@daddle @Greenhorn1 Die TPMonitor_Setup_v1.07.exe hat effektiv mit der UsbPara.dll zu tun. Beim Googeln hab ich einen Eintrag gefunden: "What is TPMonitor.exe? - FreeFixer" Dort, aber nur noch im Google-Cache ist dann u.a. folgendes: Sandbox Report The following information was gathered by executing the file inside Cuckoo Sandbox. Summary Successfully executed process in sandbox. Summary {
"dll_loaded": [
"UsbPara.dll",
"IMM32.dll",
"WINTRUST.dll",
"C:\\Users\\cuck\\AppData\\Local\\Temp\\37a95558262ab3fe342381849124fbb3842e4a4949dec2a356d78809d3de6de8ENU.dll",
"SHELL32.dll",
"kernel32.dll",
"UxTheme.dll",
"rpcrt4.dll",
"dwmapi.dll",
"comctl32",
"ole32.dll",
"C:\\Users\\cuck\\AppData\\Local\\Temp\\37a95558262ab3fe342381849124fbb3842e4a4949dec2a356d78809d3de6de8LOC.dll",
"USER32.DLL",
"comctl32.dll"
],
"file_failed": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\cfg.ini",
"\\??\\hid#vid_80ee&pid_0021#6&e993e07&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
],
"regkey_opened": [
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\PropertyBag",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ LG Georges
... Meer weergeven