| |
| |||||||
Log-Analyse und Auswertung: Fake Trading Software, evtl. heimlicher Remote Zugriff?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.12.2021, 22:39
| #1 |
 |  Fake Trading Software, evtl. heimlicher Remote Zugriff? Hallo, bitte analysieren Sie meinen Laptop: Ich habe mir ggf. eine Fake Trading Software eingefangen vor einiger Zeit. Evtl. mit Remotefunktion. Zusätzlich ist mein Edge Browser beim Erstellen dieses Posts super langsam geworden ... Ich musste zum aktuellen Firefox wechseln um diesen Post abschicken zu können... Meine CPU ist auf ca. 95 % Auslastung temporär, wenn ich dann dem Task Manager öffne und nachschauen will, reduziert sich die CPU Auslastung auf normales Niveau. Als ob da gerade jemand zuschaut ... Beste Grüße Chris FRST_30-12-2021 22.23.45.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
durchgeführt von dracu (Administrator) auf LU (CLEVO P170EM) (30-12-2021 22:20:04)
Gestartet von C:\Users\dracu\Downloads
Geladene Profile: dracu
Plattform: Microsoft Windows 10 Home Version 20H2 19042.1415 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] E:\Program Files (x86)\No-IP\ducservice.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP) [Datei ist nicht signiert] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\dracu\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Mozilla Corporation -> Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe <10>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sony Mobile Communications AB -> Sony) [Datei ist nicht signiert] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Unified Intents AB -> Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corp. -> Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) E:\Program Files (x86)\Steam\steam.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [HP LaserJet 200 color MFP M276 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2014-04-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16686600 2016-08-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6016224 2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\Run: [Steam] => e:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\Run: [NoIPDUCv4] => E:\Program Files (x86)\No-IP\DUC40.exe [347648 2015-07-21] () [Datei ist nicht signiert]
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2097024 2017-03-21] (Sony Mobile Communications AB -> Sony) [Datei ist nicht signiert]
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3186264 2019-08-04] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\dracu\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\Run: [MicrosoftEdgeAutoLaunch_35696FC4330380B214BA8923BC0AEC68] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [6849760 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Windows x64\Print Processors\hpcpp117: C:\Windows\System32\spool\prtprocs\x64\hpcpp117.DLL [467456 2013-03-21] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: c:\windows\system32\AdobePDF.dll [65160 2021-10-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Fax Port: c:\windows\system32\hppfaxprintermon5.dll [27704 2014-04-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: c:\windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-15] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\96.1.33.106\Installer\chrmstp.exe [2021-12-15] (Brave Software, Inc. -> Brave Software, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04C718B1-145F-4F2B-B13D-8984D11D023D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {247F7CDC-43CD-4B23-82A1-41F7DAE2FB4F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {24F1DB4C-5150-4DB1-986D-A53CF831F31C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2EC18639-7125-4A11-842C-C32CDC8A7086} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {517B5E93-9EC1-4DBF-B3BB-56FED181D6CE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {69C7E81B-610F-4EC5-BF76-8950B951DE12} - System32\Tasks\Mozilla\Firefox Default Browser Agent A170175AFC21990C => E:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "A170175AFC21990C"
Task: {71E80772-B077-4C1B-AD9F-C38C767517E7} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync => {2AE64751-B728-4D6B-97A0-B2DA2E7D2A3B}
Task: {71E9DEE1-28F4-47FA-9F9E-7392CDBB9CDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-13] (Google LLC -> Google LLC)
Task: {8059102D-3DBF-44CD-B608-D04F57867271} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89BD13E7-D90B-41E7-91AB-CF803A0752AE} - System32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}
Task: {8A222287-748B-4EB4-8488-AF4E24BF51EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-13] (Google LLC -> Google LLC)
Task: {8B1ADEC7-8D07-493A-B927-7DAFB3099325} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B27DBF0-9068-4D8D-9E1D-EA2DD18FF7FE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-12-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {9F9CAC69-DDF0-4E68-A6EE-EB86130B2D3E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A03FC1C5-AEC3-4EB7-9C29-062ABCFD18B0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {AF2C369F-EDAB-4225-B1B4-1ECAB210D742} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C12A1962-9635-4527-A4DF-DA0B7206EBF3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C22C7785-E77A-49D7-819B-A6B00CD05D87} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5AAF881-4C44-4EEE-867D-C091769F3CA7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBD25561-3D4B-421B-99D8-50B1CAB321B7} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-12-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {EF8503AA-701E-4220-98D2-D19E2C751F40} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F1C5573A-A641-4228-88C2-64F8E5DD7461} - System32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}
Task: {F94C0C57-054C-4AC2-9057-246937934FC5} - System32\Tasks\{BB560199-F897-4C64-9FBB-D53275DBE13E} => "e:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.18.0.111/de/abandoninstall?source=lightinstaller&page=tsPlugin hxxp://ui.skype.com/ui/0/7.18.0.111/de/abandoninstall?source=lightinstaller&page=tsPlugin (Keine Datei)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.69.96.12 81.210.129.4
Tcpip\..\Interfaces\{464fe82d-2993-469f-a10a-e3b78d1801a9}: [DhcpNameServer] 192.168.10.254
Tcpip\..\Interfaces\{5042b15d-9884-4e3c-a73b-7921f052c2a9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{638592f2-2a53-4d42-88c3-df0f6df7ac00}: [DhcpNameServer] 192.168.0.142
Tcpip\..\Interfaces\{8b1126e0-1dca-4181-ba41-62ffa6a856c1}: [DhcpNameServer] 80.69.96.12 81.210.129.4
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
Edge:
=======
DownloadDir: C:\Users\dracu\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\dracu\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-30]
FireFox:
========
FF DefaultProfile: hzn6vdjy.default
FF ProfilePath: C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default [2021-12-30]
FF NetworkProxy: Mozilla\Firefox\Profiles\hzn6vdjy.default -> socks", "178.197.248.213"
FF Extension: (Avira Browserschutz) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\abs@avira.com.xpi [2019-01-07] [UpdateUrl:hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF Extension: (Best Proxy Switcher) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2019-12-10]
FF Extension: (CanvasBlocker) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\CanvasBlocker@kkapsner.de.xpi [2021-11-08]
FF Extension: (Easy Screenshot) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\easyscreenshot@mozillaonline.com.xpi [2021-09-19]
FF Extension: (FoxyProxy Standard) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\foxyproxy@eric.h.jung.xpi [2020-07-30]
FF Extension: (HTTPS Everywhere) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\https-everywhere-eff@eff.org.xpi [2021-04-19] [UpdateUrl:hxxps://www.eff.org/files/https-everywhere-updates.json]
FF Extension: (tb-clear-cache.tooltip) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\tb-clear-cache-single@codefisher.org.xpi [2018-08-25]
FF Extension: (uBlock Origin) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\uBlock0@raymondhill.net.xpi [2021-12-28]
FF Extension: (User-Agent Switcher) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2020-12-10]
FF Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}.xpi [2021-09-19]
FF Extension: (JavaScript Toggle On and Off) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\{479f0278-2c34-4365-b9f0-1d328d0f0a40}.xpi [2020-12-10]
FF Extension: (NoScript) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-12-30]
FF Extension: (Toggle Referrer) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\{8883111b-4bc8-4a99-b37f-5672f6cf9597}.xpi [2021-10-25]
FF Extension: (Rakuten Shopping-Assistent) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\{939923c3-1d97-423b-9e0a-17d1a9a23aa0}.xpi [2021-10-11]
FF Extension: (Video DownloadHelper) - C:\Users\dracu\AppData\Roaming\Mozilla\Firefox\Profiles\hzn6vdjy.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-09-19]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - e:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default [2021-12-30]
CHR Extension: (Präsentationen) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-13]
CHR Extension: (Docs) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-13]
CHR Extension: (Google Drive) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-10]
CHR Extension: (YouTube) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-13]
CHR Extension: (Avira Password Manager) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-12-28]
CHR Extension: (Tabellen) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-13]
CHR Extension: (Avira Browserschutz) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-12-28]
CHR Extension: (Google Docs Offline) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-09]
CHR Extension: (IGRAAL : Cashback & Gutscheine) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2021-12-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-25]
CHR Extension: (Google Mail) - C:\Users\dracu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-10]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR Profile: C:\Users\dracu\AppData\Roaming\Opera Software\Opera Stable [2020-12-26]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Avira Safe Shopping) - C:\Users\dracu\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2020-12-26]
OPR Extension: (Rich Hints Agent) - C:\Users\dracu\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-12-26]
OPR Extension: (Avira Password Manager) - C:\Users\dracu\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2020-12-26]
OPR Extension: (Free Avira Phantom VPN – Entsperrt Webseiten) - C:\Users\dracu\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-12-26]
Brave:
=======
BRA Profile: C:\Users\dracu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-11-16]
BRA StartupUrls: Default -> "hxxps://www.google.com/"
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (MyJDownloader Browser Extension) - C:\Users\dracu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-09-19]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\dracu\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-11-16]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\dracu\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-11-16]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\dracu\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-08-20]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\dracu\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-11-16]
BRA Extension: (Brave NTP sponsored images) - C:\Users\dracu\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2021-11-16]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\dracu\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-11-16]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-12-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-12-02] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-30] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NoIPDUCService4; e:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert]
S3 PAExec; C:\Windows\PAExec.exe [189112 2015-11-07] (Power Admin LLC -> Power Admin LLC)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-12-11] (Even Balance, Inc. -> )
S3 TunngleService; e:\Program Files (x86)\Tunngle\TnglCtrl.exe [814064 2015-12-22] (Tunngle.net GmbH -> Tunngle.net GmbH) [Datei ist nicht signiert]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2017-03-21] (Sony Mobile Communications AB -> Sony) [Datei ist nicht signiert]
S3 FoxitReaderService; "C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-12-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-12-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-12-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-12-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-12-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-12-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2015-11-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2019-08-04] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-30] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-12-30 21:23 - 2021-12-30 22:12 - 000079326 _____ C:\Users\dracu\Downloads\Shortcut.txt
2021-12-30 21:16 - 2021-12-30 22:12 - 000061628 _____ C:\Users\dracu\Downloads\Addition.txt
2021-12-30 21:14 - 2021-12-30 22:20 - 000032128 _____ C:\Users\dracu\Downloads\FRST.txt
2021-12-30 21:14 - 2021-12-30 22:20 - 000000000 ____D C:\FRST
2021-12-30 21:14 - 2021-12-30 21:14 - 002311168 _____ (Farbar) C:\Users\dracu\Downloads\FRST64.exe
2021-12-30 21:01 - 2021-12-30 21:01 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-12-30 21:01 - 2021-12-30 21:01 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-12-30 21:01 - 2021-12-30 21:01 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-12-30 21:01 - 2021-12-30 21:01 - 000000000 ____D C:\Users\dracu\AppData\Local\mbam
2021-12-30 20:59 - 2021-12-30 20:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-12-30 20:59 - 2021-12-30 20:59 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-12-30 20:59 - 2021-12-30 20:59 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-12-30 20:59 - 2021-12-30 20:59 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-12-30 20:59 - 2021-12-30 20:59 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-30 20:59 - 2021-12-30 20:59 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-30 20:58 - 2021-12-30 20:58 - 002910904 _____ (Malwarebytes) C:\Users\dracu\Downloads\MBSetup.exe
2021-12-30 20:58 - 2021-12-30 20:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-30 20:58 - 2021-12-30 20:58 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-30 20:57 - 2021-12-30 20:57 - 000000000 ____D C:\WINDOWS\Panther
2021-12-30 20:51 - 2021-12-30 20:51 - 079075480 _____ (F-Secure Corporation) C:\Users\dracu\Downloads\Freedome_pid-6661000+aid-1m96vgw16o0iu9_.exe
2021-12-30 20:51 - 2021-12-30 20:51 - 001682072 _____ (F-Secure Corporation) C:\Users\dracu\Downloads\FSecureIDPWin_pid-6661000+aid-1q0l0m61hbe0y2_.exe
2021-12-30 20:49 - 2021-12-30 20:49 - 001690776 _____ (F-Secure Corporation) C:\Users\dracu\Downloads\F-Secure-Safe-Network-Installer_16ddvt1f3a11r_.exe
2021-12-30 20:26 - 2021-12-30 20:26 - 000011361 _____ C:\Users\dracu\Downloads\Fax_61cdd3fedf8b1442273.pdf
2021-12-30 13:42 - 2021-12-30 13:42 - 000020998 _____ C:\Users\dracu\Downloads\Fax_61cd9ff697b98442273.pdf
2021-12-28 22:48 - 2021-12-28 22:48 - 000002695 _____ C:\Users\dracu\Desktop\Google Photos.lnk
2021-12-28 22:48 - 2021-12-28 22:48 - 000000000 ____D C:\Users\dracu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2021-12-28 19:35 - 2021-12-28 19:35 - 000119124 _____ C:\Users\dracu\Downloads\Medikamentenplan_Ausdruckbar_Ausfuellbar.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000116886 _____ C:\Users\dracu\Downloads\2020-12-29_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000116682 _____ C:\Users\dracu\Downloads\2020-11-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000116670 _____ C:\Users\dracu\Downloads\2021-08-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000116643 _____ C:\Users\dracu\Downloads\2021-01-25_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000116442 _____ C:\Users\dracu\Downloads\2021-06-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000095638 _____ C:\Users\dracu\Downloads\2021-03-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000095584 _____ C:\Users\dracu\Downloads\2021-09-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000095520 _____ C:\Users\dracu\Downloads\2021-11-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000095450 _____ C:\Users\dracu\Downloads\2021-10-25_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000095434 _____ C:\Users\dracu\Downloads\2021-02-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000095348 _____ C:\Users\dracu\Downloads\2021-04-26_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000095316 _____ C:\Users\dracu\Downloads\2021-05-26_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:02 - 2021-12-26 16:02 - 000095217 _____ C:\Users\dracu\Downloads\2021-07-26_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:01 - 2021-12-26 16:01 - 000115966 _____ C:\Users\dracu\Downloads\2020-09-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:01 - 2021-12-26 16:01 - 000115883 _____ C:\Users\dracu\Downloads\2020-07-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:01 - 2021-12-26 16:01 - 000115599 _____ C:\Users\dracu\Downloads\2020-10-26_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:01 - 2021-12-26 16:01 - 000094870 _____ C:\Users\dracu\Downloads\2020-06-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:01 - 2021-12-26 16:01 - 000094827 _____ C:\Users\dracu\Downloads\2020-08-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:01 - 2021-12-26 16:01 - 000094595 _____ C:\Users\dracu\Downloads\2020-04-24_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 16:01 - 2021-12-26 16:01 - 000094406 _____ C:\Users\dracu\Downloads\2020-05-25_CARD_STATEMENT_1PLUS CARD.pdf
2021-12-26 15:58 - 2021-12-26 15:58 - 001093737 _____ C:\Users\dracu\Downloads\santander-agb-112021.pdf
2021-12-23 08:15 - 2021-12-23 08:15 - 000000000 ___RD C:\Users\dracu\Documents\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe!App
2021-12-23 07:47 - 2021-12-23 07:47 - 000111305 _____ C:\Users\dracu\Downloads\33146f1042709678361b563d.pdf
2021-12-19 20:27 - 2021-12-19 20:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-19 17:33 - 2021-12-19 17:33 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-19 17:25 - 2021-12-19 17:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-19 17:25 - 2021-12-19 17:25 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-19 17:24 - 2021-12-19 17:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-19 17:24 - 2021-12-19 17:24 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-19 17:11 - 2021-12-19 17:11 - 000000000 ___HD C:\$WinREAgent
2021-12-17 11:39 - 2021-12-17 11:39 - 003158414 _____ C:\Users\dracu\Desktop\kaufvertrag.pdf
2021-12-17 11:36 - 2021-12-17 11:36 - 000002014 _____ C:\Users\Public\Desktop\PDFsam Basic.lnk
2021-12-17 11:36 - 2021-12-17 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic
2021-12-17 11:36 - 2021-12-17 11:36 - 000000000 ____D C:\Program Files\PDFsam Basic
2021-12-12 20:49 - 2021-12-12 20:49 - 000108258 _____ C:\Users\dracu\Desktop\strom2.pdf
2021-12-12 20:41 - 2021-12-12 20:41 - 000364047 _____ C:\Users\dracu\Desktop\Rechnung_794307.pdf
2021-12-03 19:36 - 2021-12-03 19:28 - 001548618 _____ C:\Users\dracu\Desktop\Antrag_Mehrstaatigkeit.pdf
2021-12-03 19:16 - 2021-12-03 19:22 - 001550272 _____ C:\Users\dracu\Desktop\Scan0039_geschwärzt.pdf
2021-12-03 19:12 - 2021-12-19 17:56 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-12-03 19:07 - 2021-12-30 20:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-12-03 19:07 - 2021-12-03 19:08 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-12-03 19:02 - 2021-12-03 19:02 - 002531832 _____ (Adobe Inc.) C:\Users\dracu\Downloads\Acrobat_DC_Set-Up.exe
2021-12-03 16:49 - 2021-12-03 16:49 - 000782117 _____ C:\Users\dracu\Desktop\Versicherungsbedingungen_1404-2745-1070-81.pdf
2021-12-03 16:49 - 2021-12-03 16:49 - 000148058 _____ C:\Users\dracu\Desktop\Beratungsprotokoll_1404-2745-1070-81.pdf
2021-12-03 16:49 - 2021-12-03 16:49 - 000086303 _____ C:\Users\dracu\Desktop\Muster_Kuendigung_1404-2745-1070-81.pdf
2021-12-03 16:49 - 2021-12-03 16:49 - 000039500 _____ C:\Users\dracu\Desktop\Informationsblatt_zu_Versicherungsprodukten_1404-2745-1070-81.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-12-30 22:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-30 22:02 - 2020-07-13 10:00 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-30 21:43 - 2016-11-18 23:35 - 000000000 ____D C:\Users\dracu\AppData\LocalLow\Mozilla
2021-12-30 21:42 - 2018-12-01 13:39 - 000000000 ____D C:\Users\dracu\AppData\Roaming\Thunderbird
2021-12-30 21:37 - 2018-05-19 20:32 - 000000000 ____D C:\Users\dracu\AppData\Local\D3DSCache
2021-12-30 21:31 - 2018-03-19 23:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-12-30 21:27 - 2016-02-02 20:00 - 000000000 ____D C:\SteamLibrary
2021-12-30 21:21 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-30 21:17 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-30 21:09 - 2020-06-10 17:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-30 21:04 - 2021-10-11 22:26 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-30 21:04 - 2019-12-07 15:50 - 000744794 _____ C:\WINDOWS\system32\perfh007.dat
2021-12-30 21:04 - 2019-12-07 15:50 - 000150180 _____ C:\WINDOWS\system32\perfc007.dat
2021-12-30 20:59 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-30 20:57 - 2021-10-11 22:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-30 20:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-30 20:57 - 2019-08-25 13:00 - 000000000 ____D C:\ProgramData\Unified Remote
2021-12-30 20:57 - 2019-03-11 21:41 - 000000000 ____D C:\Program Files (x86)\Avira
2021-12-30 20:57 - 2016-08-05 22:02 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-30 20:57 - 2015-11-07 00:33 - 000000000 __SHD C:\Users\dracu\IntelGraphicsProfiles
2021-12-30 20:56 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-30 20:54 - 2015-11-07 21:03 - 000000000 ____D C:\ProgramData\Avira
2021-12-30 20:53 - 2021-04-17 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-12-30 20:25 - 2021-10-11 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-30 12:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-28 22:03 - 2018-04-06 21:20 - 000000000 ____D C:\Download_JD_C
2021-12-28 19:37 - 2017-12-08 15:12 - 000000000 ____D C:\Users\dracu\AppData\Local\Packages
2021-12-28 19:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-19 17:43 - 2015-11-07 01:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-19 17:35 - 2021-10-11 22:21 - 000453120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-19 17:33 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-19 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-19 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-19 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-19 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-19 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-19 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-19 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-19 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-19 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-19 17:09 - 2015-11-07 14:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-19 17:02 - 2021-02-08 23:19 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-19 17:02 - 2021-02-08 23:19 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-19 17:02 - 2015-11-07 14:14 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-15 19:05 - 2019-12-02 21:32 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-12-15 19:05 - 2019-12-02 21:32 - 000002369 _____ C:\Users\Public\Desktop\Brave.lnk
2021-12-15 19:04 - 2020-07-13 10:01 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-15 19:04 - 2020-07-13 10:01 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-10 19:31 - 2021-10-14 21:53 - 000002364 _____ C:\Users\dracu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-12-10 19:31 - 2021-10-14 21:53 - 000002356 _____ C:\Users\dracu\Desktop\Microsoft Teams.lnk
2021-12-10 19:25 - 2015-11-07 00:27 - 000000000 ____D C:\Users\dracu\AppData\Roaming\Adobe
2021-12-09 19:38 - 2021-11-17 22:48 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7bee68690ef32
2021-12-09 19:38 - 2021-10-11 22:33 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-03 19:28 - 2021-10-11 19:31 - 000035709 _____ C:\Users\dracu\.sambox.cache
2021-12-03 19:24 - 2018-07-03 21:43 - 000000000 ____D C:\ProgramData\Packages
2021-12-03 19:08 - 2021-10-14 15:47 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-12-03 19:08 - 2021-10-14 15:47 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-12-03 19:08 - 2021-10-14 15:47 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2021-12-03 19:07 - 2021-10-14 15:46 - 000000000 ____D C:\ProgramData\Adobe
2021-12-03 19:07 - 2021-10-14 15:46 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-03 19:03 - 2015-11-14 01:04 - 000000000 ____D C:\Users\dracu\AppData\Local\Adobe
2021-12-03 18:56 - 2015-11-07 15:52 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-03 18:55 - 2021-11-10 20:59 - 000000000 ____D C:\Users\dracu\AppData\Roaming\Foxit Software
2021-12-03 15:59 - 2021-10-11 22:33 - 000003654 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2021-12-03 15:59 - 2021-10-11 22:33 - 000003530 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2021-12-03 15:59 - 2019-12-02 21:32 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2016-03-15 16:10 - 2016-03-15 16:10 - 000000267 _____ () C:\ProgramData\fontcacheev1.dat
2015-11-07 00:48 - 2018-05-20 14:23 - 000000000 _____ () C:\Users\dracu\AppData\Local\BluetoothPresent.flag
2015-11-07 00:48 - 2018-05-20 14:23 - 000000000 _____ () C:\Users\dracu\AppData\Local\Driver_Jupiter_01Present.flag
2021-12-03 19:24 - 2021-12-03 19:24 - 000000000 _____ () C:\Users\dracu\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-12-2021
durchgeführt von dracu (30-12-2021 22:21:58)
Gestartet von C:\Users\dracu\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1415 (X64) (2021-10-11 21:34:02)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-465889627-1915634839-1743452103-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-465889627-1915634839-1743452103-503 - Limited - Disabled)
dracu (S-1-5-21-465889627-1915634839-1743452103-1001 - Administrator - Enabled) => C:\Users\dracu
dracula (S-1-5-21-465889627-1915634839-1743452103-1004 - Limited - Enabled) => C:\Users\dracula
Gast (S-1-5-21-465889627-1915634839-1743452103-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-465889627-1915634839-1743452103-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{BC741628-0AFC-405C-8946-DD46D1005A0A}) (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.70.2239, 22.12.2020 - AIMP DevTeam)
Apple Application Support (32-Bit) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
AuthenTec TrueAPI (HKLM\...\{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}) (Version: 1.3.0.151 - AuthenTec, Inc.) Hidden
Bierbuden Autoupdate (remove only) (HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\Bierbuden Autoupdate) (Version: - )
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 96.1.33.106 - Die Brave-Autoren)
concept/design onlineTV 14 (HKLM-x32\...\{65EB1D38-9DB9-4EFF-B2DE-9218BF31D8F3}_is1) (Version: 14.19.4.3 - concept/design GmbH)
concept/design onlineTV 15 (HKLM-x32\...\{C9F7D843-78C5-4A81-A350-D39F00E80178}_is1) (Version: 15.19.9.21 - concept/design GmbH)
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 5.1.0.0 - pXc-coding.com)
GamersFirst LIVE! (HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\GamersFirst LIVE!) (Version: - GamersFirst)
GMX ProfiFax (HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\GMXProfiFax) (Version: 1.5.0 - 1un1 Mail and Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HP LaserJet 200 color MFP M276 (HKLM-x32\...\{CC38C23C-7824-4DBB-AC73-997CD0BBFEC7}) (Version: 15.0.15188.2008 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLaserJet200color-MFPM276_HelpLearnCenter_SI (HKLM-x32\...\{0F044C7A-6EE1-4F03-90AC-329AAF2FCF12}) (Version: 1.01.0000 - Hewlett-Packard)
hppM276LaserJetService (HKLM-x32\...\{D6610387-8E8B-48ED-AB1C-0D38DFE31C55}) (Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM276 (HKLM-x32\...\{FFD4184D-7EC6-476E-9A72-E83412AB9D3B}) (Version: 050.034.00131 - Hewlett-Packard) Hidden
IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Killer Performance Suite (HKLM-x32\...\{4C941774-4366-4C56-93CC-19C5E364E5B0}) (Version: 1.1.69.1774 - Rivet Networks)
Killer Wireless-N Drivers (HKLM\...\{9620A3CC-587B-4E1B-90A6-8AD04D222954}) (Version: 1.1.69.1774 - Rivet Networks) Hidden
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MKVToolNix 8.6.1 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 8.6.1 - Moritz Bunkus)
Mozilla Firefox (x64 de) (HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\Mozilla Firefox 95.0.2 (x64 de)) (Version: 95.0.2 - Mozilla)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
Mumble 1.2.17 (HKLM-x32\...\{8A01C920-26AD-4574-8C2B-95D9245B1EBE}) (Version: 1.2.17 - Thorvald Natvig)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) Hidden
onlineTV 16 (HKLM-x32\...\{DBBB91FF-2F98-4B36-9AF3-FD0589CD791C}_is1) (Version: 16.20.9.9 - concept/design GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenAudible 1.6.7 (HKLM\...\7008-5171-7013-3819) (Version: 1.6.7 - openaudible.org)
PDFsam Basic (HKLM\...\{06C071AD-846F-4E21-A938-63DA54A45EB3}) (Version: 4.2.9.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.9 (64-bit) (HKLM\...\{79F081BF-7454-43DB-BD8F-9EE596813233}) (Version: 2.7.9150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7898 - Realtek Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SRWare Iron (64-Bit) Version 86.0.4400.0 (HKLM\...\{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1) (Version: 86.0.4400.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 9.21a - Ghisler Software GmbH)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.7.0 - Unified Intents AB)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B652B695-C849-4EF2-B09A-72771C7AD2BA}) (Version: 2.71.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 6.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
WISO steuer:Sparbuch 2016 (HKLM-x32\...\{0459DDD1-F6B6-4BEA-901F-C8907C8F01F5}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{5D96B9D7-8324-4674-94A8-9C09EFCB620A}) (Version: 24.05.1582 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2018 (HKLM-x32\...\{973E6FE8-0E6B-40DA-BD23-2445E4DA8C01}) (Version: 25.01.1436 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2019 (HKLM-x32\...\{8853EAA4-BE38-4ED1-BDB8-7043980B38C0}) (Version: 26.04.1771 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2020 (HKLM-x32\...\{050250C5-C97E-4D4B-8E02-FBE34B2A0FEB}) (Version: 27.03.1674 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2021 (HKLM-x32\...\{E0F9E4AD-386E-4063-AAEA-BE15FB137AE1}) (Version: 28.02.1946 - Buhl Data Service GmbH)
Xperia Companion (HKLM-x32\...\{44263da6-788d-4cd9-be25-ba05829e3fb4}) (Version: 1.5.12.0 - Sony)
Xperia Companion (HKLM-x32\...\{DE803B8F-8EFE-4018-AFD1-D0F708A75D50}) (Version: 1.5.12.0 - Sony) Hidden
Xperia Companion Service (HKLM\...\{62A561E8-3F7C-4363-AAC0-6390476CE334}) (Version: 1.5.12.0 - Sony) Hidden
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-12-03] (Adobe Systems Incorporated)
Audible - Hörbuch und Hörspiel App -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2 [2021-09-23] (Audible Inc)
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.7.16.0_x64__gqbn7fs4pywxm [2021-12-23] (Drawboard)
Horizon Go DE -> C:\Program Files\WindowsApps\LibertyGlobal.HorizonGODE_2.15.5.0_x64__gmwgfebrpy77e [2020-10-10] (Liberty Global)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-19] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-12-10] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-19] (Microsoft Studios) [MS Ad]
Mind Maps Pro -> C:\Program Files\WindowsApps\BallardAppCraftery.MindMapsPro2Beta_1.1.27.0_x64__epyrqhfctk40t [2020-07-06] (User Camp)
Penbook -> C:\Program Files\WindowsApps\36376UserCamp.Penbook_2.1.30.0_x64__t7afzrbtd67z0 [2020-06-30] (User Camp)
The Solar Eclipse -> C:\Program Files\WindowsApps\Microsoft.TheSolarEclipse_1.0.0.0_neutral__8wekyb3d8bbwe [2019-06-21] (Microsoft Corporation)
Up in the Sky -> C:\Program Files\WindowsApps\Microsoft.UpintheSky_2.0.0.0_neutral__8wekyb3d8bbwe [2019-06-21] (Microsoft Corporation)
WiFi Tool -> C:\Program Files\WindowsApps\53028HelgeMagnusKeck.WiFiTool_1.6.31.0_x64__kmtq5bk764tmy [2021-10-15] (WiFi Tools)
WolframAlpha -> C:\Program Files\WindowsApps\WolframAlphaLLC.49286375E2778_1.0.5.682_neutral__71vdkmpgakaxt [2020-08-20] (Wolfram Group LLC)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-465889627-1915634839-1743452103-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\dracu\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-465889627-1915634839-1743452103-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-12-26] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => e:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-12-26] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => e:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\dracu\Desktop\Google Photos.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ncmjhecbjeaamljdfahankockkkdmedg
ShortcutWithArgument: C:\Users\dracu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Photos.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ncmjhecbjeaamljdfahankockkkdmedg
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-07-20 16:34 - 2015-07-20 16:34 - 000073728 _____ () [Datei ist nicht signiert] [Datei wird verwendet] e:\Program Files (x86)\No-IP\ducapi.dll
2021-02-01 21:49 - 2021-02-01 21:49 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2018-08-31 18:54 - 2021-10-06 02:30 - 126961152 _____ () [Datei ist nicht signiert] E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-08-31 18:54 - 2021-10-06 02:30 - 000384000 _____ () [Datei ist nicht signiert] E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-08-31 18:54 - 2021-10-06 02:30 - 008006656 _____ () [Datei ist nicht signiert] E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hpzjrd01.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000041472 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000073728 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 001222656 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2011-04-13 16:08 - 2011-04-13 16:08 - 000050688 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2011-04-13 16:08 - 2011-04-13 16:08 - 000066048 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000034816 _____ (HP) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\HPTcpMUI.dll
2016-03-04 22:14 - 2016-06-14 21:01 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Datei ist nicht signiert] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2019-08-25 13:00 - 2016-10-10 05:27 - 000556544 _____ (Soft Service Company) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\wcl.dll
2018-08-31 18:54 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [Datei ist nicht signiert] E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2019-08-25 13:00 - 2016-09-23 14:08 - 001283584 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\LIBEAY32MD.dll
2019-08-25 13:00 - 2016-09-23 14:08 - 000255488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\SSLEAY32MD.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7937 mehr Seiten.
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-465889627-1915634839-1743452103-1004\...\123simsen.com -> www.123simsen.com
Da befinden sich 7933 mehr Seiten.
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-04-08 16:50 - 2017-04-08 16:56 - 000454662 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 rad.msn.com
127.0.0.1 live.rads.msn.com
127.0.0.1 ads1.msn.com
127.0.0.1 static.2mdn.net
127.0.0.1 g.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 b.ads2.msads.net
127.0.0.1 ac3.msn.com
127.0.0.1 apps.skype.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
Da befinden sich 15603 zusätzliche Einträge.
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-465889627-1915634839-1743452103-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 80.69.96.12 - 81.210.129.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\StartupApproved\Run: => "NoIPDUCv4"
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-465889627-1915634839-1743452103-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{C5ED3A27-C85A-4E98-9CA8-518A8501E388}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{48124AD1-88EE-4681-B829-C2E60F1CE4DC}C:\program files (x86)\zoiper\zoiper.exe] => (Allow) C:\program files (x86)\zoiper\zoiper.exe => Keine Datei
FirewallRules: [TCP Query User{6D0E7FBA-AB08-4CA9-8FF5-6762194DB19B}C:\program files (x86)\zoiper\zoiper.exe] => (Allow) C:\program files (x86)\zoiper\zoiper.exe => Keine Datei
FirewallRules: [{8932E0D1-EDD2-4C5E-A628-914B595FD7D7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BBE36D70-7191-4927-BFA0-481084430F91}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6FB053C9-4999-4580-B396-4002AB6C8D3A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5D8305FF-DF14-46DB-A381-E7BA9825F474}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{93763B12-FBF6-46B0-82B1-1CED815C1892}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF73EEF8-7C7A-47FC-ADC9-073010E4877A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{52F44AF8-6353-41C6-B033-686C9963CF1E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FB8C6963-9D8B-4EF1-B960-16BA7A1A58E3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7AD07112-94CD-4BAC-8B2C-CC399B1A428D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{11F96596-0C3C-49E7-B1C5-D658ACEA1E5E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{364B324F-BBEF-4303-8C5C-D8AE43C97E66}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{06202C48-65DD-43B8-8C2C-B71C4BABF9D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD95D494-27C4-4667-8E68-3694E7B8AC21}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{685856FF-14FA-4B15-9D12-B07C1BCE6F39}E:\program files (x86)\mozilla firefox\firefox.exe] => (Block) E:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{9A075BA7-3898-4EDD-915A-F659C4B2D858}E:\program files (x86)\mozilla firefox\firefox.exe] => (Block) E:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F64AAF7-DB17-4915-A0D1-D235D46EA617}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{627553DF-0D64-4A80-BFD7-73502B89569D}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F5ABB1A3-6830-4173-B424-4D2BD60E4FBC}] => (Allow) E:\program files (x86)\steam\steamapps\common\race 07\racededicatedserver_steam.exe => Keine Datei
FirewallRules: [{4343FD89-F2C9-4ED5-85E5-E626CE619A2B}] => (Allow) E:\program files (x86)\steam\steamapps\common\race 07\racededicatedserver_steam.exe => Keine Datei
FirewallRules: [UDP Query User{9E46ACE0-F3F7-4089-9B40-077E4046C6EC}E:\program files (x86)\steam\steamapps\common\race 07\racededicatedserver_steam.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\race 07\racededicatedserver_steam.exe => Keine Datei
FirewallRules: [TCP Query User{29ABDBD5-F9AE-4D13-8C6C-E2AB0AEDA4D4}E:\program files (x86)\steam\steamapps\common\race 07\racededicatedserver_steam.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\race 07\racededicatedserver_steam.exe => Keine Datei
FirewallRules: [{2B14893D-9D28-4AE0-BE85-ACBD380D5430}] => (Allow) E:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe => Keine Datei
FirewallRules: [{6EB0145C-8CE5-4D36-B22E-26D860A0278B}] => (Allow) E:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe => Keine Datei
FirewallRules: [UDP Query User{1839E9FE-EDEB-48A8-B1AE-B201F82171D8}E:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe => Keine Datei
FirewallRules: [TCP Query User{B631EDF4-EFD7-4723-AFDF-4C29768D5FB8}E:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe => Keine Datei
FirewallRules: [{A1705055-4EB5-497E-931C-2DC9B2CA22DA}] => (Allow) E:\program files (x86)\mumble\murmur.exe (mkrautz.dk -> Thorvald Natvig)
FirewallRules: [{860FD979-8379-425B-A5AA-5A972B79C110}] => (Allow) E:\program files (x86)\mumble\murmur.exe (mkrautz.dk -> Thorvald Natvig)
FirewallRules: [UDP Query User{E4A7A97B-55EA-49D8-8235-AC9B479EDAC2}E:\program files (x86)\mumble\murmur.exe] => (Allow) E:\program files (x86)\mumble\murmur.exe (mkrautz.dk -> Thorvald Natvig)
FirewallRules: [TCP Query User{CE8D067D-18DC-44DD-81D3-25222D9BF0FB}E:\program files (x86)\mumble\murmur.exe] => (Allow) E:\program files (x86)\mumble\murmur.exe (mkrautz.dk -> Thorvald Natvig)
FirewallRules: [{B631AEB5-7AB5-4597-AB8D-FF746D946EFA}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei
FirewallRules: [{B8A3E48A-9F01-48AC-B6A2-A041AF0CE7F0}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei
FirewallRules: [{2F0CA165-8717-4AE8-AFBE-4B223BFB579E}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8198180B-8028-4CC0-A091-6F33C92E0899}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{433D5D5C-2C59-48B2-B51C-BD2BD8D25782}] => (Allow) e:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E2F328C0-5DDA-408B-9AB3-7C5E049FCEF9}] => (Allow) e:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A17BE05E-BE4A-4031-B9AE-E1BFF1427BE4}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe => Keine Datei
FirewallRules: [{B289F11B-8763-48F8-A8A2-B621B8C7F2A5}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe => Keine Datei
FirewallRules: [{F33A39EE-85B7-46F2-B251-A0F875D2A989}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe => Keine Datei
FirewallRules: [{96D6C3AD-AB1C-446C-97EE-B9AA10E28302}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe => Keine Datei
FirewallRules: [TCP Query User{E315B37A-A296-4C9F-8BBE-143EFD730F55}E:\programme\python27\pythonw.exe] => (Allow) E:\programme\python27\pythonw.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4C37739F-EB98-42A1-9144-412711216599}E:\programme\python27\pythonw.exe] => (Allow) E:\programme\python27\pythonw.exe () [Datei ist nicht signiert]
FirewallRules: [{E1E55271-C2F9-413F-B803-96C91948C7FD}] => (Allow) C:\HP_LaserJet_200_color_MFP_M276\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{EDBA7A01-1DAC-4827-956E-AB94AA059302}] => (Allow) C:\HP_LaserJet_200_color_MFP_M276\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{44E05BE1-D01E-446C-8F18-245710072655}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{667C4014-B2FA-4DEE-B862-B72EB6148B2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{8FF62F3A-0A11-4C05-924C-D138DD838184}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{953D3F0F-1A43-4761-ABC8-9951DE7AE1C5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4385F523-DECB-4810-AB3D-9FB2542EE674}] => (Allow) E:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe => Keine Datei
FirewallRules: [{66B9E3C7-8FEF-4536-A071-27385A2FE85F}] => (Allow) E:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe => Keine Datei
FirewallRules: [{2DF908F4-86E0-4E70-9094-7A40B9661F5B}] => (Allow) E:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe => Keine Datei
FirewallRules: [{315435B3-606D-4C35-AD57-25FB14FD19FC}] => (Allow) E:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe => Keine Datei
FirewallRules: [TCP Query User{19F7E8DD-F139-4977-AF7E-C44D80797743}E:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) E:\program files (x86)\myphoneexplorer\myphoneexplorer.exe => Keine Datei
FirewallRules: [UDP Query User{E1BD961F-C095-420B-82FB-429879F456EA}E:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) E:\program files (x86)\myphoneexplorer\myphoneexplorer.exe => Keine Datei
FirewallRules: [{D894783A-340A-4336-AC05-B412CE564DC4}] => (Allow) E:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [Datei ist nicht signiert]
FirewallRules: [{C47542C6-3DBA-45EA-AEB3-D62A9135D027}] => (Allow) E:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [Datei ist nicht signiert]
FirewallRules: [{D96FE917-EF8F-4CC0-9D4C-60C60A846704}] => (Allow) E:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [Datei ist nicht signiert]
FirewallRules: [{45901C50-D4BA-4D0E-9D67-403A8CA00BF9}] => (Allow) E:\Program Files (x86)\Tunngle\Tunngle.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [Datei ist nicht signiert]
FirewallRules: [{B6964316-AC57-488E-AC6D-3CEE741FD491}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Street Racing Syndicate\Bin\SRS.EXE => Keine Datei
FirewallRules: [{2F9E8FF8-9DF8-48B9-9E7D-F310613F0F6C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Street Racing Syndicate\Bin\SRS.EXE => Keine Datei
FirewallRules: [{0EB00190-D849-4EA2-8143-A9C5C8FE9EDD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4FEAB817-6195-4D43-A11A-F7AADAB61103}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{24D1DFED-A6EF-4CD0-902A-E0275B154D7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => Keine Datei
FirewallRules: [{B96BA975-05EA-4F9F-92B0-4C3FBF633374}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => Keine Datei
FirewallRules: [{A7D99F6F-5030-48A8-8E4E-BF4C48485155}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9503DD1-BA04-4794-8AEE-47E90F572026}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A62A235C-BFAD-436E-809A-D3C0B5FCA24E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FEBF4BF6-5278-423A-93FB-CCAC2A2C4B41}] => (Allow) C:\Program Files (x86)\WISO\Steuersoftware 2016\wmain16.dll (Buhl Data Service GmbH -> )
FirewallRules: [{211FFED5-DC1B-4E76-8D76-4171EF8917D5}] => (Allow) C:\Program Files (x86)\WISO\Steuersoftware 2016\wmain16.dll (Buhl Data Service GmbH -> )
FirewallRules: [{09C335A5-7E00-4EBF-9EE0-9CA887BD0D78}] => (Allow) C:\Program Files (x86)\WISO\Steuersoftware 2016\wmain16.dll (Buhl Data Service GmbH -> )
FirewallRules: [{704E90E7-9293-4308-913F-EC76BE5406B1}] => (Allow) C:\Program Files (x86)\WISO\Steuersoftware 2016\wmain16.dll (Buhl Data Service GmbH -> )
FirewallRules: [{5A7B4A0C-9C7B-44A6-8993-777BF7263D3B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony) [Datei ist nicht signiert]
FirewallRules: [{8525ED06-0D66-4654-8AA5-66784A470D2E}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B9450499-AC0C-4F51-9349-BEBD3467F90C}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{40D247A7-87F8-4C25-B691-6705579B5AD8}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{4002AE9A-A2E8-4A45-9689-78F4560E026E}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{9787F2B4-9DBA-4EC3-A1EB-92EA5DD39F04}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{2064F384-1831-4161-85F7-AD67D672B02A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{ACC6B3CE-99C3-4745-B61D-0FDED2F9D93B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Torque Drift\TorqueDrift.exe () [Datei ist nicht signiert]
FirewallRules: [{91047375-09B7-478E-92F5-2BDA9641A004}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Torque Drift\TorqueDrift.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{89EC9CC4-3726-49E8-B31C-C34B2369C24A}C:\users\dracu\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\dracu\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{175F61E2-E507-4C09-9816-DA436A6FB7AE}C:\users\dracu\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\dracu\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52653BD5-C376-498F-B084-871291654A59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{6EB815EF-FC2B-4F9D-9304-B647B9C19DF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{C0599CDF-B97F-4A0D-8878-00A6B35F194E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{A2194B97-9B85-49F4-BCB7-773232B7E3C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Keine Datei
FirewallRules: [{5D5D039D-9A99-4C47-B0F5-A462DA2A7C3E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59222E80-A26B-4274-8E9E-B10A1F9B80C6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F537AA1D-B982-4992-A9C3-15822865318C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E85981E4-4176-4389-B2D2-462C2FDA116F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2D72C414-E9D5-4630-8271-463D7FE7AA16}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{42E11F3F-621C-4486-BAFA-F78565B09977}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D5E677D8-7FEB-4960-8FD2-36339716AEB0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B405AD98-26D6-4DF3-B22F-77AB0DD26F05}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E07E21B4-6BF5-4C1A-90FD-F092F1584B74}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{420DE6B6-EEAF-42AE-A4E1-6C15E26DE56A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{C5E628AF-A41F-43FA-8DD8-0AB227CE61FF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{8E1827E8-C381-48E4-9909-AA043EC3414A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E1354BBF-6C40-4FFB-AC0E-AA32C3193882}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{5ED6CBDC-3DE8-45AB-8E3B-1E7C77D3C037}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F353464C-05F8-427E-9B07-057C55704E3C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{91AAFBDA-E799-4DD2-AD7C-AA1B09CF632E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32EA296E-A6FF-4260-BF3E-C4713AB3B196}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC44F024-EB61-4123-A605-186EB479CBA7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:105.91 GB) (Free:3.99 GB) (4%)
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (12/30/2021 09:57:27 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/30/2021 08:55:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (12/30/2021 08:55:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (12/30/2021 08:55:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (12/23/2021 07:31:15 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (12/19/2021 05:37:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm identity_helper.exe Version 96.0.1054.62 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2ec4
Startzeit: 01d7f4f6a53ba4ea
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Microsoft\Edge\Application\96.0.1054.62\identity_helper.exe
Bericht-ID: 5c3df2c7-c9c8-45aa-95c2-05ab8681b84c
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge.Stable_96.0.1054.57_neutral__8wekyb3d8bbwe
Relative Anwendungs-ID des fehlerhaften Pakets: App
Absturztyp: Quiesce
Error: (12/19/2021 05:35:42 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (12/12/2021 08:18:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm identity_helper.exe Version 96.0.1054.53 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2b0c
Startzeit: 01d7ef8cee151434
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Microsoft\Edge\Application\96.0.1054.53\identity_helper.exe
Bericht-ID: ad1f4604-6338-4e30-9b69-2ea17da2adbf
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge.Stable_96.0.1054.43_neutral__8wekyb3d8bbwe
Relative Anwendungs-ID des fehlerhaften Pakets: App
Absturztyp: Quiesce
Systemfehler:
=============
Error: (12/30/2021 08:55:53 PM) (Source: DCOM) (EventID: 10010) (User: LU)
Description: Der Server "{5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/23/2021 07:25:26 AM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/20/2021 10:26:47 AM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/19/2021 05:37:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (12/19/2021 05:37:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (12/19/2021 05:34:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ClickToRunSvc erreicht.
Error: (12/19/2021 05:00:18 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/15/2021 07:00:47 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Windows Defender:
================
Date: 2021-12-30 22:17:44
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {C22694B0-3DE2-441F-926C-AC23DCD0B0D7}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
CodeIntegrity:
===============
Date: 2021-12-30 21:01:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-12-30 20:50:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 4.6.5 10/19/2012
Hauptplatine: CLEVO P170EM
Prozessor: Intel(R) Core(TM) i7-3740QM CPU @ 2.70GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 16273.89 MB
Verfügbarer physikalischer RAM: 9601.66 MB
Summe virtueller Speicher: 17325.22 MB
Verfügbarer virtueller Speicher: 10090.23 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:105.91 GB) (Free:3.98 GB) NTFS
Drive e: (daten) (Fixed) (Total:132.03 GB) (Free:1.6 GB) NTFS
\\?\Volume{75cdaf95-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{75cdaf95-0000-0000-0000-70801a000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 75CDAF95)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=105.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=132 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
Zwei weitere Logs im folgenden Post. |
| Themen zu Fake Trading Software, evtl. heimlicher Remote Zugriff? |
| antivirus, auslastung, avira, browser, computer, cpu, desktop, firefox, google, home, internet, internet explorer, langsam, microsoft defender, mozilla, no-ip, port, prozesse, realtek, registry, scan, software, sparbuch, udp, updates, windows |
Baum-Darstellung