-1055115158-727447495-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} =>  -> Keine Datei
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} =>  -> Keine Datei
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2024-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers1_S-1-5-21-2926960992-1055115158-727447495-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2926960992-1055115158-727447495-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2926960992-1055115158-727447495-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2017-03-28 14:32 - 2017-03-28 14:32 - 000073216 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000326144 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2016-09-14 10:35 - 2006-02-23 10:35 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzColorPort64.dll
2016-09-14 10:35 - 2006-02-22 09:39 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzPort64.dll
2017-01-04 09:22 - 2015-05-20 22:32 - 002403504 _____ (Aomei Technology Co., Limited -> ) [Datei ist nicht signiert] C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 001976832 _____ (Apache Software Foundation) [Datei ist nicht signiert] C:\Program Files (x86)\Garmin\Device Interaction Service\XercesLib.dll
2014-10-13 20:48 - 2009-07-14 02:40 - 000084992 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2017-03-28 14:34 - 2017-03-28 14:34 - 000234496 _____ (Dynastream Innovations Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Garmin\Device Interaction Service\ANT_WrappedLib.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 002711552 _____ (Garmin International) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Garmin\Device Interaction Service\legacyio.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000343552 _____ (Garmin International, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Garmin\Device Interaction Service\IMG_GPSMAP.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000425472 _____ (Garmin) [Datei ist nicht signiert] C:\Program Files (x86)\Garmin\Device Interaction Service\XMLdll.dll
2020-05-11 23:48 - 2020-05-11 23:48 - 000794112 _____ (Gigaset Communications GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\GQSTSP.tsp
2013-11-23 18:56 - 2009-07-14 02:41 - 000099840 _____ (Lexmark International Inc.) [Datei ist nicht signiert] C:\WINDOWS\system32\spool\PRTPROCS\x64\LXKPTPRC.DLL
2020-07-27 08:19 - 2020-07-27 08:19 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2020-07-27 08:19 - 2020-07-27 08:19 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80DEU.DLL
2020-07-27 08:20 - 2020-07-27 08:20 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Garmin\Device Interaction Service\DSI_SiUSBXp_3_1.DLL
2016-09-14 10:35 - 2006-02-23 11:16 - 000047616 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmColorFax.dll
2016-09-14 10:35 - 2006-02-22 09:53 - 000043520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmFax.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2020-11-20] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2020-11-20] (Logitech Inc -> Logitech, Inc.)
Toolbar: HKU\S-1-5-21-2926960992-1055115158-727447495-1000 -> Kein Name - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} -  Keine Datei
Toolbar: HKU\S-1-5-21-2926960992-1055115158-727447495-1000 -> Kein Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\garmin.com -> hxxps://my.garmin.com
IE trusted site: HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\localhost -> localhost

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2021-02-07 12:49 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1      localhost

2024-10-03 15:22 - 2024-10-03 15:22 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\DATA;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
 ist aktiviert.

Network Binding:
=============
LAN-Verbindung 2: OpenVPN Data Channel Offload -> ovpn-dco.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
LAN-Verbindung: Realtek PCIe GbE Family Controller -> rt640x64.sys

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: CanonSolutionMenuEx =>
MSCONFIG\startupreg: HotKeysCmds =>
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: IncrediMail => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
MSCONFIG\startupreg: Persistence =>
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Super-Charger => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: USB3MON =>
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "vksts"
HKLM\...\StartupApproved\Run: => "TrayApplication"
HKLM\...\StartupApproved\Run: => "HarmonyUserStartup"
HKLM\...\StartupApproved\Run: => "CsrHCRPServer"
HKLM\...\StartupApproved\Run: => "CsrAudioguiCtrl"
HKLM\...\StartupApproved\Run: => "CsrSyncMLServer"
HKLM\...\StartupApproved\Run: => "CSRHarmonySkypePlugin"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BrStsInd00"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ABNotify"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "Amazon Photos"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "VLC Plus Player Updater"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_70ABF69C36125B78732041588D6A0A36"
HKU\S-1-5-21-2926960992-1055115158-727447495-1000\...\StartupApproved\Run: => "AusweisApp2"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{76A68012-03DA-462E-A8C3-74C2890AC087}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [{C9DE9B1F-9D3B-4D63-BA2E-6C310ABB9355}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [UDP Query User{A6820E05-014A-42C0-9325-D1A9BA28DDDA}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{1BFDC15D-5E1F-4041-B982-D8B04293266B}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{A315FD63-A9E9-413A-9D2D-848848CB93E7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{D08D4CEC-76E1-4662-BC41-0B010E8F605A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{D92DBB30-03F7-4674-9076-2A204551C905}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{2E8D6CEF-36FA-406A-8659-8D9375E9A288}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{E342D332-10AD-4FAD-9E1B-DD58A36EFACA}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{6C33D454-E513-4A5F-91EF-86C981220EAD}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{4F8D723E-D2A2-4A8C-8C49-2806E53E630F}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe () [Datei ist nicht signiert]
FirewallRules: [{6FEE408A-08BE-4690-AAB5-02A3F647BDCE}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe () [Datei ist nicht signiert]
FirewallRules: [{10D50A56-52DC-40C8-9ECC-E83E8DCFF213}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe () [Datei ist nicht signiert]
FirewallRules: [{13962A41-D282-485C-9F3F-704672A2865A}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe () [Datei ist nicht signiert]
FirewallRules: [{FB690228-5A26-4FE1-A104-6E587DE06C29}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{0A06D223-D0A3-4E23-8FCA-82C435BE6E73}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{2CD95023-BF5F-4AD9-A7E8-51619388D5A5}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{8451C290-172D-4F91-B345-3073E370236F}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{8C85A527-B0F5-4D02-8728-4F190D6CFFCA}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll () [Datei ist nicht signiert]
FirewallRules: [{ED4D1BEA-88AF-4CAF-AC92-EF812514B449}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll () [Datei ist nicht signiert]
FirewallRules: [{C849AC2A-DDAA-44A9-8879-F7AF95312042}] => (Allow) LPort=35722
FirewallRules: [{46F8E08A-FBCC-4DB8-B8A1-2433EDF60A9D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe => Keine Datei
FirewallRules: [{63B7F3F9-F58C-45DE-897F-63BF2A0D2FF8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe => Keine Datei
FirewallRules: [TCP Query User{90B9F8BC-0B18-42E0-AD84-4A396E5D931C}D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe] => (Block) D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe (F.J. Wechselberger) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{9900669B-ED12-4EC2-A0AB-839B719C603E}D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe] => (Block) D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe (F.J. Wechselberger) [Datei ist nicht signiert]
FirewallRules: [{9F098E21-E58A-4440-81B1-FDC756C7AF6B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{33DA7465-8FC1-4485-B286-76D65996BE9F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{9F29CC50-E21E-4A51-9188-8DC6E2988FC9}D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe] => (Allow) D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe (F.J. Wechselberger) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{01D22D19-92F9-4442-A393-6D7DD42F7567}D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe] => (Allow) D:\users\peter\desktop\myphoneexplorer portable\myphoneexplorer portable.exe (F.J. Wechselberger) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{11EF91BD-D92F-4668-A462-CCFC23B284BF}C:\program files\vlc plus player\vlc.exe] => (Allow) C:\program files\vlc plus player\vlc.exe => Keine Datei
FirewallRules: [UDP Query User{BB473CAB-7E5F-4E41-9091-3EF7F48D5930}C:\program files\vlc plus player\vlc.exe] => (Allow) C:\program files\vlc plus player\vlc.exe => Keine Datei
FirewallRules: [{BFF0B4A7-FE94-4B86-A3A0-7F2CEBBD7833}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{1D47D36D-FA61-4902-81D0-D731525841D1}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [TCP Query User{5C818DEB-544B-470F-94E7-7AB2D4649AEC}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => Keine Datei
FirewallRules: [UDP Query User{DB25964C-B797-468B-ABC6-95279AC9E695}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => Keine Datei
FirewallRules: [{B5106500-4980-4A7F-BE8F-3EA4B546118C}] => (Allow) LPort=54950
FirewallRules: [{EA18EC71-CA1A-4C41-B9F6-09522A4D977E}] => (Allow) LPort=54955
FirewallRules: [{18E807A8-A68A-4E3C-95CF-D6A6DA1EF5C4}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.97.3.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
FirewallRules: [{DCE0447F-5C60-41A9-8CFD-8D2D72497465}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.97.3.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
FirewallRules: [{F7EFC1CE-B70B-4F44-BE83-8B77B4C28CC2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{78887851-30C8-4AEE-8BF7-0DAF25F2F520}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EB80963-211E-4AA9-94A9-0EB94DAA68E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDD5B848-741E-4792-B3C6-9C11D6E00F16}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F424104-37E4-4235-A06C-86D580A4B239}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

15-01-2025 12:20:44 Removed 7-Zip 22.01 (x64 edition)
15-01-2025 15:05:29 AdwCleaner_BeforeCleaning_15/01/2025_15:05:28

==================== Fehlerhafte Geräte im Gerätemanager ============

==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (01/15/2025 03:16:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WebViewHost.exe, Version: 18.2501.1083.0, Zeitstempel: 0x677e8438
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.5369, Zeitstempel: 0xc3ec0adc
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000001341c2
ID des fehlerhaften Prozesses: 0x17f4
Startzeit der fehlerhaften Anwendung: 0x01db675816847046
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2501.1083.0_x64__8wekyb3d8bbwe\WebViewHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 07ff78ef-f670-4c35-9b2f-0eed4804eb77
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftOfficeHub_18.2501.1083.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.MicrosoftOfficeHub

Error: (01/15/2025 12:53:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WhatsApp.exe, Version: 0.0.0.0, Zeitstempel: 0x67696a7e
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.5007, Zeitstempel: 0x688f8c4b
Ausnahmecode: 0x060c201e
Fehleroffset: 0x00000000000cb520
ID des fehlerhaften Prozesses: 0x2754
Startzeit der fehlerhaften Anwendung: 0x01db674415b86c0a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 2be56b08-6265-4409-80de-e941c0c6fe6c
Vollständiger Name des fehlerhaften Pakets: 5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[3]: 192.168.10.25

Error: (01/15/2025 12:50:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[2]: 2003:ea:9f30:bf00:ce9:8015:9a9c:f98c


Systemfehler:
=============
Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "PDF24" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Print Scan Doctor Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "AOMEI Backupper Scheduler Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "SAMSUNG Mobile Connectivity Service V2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:05:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2025 03:00:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
================
Date: 2025-01-15 16:56:37
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Perion&threatid=226948&enterprise=0
Name: PUA:Win32/Perion
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: PetersPC\Peter
Prozessname: D:\Users\Peter\Downloads\FRST64.exe
Sicherheitsversion: AV: 1.421.1374.0, AS: 1.421.1374.0, NIS: 1.421.1374.0
Modulversion: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2025-01-14 13:33:15
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5DE5D5E1-AF9B-4A76-9103-FD1C00D9E31D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2025-01-14 10:59:37
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A620B183-879B-4FFE-BAE0-1D2AFDC73858}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2025-01-14 10:08:45
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {7729DB8B-DE34-4EE0-9258-D52B783EAA32}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\Netzwerkdienst

Date: 2025-01-13 09:47:11
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {D9C5F626-3F56-4072-BA78-BCFFD8A3ACD8}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===============
Date: 2025-01-15 12:53:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm\WhatsApp.dll that did not meet the Store signing level requirements.

Date: 2025-01-15 12:19:47
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Surfshark\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. V10.9 04/21/2015
Hauptplatine: MSI B85M-E45 (MS-7817)
Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 16246 MB
Verfügbarer physikalischer RAM: 8666.66 MB
Summe virtueller Speicher: 16246 MB
Verfügbarer virtueller Speicher: 7939.6 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:111.17 GB) (Free:5.28 GB) NTFS
Drive d: (Daten) (Fixed) (Total:537.11 GB) (Free:412.15 GB) NTFS
Drive e: (Backup) (Fixed) (Total:394.28 GB) (Free:393.55 GB) NTFS

\\?\Volume{786d2e44-5468-11e3-9573-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS
\\?\Volume{fb2037d3-0000-0000-0000-60d11b000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: FB2037D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=530 MB) - (Type=27)

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
das "Zusatzergebnis" einmal zuviel!
Sorry!

cosinus 15.01.2025 18:45
//edit

Zitat:
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
Was macht denn dieser McAfee Müll da noch in deinem System? :wtf:
Kannst du das deinstallieren?

prie54 15.01.2025 19:25
hat leider nicht geklappt!
"Dateizugriff wurde verweigert"

cosinus 15.01.2025 19:41
Dann musst du mit dem Tool MCPR ran -> https://winfuture.de/downloadvorschalt,3670.html

prie54 16.01.2025 16:33
der Scan mit Malwarebytes dauert zwischenzeitlich über 16 Stunden und ist immer noch nicht am Ende. Kann das sein?

cosinus 16.01.2025 19:41
Was soll das jetzt mit Malwarebytes. Du solltest doch jetzt erst MCAfee entfernen!
Wenn du hier nicht richtig lesen und mitmachen willst, können wir auch abbrechen. :balla:

prie54 16.01.2025 20:02
Oh Entschuldigung.
Soll ich dann den Scan pausieren oder stoppen.
Diese Info wäre für mich auch interessant, möchte zwischenzeitig 20 Stunden Scan nicht unbedingt wiederholen.

cosinus 16.01.2025 20:30
Abbrechen! Du hast garantiert MBAM falsch eingestellt. Soviele Stunden dauert kein Scan.

prie54 17.01.2025 10:24
Tut mir Leid.
Die Entfernung mit dem Tool funktioniert nicht.
Hab's zweimal probiert.
"Incomplete Uninstallation
Timeout, no response from mccleanup.exe"


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:09 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19