|
Log-Analyse und Auswertung: Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.02.2022, 00:01 | #1 |
| Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner. Hi Leute, folgendes Problem. Wenn ich in Opera auf meiner Bankseite auf LogIn Butten klicke, so komme ich nicht zu dem Bereich wo ich einloggen kann sondern hierher: https://www.smartredirect.de/redir/clickGate.php?u=SlzvTCGB&m=4&p=DjmACiYHKw&t=3&splash=&s=ssq1sxgd49nk00000000&url=https%3A%2F%2Fwww.1822direkt-banking.de%2F%3F&q=&r= mailwarebytes hat nichts gefunden. Was ich mehr machen kann, weiss ich nicht. Kann wer die Logs gucken und weiterhelfen? Vielen Dank. FRST.TXT Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022 durchgeführt von Chef (Administrator) auf CHEF-PC (01-02-2022 23:30:51) Gestartet von J:\temp Geladene Profile: Chef & HA Plattform: Microsoft Windows 10 Pro Version 2004 19041.1415 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () [Datei ist nicht signiert] D:\ProgrammeSSD\No-IP\ducservice.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (Brio) [Datei ist nicht signiert] C:\Program Files\FolderSize\FolderSizeSvc.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\140.4.1951\QtWebEngineProcess.exe <2> (Easybits AS -> Easybits) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <3> (Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Foxit Software Incorporated -> Foxit Corporation) C:\Users\HA\AppData\Roaming\Foxit Software\Addon\Foxit Reader\FoxitReaderUpdater.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\NVDisplay.Container.exe <2> (Opera Software AS -> Opera Software) C:\Users\HA\AppData\Local\Programs\Opera\83.0.4254.27\opera_crashreporter.exe (Opera Software AS -> Opera Software) C:\Users\HA\AppData\Local\Programs\Opera\opera.exe <81> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Protected Antivirus Limited -> ScanGuard) C:\Program Files (x86)\ScanGuard\SecurityService.exe <2> (Razer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (Razer USA Ltd. -> Razer Inc.) D:\ProgrammeSSD\Razer Cortex\RzKLService.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (TomTom) [Datei ist nicht signiert] D:\ProgrammeSSD\TomTom HOME\TTHOMEService.exe 0 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe 0 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe 0 C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.232.137.0_x64__8wekyb3d8bbwe\Desktop\WDADesktopService.exe 0 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe 0 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe 0 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21121.250.0_x64__8wekyb3d8bbwe\YourPhone.exe 0 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21121.250.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-22] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [KeePass 2 PreLoad] => D:\ProgrammeSSD\KeePass Password Safe 2\KeePass.exe [3159744 2021-05-07] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM\...\Run: [Malwarebytes Windows Firewall Control] => C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe [635576 2021-08-27] (Malwarebytes Inc -> Malwarebytes) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596664 2017-08-30] (Razer USA Ltd. -> Razer Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\RunOnce: [auup697] => C:\Program Files\AVAST Software\Avast\setup\auup697.exe [161560 2021-10-13] (Avast Software s.r.o. -> ) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Run: [EADM] => D:\SpieleSSD\Origin\Origin.exe [3131664 2019-10-22] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Run: [Steam] => D:\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Run: [CCleaner Smart Cleaning] => D:\ProgrammeSSD\ccleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Run: [TomTomHOME.exe] => D:\ProgrammeSSD\TomTom HOME\TTHOMERunner.exe [332288 2019-12-17] (TomTom) [Datei ist nicht signiert] HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [Folder Size] => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-12] (Brio) [Datei ist nicht signiert] HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [CCleaner Smart Cleaning] => D:\ProgrammeSSD\ccleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [EpicGamesLauncher] => D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33637856 2022-01-31] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [GogGalaxy] => D:\SpieleSSD\GOG Galaxy\GalaxyClient.exe [13728096 2021-08-20] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [MyDriveConnect.exe] => D:\ProgrammeSSD\MyDrive Connect\TomTom MyDrive Connect.exe [2224096 2020-11-10] (TomTom International B.V. -> TomTom) HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [Opera Browser Assistant] => C:\Users\HA\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software) HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Policies\Explorer: [NoLogoff] 0 HKLM\...\Windows x64\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9Z.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: c:\windows\system32\CNMLM9Z.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: c:\windows\system32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert] HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: c:\windows\system32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\97.1.34.81\Installer\chrmstp.exe [2022-01-21] (Brave Software, Inc. -> Brave Software, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> Startup: C:\Users\HA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2013-09-12] () <==== ACHTUNG [Null Byte Datei/Ordner] BootExecute: autocheck autochk * sdnclean64.exe GroupPolicy: Beschränkung ? <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG HKU\S-1-5-21-1414027369-238287121-3710414321-1000\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {014AF2AD-3350-4045-BB6F-F38B16C6C89C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Task: {065BFCF0-6FC3-432A-8A00-EDB04948F13E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Keine Datei) Task: {069C5C9D-7D32-449F-A6DF-E7ADE8627BA6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Keine Datei) Task: {0733DF00-7ED6-43B1-A8D8-DCB6B9EAED1E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AMD Updater" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineCore" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineUA" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineUA" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6b1f1c610760a" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\npcapwatchdog" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1414027369-238287121-3710414321-1000" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1582736624" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1575362177" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{5693B850-617B-4181-9789-E92B53386C3D}" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{C8ED4D84-A9E0-4A69-A697-BBAC8F3838A5}" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\VivaldiUpdateCheck-958b61f85d25c11f" /ENABLE Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {2793592A-FC9B-4F84-907A-A5D334625AB2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Keine Datei) Task: {27AF5CA3-D3B9-4CD4-AD11-F496A5790681} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Keine Datei) Task: {2C9578B8-5EB1-4CF6-A4A1-507EA92881AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Task: {32C3403A-B496-4959-B2BC-52089E1B3CA8} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG Task: {37EB71D6-B8AB-41CF-BD22-8D376B13A616} - System32\Tasks\CreateExplorerShellUnelevatedTask => c:\windows\explorer.exe /NoUACCheck Task: {3D72CD85-AFC1-4E25-B1C1-C1477168726D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {42D123E3-B60C-40EB-B4B7-0589BB86E157} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Keine Datei) Task: {431FA6E6-40B4-42BB-9E8E-87586A7F9A46} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4B58AD51-DBE7-44FB-A32B-8FB0B6AE7C5C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {4BAAF3C4-E473-4EB2-A5E3-A061DBC18A46} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-22] (Avast Software s.r.o. -> AVAST Software) Task: {4C499EBE-8B6D-44CA-81A9-DD9FE825A09B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {4FD27115-9107-49F0-B5DF-F7E08314CC7D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Keine Datei) Task: {5091BAEA-7A4F-4396-8744-8339ADA384B1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Keine Datei) Task: {564259EF-7FAC-498D-AFBC-63EFE9D41857} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Keine Datei) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5EC9A78C-0EE6-498C-A02B-8667CBDC1908} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Keine Datei) Task: {5F4EBEB7-3A11-418F-831E-43A1CACF0B16} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {61337DDE-5EF8-4D72-8BDA-C8C2CB281F90} - System32\Tasks\VivaldiUpdateCheck-958b61f85d25c11f => C:\Users\HA\AppData\Local\Vivaldi\Application\update_notifier.exe [3058064 2022-01-21] (Vivaldi Technologies AS -> Vivaldi Technologies AS) Task: {6409C90D-4EDE-4482-91C8-533BA3544E3B} - System32\Tasks\CCleaner Update => D:\ProgrammeSSD\ccleaner\CCUpdate.exe [619416 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd) Task: {6BFA90E6-14B8-4B7B-8C84-49A679432E62} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Keine Datei) Task: {6DC8EC30-C5CB-44F2-BA57-CC2D5919A806} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {705C3396-C6AA-4254-82B5-0A427421BAA6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {7630E6BE-0BED-4036-BA15-DE74A20C437F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Keine Datei) Task: {7636A6E6-10FD-456D-84D6-BFD3ADEE0825} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {79C4BACB-F4C4-4FCE-921B-28FED91B6FAF} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Keine Datei) Task: {7E80BDB2-D551-490A-AB12-C54713AD205D} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-04-21] () [Datei ist nicht signiert] Task: {7FA9F1E7-0A5C-4134-A018-6A2FD1A2FEB9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {8030B787-D1E1-4B98-B619-6E32C02108C7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Keine Datei) Task: {8202A2B5-A43F-411C-A035-66225C297566} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {89CD267E-FE02-415F-9A22-12BFB515DC93} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Keine Datei) Task: {8DC0784E-B626-4B72-B2D5-4E388B17CDE6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Keine Datei) Task: {96A21D60-31E0-43BC-AAE5-B864464B1C42} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Keine Datei) Task: {9E5A17CE-395C-40B3-9E53-8B57EF68448F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {9EE431EF-3868-48FE-B64D-55F16D120E5C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Keine Datei) Task: {A2A15D6A-0142-4881-9B70-B106F4451D98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Keine Datei) Task: {A5BF9DAC-2DFC-4171-9CFC-D37886A27B54} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Keine Datei) Task: {A6499E7D-5B57-4B53-AB18-C01B5485F768} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Keine Datei) Task: {AFE1B316-C858-4D6C-9E44-9AF08384D85D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B23191E5-2375-4F7F-BA1C-824338FF4E2C} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-24] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {B25B00A3-6AA5-48D4-ADD1-D0912A9181CE} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe (Keine Datei) Task: {B4FBDD03-C569-403D-8387-422CE1777809} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {B53563C4-8599-49F8-8192-A62F3615D2CF} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10385288 2016-07-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {B8247FD0-4823-4188-A23C-EC933BF13008} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {BEDB9F3C-A964-4143-946B-3C4964B01CCD} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG Task: {CC83B719-C866-4789-A94B-951CFFA6F137} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {CDCC809E-EA1C-463E-AD37-0F7E3E8DA299} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-24] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {CEAEE351-CAD4-4120-8B38-BEA1DA86D360} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software) Task: {CFF94FA8-3DBE-4C5A-8034-F1DAD168E5EB} - System32\Tasks\Opera scheduled assistant Autoupdate 1582736624 => C:\Users\HA\AppData\Local\Programs\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HA\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {D0081A87-B9C1-4C1F-80DB-EC3A3F3EBC71} - System32\Tasks\CCleanerSkipUAC => D:\ProgrammeSSD\ccleaner\CCleaner.exe [16467424 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd) Task: {DDFC376C-2D96-4392-B968-72F12613F31D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Keine Datei) Task: {E5E95960-B716-4B4F-A00C-272834026069} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {E6686E67-0C7E-40A5-BA97-710A442317ED} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {E7CAFEA4-7FE5-4825-A45D-6D374570691D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {EE5C90E0-C9FD-4B29-AFEF-D6AD96D71229} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1414027369-238287121-3710414321-1000 => C:\Users\Chef\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei) Task: {EE83F3C8-0DA4-4677-87F1-95C10ADD8944} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Keine Datei) Task: {EEF38EE7-71BF-4BE3-B589-5A0652DC4C56} - System32\Tasks\Opera scheduled Autoupdate 1575362177 => C:\Users\HA\AppData\Local\Programs\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software) Task: {F2822B75-873A-44E9-B998-CC5044C4DDC3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {F4B943A4-93BD-484D-AD85-709CC3E7C345} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Keine Datei) Task: {F7596E3C-BCF4-4AF9-9151-218877E1D710} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Keine Datei) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.188.1 Tcpip\..\Interfaces\{32168289-76e1-4690-9a23-9c19833bb19b}: [DhcpNameServer] 192.168.72.93 Tcpip\..\Interfaces\{33738dec-ed7c-4fcd-8456-6a09caeb2f21}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{33738dec-ed7c-4fcd-8456-6a09caeb2f21}: [DhcpNameServer] 192.168.188.1 Edge: ======= Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Profile: C:\Users\Chef\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-16] FireFox: ======== FF ProfilePath: C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default [2022-02-01] FF DownloadDir: D: FF Homepage: Mozilla\Firefox\Profiles\mi5yrlev.default -> hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl FF NewTab: Mozilla\Firefox\Profiles\mi5yrlev.default -> about:newtab FF Extension: (Search and New Tab by Yahoo) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2017-05-05] [] FF Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\sp@avast.com.xpi [2019-02-20] FF Extension: (Test Pilot for Thunderbird) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\tbtestpilot@labs.mozilla.com.xpi [2012-07-07] [] [ist nicht signiert] FF Extension: (Avast Online Security) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\wrc@avast.com.xpi [2018-07-22] FF Extension: (Password Exporter) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2012-07-13] [] [ist nicht signiert] FF Extension: (Torbutton) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2012-07-13] [] [ist nicht signiert] FF SearchPlugin: C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\searchplugins\google-images.xml [2015-10-22] FF SearchPlugin: C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\searchplugins\google-maps.xml [2015-10-22] FF SearchPlugin: C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\searchplugins\yahoo-avast.xml [2014-09-06] FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-07-11] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-07-11] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\ProgrammeSSD\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin HKU\S-1-5-21-1414027369-238287121-3710414321-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei] FF Plugin HKU\S-1-5-21-1414027369-238287121-3710414321-1006: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default [2022-02-01] CHR HomePage: Default -> hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl" CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} CHR DefaultSearchKeyword: Default -> de.search.yahoo.com CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms} CHR Session Restore: Default -> ist aktiviert. CHR Extension: (Yahoo Partner) - C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2020-07-02] CHR Extension: (Avast Online Security & Privacy) - C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-12-03] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12] CHR HKU\S-1-5-21-1414027369-238287121-3710414321-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\HA\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-01-02] CHR HKU\S-1-5-21-1414027369-238287121-3710414321-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] CHR HKU\S-1-5-21-1414027369-238287121-3710414321-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] Brave: ======= BRA Profile: C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2020-09-07] BRA DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default BRA DefaultSearchKeyword: Default -> Yahoo BRA DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 BRA Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-05-05] BRA Extension: (Yahoo Partner) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2020-05-05] BRA Extension: (Avast Online Security) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-05-05] BRA Extension: (Brave Local Data Files Updater) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-06-09] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2020-06-09] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-05-05] BRA Extension: (Brave NTP sponsored images) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2020-05-05] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-05-05] StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-09] (Adobe Systems) [Datei ist nicht signiert] S2 appdrvrem01; C:\WINDOWS\System32\appdrvrem01.exe [551896 2019-02-22] (Protection Technology, Ltd. -> Protection Technology) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1720088 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2022-01-20] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-24] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-24] (Brave Software, Inc. -> BraveSoftware Inc.) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert] S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2021-06-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-12] (Brio) [Datei ist nicht signiert] S3 GalaxyClientService; D:\SpieleSSD\GOG Galaxy\GalaxyClientService.exe [1955680 2021-08-20] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-08-20] (GOG Sp. z o.o. -> GOG.com) R2 NoIPDUCService4; D:\ProgrammeSSD\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert] S4 Origin Client Service; D:\SpieleSSD\Origin\OriginClientService.exe [2403120 2019-10-22] (Electronic Arts, Inc. -> Electronic Arts) S4 Origin Web Helper Service; D:\SpieleSSD\Origin\OriginWebHelperService.exe [3282736 2019-10-22] (Electronic Arts, Inc. -> Electronic Arts) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [431616 2017-11-07] (Razer Inc.) [Datei ist nicht signiert] R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [919200 2017-11-29] (Razer USA Ltd. -> Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] (Razer USA Ltd. -> ) S3 Rockstar Service; D:\SpieleSSD\Launcher\Rockstar Games\RockstarService.exe [1629312 2020-10-19] (Rockstar Games, Inc. -> Rockstar Games) R2 RzKLService; D:\ProgrammeSSD\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer USA Ltd. -> Razer Inc.) S4 SamsungAllShareV2.0; D:\ProgrammeSSD\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-03-02] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 SecurityService; C:\Program Files (x86)\ScanGuard\SecurityService.exe [265064 2021-11-09] (Protected Antivirus Limited -> ScanGuard) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SimpleSlideShowServer; D:\ProgrammeSSD\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TTHOMEService; D:\ProgrammeSSD\TomTom HOME\TTHOMEService.exe [97792 2019-04-17] (TomTom) [Datei ist nicht signiert] S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-18] (Microsoft Windows Publisher -> Microsoft Corporation) R2 wfcs; C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe [118456 2021-08-27] (Malwarebytes Inc -> Malwarebytes) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-18] (Microsoft Windows Publisher -> Microsoft Corporation) S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [X] S3 FvSvc; "C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe" -service [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 appdrv01; C:\WINDOWS\System32\Drivers\appdrv01.sys [3852976 2019-02-22] (Protection Technology, Ltd. -> Protection Technology) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-29] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-22] (Avast Software s.r.o. -> AVAST Software) S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-09-08] (AVAST Software s.r.o. -> The OpenVPN Project) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-22] (Avast Software s.r.o. -> AVAST Software) S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-09-08] (Avast Software s.r.o. -> WireGuard LLC) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-07-21] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-07-21] (Disc Soft Ltd -> Disc Soft Ltd) R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2019-10-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49304 2014-12-15] (ManyCam LLC -> Visicom Media Inc.) S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35992 2014-12-15] (ManyCam LLC -> Visicom Media Inc.) S3 mv91xx; C:\WINDOWS\System32\drivers\mv91xx.sys [302632 2010-03-17] (Marvell Semiconductor -> Marvell Semiconductor, Inc.) R0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [345320 2015-10-21] (Marvell Semiconductor, Inc. -> Marvell Semiconductor, Inc.) S3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216 2016-05-16] (SoftEther Corporation -> SoftEther Corporation) R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74744 2021-04-21] (Insecure.Com LLC -> Insecure.Com LLC.) R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] (Wolfram Podien -> ) S0 ProtectedELAM; C:\WINDOWS\System32\drivers\protected_elam.sys [17864 2021-11-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> TODO: <Company name>) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-06-18] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-06-18] (MiniTool Solution Ltd -> ) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer USA Ltd. -> Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer USA Ltd. -> Razer, Inc.) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [51024 2016-05-16] (SoftEther Corporation -> SoftEther Corporation) R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2018-06-08] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2018-06-08] (Valve Corp. -> ) R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (Duodian Online Technology Co. Ltd. -> BigNox Corporation) S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-18] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-18] (Microsoft Windows -> Microsoft Corporation) R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264 2021-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ACHTUNG S3 wod0205; C:\WINDOWS\System32\drivers\wod0205.sys [33160 2011-04-23] (Secure Plus d.o.o. -> WeOnlyDo Software) U3 idsvc; kein ImagePath U4 npcap_wifi; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2022-02-01 23:04 - 2022-02-01 23:05 - 000000000 ___DC C:\Users\HA\Desktop\HiJackThis 2022-02-01 22:48 - 2022-02-01 23:29 - 000003544 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1575362177 2022-02-01 22:48 - 2022-02-01 22:48 - 000001441 _____ C:\Users\HA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk 2022-02-01 22:44 - 2022-02-01 22:44 - 000001193 _____ C:\Users\HA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScanGuard.lnk 2022-02-01 22:44 - 2022-02-01 22:44 - 000000000 ___DC C:\Users\HA\Documents\ScanGuard 2022-02-01 22:44 - 2022-02-01 22:44 - 000000000 ____D C:\Users\HA\AppData\Local\GUI 2022-02-01 08:47 - 2022-02-01 08:47 - 000000000 ____D C:\Users\Chef\Documents\ScanGuard 2022-02-01 08:47 - 2021-11-09 17:51 - 000096264 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\webshieldfilter.sys 2022-02-01 08:45 - 2022-02-01 22:44 - 000000000 ____D C:\Program Files (x86)\ScanGuard 2022-02-01 08:45 - 2022-02-01 08:45 - 000001181 _____ C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScanGuard.lnk 2022-02-01 08:45 - 2022-02-01 08:45 - 000001095 _____ C:\Users\Public\Desktop\ScanGuard.lnk 2022-02-01 08:45 - 2022-02-01 08:45 - 000000000 ____D C:\Users\Chef\AppData\Local\GUI 2022-02-01 08:45 - 2022-02-01 08:45 - 000000000 ____D C:\ProgramData\SecuritySuite 2022-02-01 08:45 - 2022-02-01 08:45 - 000000000 ____D C:\ProgramData\ScanGuard 2022-02-01 08:45 - 2021-11-09 17:51 - 000017864 _____ (TODO: <Company name>) C:\WINDOWS\system32\Drivers\protected_elam.sys 2022-01-21 10:59 - 2022-01-21 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-01-20 11:21 - 2022-01-20 11:21 - 000000000 ___DC C:\Users\HA\AppData\LocalLow\SZSS INTERACTIVE 2022-01-19 22:08 - 2022-01-19 22:08 - 000000203 ____C C:\Users\HA\Desktop\Settlement Survival.url 2022-01-19 01:17 - 2022-01-19 01:17 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2022-01-19 01:17 - 2022-01-19 01:17 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2022-01-19 01:17 - 2022-01-19 01:17 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2022-01-19 01:17 - 2022-01-19 01:17 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2022-01-15 10:09 - 2022-01-15 10:09 - 000000000 ____D C:\Users\HA\AppData\Local\Stardock 2022-01-15 10:06 - 2022-01-15 10:09 - 000000000 ____D C:\ProgramData\Stardock 2022-01-15 09:41 - 2022-01-15 09:41 - 000000346 ____C C:\Users\HA\Desktop\Galactic Civilizations III (Test branch).url 2022-01-15 09:36 - 2022-01-15 09:36 - 000061681 ____C C:\Users\HA\Desktop\freitext_20220113164324-129302558.pdf 2022-01-13 23:28 - 2022-01-13 23:29 - 004608203 ____C C:\Users\HA\Desktop\Bara May (Kosol Ouch) und Peppi La Montagna.pdf 2022-01-05 20:04 - 2022-01-05 20:04 - 000002368 ____C C:\Users\HA\Desktop\minecraftWorlds - Verknüpfung.lnk 2022-01-05 17:34 - 2022-01-05 17:34 - 000000000 ____D C:\Users\HA\AppData\Roaming\internalStorage 2022-01-05 17:34 - 2022-01-05 17:34 - 000000000 ____D C:\Users\HA\AppData\Roaming\games 2022-01-02 10:35 - 2022-01-02 18:53 - 000000000 ___DC C:\Users\HA\Documents\Algodoo 2022-01-02 10:35 - 2022-01-02 10:35 - 000001067 _____ C:\Users\Public\Desktop\Algodoo.lnk 2022-01-02 10:35 - 2022-01-02 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Algodoo 2022-01-02 10:35 - 2022-01-02 10:35 - 000000000 ____D C:\Program Files (x86)\Algodoo ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2022-02-01 23:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-02-01 23:31 - 2016-08-25 00:11 - 000000000 ___DC C:\FRST 2022-02-01 23:29 - 2021-10-14 13:49 - 000003770 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582736624 2022-02-01 23:29 - 2021-08-30 17:34 - 000003026 _____ C:\WINDOWS\system32\Tasks\VivaldiUpdateCheck-958b61f85d25c11f 2022-02-01 23:29 - 2021-07-12 21:55 - 000002648 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask 2022-02-01 23:29 - 2020-11-30 16:16 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b1f1c610760a 2022-02-01 23:29 - 2020-11-03 16:19 - 000003824 _____ C:\WINDOWS\system32\Tasks\AMD Updater 2022-02-01 23:29 - 2020-11-03 16:19 - 000003698 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2022-02-01 23:29 - 2020-11-03 16:19 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-02-01 23:29 - 2020-11-03 16:19 - 000003642 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA 2022-02-01 23:29 - 2020-11-03 16:19 - 000003620 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-02-01 23:29 - 2020-11-03 16:19 - 000003474 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2022-02-01 23:29 - 2020-11-03 16:19 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-02-01 23:29 - 2020-11-03 16:19 - 000003418 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore 2022-02-01 23:29 - 2020-11-03 16:19 - 000003396 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-02-01 23:29 - 2020-11-03 16:19 - 000003354 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C8ED4D84-A9E0-4A69-A697-BBAC8F3838A5} 2022-02-01 23:29 - 2020-11-03 16:19 - 000003350 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5693B850-617B-4181-9789-E92B53386C3D} 2022-02-01 23:29 - 2020-11-03 16:19 - 000003252 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-02-01 23:29 - 2020-11-03 16:19 - 000002918 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1414027369-238287121-3710414321-1000 2022-02-01 23:29 - 2020-11-03 16:19 - 000002218 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog 2022-02-01 23:29 - 2020-11-03 16:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2022-02-01 23:29 - 2019-11-11 13:25 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2022-02-01 23:29 - 2019-11-11 13:25 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2022-02-01 23:28 - 2020-11-03 16:19 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-02-01 23:28 - 2020-01-17 18:00 - 000000000 ___DC C:\Users\HA\AppData\Roaming\vlc 2022-02-01 23:06 - 2012-07-13 09:21 - 000000000 ____D C:\Program Files (x86)\Google 2022-02-01 22:52 - 2016-11-19 05:57 - 000000000 ____D C:\Users\HA\AppData\LocalLow\Mozilla 2022-02-01 22:52 - 2012-07-13 09:28 - 000000000 ___DC C:\ProgramData\Mozilla 2022-02-01 22:48 - 2020-11-03 16:03 - 002870892 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-02-01 22:48 - 2020-11-03 14:15 - 000790528 _____ C:\WINDOWS\system32\perfh019.dat 2022-02-01 22:48 - 2020-11-03 14:15 - 000162228 _____ C:\WINDOWS\system32\perfc019.dat 2022-02-01 22:48 - 2019-12-07 15:51 - 000820884 _____ C:\WINDOWS\system32\perfh007.dat 2022-02-01 22:48 - 2019-12-07 15:51 - 000177416 _____ C:\WINDOWS\system32\perfc007.dat 2022-02-01 22:48 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-02-01 22:44 - 2015-06-16 11:17 - 000000000 ___DC C:\Users\HA\AppData\Local\Dropbox 2022-02-01 22:43 - 2021-06-18 18:41 - 000008192 ___SH C:\DumpStack.log.tmp 2022-02-01 22:43 - 2020-11-03 16:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-02-01 22:43 - 2012-07-13 09:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-02-01 22:43 - 2012-07-13 09:21 - 000000000 ___DC C:\ProgramData\AVAST Software 2022-02-01 22:43 - 2012-07-13 09:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2022-02-01 12:44 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-02-01 11:52 - 2020-11-03 15:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-02-01 08:59 - 2017-09-19 11:41 - 000000000 ____D C:\Users\HA\AppData\Roaming\KeePass 2022-02-01 08:45 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-02-01 08:40 - 2016-08-22 19:25 - 000000000 ___DC C:\Users\HA\AppData\Local\CrashDumps 2022-02-01 08:36 - 2018-07-22 13:01 - 000000000 ___DC C:\Users\HA\AppData\Local\AVAST Software 2022-02-01 08:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-01-31 11:04 - 2021-11-27 14:36 - 000000000 ___DC C:\Users\HA\Documents\TrailMakers 2022-01-31 09:01 - 2018-10-22 20:35 - 000000000 ____D C:\Users\HA\AppData\LocalLow\IObit 2022-01-31 09:01 - 2017-03-06 18:18 - 000000000 ___DC C:\ProgramData\IObit 2022-01-31 09:01 - 2017-03-06 18:18 - 000000000 ____D C:\Users\HA\AppData\Roaming\IObit 2022-01-31 09:01 - 2017-03-06 18:18 - 000000000 ____D C:\Users\Chef\AppData\LocalLow\IObit 2022-01-31 09:01 - 2017-03-06 18:17 - 000000000 ____D C:\Users\Chef\AppData\Roaming\IObit 2022-01-31 09:01 - 2017-03-06 18:17 - 000000000 ____D C:\Program Files (x86)\IObit 2022-01-31 09:01 - 2013-04-01 20:09 - 000000000 ____D C:\Users\Chef\AppData\Roaming\Samsung 2022-01-31 09:01 - 2012-07-27 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2022-01-31 09:01 - 2012-07-27 08:06 - 000000000 ____D C:\Users\HA\AppData\Roaming\Samsung 2022-01-31 08:58 - 2016-08-25 00:30 - 000000000 ___DC C:\AdwCleaner 2022-01-31 07:56 - 2021-12-22 22:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2022-01-29 17:49 - 2020-06-19 20:26 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-01-29 17:49 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-01-28 21:46 - 2018-11-01 09:43 - 000000000 ___DC C:\Users\HA\AppData\Local\Battle.net 2022-01-28 20:47 - 2018-11-01 09:42 - 000000000 ___DC C:\Program Files (x86)\Battle.net 2022-01-25 12:47 - 2012-07-13 09:33 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-01-23 07:32 - 2021-08-30 17:34 - 000002409 _____ C:\Users\HA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk 2022-01-23 07:32 - 2021-08-30 17:34 - 000002372 ____C C:\Users\HA\Desktop\Vivaldi.lnk 2022-01-23 07:32 - 2021-08-30 17:33 - 000000000 ____D C:\Users\HA\AppData\Local\Vivaldi 2022-01-22 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-01-22 16:48 - 2019-08-20 18:42 - 000000000 ___DC C:\Users\HA\AppData\Roaming\EasyAntiCheat 2022-01-21 20:03 - 2019-03-24 17:54 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2022-01-21 10:59 - 2019-11-11 13:25 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-01-19 23:29 - 2021-03-23 08:13 - 000004284 ____C C:\Users\HA\Desktop\SL.txt 2022-01-19 22:08 - 2012-08-18 17:04 - 000000000 ____D C:\Users\HA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2022-01-19 16:15 - 2021-03-14 20:09 - 000000000 ___DC C:\Users\HA\Desktop\!binance 2022-01-15 10:06 - 2020-10-19 18:17 - 000000000 ___DC C:\Users\HA\Documents\My Games 2022-01-12 16:33 - 2021-11-28 20:56 - 000000000 ___DC C:\Users\HA\Desktop\!bilder 2022-01-09 22:10 - 2021-12-18 20:58 - 000034938 ____C C:\Users\HA\Desktop\Plan Gegen Corona!.odt 2022-01-04 12:08 - 2019-10-20 16:17 - 000000000 ___DC C:\Users\HA\AppData\Roaming\TegraRcmGUI ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2016-01-25 16:30 - 2016-01-25 19:32 - 000000096 _____ () C:\Users\Chef\AppData\Roaming\Camdata.ini 2016-01-25 16:30 - 2016-01-25 19:32 - 000000408 _____ () C:\Users\Chef\AppData\Roaming\CamLayout.ini 2016-01-25 16:30 - 2016-01-25 19:32 - 000000408 _____ () C:\Users\Chef\AppData\Roaming\CamShapes.ini 2016-01-25 16:30 - 2016-01-25 19:32 - 000004547 _____ () C:\Users\Chef\AppData\Roaming\CamStudio.cfg 2012-11-12 17:50 - 2012-11-12 17:50 - 000000053 _____ () C:\Users\Chef\AppData\Roaming\PLGComp.ini 2013-12-06 00:47 - 2013-12-06 00:47 - 001838080 _____ (CPUID) C:\Users\Chef\AppData\Roaming\siw_sdk.dll 2015-06-04 06:52 - 2015-06-04 06:54 - 000000026 _____ () C:\Users\Chef\AppData\Local\isoworkshop.ini 2018-06-06 19:28 - 2018-06-06 19:28 - 000000600 _____ () C:\Users\Chef\AppData\Local\PUTTY.RND 2017-05-22 10:56 - 2017-05-22 10:56 - 000000218 _____ () C:\Users\Chef\AppData\Local\recently-used.xbel 2017-05-24 20:05 - 2020-01-18 15:03 - 000007596 _____ () C:\Users\Chef\AppData\Local\Resmon.ResmonCfg ==================== FLock ============================== 2016-05-16 04:03 C:\ProgramData\Info 2017-11-20 19:04 C:\Users\HA\Google Drive ==================== SigCheckExt ========================= 2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll 2013-02-27 20:22 - 2013-01-13 21:35 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 21:32 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-02-27 20:22 - 2013-01-13 21:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 21:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 21:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 21:35 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 21:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-02-27 20:22 - 2013-01-13 21:31 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 21:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-version-l1-1-0.dll 2021-05-14 12:36 - 2020-06-19 21:05 - 005956608 _____ (The Public) C:\WINDOWS\system32\AviSynth.dll 2013-04-20 16:57 - 2006-02-23 11:16 - 000047616 _____ (TODO: <Company name>) C:\WINDOWS\system32\AvmColorFax.dll 2013-04-20 16:57 - 2006-02-22 09:53 - 000043520 _____ (TODO: <Company name>) C:\WINDOWS\system32\AvmFax.dll 2016-01-14 18:32 - 2012-12-12 11:37 - 000318464 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRun64.dll 2016-01-14 18:32 - 2012-07-14 09:53 - 000087040 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrNetSti.dll 2016-01-14 18:32 - 2012-10-29 06:14 - 000058880 _____ (Brother Industries,Ltd) C:\WINDOWS\system32\Brnsplg.dll 2016-01-14 18:32 - 2005-04-22 05:36 - 000143360 _____ C:\WINDOWS\system32\BrSNMP64.dll 2018-01-09 17:01 - 2012-06-14 13:55 - 000058880 _____ (Brother Industries,Ltd.) C:\WINDOWS\system32\BrWiaNCp.dll 2016-08-02 08:17 - 2016-07-01 04:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2017-09-29 14:42 - 2017-09-29 14:42 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcComImplementations.dll 2017-04-12 09:56 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2021-05-14 12:36 - 2020-06-19 21:05 - 002300928 _____ (Abysmal Software) C:\WINDOWS\system32\DevIL.dll 2019-06-23 17:34 - 2019-06-23 17:34 - 000016384 _____ C:\WINDOWS\system32\dfsc.dll 2019-06-23 17:34 - 2019-06-23 17:34 - 000014848 _____ C:\WINDOWS\system32\dfscacm.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 001210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dml.dll 2018-07-22 12:44 - 2018-06-15 18:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll 2013-02-26 07:31 - 2013-02-26 07:31 - 000071680 _____ (Beepa P/L) C:\WINDOWS\system32\frapsv64.dll 2013-04-20 16:57 - 2006-02-22 09:51 - 000027136 _____ (AVM Berlin GmbH) C:\WINDOWS\system32\FriDru64.dll 2013-04-20 16:57 - 2006-02-23 10:35 - 000020480 _____ C:\WINDOWS\system32\FritzColorPort64.dll 2013-04-20 16:57 - 2006-02-22 09:39 - 000020480 _____ C:\WINDOWS\system32\FritzPort64.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemonitor.dll 2021-11-30 17:30 - 2021-12-16 18:13 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2019-07-10 18:57 - 2019-06-13 08:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll 2017-05-11 11:32 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-07-16 12:43 - 2016-07-16 23:56 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPPMon.dll 2018-07-22 12:44 - 2018-07-06 08:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Core.dll 2018-04-11 06:30 - 2018-03-30 04:28 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2016-03-09 07:26 - 2016-02-08 18:33 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll 2018-01-09 17:01 - 2012-11-02 10:15 - 000319488 _____ (brother) C:\WINDOWS\system32\NSSRH64.dll 2012-09-26 07:39 - 2012-08-21 22:01 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\OxpsConverter.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000049664 _____ C:\WINDOWS\system32\PerceptionSimulationInput.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneDataSync.dll 2015-03-03 21:44 - 2015-01-09 04:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\powertracker.dll 2012-07-14 09:20 - 2010-11-20 14:25 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushPrinterConnections.exe 2012-07-13 09:28 - 2012-04-26 06:34 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrmemptylst.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvcPAL.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe 2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmClientApi.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-07-16 12:43 - 2016-07-16 23:56 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeSubscription.exe 2015-09-09 11:15 - 2015-07-22 17:48 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\VrdUmed.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedic.exe 2012-11-14 12:53 - 2012-07-26 03:36 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wdfres.dll 2020-06-17 18:12 - 2017-11-10 11:51 - 000002560 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\wdfsconnectevtmsg.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Sets.dll 2016-03-09 07:26 - 2016-02-12 19:18 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2013-04-20 16:54 - 1998-11-17 11:44 - 000328704 _____ (InstallShield Software Corporation ) C:\WINDOWS\IsUn0407.exe 2020-09-24 16:16 - 1998-07-30 11:51 - 000305152 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe 2012-12-18 05:08 - 2012-12-18 05:08 - 000286720 _____ (Indigo Rose Corporation) C:\WINDOWS\iun506.exe 2018-05-24 20:05 - 2018-05-24 20:04 - 000737280 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe 2013-09-06 12:41 - 2013-09-06 12:41 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\Setup1.exe 2013-09-06 12:41 - 2013-09-06 12:41 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE 2013-04-04 16:03 - 2013-04-04 16:03 - 000717322 _____ C:\WINDOWS\unins000.exe 2009-08-11 21:21 - 2009-08-11 21:21 - 000087552 _____ C:\WINDOWS\SysWOW64\ac3config.exe 2013-02-27 20:22 - 2013-01-13 22:16 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 22:12 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-02-27 20:22 - 2013-01-13 22:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 22:11 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 22:11 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 22:17 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 22:11 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-02-27 20:22 - 2013-01-13 22:11 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-02-27 20:22 - 2013-01-13 22:11 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2009-01-10 23:16 - 2009-01-10 23:16 - 000108032 _____ C:\WINDOWS\SysWOW64\avi.dll 2021-05-14 12:36 - 2020-06-19 20:48 - 005376000 _____ (The Public) C:\WINDOWS\SysWOW64\AviSynth.dll 2009-01-10 23:15 - 2009-01-10 23:15 - 000097280 _____ C:\WINDOWS\SysWOW64\avs.dll 2009-01-10 23:15 - 2009-01-10 23:15 - 000102400 _____ C:\WINDOWS\SysWOW64\avss.dll 2004-04-13 07:35 - 2004-04-13 07:35 - 000797536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AXDIST.EXE 2007-02-02 00:19 - 2007-02-02 00:19 - 000150520 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_aac.dll 2007-02-02 00:19 - 2007-02-02 00:19 - 000012784 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_alac.dll 2007-02-02 00:19 - 2007-02-02 00:19 - 000033240 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_ape.dll 2007-02-02 00:19 - 2007-02-02 00:19 - 000023616 _____ (Un4seen Developments) C:\WINDOWS\SysWOW64\bass_flac.dll 2007-02-02 00:19 - 2007-02-02 00:19 - 000018888 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_mpc.dll 2007-02-02 00:19 - 2007-02-02 00:19 - 000008664 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_tta.dll 2007-02-02 00:19 - 2007-02-02 00:19 - 000028088 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_wv.dll 2018-01-09 17:01 - 2010-03-15 19:45 - 000073728 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll 2016-01-14 18:32 - 2007-12-13 22:16 - 000005632 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll 2018-01-09 17:01 - 2012-12-03 13:39 - 000002560 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cflapi.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000974848 _____ C:\WINDOWS\SysWOW64\cis-2.4.dll 1998-07-06 00:00 - 1998-07-06 00:00 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGDE.DLL 2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll 2004-04-13 08:35 - 2004-04-13 08:35 - 000206848 _____ (Frank Franzoni) C:\WINDOWS\SysWOW64\CopyP32.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll 2017-09-29 14:42 - 2017-09-29 14:42 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreShellExtFramework.dll 2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2021-05-14 12:36 - 2020-06-19 20:48 - 002047488 _____ (Abysmal Software) C:\WINDOWS\SysWOW64\DevIL.dll 2014-06-12 22:01 - 2014-06-12 22:01 - 000009216 _____ C:\WINDOWS\SysWOW64\dfsc.dll 2019-06-23 17:34 - 2019-06-23 17:34 - 000013312 _____ C:\WINDOWS\SysWOW64\dfsc32.dll 2014-06-12 22:08 - 2014-06-12 22:08 - 000010752 _____ C:\WINDOWS\SysWOW64\dfscacm.dll 2019-06-23 17:34 - 2019-06-23 17:34 - 000012288 _____ C:\WINDOWS\SysWOW64\dfscacm32.dll 2014-09-17 17:54 - 2011-05-13 11:16 - 000493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll 2009-05-01 22:02 - 2009-05-01 22:02 - 000685056 _____ (DivX, Inc.) C:\WINDOWS\SysWOW64\DivX.dll 2009-05-01 22:03 - 2009-05-01 22:03 - 000528384 _____ (DivX Inc.) C:\WINDOWS\SysWOW64\DivXsm.exe 2007-04-27 09:43 - 2007-04-27 09:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 001161216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dml.dll 2009-05-01 22:02 - 2009-05-01 22:02 - 000090112 _____ (DivX, Inc.) C:\WINDOWS\SysWOW64\dpl100.dll 2008-08-05 22:59 - 2008-08-05 22:59 - 000294912 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpu11.dll 2008-08-05 22:59 - 2008-08-05 22:59 - 000593920 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpuGUI11.dll 2008-08-05 22:59 - 2008-08-05 22:59 - 000344064 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpus11.dll 2008-08-05 22:59 - 2008-08-05 22:59 - 000057344 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpv11.dll 2009-01-10 23:15 - 2009-01-10 23:15 - 000103424 _____ C:\WINDOWS\SysWOW64\dsmux.exe 2008-08-05 22:59 - 2008-08-05 22:59 - 000196608 _____ (DivX, Inc.) C:\WINDOWS\SysWOW64\dtu100.dll 2009-01-10 23:15 - 2009-01-10 23:15 - 000246784 _____ C:\WINDOWS\SysWOW64\dxr.dll 1998-07-06 00:00 - 1998-07-06 00:00 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL 2012-11-12 17:50 - 2004-03-05 12:52 - 008876032 _____ (Acclaim Software Ltd) C:\WINDOWS\SysWOW64\FocusMag.dll 2013-02-26 07:31 - 2013-02-26 07:31 - 000065536 _____ (Beepa P/L) C:\WINDOWS\SysWOW64\frapsvid.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamemonitor.dll 2013-08-26 18:53 - 2013-08-16 13:56 - 000216064 _____ C:\WINDOWS\SysWOW64\gcapi_dll.dll 2009-01-10 23:16 - 2009-01-10 23:16 - 000335872 _____ C:\WINDOWS\SysWOW64\gdsmux.exe 2007-07-05 02:33 - 2007-07-05 02:33 - 000892928 _____ (Free Software Foundation) C:\WINDOWS\SysWOW64\iconv.dll 2017-03-17 09:57 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 1997-02-26 00:00 - 1997-02-26 00:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETDE.DLL 2016-07-16 12:44 - 2016-07-16 23:56 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000081920 _____ C:\WINDOWS\SysWOW64\issacapi_bs-2.3.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000065536 _____ C:\WINDOWS\SysWOW64\issacapi_pe-2.3.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000057344 _____ C:\WINDOWS\SysWOW64\issacapi_se-2.3.dll 2013-12-10 21:48 - 2013-12-10 21:48 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsIntl.dll 2009-05-01 22:02 - 2009-05-01 22:02 - 001044480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libdivx.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MACXMLProto.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000118784 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MaDRM.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000049152 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaJGUILib.dll 2011-12-23 19:58 - 2012-06-26 08:02 - 000045320 _____ (MARKANY) C:\WINDOWS\SysWOW64\MAMACExtract.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsTelemetry.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000024576 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MASetupCleaner.exe 2011-12-23 19:58 - 2011-12-23 19:58 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaXMLProto.dll 2012-07-19 16:21 - 1998-06-17 19:07 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42DEU.DLL 2012-07-19 16:21 - 1998-06-17 02:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42LOC.DLL 2002-01-05 03:48 - 2002-01-05 03:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll 2002-01-05 03:36 - 2002-01-05 03:36 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll 2003-10-17 05:44 - 2003-10-17 05:44 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2009-01-10 23:14 - 2009-01-10 23:14 - 000023552 _____ C:\WINDOWS\SysWOW64\mkunicode.dll 2009-01-10 23:15 - 2009-01-10 23:15 - 000135168 _____ C:\WINDOWS\SysWOW64\mkv2vfr.exe 2009-01-10 23:16 - 2009-01-10 23:16 - 000148480 _____ C:\WINDOWS\SysWOW64\mkx.dll 2009-01-10 23:14 - 2009-01-10 23:14 - 000079360 _____ C:\WINDOWS\SysWOW64\mkzlib.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000057344 _____ (Marktek) C:\WINDOWS\SysWOW64\MK_Lyric.dll 2009-01-10 23:15 - 2009-01-10 23:15 - 000159744 _____ C:\WINDOWS\SysWOW64\mmfinfo.dll 2009-01-10 23:16 - 2009-01-10 23:16 - 000141312 _____ C:\WINDOWS\SysWOW64\mp4.dll 2017-07-16 19:53 - 2012-09-02 18:27 - 000161350 _____ C:\WINDOWS\SysWOW64\mpld.exe 1998-07-06 00:00 - 1998-07-06 00:00 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL 2011-12-23 19:58 - 2011-12-23 19:58 - 000245760 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSCLib.dll 1998-07-06 00:00 - 1998-07-06 00:00 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL 2012-07-19 16:21 - 1998-06-30 13:13 - 000250128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl35.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000155648 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSFLib.dll 2016-03-09 07:26 - 2016-02-08 21:01 - 001155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll 2012-07-19 16:21 - 1998-06-30 13:13 - 001045776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet35.dll 2012-07-19 16:21 - 1998-06-30 13:12 - 000123664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Msjint35.dll 2012-07-19 16:21 - 1999-04-13 02:00 - 001234704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJT4JLT.DLL 2012-07-19 16:21 - 1998-06-30 13:12 - 000024848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter35.dll 2012-07-19 16:21 - 1998-06-30 13:13 - 000166160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus35.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000352256 _____ (Sample Corporation) C:\WINDOWS\SysWOW64\MSLUR71.dll 2012-07-19 16:21 - 1998-06-30 13:13 - 000250128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspdox35.dll 2012-07-19 16:21 - 1998-06-30 13:13 - 000252176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x35.dll 2012-07-19 16:21 - 1998-06-30 13:18 - 000376592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRDO20.DLL 2012-07-19 16:21 - 1998-06-30 13:13 - 000407312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl35.dll 2004-02-23 00:00 - 2004-02-23 00:00 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL 2012-07-19 16:21 - 1998-06-30 13:13 - 000165648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext35.dll 2012-07-19 16:21 - 1998-07-30 05:23 - 001347344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVBVM50.DLL 2002-01-05 02:38 - 2002-01-05 02:38 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll 2002-01-05 02:40 - 2002-01-05 02:40 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll 2011-01-24 14:21 - 2011-01-24 14:21 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2011-01-24 14:21 - 2011-01-24 14:21 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll 2011-01-24 14:21 - 2011-01-24 14:21 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2012-07-19 16:21 - 1998-06-30 13:13 - 000287504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbse35.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000040960 _____ (Telechips Inc.,) C:\WINDOWS\SysWOW64\MTTELECHIP.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000057344 _____ (Marktek Inc.) C:\WINDOWS\SysWOW64\MTXSYNCICON.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000135168 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzaf1.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000491520 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.dll 2011-12-23 19:58 - 2011-12-23 19:58 - 000172032 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.exe 2011-12-23 19:58 - 2011-12-23 19:58 - 000200704 _____ ( (c) MusicCity) C:\WINDOWS\SysWOW64\muzwmts.dll 2012-08-19 12:13 - 2004-11-04 12:31 - 000835584 _____ (NCT) C:\WINDOWS\SysWOW64\NCTAudioCDGrabber2.dll 2012-08-19 12:13 - 2005-04-15 11:08 - 000880640 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioEditor2.dll 2012-08-19 12:13 - 2005-05-17 11:37 - 001986560 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\NCTAudioFile2.dll 2012-08-19 12:13 - 2005-05-18 10:52 - 001212416 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioInformation2.dll 2012-08-19 12:13 - 2005-04-25 12:01 - 000458752 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioPlayer2.dll 2012-08-19 12:13 - 2005-04-25 12:01 - 000458752 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioRecord2.dll 2012-08-19 12:13 - 2005-04-04 16:21 - 000602112 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioTransform2.dll 2012-08-19 12:13 - 2005-03-28 14:54 - 000479232 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioVisualization2.dll 2012-08-19 12:13 - 2005-03-28 14:52 - 000417792 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTTextToAudio2.dll 2012-08-19 12:13 - 2005-02-24 10:51 - 000348160 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\NCTWMAFile2.dll 2018-01-09 17:01 - 2013-07-12 14:03 - 000214016 _____ (brother) C:\WINDOWS\SysWOW64\NSSearch.dll 2012-07-19 16:21 - 1998-10-03 11:00 - 000036864 _____ C:\WINDOWS\SysWOW64\ODBCSTF.DLL 2012-07-19 16:21 - 1998-06-30 13:16 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Odbctl32.dll 2009-01-10 23:15 - 2009-01-10 23:15 - 000120832 _____ C:\WINDOWS\SysWOW64\ogm.dll 2017-02-20 10:22 - 2017-02-20 10:22 - 000619008 _____ (Cisco Systems Inc.) C:\WINDOWS\SysWOW64\openh264-1.5.0-win32msvc.dll 2004-04-20 23:00 - 2004-04-20 23:00 - 000172032 _____ (Florin Ghido, FlorinGhido@yahoo.com) C:\WINDOWS\SysWOW64\OptimFROG.dll 2010-09-30 18:55 - 2010-09-30 18:55 - 000282624 _____ (Sub Systems, Inc. ) C:\WINDOWS\SysWOW64\PDC32.DLL 2010-08-10 14:49 - 2010-08-10 14:49 - 000149776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\phl.dll 2012-07-14 09:20 - 2009-07-14 02:16 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pmcsnap.dll 2012-07-14 09:20 - 2009-07-14 02:16 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ppcsnap.dll 2008-06-08 23:58 - 2008-06-08 23:58 - 000060273 _____ (Open Source Software community project) C:\WINDOWS\SysWOW64\pthreadGC2.dll 2012-07-14 09:20 - 2010-11-20 13:17 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PushPrinterConnections.exe 2008-11-06 17:37 - 2008-11-06 17:37 - 003596288 _____ C:\WINDOWS\SysWOW64\qt-dx331.dll 1998-07-06 00:00 - 1998-07-06 00:00 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXDE.DLL 2012-07-19 16:21 - 1998-06-30 13:18 - 000097552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdocurs.dll 2012-07-27 08:04 - 2013-02-05 17:53 - 004659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 2010-10-08 14:44 - 2010-10-08 14:44 - 000122880 _____ (Sub Systems, Inc. ) C:\WINDOWS\SysWOW64\RPS32.DLL 2010-06-21 16:19 - 2010-06-21 16:19 - 000036864 _____ (TOSHIBA/MEI) C:\WINDOWS\SysWOW64\SDDEVMGR.dll 2006-05-31 15:35 - 2006-05-31 15:35 - 000190464 _____ (Tools & Components) C:\WINDOWS\SysWOW64\sevImLib.dll 2014-11-22 15:36 - 2006-09-26 06:44 - 000062464 _____ (Tools & Components) C:\WINDOWS\SysWOW64\sevLock.dll 2011-04-17 22:53 - 2011-04-17 22:53 - 000266240 _____ (Dieter Otter, Tools & Components) C:\WINDOWS\SysWOW64\sevZip40.dll 2014-09-17 17:54 - 2011-03-25 19:42 - 000338432 _____ C:\WINDOWS\SysWOW64\sqlite36_engine.dll 2009-05-01 22:02 - 2009-05-01 22:02 - 000200704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssldivx.dll 1998-07-06 00:00 - 1998-07-06 00:00 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\STDFTDE.DLL 1998-07-06 00:00 - 1998-07-06 00:00 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTDE.DLL 2017-09-29 14:42 - 2017-09-29 14:42 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2010-10-07 20:44 - 2010-10-07 20:44 - 001597440 _____ (Sub Systems, Inc. ) C:\WINDOWS\SysWOW64\TER18.DLL 2017-09-29 14:42 - 2017-09-29 14:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tier2punctuations.dll 2009-01-10 23:17 - 2009-01-10 23:17 - 000163840 _____ C:\WINDOWS\SysWOW64\ts.dll 2012-07-19 16:21 - 1998-06-30 13:13 - 000078608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL 2000-10-02 00:00 - 2000-10-02 00:00 - 000125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL 2000-07-15 00:00 - 2000-07-15 00:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 2012-07-19 16:21 - 1998-06-30 13:13 - 000368912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbar332.dll 2018-04-12 00:35 - 2018-04-12 17:19 - 000034304 _____ C:\WINDOWS\SysWOW64\vmstaging.dll 2004-12-10 10:03 - 2004-12-10 10:03 - 000438272 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll 2008-08-26 23:11 - 2008-08-26 23:11 - 000987136 _____ (Gabest) C:\WINDOWS\SysWOW64\VSFilter.dll 1998-07-06 00:00 - 1998-07-06 00:00 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKDE.DLL 2008-12-03 23:11 - 2008-12-03 23:11 - 000180224 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll 2010-04-09 21:08 - 2010-04-09 21:08 - 000094208 _____ C:\WINDOWS\SysWOW64\zmbv.dll 2013-04-04 16:03 - 2006-11-02 00:05 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devcon.exe 2013-12-06 00:47 - 2013-12-06 00:47 - 001838080 _____ (CPUID) C:\Users\Chef\AppData\Roaming\siw_sdk.dll ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== BCD ================================ Windows-Start-Manager --------------------- Bezeichner {bootmgr} device partition=C: description Windows Boot Manager locale de-DE inherit {globalsettings} default {current} resumeobject {b167dd89-1dda-11eb-993e-a3d0754ed663} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Windows-Startladeprogramm ------------------------- Bezeichner {6c8fceef-1de3-11eb-9e24-979fcc409b5f} device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{6c8fcef0-1de3-11eb-9e24-979fcc409b5f} path \windows\system32\winload.exe description Windows Recovery Environment locale de-DE inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{6c8fcef0-1de3-11eb-9e24-979fcc409b5f} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Windows-Startladeprogramm ------------------------- Bezeichner {75521f88-ccfa-11e1-a07d-b82a7da9ff07} device ramdisk=[C:]\Recovery\75521f88-ccfa-11e1-a07d-b82a7da9ff07\Winre.wim,{75521f89-ccfa-11e1-a07d-b82a7da9ff07} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\75521f88-ccfa-11e1-a07d-b82a7da9ff07\Winre.wim,{75521f89-ccfa-11e1-a07d-b82a7da9ff07} systemroot \windows nx OptIn winpe Yes Windows-Startladeprogramm ------------------------- Bezeichner {current} device partition=C: path \WINDOWS\system32\winload.exe description Windows 10 locale de-DE inherit {bootloadersettings} recoverysequence {6c8fceef-1de3-11eb-9e24-979fcc409b5f} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {b167dd89-1dda-11eb-993e-a3d0754ed663} nx OptIn bootmenupolicy Standard Windows-Startladeprogramm ------------------------- Bezeichner {e460204f-07e8-11ea-9dc2-bc5ff43b3d5c} device partition=C: path \YXgrppqbUFwr2V3K\YXgrppqbUFwr2V3K\system32\winload.exe description SpyHunter 5: Advanced Malware Removal osdevice partition=C: systemroot \YXgrppqbUFwr2V3K\YXgrppqbUFwr2V3K resumeobject {36232d53-07e9-11ea-9dc3-806e6f6e6963} Windows-Startladeprogramm ------------------------- Bezeichner {e4602050-07e8-11ea-9dc2-bc5ff43b3d5c} device partition=C: path \YXgrppqbUFwr2V3K\UYMhKrJBMrAtS2TC\system32\winload.exe description SpyHunter 5: Advanced Malware Removal osdevice partition=C: systemroot \YXgrppqbUFwr2V3K\UYMhKrJBMrAtS2TC resumeobject {53331e05-0838-11ea-9dc4-806e6f6e6963} Windows-Startladeprogramm ------------------------- Bezeichner {e4602051-07e8-11ea-9dc2-bc5ff43b3d5c} device partition=C: path \YXgrppqbUFwr2V3K\xB4KQZTnsLnpmt6F\system32\winload.exe description SpyHunter 5: Advanced Malware Removal osdevice partition=C: systemroot \YXgrppqbUFwr2V3K\xB4KQZTnsLnpmt6F resumeobject {b98e4828-120b-11ea-9dc7-806e6f6e6963} Windows-Startladeprogramm ------------------------- Bezeichner {e4602052-07e8-11ea-9dc2-bc5ff43b3d5c} device partition=C: path \YXgrppqbUFwr2V3K\gb49xgjtlsZxHe7d\system32\winload.exe description SpyHunter 5: Advanced Malware Removal osdevice partition=C: systemroot \YXgrppqbUFwr2V3K\gb49xgjtlsZxHe7d resumeobject {596e4fd7-184a-11ea-9dca-806e6f6e6963} Windows-Startladeprogramm ------------------------- Bezeichner {e9fb185a-5b23-11e6-85fb-e936f563aefe} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{e9fb185b-5b23-11e6-85fb-e936f563aefe} path \windows\system32\winload.exe description Windows Recovery Environment locale de-DE inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{e9fb185b-5b23-11e6-85fb-e936f563aefe} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Wiederaufnahme aus dem Ruhezustand ---------------------------------- Bezeichner {36232d53-07e9-11ea-9dc3-806e6f6e6963} device partition=C: path \YXgrppqbUFwr2V3K\YXgrppqbUFwr2V3K\system32\winresume.exe description SpyHunter 5: Advanced Malware Removal inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Wiederaufnahme aus dem Ruhezustand ---------------------------------- Bezeichner {53331e05-0838-11ea-9dc4-806e6f6e6963} device partition=C: path \YXgrppqbUFwr2V3K\UYMhKrJBMrAtS2TC\system32\winresume.exe description SpyHunter 5: Advanced Malware Removal inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Wiederaufnahme aus dem Ruhezustand ---------------------------------- Bezeichner {596e4fd7-184a-11ea-9dca-806e6f6e6963} device partition=C: path \YXgrppqbUFwr2V3K\gb49xgjtlsZxHe7d\system32\winresume.exe description SpyHunter 5: Advanced Malware Removal inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Wiederaufnahme aus dem Ruhezustand ---------------------------------- Bezeichner {b167dd89-1dda-11eb-993e-a3d0754ed663} device partition=C: path \WINDOWS\system32\winresume.exe description Windows Resume Application locale de-DE inherit {resumeloadersettings} recoverysequence {6c8fceef-1de3-11eb-9e24-979fcc409b5f} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Wiederaufnahme aus dem Ruhezustand ---------------------------------- Bezeichner {b98e4828-120b-11ea-9dc7-806e6f6e6963} device partition=C: path \YXgrppqbUFwr2V3K\xB4KQZTnsLnpmt6F\system32\winresume.exe description SpyHunter 5: Advanced Malware Removal inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Windows-Speichertestprogramm ---------------------------- Bezeichner {memdiag} device partition=C: path \boot\memtest.exe description Windows-Speicherdiagnose locale de-DE inherit {globalsettings} badmemoryaccess Yes EMS-Einstellungen ----------------- Bezeichner {emssettings} bootems No Debuggereinstellungen --------------------- Bezeichner {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM-Defekte ----------- Bezeichner {badmemory} Globale Einstellungen --------------------- Bezeichner {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Startladeprogramm-Einstellungen ------------------------------- Bezeichner {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisoreinstellungen ----------------------- Bezeichner {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Einstellungen zur Ladeprogrammfortsetzung ----------------------------------------- Bezeichner {resumeloadersettings} inherit {globalsettings} Ger„teoptionen -------------- Bezeichner {6c8fcef0-1de3-11eb-9e24-979fcc409b5f} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume7 ramdisksdipath \Recovery\WindowsRE\boot.sdi Ger„teoptionen -------------- Bezeichner {75521f89-ccfa-11e1-a07d-b82a7da9ff07} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\75521f88-ccfa-11e1-a07d-b82a7da9ff07\boot.sdi ==================== Ende von FRST.txt ======================== |
02.02.2022, 00:02 | #2 |
| Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner. Additition.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-01-2022 durchgeführt von Chef (01-02-2022 23:34:54) Gestartet von J:\temp Microsoft Windows 10 Pro Version 2004 19041.1415 (X64) (2020-11-03 15:20:19) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-1414027369-238287121-3710414321-500 - Administrator - Disabled) Chef (S-1-5-21-1414027369-238287121-3710414321-1000 - Administrator - Enabled) => C:\Users\Chef DefaultAccount (S-1-5-21-1414027369-238287121-3710414321-503 - Limited - Disabled) Gast (S-1-5-21-1414027369-238287121-3710414321-501 - Limited - Disabled) => C:\Users\Gast HA (S-1-5-21-1414027369-238287121-3710414321-1006 - Limited - Enabled) => C:\Users\HA HomeGroupUser$ (S-1-5-21-1414027369-238287121-3710414321-1643 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-1414027369-238287121-3710414321-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) µTorrent (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\uTorrent) (Version: 3.5.5.46016 - BitTorrent Inc.) 7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov) ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0011-0000-0001-074957833700}) (Version: 11.0.460 - ABBYY) Abe's Oddysee (HKLM-x32\...\1207658705_is1) (Version: 1.0 - GOG.com) Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated) Algodoo v2.1.0 (HKLM-x32\...\Algodoo_is1) (Version: - Algoryx) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Apowersoft Photo Viewer V1.1.9 (HKLM-x32\...\{AA88C325-55DB-463A-801E-ED6929D0260E}_is1) (Version: 1.1.9 - APOWERSOFT LIMITED) Arx Fatalis (HKLM-x32\...\1207658680_is1) (Version: 1.22 - GOG.com) Ashampoo WinOptimizer 18 (HKLM-x32\...\{4209F371-3AF1-5998-2DFB-FC430324C91A}_is1) (Version: 18.00.19 - Ashampoo GmbH & Co. KG) Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software) AviSynth+ 3.6.1 (HKLM-x32\...\{AC78780F-BACA-4805-8D4F-AE1B52B7E7D3}_is1) (Version: 3.6.1.3300 - The Public) balenaEtcher 1.5.92 (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.92 - Balena Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.62.9 - Bethesda Softworks) BleachBit 4.4.0.1929 (HKLM-x32\...\BleachBit) (Version: 4.4.0.1929 - BleachBit) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 97.1.34.81 - Die Brave-Autoren) Brother MFL-Pro Suite MFC-9332CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.54 - Piriform) CHUCHEL (HKLM-x32\...\1825910123_is1) (Version: 1.0.0 - GOG.com) CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.) CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World) Curse Client (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse) Debugmode FrameServer (HKLM\...\Debugmode FrameServer) (Version: - ) DebugMode FrameServer (HKLM-x32\...\DebugMode FrameServer) (Version: - ) D-Fend Reloaded 1.4.4 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.4 - Alexander Herzog) Diablo II (HKLM-x32\...\Diablo II) (Version: 0.0.0.0 - Blizzard Entertainment) Diablo II Resurrected (HKLM-x32\...\Diablo II Resurrected) (Version: - Blizzard Entertainment) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Discord) (Version: 0.0.310 - Discord Inc.) DoNotSpy10 2020 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 5.2.0.0 - pXc-coding.com) Doomsday 2.3.0.3486 (HKLM\...\{EDD9F477-F785-42AF-9CA7-EFCA866B85F3}) (Version: 2.3.0.3486 - dengine.net) Dropbox (HKLM-x32\...\Dropbox) (Version: 140.4.1951 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden EasyBCD 2.4 (HKLM-x32\...\EasyBCD) (Version: 2.4 - NeoSmart Technologies) Epic Games Launcher (HKLM-x32\...\{5AB22190-97D9-4798-955D-0A9EF15E7F60}) (Version: 1.1.206.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FileZilla Client 3.52.2 (HKLM-x32\...\FileZilla Client) (Version: 3.52.2 - Tim Kosse) Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio) Fotobuchexpress24 Bestellsoftware (HKLM-x32\...\{2F65E9DA-EB29-3BCD-E9E1-FA813971B951}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden Fotobuchexpress24 Bestellsoftware (HKLM-x32\...\Fotobuchexpress24) (Version: 4.0 - Saal Digital Fotoservice GmbH) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.) Free M4a to MP3 Converter 9.7 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com) GKFX MetaTrader 4 (HKLM-x32\...\GKFX MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC) Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.) Google SketchUp 8 (HKLM-x32\...\{3544DED1-07DB-40C0-98F3-435A6DA195C7}) (Version: 3.0.14346 - Google, Inc.) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Gothic II - Gold Edition (HKLM-x32\...\Gothic II - Gold Edition_is1) (Version: - ) GUILD WARS (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Guild Wars) (Version: - ) Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hello Neighbor Demo (HKLM-x32\...\1863535689_is1) (Version: pre-alpha - GOG.com) ICQ (Version 10.0.12223) (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\icq.desktop) (Version: 10.0.12223 - ICQ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) IOTA Wallet 2.5.7 (only current user) (HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\85125e2a-0211-5c49-9018-9358da1074b1) (Version: 2.5.7 - IOTA Foundation) IsoBuster 4.1 (HKLM-x32\...\IsoBuster_is1) (Version: 4.1 - Smart Projects) Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) JiveX DICOM Viewer Light 4.7.1 (HKLM-x32\...\JiveX DICOM Viewer Light 4.7.1) (Version: - VISUS Technology Transfer GmbH) KeePass Password Safe 2.48 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.48 - Dominik Reichl) Langenscheidt Vokabeltrainer 6.0 Englisch (HKLM-x32\...\{733B66AD-B771-4FA6-8DBF-765B820CC0EB}) (Version: 6.0.0 - Langenscheidt) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Ledger Live 2.26.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.26.1 - Ledger Live Team) LucasArts (HKLM-x32\...\LucasArts) (Version: - The Secret of Monkey Island Special Edition) Malwarebytes Windows Firewall Control (HKLM\...\Windows Firewall Control) (Version: 6.7.0.0 - BiniSoft.org) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.76 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.76 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30040 (HKLM-x32\...\{5c6cccca-61ec-4667-a8d9-e133a59a5a73}) (Version: 14.29.30040.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Monkey Island 2 LeChucks Revenge Special Edition (HKLM-x32\...\Monkey Island 2 LeChucks Revenge Special Edition_is1) (Version: - ) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 95.0.2 (x64 de)) (Version: 95.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.4.2 - Mozilla) Mozilla Thunderbird (x86 de) (HKLM-x32\...\Mozilla Thunderbird 91.5.1 (x86 de)) (Version: 91.5.1 - Mozilla) Mp3tag v2.97 (HKLM-x32\...\Mp3tag) (Version: 2.97 - Florian Heidenreich) multibootusb (remove only) (HKLM-x32\...\multibootusb) (Version: - ) NaturalReader 16 (HKLM-x32\...\{B95170BA-E2E6-471B-8EB6-DFB0D278D10B}) (Version: 16.1.2 - Naturalsoft) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team) Npcap (HKLM-x32\...\NpcapInst) (Version: 1.31 - Nmap Project) NVIDIA GeForce NOW 2.0.23.110 (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.23.110 - NVIDIA Corporation) NVIDIA Grafiktreiber 465.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 465.89 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Opera Stable 83.0.4254.27 (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Opera 83.0.4254.27) (Version: 83.0.4254.27 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.52.32372 - Electronic Arts, Inc.) Paradox Launcher v2 (HKLM\...\{A92DB5D9-A24D-4678-9F91-B4FA6D895718}) (Version: 2.0.4.0 - Paradox Interactive) PokeMMO (HKLM\...\PokeMMO_is1) (Version: - PokeMMO) Project64 version 2.3.0.210 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.0.210 - ) Proxy Searcher (HKLM-x32\...\{B71B6705-FBE8-4CC1-BAE4-89C8153F28C1}) (Version: 3.90.0000 - Proxy Searcher) PuTTY release 0.74 (64-bit) (HKLM\...\{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 - Simon Tatham) Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1804.161 - Trusteer) Hidden Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.8.6 - Razer Inc.) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.6.8.66 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Ripple Desktop Wallet (HKLM\...\{47FAE72F-1C26-43EE-BFB0-9B54A5BA387F}) (Version: 1.4.1 - Rippex) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.29.283 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.0 - Rockstar Games) RoomSketcher (HKLM-x32\...\RoomSketcher 1.0) (Version: 1.0 - RoomSketcher) Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.) ScanGuard (HKLM-x32\...\ScanGuard) (Version: 5.16.203 - ScanGuard) ScummVM (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team) ScummVM 2.0.0 (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\ScummVM_is1) (Version: 2.0.0 - The ScummVM Team) ScummVM 2.1.2 (HKLM\...\ScummVM_is1) (Version: 2.1.2 - The ScummVM Team) Secret Maryo Chronicles (HKLM-x32\...\secretmaryo) (Version: 1.9 - Florian Richter) Secret Maryo Chronicles Music Pack (HKLM-x32\...\secretmaryo_music) (Version: 5.0 - Florian Richter) SketchUp 2020 (HKLM\...\{25d6d668-5a69-6092-7420-4327e8ec78ad}) (Version: 20.1.235.67 - Ihr Firmenname) Hidden SketchUp Language Pack [de] (HKLM\...\{7e508742-063f-952b-6063-1d7554f6ceb1}) (Version: 20.1.235.67 - Ihr Firmenname) Hidden SketchUp Pro 2020 (HKLM-x32\...\{522800F1-9FCE-44F2-8D2E-2CEC5B25A9C2}) (Version: 20.1.235 - Trimble, Inc.) Smart View (HKLM-x32\...\{958A869A-23B4-4C33-82C7-44A8EBA52183}) (Version: 1.0.0.0 - Samsung ) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stranded II 1.0.0.1 (HKLM-x32\...\{CE0900ED-C76A-40C0-8DB4-0F68D825B283}_is1) (Version: - Unreal Software) Sweet Home 3D version 6.3 (HKLM\...\Sweet Home 3D_is1) (Version: 6.3 - eTeks) Tales of Monkey Island - Глава 4. Суд и казнь Гайбраша Трипвуда (HKLM-x32\...\Глава 4. Суд и казнь Гайбраша Трипвуда) (Version: 1.0.0.19 - Telltale Games) TeamSpeak 3 Client (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\TeamSpeak 3 Client) (Version: 3.2.1 - TeamSpeak Systems GmbH) TegraRcmGUI (HKLM-x32\...\{FD7196C9-BD86-4736-AF9D-7CFCB9E03E67}) (Version: 2.6.0 - eliboa) Hidden TegraRcmGUI (HKLM-x32\...\TegraRcmGUI 2.6.0) (Version: 2.6.0 - eliboa) The Elder Scrolls: Daggerfall (HKLM-x32\...\The Elder Scrolls: Daggerfall) (Version: - Bethesda Softworks) The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com) Tibia (HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Tibia) (Version: - CipSoft GmbH) tiptoi® Manager 3.1.8 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.8 - Ravensburger AG) TomTom HOME 2.21.1.147 (HKLM\...\TomTom HOME) (Version: 2.21.1.147 - TomTom) TomTom MyDrive Connect 4.2.11.4200 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.11.4200 - TomTom) Trinity 1.6.2 (HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\e2e246ce-857c-53ed-b9ad-26e0668b9510) (Version: 1.6.2 - IOTA Foundation) Trusteer Endpunkt-Sicherheit (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Rapport_msi) (Version: 3.5.1804.161 - Trusteer) Twitch (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) Ultima (HKLM-x32\...\1207662593_is1) (Version: 1.0 CS - GOG.com) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 85.0 - Ubisoft) USBHelperLauncher (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\USBHelperLauncher) (Version: 0.17d - FailedShack) VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony) Vivaldi (HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Vivaldi) (Version: 5.0.2497.48 - Vivaldi Technologies AS.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) Vokabeltrainer-Update 6.0.143 (HKLM-x32\...\{0925C983-AC29-4CD4-930D-359E27AEF08E}) (Version: 6.0.143 - Langenscheidt) WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft) Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation) Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation) Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation) Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation) Windows-Treiberpaket - Broadcom Corporation (bcbtums) Bluetooth (07/14/2015 12.0.1.658) (HKLM\...\BABE4E18F2E0DA329C1139E5584082BBE6F64E5F) (Version: 07/14/2015 12.0.1.658 - Broadcom Corporation) Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) Windows-Treiberpaket - libusbK Nintendo Switch APX Mode (04/27/2014 3.0.7.0) (HKLM\...\5C4BD94286C931BB5D47200B4AF1D1B99B3C08AB) (Version: 04/27/2014 3.0.7.0 - libusbK) WinMerge 2.16.12.0 x64 (HKLM\...\WinMerge_is1) (Version: 2.16.12.0 - Thingamahoochie Software) WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) Wireshark 3.4.8 64-bit (HKLM-x32\...\Wireshark) (Version: 3.4.8 - The Wireshark developer community, hxxps://www.wireshark.org) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) Wunschhaus Architekt Wohnungs Edition 7.0 (HKLM-x32\...\{5EBC77FE-B742-4761-8360-CC62FFA8B3A4}_is1) (Version: 3.0.1.1 - Creative Amadeo GmbH) x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - ) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team) Packages: ========= @{Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding} -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2021-05-02] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-04-05] (Microsoft Corporation) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1006_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1006_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1006_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1006_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1006_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1006_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1006_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> C:\Users\HA\AppData\Local\Vivaldi\Application\5.0.2497.48\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1006_Classes\CLSID\{d2db6918-00bd-49a7-bb9f-eaa19fa8c78c}\InprocServer32 -> c:\windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1414027369-238287121-3710414321-1006_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\HA\Dropbox [2013-07-06 20:38] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-22] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-22] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-07-23] (Notepad++ -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-22] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> [CC]{A94757A0-0226-426F-B4F1-4DF381C630D3} => -> Keine Datei ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\ProgrammeSSD\Mp3tag\Mp3tagShell64.dll [2019-07-15] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers1: [MyPhoneExplorer] -> [CC]{A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => -> Keine Datei ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\ProgrammeSSD\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\ProgrammeSSD\Mp3tag\Mp3tagShell64.dll [2019-07-15] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers2: [Roll Back Shell Extention] -> [CC]{A51DA762-BDD7-11D5-973D-C0539E56E216} => -> Keine Datei ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\ProgrammeSSD\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert] ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-22] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\ProgrammeSSD\Mp3tag\Mp3tagShell64.dll [2019-07-15] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\ProgrammeSSD\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert] ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\nvshext.dll [2021-03-26] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\ProgrammeSSD\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert] ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-22] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6-x32: [Roll Back Shell Extention] -> {A51DA762-BDD7-11D5-973D-C0539E56E216} => D:\ProgrammeSSD\UnErase\ciasvrue.dll [2006-07-26] () [Datei ist nicht signiert] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1_S-1-5-21-1414027369-238287121-3710414321-1000: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Keine Datei ContextMenuHandlers4_S-1-5-21-1414027369-238287121-3710414321-1000: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Keine Datei ContextMenuHandlers5_S-1-5-21-1414027369-238287121-3710414321-1000: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Keine Datei ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.i420] => c:\windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [msacm.ac3filter] => c:\windows\system32\ac3filter64.acm [1202688 2012-06-17] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.dfsc] => c:\windows\system32\dfsc.dll [16384 2019-06-23] () [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.dfscacm] => c:\windows\system32\dfscacm.dll [14848 2019-06-23] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [685056 2009-05-01] (DivX, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\divx.dll [685056 2009-05-01] (DivX, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2008-12-03] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.vp60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.vp61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.vp62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [497664 2009-08-11] () [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Packed With Joy !) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.dfsc] => C:\Windows\SysWOW64\dfsc.dll [9216 2014-06-12] () [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.dfscacm] => C:\Windows\SysWOW64\dfscacm.dll [10752 2014-06-12] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.x264] => C:\Program Files (x86)\x264vfw\x264vfw.dll [4102656 2012-07-01] (x264vfw project) [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.ZMBV] => C:\Windows\SysWOW64\zmbv.dll [94208 2010-04-09] () [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2015-07-20 16:34 - 2015-07-20 16:34 - 000073728 _____ () [Datei ist nicht signiert] [Datei wird verwendet] D:\ProgrammeSSD\No-IP\ducapi.dll 2016-01-14 18:32 - 2005-04-22 05:36 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll 2013-04-20 16:57 - 2006-02-23 10:35 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzColorPort64.dll 2013-04-20 16:57 - 2006-02-22 09:39 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzPort64.dll 2016-01-14 18:32 - 2012-07-14 09:53 - 000087040 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll 2020-11-03 15:52 - 2020-11-03 15:52 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL 2020-11-03 15:52 - 2020-11-03 15:52 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80DEU.DLL 2013-04-20 16:57 - 2006-02-23 11:16 - 000047616 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmColorFax.dll 2013-04-20 16:57 - 2006-02-22 09:53 - 000043520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmFax.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Nadja\Desktop\Test Politik.jpeg:3or4kl4x13tuuug3Byamue2s4b [81] AlternateDataStreams: C:\Users\Nadja\Desktop\Test Politik.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKU\S-1-5-21-1414027369-238287121-3710414321-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-07-11] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-07-11] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Da befinden sich 7940 mehr Seiten. IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\123simsen.com -> www.123simsen.com Da befinden sich 7940 mehr Seiten. IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\123simsen.com -> www.123simsen.com Da befinden sich 7940 mehr Seiten. IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1414027369-238287121-3710414321-501\...\123simsen.com -> www.123simsen.com Da befinden sich 7942 mehr Seiten. ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2016-04-13 22:13 - 2021-02-27 22:57 - 000454639 ____R C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 hxxp://www.overunity.de 127.0.0.1 activate.adobe.com 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123haustiereundmehr.com Da befinden sich 15605 zusätzliche Einträge. ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;c:\program files (x86)\razer chroma sdk\bin;c:\program files\razer chroma sdk\bin;;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\users\chef\appdata\local\smartbar\application\;c:\program files (x86)\quicktime\qtsystem\;c:\program files (x86)\calibre2\;c:\users\chef\appdata\local\microsoft\windowsapps;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\System32\OpenSSH\;D:\ProgrammeSSD\IsoBuster;C:\Users\Chef\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\PuTTY\ HKU\S-1-5-21-1414027369-238287121-3710414321-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-1414027369-238287121-3710414321-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\HA\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1993e8a54c840f8bc252114e9bbc7428.jpg HKU\S-1-5-21-1414027369-238287121-3710414321-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp DNS Servers: 1.1.1.1 - 1.0.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei) ist aktiviert. Network Binding: ============= Ethernet 2: SoftEther Lightweight Network Protocol -> SeLow (enabled) Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) MSCONFIG\Services: Adobe LM Service => 3 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: BstHdAndroidSvc => 3 MSCONFIG\Services: BstHdLogRotatorSvc => 2 MSCONFIG\Services: BstHdUpdaterSvc => 2 MSCONFIG\Services: cfbackd => 3 MSCONFIG\Services: CPUCooLServer => 2 MSCONFIG\Services: Ds3Service => 2 MSCONFIG\Services: DVBVRecorder => 2 MSCONFIG\Services: EsgShKernel => 2 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: LMIGuardianSvc => 2 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: nvUpdatusService => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: SamsungAllShareV2.0 => 2 MSCONFIG\Services: SEVPNCLIENT => 2 MSCONFIG\Services: ShMonitor => 2 MSCONFIG\Services: SimpleSlideShowServer => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: UMVPFSrv => 2 MSCONFIG\Services: VMAuthdService => 2 MSCONFIG\Services: VMnetDHCP => 2 MSCONFIG\Services: VMUSBArbService => 2 MSCONFIG\Services: VMware NAT Service => 2 MSCONFIG\Services: VMwareHostd => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Refresh.lnk => C:\Windows\pss\Refresh.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RocketDock.lnk => C:\Windows\pss\RocketDock.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^xwidget.lnk => C:\Windows\pss\xwidget.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Chef^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CPUCooL.lnk => C:\Windows\pss\CPUCooL.lnk.Startup MSCONFIG\startupfolder: C:^Users^Chef^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup MSCONFIG\startupfolder: C:^Users^Chef^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung SSD Magician.lnk => C:\Windows\pss\Samsung SSD Magician.lnk.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "D:\ProgrammeSSD\Adobe Acrobat 10\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "D:\ProgrammeSSD\Adobe Acrobat 10\Acrobat\Acrobat_sl.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AllShareAgent => D:\ProgrammeSSD\AllShare\AllShareAgent.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: Bonus.SSR.FR11 => "D:\ProgrammeSSD\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray MSCONFIG\startupreg: ManyCam => "C:\Program Files (x86)\ManyCam\ManyCam.exe" --silent MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: uTorrent => C:\Users\HA\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED HKLM\...\StartupApproved\StartupFolder: => "ScpToolkit Tray Notifications.lnk" HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "Malwarebytes Windows Firewall Control" HKLM\...\StartupApproved\Run: => "BrStsMon00" HKLM\...\StartupApproved\Run: => "ControlCenter4" HKLM\...\StartupApproved\Run: => "ManOWarHelper" HKLM\...\StartupApproved\Run: => "Razer Synapse" HKLM\...\StartupApproved\Run: => "RazerCortex" HKLM\...\StartupApproved\Run32: => "ControlCenter4" HKLM\...\StartupApproved\Run32: => "BrStsMon00" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "ManOWarHelper" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "vmware-tray.exe" HKLM\...\StartupApproved\Run32: => "DeleteOnReboot" HKLM\...\StartupApproved\Run32: => "RazerCortex" HKLM\...\StartupApproved\Run32: => "DivXMediaServer" HKLM\...\StartupApproved\Run32: => "Easybits Recovery" HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher" HKLM\...\StartupApproved\Run32: => "GrpConv" HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\StartupApproved\Run: => "GameEx_Background" HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "KiesPDLR" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "BlueStacks Agent" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "TSMApplication" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "SyncManPath" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "GameEx_Background" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "YandexDisk2" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "icq.desktop" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "Rapportexe" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "Folder Size" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\StartupApproved\Run: => "MyDriveConnect.exe" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{D28C01BE-09AA-432D-AEA6-6F298D4CF2EA}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe (Relic Entertainment, Inc -> The build server will stamp this field) FirewallRules: [{C7511884-7630-4C9A-BC9F-A13C34D2BDE5}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe (Relic Entertainment, Inc -> The build server will stamp this field) FirewallRules: [{6E74C983-09A3-4E10-97B3-08A3581D4CB9}] => (Allow) J:\SpieleEterneHD\Watchdogs2\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{7235F7E7-A717-4AB6-A398-2D0C3ABF15A4}] => (Allow) J:\SpieleEterneHD\Watchdogs2\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{696DA9BB-3EC3-4061-8753-9CD8F47F4E2B}] => (Allow) J:\SpieleEterneHD\Watchdogs2\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment) FirewallRules: [{E6AFADC0-6A62-4147-B6A3-4C3A2F34A027}] => (Allow) J:\SpieleEterneHD\Watchdogs2\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment) FirewallRules: [{594B07BB-9A13-437F-BC2A-58198494C3B4}] => (Allow) J:\SpieleEterneHD\Watchdogs2\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment) FirewallRules: [{6E132183-611F-4EB9-90F8-8D6F40A55877}] => (Allow) J:\SpieleEterneHD\Watchdogs2\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment) FirewallRules: [UDP Query User{C6EBACE0-5291-4F73-9E89-B587B94EED74}J:\spieleeternehd\goggames\hello neighbor demo\helloneighbour\binaries\win64\helloneighbour-win64-shipping.exe] => (Allow) J:\spieleeternehd\goggames\hello neighbor demo\helloneighbour\binaries\win64\helloneighbour-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{852B0DDA-E848-4D89-AB88-068310BD4D98}J:\spieleeternehd\goggames\hello neighbor demo\helloneighbour\binaries\win64\helloneighbour-win64-shipping.exe] => (Allow) J:\spieleeternehd\goggames\hello neighbor demo\helloneighbour\binaries\win64\helloneighbour-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{23174B1B-D5CB-4DBB-B9F8-1A6DA5A1059F}J:\spieleeternehd\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe] => (Allow) J:\spieleeternehd\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [TCP Query User{672141D6-0D60-400C-985B-226F85E194B6}J:\spieleeternehd\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe] => (Allow) J:\spieleeternehd\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [UDP Query User{21A7B49C-2083-4A74-8152-C74CA6B15203}J:\spieleeternehd\gtav\gta5.exe] => (Allow) J:\spieleeternehd\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{61084376-42B1-41E4-B9D7-B3FCBE4E95EC}J:\spieleeternehd\gtav\gta5.exe] => (Allow) J:\spieleeternehd\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{AE37B3F0-FA61-46ED-9094-6F3B1EBAAF53}D:\spielessd\clockwork origins\spine\bin\spine.exe] => (Allow) D:\spielessd\clockwork origins\spine\bin\spine.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{B507BE60-B8C7-4ADB-A778-17E02DAECC65}D:\spielessd\clockwork origins\spine\bin\spine.exe] => (Allow) D:\spielessd\clockwork origins\spine\bin\spine.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{60C8CC48-731D-4728-928E-B98AFB12A527}C:\users\ha\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\ha\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{B2B0FD8A-6F4C-41CE-8BBA-95D3EFB79319}C:\users\ha\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\ha\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{85D6D966-4EC6-4ABD-9C9C-01DBAB5F3359}] => (Allow) D:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [Datei ist nicht signiert] FirewallRules: [{BD7367A8-69D8-4DD7-9E37-57ABF3944C45}] => (Allow) D:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{6C0D32CE-4E71-4CF1-A824-3F3B3C9C5C0E}C:\program files\doomsday 2.3.0\bin\doomsday.exe] => (Allow) C:\program files\doomsday 2.3.0\bin\doomsday.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{0024B034-E7BD-4D1D-8DFD-8DF6C588CB04}C:\program files\doomsday 2.3.0\bin\doomsday.exe] => (Allow) C:\program files\doomsday 2.3.0\bin\doomsday.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{8B4B1E83-C36F-4862-8D61-0038D729443F}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe FirewallRules: [TCP Query User{25380B35-9985-4A53-A820-503F4BFF5557}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe FirewallRules: [UDP Query User{303F4CA6-D121-43A3-A7C8-23AFADF66947}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{24CB2166-247C-4B41-B4F5-FC06945A4A89}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{BDE71ECE-0EA1-46E8-805A-67AF112B022F}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [Datei ist nicht signiert] FirewallRules: [{D8C929A7-2E28-439F-A636-5DC8C03FB628}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe (Re-Logic) [Datei ist nicht signiert] FirewallRules: [UDP Query User{E04B9BA1-348A-4C11-A8A2-C78BB26322CA}D:\programmessd\wi u helper\wiiu_usb_helper_.exe] => (Allow) D:\programmessd\wi u helper\wiiu_usb_helper_.exe (Hikari06) [Datei ist nicht signiert] FirewallRules: [TCP Query User{FF99DB9D-2E14-41D5-BA38-4FA215B0F80A}D:\programmessd\wi u helper\wiiu_usb_helper_.exe] => (Allow) D:\programmessd\wi u helper\wiiu_usb_helper_.exe (Hikari06) [Datei ist nicht signiert] FirewallRules: [UDP Query User{749B1BFD-6EB2-44D1-B328-29D6561973AE}D:\programmessd\wi u helper\usbhelperlauncher.exe] => (Allow) D:\programmessd\wi u helper\usbhelperlauncher.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{F84C924A-380E-437A-8A2C-8F63C27024E4}D:\programmessd\wi u helper\usbhelperlauncher.exe] => (Allow) D:\programmessd\wi u helper\usbhelperlauncher.exe () [Datei ist nicht signiert] FirewallRules: [{6768EFDF-558E-4A97-A38A-0AAA2BB68A52}] => (Allow) D:\ProgrammeSSD\Apowersoft Photo Viewer\Apowersoft Photo Viewer.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{92F43FFB-8E38-4327-92BC-2DCF35B720C8}] => (Allow) D:\ProgrammeSSD\Apowersoft Photo Viewer\Apowersoft Photo Viewer.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [UDP Query User{8B0D8CBC-1086-411D-9830-1F8F960B274A}I:\!cryptowallets!\verge-3.0\verge-qt.exe] => (Allow) I:\!cryptowallets!\verge-3.0\verge-qt.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{70548244-8822-48FF-AFED-5C2EAA9BB67C}I:\!cryptowallets!\verge-3.0\verge-qt.exe] => (Allow) I:\!cryptowallets!\verge-3.0\verge-qt.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{047BAEE1-89E5-4E44-B7F4-61C757E94942}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{292A099A-0B61-4EEB-81A7-22105241840F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{8AE5377C-6E69-413F-91EA-A0E8D2C81BB8}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{92C6EECB-0A65-4410-8E1C-844E7CA1F3B5}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{02D0F0D9-25CB-476C-9DBB-9C87B4A14C22}] => (Allow) D:\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Datei ist nicht signiert] FirewallRules: [{4697F14C-302C-48C4-ABB3-3EDAE1F6B42A}] => (Allow) D:\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Datei ist nicht signiert] FirewallRules: [{E429DB5A-26D7-4BDD-A270-66D76F5BC3DB}] => (Allow) C:\Users\HA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{92CE194C-4981-470E-8C83-B10C534D87D7}] => (Allow) C:\Users\HA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{04718A2E-D253-4143-B7B6-90BF039506EC}] => (Allow) C:\Users\HA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{68BC7D70-CEA7-4E05-86B2-5CA3E3162D68}] => (Allow) C:\Users\HA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{B824CD78-2F51-448A-AF56-BB93BB5D6E8C}] => (Allow) C:\Users\HA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{B41E8519-A455-4F20-8836-F3D55C095DA8}] => (Allow) C:\Users\HA\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{1F9AEB4A-F3DF-46E0-AFBF-E324FF005D66}] => (Allow) G:0\!!!!EmuWorld 2016!!!\!!Rom Manager!!\Romulus_038\Romulus.exe => Keine Datei FirewallRules: [{1D6CC89C-E4A3-4640-AF03-F95533FEFDEB}] => (Allow) G:0\!!!!EmuWorld 2016!!!\!!Rom Manager!!\Romulus_038\Romulus.exe => Keine Datei FirewallRules: [{6E8F2B07-E3BA-449F-A10C-9A4CD0D241A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7CB4BFC4-5C7C-4826-A3D3-0AC693B86656}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2F2235DE-F7A6-499E-AEBF-383F88B07983}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games) [Datei ist nicht signiert] FirewallRules: [{7419C15D-C530-4CF0-8C69-127B02D11626}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games) [Datei ist nicht signiert] FirewallRules: [{60076258-FFD8-48F2-B64D-E36A91EDDA3A}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe (Firaxis Games) [Datei ist nicht signiert] FirewallRules: [{FCEFE8B2-0ABA-40BE-BEF9-F75495ED5A9A}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe (Firaxis Games) [Datei ist nicht signiert] FirewallRules: [TCP Query User{164F29AB-33AA-43A5-BB0F-93C59D624002}D:\programmessd\jdownloader\jdownloader2.exe] => (Allow) D:\programmessd\jdownloader\jdownloader2.exe (Appwork GmbH -> AppWork GmbH) FirewallRules: [UDP Query User{F44D8B0A-38E3-4BAB-B132-596A89F1DB5E}D:\programmessd\jdownloader\jdownloader2.exe] => (Allow) D:\programmessd\jdownloader\jdownloader2.exe (Appwork GmbH -> AppWork GmbH) FirewallRules: [{F1B4AAE3-29E2-4AB0-85EF-803B74C0CC9D}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{0D41297D-C1D6-400B-A9B8-F402F21D0BE3}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{B2A57139-8C86-442B-A98C-A843B026FE30}] => (Allow) D:\Steam\SteamApps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [Datei ist nicht signiert] FirewallRules: [{A29B78B4-606A-4A8F-BCFF-2EB6014C9E96}] => (Allow) D:\Steam\SteamApps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [Datei ist nicht signiert] FirewallRules: [TCP Query User{914B50FE-96E5-4275-8184-2CF8A56DB587}G:0\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) G:0\world of warcraft\utils\wowvoiceproxy.exe => Keine Datei FirewallRules: [UDP Query User{40729AF0-C0B9-483B-8A47-DF0E6831A81A}G:0\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) G:0\world of warcraft\utils\wowvoiceproxy.exe => Keine Datei FirewallRules: [TCP Query User{828CC380-729D-494B-8699-BFF977DC4BD0}D:\spielessd\minecraft\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\spielessd\minecraft\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe FirewallRules: [UDP Query User{DC0DF346-09F4-4FDB-A948-A6EE56452F4B}D:\spielessd\minecraft\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\spielessd\minecraft\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe FirewallRules: [TCP Query User{7102BA9E-F3D8-49B0-8D02-0BD662092E0B}D:\spielessd\clockwork origins\spine\bin\spine.exe] => (Allow) D:\spielessd\clockwork origins\spine\bin\spine.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{1ADBB4D4-6EE2-4470-813E-B532B0FC0947}D:\spielessd\clockwork origins\spine\bin\spine.exe] => (Allow) D:\spielessd\clockwork origins\spine\bin\spine.exe () [Datei ist nicht signiert] FirewallRules: [{77429646-AF2C-4395-A25F-8466D57A1A4E}] => (Allow) D:\Steam\SteamApps\common\RimWorld\RimWorldWin64.exe () [Datei ist nicht signiert] FirewallRules: [{33C87857-84EB-4FED-A403-1176E5B8FA55}] => (Allow) D:\Steam\SteamApps\common\RimWorld\RimWorldWin64.exe () [Datei ist nicht signiert] FirewallRules: [{7FE30E02-D97C-4974-99DA-3E21E5D65FEB}] => (Allow) D:\Steam\SteamApps\common\Graveyard Keeper\Graveyard Keeper.exe () [Datei ist nicht signiert] FirewallRules: [{D1CA85D6-3012-4985-9E50-36CA6B148116}] => (Allow) D:\Steam\SteamApps\common\Graveyard Keeper\Graveyard Keeper.exe () [Datei ist nicht signiert] FirewallRules: [{5F51EC63-9011-4DB8-BB3B-98C56DB6E49F}] => (Allow) D:\Steam\SteamApps\common\Crayon Physics Deluxe\launcher.exe () [Datei ist nicht signiert] FirewallRules: [{4A0E44B9-BAD4-4FDD-ABC5-74FB719764BF}] => (Allow) D:\Steam\SteamApps\common\Crayon Physics Deluxe\launcher.exe () [Datei ist nicht signiert] FirewallRules: [{A6625EB5-3FC2-468C-A7E5-AFFC84C7EBDD}] => (Allow) D:\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [Datei ist nicht signiert] FirewallRules: [{E70210EF-1B01-4F58-A1F5-9FA057B9DA22}] => (Allow) D:\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [Datei ist nicht signiert] FirewallRules: [{20364A08-C361-4B36-BA38-4F02A0C47D52}] => (Allow) D:\Steam\SteamApps\common\Super Toy Cars\SuperToyCars.exe (Unity Technologies SF -> ) [Datei ist nicht signiert] FirewallRules: [{828A840F-075F-4B41-A006-3D7D994BC3CE}] => (Allow) D:\Steam\SteamApps\common\Super Toy Cars\SuperToyCars.exe (Unity Technologies SF -> ) [Datei ist nicht signiert] FirewallRules: [{C43CD3C8-4E4A-4B32-AF4A-B7AFA672AFCD}] => (Allow) D:\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [Datei ist nicht signiert] FirewallRules: [{93CE71B5-0BD3-488A-B44D-9CAE1D6856AC}] => (Allow) D:\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [Datei ist nicht signiert] FirewallRules: [TCP Query User{270C90A8-F94D-4FFC-A544-CE2AE2A9CBCD}D:\programmessd\smart view\smart view.exe] => (Allow) D:\programmessd\smart view\smart view.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{8F0FA9AC-8AC9-460C-BD85-83B62424E53A}D:\programmessd\smart view\smart view.exe] => (Allow) D:\programmessd\smart view\smart view.exe () [Datei ist nicht signiert] FirewallRules: [{67F27C7F-BCF2-4E7E-A910-5927EDB84C6D}] => (Allow) D:\Steam\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [Datei ist nicht signiert] FirewallRules: [{278CB211-8FA9-4ED2-B308-010B1033545C}] => (Allow) D:\Steam\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [Datei ist nicht signiert] FirewallRules: [{A492EF89-53BC-4DF3-A5FC-2249AE70D8A3}] => (Allow) D:\Steam\SteamApps\common\Tribloos 2\TheTribloos2.exe () [Datei ist nicht signiert] FirewallRules: [{D2D9288C-F753-4DE3-A8B3-57A6BFFACE42}] => (Allow) D:\Steam\SteamApps\common\Tribloos 2\TheTribloos2.exe () [Datei ist nicht signiert] FirewallRules: [{BC564F4C-5ACC-4B7B-8215-C4FD08365CAB}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K) FirewallRules: [{3C33A32A-2605-49AB-9C51-D7B9D1162728}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K) FirewallRules: [{3C38C96B-2206-4C47-B38D-42A80556E0A6}] => (Allow) D:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [Datei ist nicht signiert] FirewallRules: [{221AE32B-DB1F-4B50-9E17-3837DB12D945}] => (Allow) D:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe () [Datei ist nicht signiert] FirewallRules: [{0E8BBE45-6581-4BB6-BAD1-A960E124D2FD}] => (Allow) D:\Steam\SteamApps\common\Legend of Grimrock\grimrock.exe () [Datei ist nicht signiert] FirewallRules: [{A63F2B91-7C99-4F8E-9B74-3318EA3FCE7E}] => (Allow) D:\Steam\SteamApps\common\Legend of Grimrock\grimrock.exe () [Datei ist nicht signiert] FirewallRules: [{EB932380-4B68-465A-B969-3BF15CDC3080}] => (Allow) D:\Steam\SteamApps\common\Legend of Grimrock 2\grimrock2.exe () [Datei ist nicht signiert] FirewallRules: [{9B604994-8F31-4927-8E14-1F0106B862F9}] => (Allow) D:\Steam\SteamApps\common\Legend of Grimrock 2\grimrock2.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{37C448D2-84CE-441C-BCD4-525988420C49}D:\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe (Robot Entertainment, Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{DABB5914-31F4-41E5-9252-AEA774318F70}D:\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe (Robot Entertainment, Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{ADC47A84-7C78-45DC-875E-F18BF4158144}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{D6D38B7C-EBAA-45D6-867D-29C95012AA37}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{CEF578D0-53F6-49CD-8B77-8DB5AE208005}J:\spieleeternehd\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Block) J:\spieleeternehd\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Datei ist nicht signiert] FirewallRules: [UDP Query User{10805651-5B23-4A36-AB48-D19188C2AD2F}J:\spieleeternehd\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Block) J:\spieleeternehd\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Datei ist nicht signiert] FirewallRules: [TCP Query User{751C93FD-A767-4A2C-98C4-DE714C1D7782}I:\diablo iii\x64\diablo iii64.exe] => (Allow) I:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{204B37CE-ECD9-456F-8981-E1846218C14B}I:\diablo iii\x64\diablo iii64.exe] => (Allow) I:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{981B0CFC-3F76-40AE-9E4B-89C7C3B49AE1}J:\spieleeternehd\defensegrid\defensegrid.exe] => (Allow) J:\spieleeternehd\defensegrid\defensegrid.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{F2F5A633-D820-4EFE-A6DC-1F78DF9675CE}J:\spieleeternehd\defensegrid\defensegrid.exe] => (Allow) J:\spieleeternehd\defensegrid\defensegrid.exe () [Datei ist nicht signiert] FirewallRules: [{6F3D1EDB-0C8C-4A55-864A-07F8004CC70E}] => (Allow) D:\ProgrammeSSD\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom) FirewallRules: [{A2F9EFA1-FB2A-4DFB-9DBC-D764C2D36BB9}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [Datei ist nicht signiert] FirewallRules: [{E2DB8475-4E7C-45C3-8F59-D5A0DF8A37AF}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [Datei ist nicht signiert] FirewallRules: [{09FED247-7E2A-414A-BB87-40D450B13DEB}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe => Keine Datei FirewallRules: [TCP Query User{7F3C6632-2452-46EE-8D22-7839EAAF0847}C:\program files\daedalus mainnet\daedalus mainnet.exe] => (Allow) C:\program files\daedalus mainnet\daedalus mainnet.exe => Keine Datei FirewallRules: [UDP Query User{979857C3-FB2D-418E-A928-DBE501C2D499}C:\program files\daedalus mainnet\daedalus mainnet.exe] => (Allow) C:\program files\daedalus mainnet\daedalus mainnet.exe => Keine Datei FirewallRules: [{5F0139BB-E20B-4184-AF3E-28F2DD2434FF}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe => Keine Datei FirewallRules: [{B2FBDCD4-0C85-48D7-9F21-D54D0F56A4D1}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => Keine Datei FirewallRules: [{E4F99EA3-1473-4EDC-9880-FFA0465D8E87}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K) FirewallRules: [{0177B132-FB0A-400F-9E52-F2275047AA6F}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K) FirewallRules: [{33F9E96B-5123-4BAE-B0AA-3F86B8D2BF6C}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe () [Datei ist nicht signiert] FirewallRules: [{8849DE6E-91A4-4C31-AE79-D73BA02F6D9E}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe () [Datei ist nicht signiert] FirewallRules: [{7DCB2A21-BFBE-4CFC-934C-61083968471D}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{11480384-8B69-4A6E-BE31-D5A396762110}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [TCP Query User{67EEDE48-42F6-45E9-B479-5FFC20D0426A}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [UDP Query User{2BBE9A3D-A91B-44AD-8E52-4FE0CD0CC738}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{D9FC65A0-940A-44F4-9E48-628C5BECF659}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe () [Datei ist nicht signiert] FirewallRules: [{6E484A60-8BCA-4545-9265-E562366A384A}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe () [Datei ist nicht signiert] FirewallRules: [{2DA71D4F-B2CA-4FE0-AF9C-7431F2012703}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\CardLife\launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{D2A3C98E-D3B0-4B4E-A0D6-B1B3E0805F36}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\CardLife\launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{FE2755DB-CF2C-4BFF-A18A-A8067AFF4DD8}] => (Allow) D:\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe () [Datei ist nicht signiert] FirewallRules: [{8E4C33A7-3FDD-4E3F-A477-DE5C3EBDD731}] => (Allow) D:\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe () [Datei ist nicht signiert] FirewallRules: [{499EFC5D-BE9A-4284-8256-2FE181744617}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe () [Datei ist nicht signiert] FirewallRules: [{76091915-3B89-4892-B2A4-03BB152ABA9F}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe () [Datei ist nicht signiert] FirewallRules: [{8D6CF63C-D637-43BB-AE83-E3EA1240DD6A}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Octogeddon\octogeddon.exe (AllYesGood) [Datei ist nicht signiert] FirewallRules: [{31EF7053-DFC5-4786-804E-EBBBD853E25C}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Octogeddon\octogeddon.exe (AllYesGood) [Datei ist nicht signiert] FirewallRules: [{343A0986-4079-45FB-B4BE-49960E550A09}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\DEEEER Simulator\DEEEER Simulator.exe () [Datei ist nicht signiert] FirewallRules: [{1325A941-6FA6-48F3-8374-2FAB20507998}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\DEEEER Simulator\DEEEER Simulator.exe () [Datei ist nicht signiert] FirewallRules: [{15E06BB1-0F48-48C4-BFA5-72EF63B8129B}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe () [Datei ist nicht signiert] FirewallRules: [{02CE9510-4F9E-489D-8D82-E4EB446410F9}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe () [Datei ist nicht signiert] FirewallRules: [{3054FBC2-E787-4E54-A474-157AED18CCA8}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Sentience The Android's Tale\nw.exe (The NWJS Community) [Datei ist nicht signiert] FirewallRules: [{C81652A5-98FB-4BCE-9717-11C1293B5CD1}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Sentience The Android's Tale\nw.exe (The NWJS Community) [Datei ist nicht signiert] FirewallRules: [{EF836F7C-8049-485E-A59A-506B6C730200}] => (Allow) C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe (Malwarebytes Inc -> Malwarebytes) FirewallRules: [{C0FF2F8D-04DE-4039-ACCD-0B80421F85B1}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{59E850A4-4226-40D7-9489-FFD643D14332}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{C00C14A6-F542-4D02-A192-4EA2CE6FD2BF}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{A5A145B2-6971-4735-AE0C-FA535F53EE38}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{C9F82859-C500-482E-ACE7-7C4BCE7FBBFC}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [Datei ist nicht signiert] FirewallRules: [{238F4A02-59B0-4623-B7CD-F4C48F9681E6}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [Datei ist nicht signiert] FirewallRules: [{A108BA36-FD43-4D56-8444-4EDCC57AB511}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd) FirewallRules: [{5552DE22-5B5B-4FC2-B5B4-F47D4EE5A78E}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd) FirewallRules: [{62E381CA-507A-4EDF-B760-BE4357355256}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{12976E45-CA95-4A91-9DF4-8D7B6B16BE46}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{0EA769E2-AFAE-4F82-8FA4-DE5DD111169E}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Trailmakers\Trailmakers.exe () [Datei ist nicht signiert] FirewallRules: [{4304FDD4-2895-43D7-A067-0B62E22D20CE}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Trailmakers\Trailmakers.exe () [Datei ist nicht signiert] FirewallRules: [{A8021735-7DA5-40C5-A8E7-E4822BE2D5D4}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{C746C168-DAB4-4625-902B-02EC6334B0E5}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{7909143A-E557-47FD-8460-E96A405BB6AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{88C417AF-B58E-44A5-9DA8-A853782FFA4E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8A615A97-B08C-4591-A7C2-A393DD11D92F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{69DBB3CF-A30C-4727-B484-29A93D602F78}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7A9095B9-EA46-4166-BCF6-C138390ED0E8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{3890FDFB-559D-45C2-A2DE-7049A6E1B57B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{C9C98E32-33D4-40B7-9E93-4E41A788B99F}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Settlement Survival\Settlement Survival.exe () [Datei ist nicht signiert] FirewallRules: [{6F121E15-5A1D-4197-943B-B83AAA7369B7}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Settlement Survival\Settlement Survival.exe () [Datei ist nicht signiert] FirewallRules: [{AF0B3D46-2E6C-4CDC-B577-2C6273EB47F9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{3673324F-4C8E-44B8-8FDD-CDA7BB2E07C8}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{FC333DB2-77B9-441F-ADED-059B54263DF4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{B7FA8E1B-870B-44CF-AC27-487A5F8AC9CB}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Settlement Survival\URP\Settlement SurvivalURP.exe () [Datei ist nicht signiert] FirewallRules: [{A10FA2A0-BEF1-442E-AEE1-E2FCD2DB464C}] => (Allow) J:\SpieleEterneHD\SteamLibrary\steamapps\common\Settlement Survival\URP\Settlement SurvivalURP.exe () [Datei ist nicht signiert] FirewallRules: [{F4BF3DA5-8FC4-4BCE-B1B5-ABC7C2CC1AED}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C9CBCF72-9C0C-44EF-A164-7F21CB076236}] => (Allow) D:\Steam\SteamApps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [Datei ist nicht signiert] FirewallRules: [{3BA99117-8DFA-4B6F-90B6-92CDB9BFA06D}] => (Allow) D:\Steam\SteamApps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [Datei ist nicht signiert] FirewallRules: [{F2EDA8BB-3DE0-4037-A0E7-F05198DBC65C}] => (Allow) D:\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe () [Datei ist nicht signiert] FirewallRules: [{E6A74705-EDD0-4081-B665-8A5FFA5E70C2}] => (Allow) D:\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe () [Datei ist nicht signiert] ==================== Wiederherstellungspunkte ========================= 09-01-2022 17:28:20 Geplanter Prüfpunkt 18-01-2022 17:35:35 Geplanter Prüfpunkt 27-01-2022 17:31:43 Geplanter Prüfpunkt 31-01-2022 08:59:50 AdwCleaner_BeforeCleaning_31/01/2022_08:59:30 ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (02/01/2022 11:40:15 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Das Sicherheitscenter konnte den Aufrufer nicht überprüfen. Der Fehler %1 ist aufgetreten. Error: (02/01/2022 11:40:15 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF. Error: (02/01/2022 11:40:15 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF. Error: (02/01/2022 11:40:15 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF. Error: (02/01/2022 11:40:15 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF. Error: (02/01/2022 11:40:14 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF. Error: (02/01/2022 11:40:14 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF. Error: (02/01/2022 11:40:14 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF. Systemfehler: ============= Error: (02/01/2022 10:43:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "WMPNetworkSvc" ist vom Dienst "WSearch" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Error: (02/01/2022 08:21:59 AM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013. Error: (02/01/2022 08:16:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "WMPNetworkSvc" ist vom Dienst "WSearch" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Error: (01/31/2022 10:53:55 PM) (Source: DCOM) (EventID: 10010) (User: Chef-PC) Description: Der Server "Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/31/2022 10:53:53 PM) (Source: DCOM) (EventID: 10010) (User: Chef-PC) Description: Der Server "{5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/31/2022 05:53:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "WMPNetworkSvc" ist vom Dienst "WSearch" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Error: (01/31/2022 09:01:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "RzKLService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/31/2022 09:01:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NO-IP DUC v4.1.1" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. CodeIntegrity: =============== Date: 2022-02-01 22:45:08 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2022-02-01 22:45:02 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\setup\uat_5108.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-02-01 22:44:57 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. P2.70 06/05/2014 Hauptplatine: ASRock 990FX Extreme4 Prozessor: AMD Phenom(tm) II X6 1055T Processor Prozentuale Nutzung des RAM: 48% Installierter physikalischer RAM: 16360.37 MB Verfügbarer physikalischer RAM: 8359.61 MB Summe virtueller Speicher: 32744.37 MB Verfügbarer virtueller Speicher: 22960.65 MB ==================== Laufwerke ================================ Drive c: (Win7pro) (Fixed) (Total:237.6 GB) (Free:88.61 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (Volumen01) (Fixed) (Total:367.71 GB) (Free:146.45 GB) NTFS Drive e: (Volumen02) (Fixed) (Total:465.75 GB) (Free:234.73 GB) NTFS Drive g: (Big Pata) (Fixed) (Total:279.47 GB) (Free:78.68 GB) NTFS Drive i: (Elements) (Fixed) (Total:2794.49 GB) (Free:121.68 GB) NTFS Drive j: (WD_BLACK) (Fixed) (Total:4657.47 GB) (Free:1157 GB) exFAT \\?\Volume{accf2efd-eebc-d015-c312-8aa29d41c55f}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS \\?\Volume{de8c72a7-0000-0000-0000-b0663b000000}\ () (Fixed) (Total:0.87 GB) (Free:0.4 GB) NTFS ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 279.5 GB) (Disk ID: 0280AB24) Partition 1: (Active) - (Size=279.5 GB) - (Type=0F Extended) ========================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: DDE4FB79) Partition: GPT. ========================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: 0661A3D4) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (Size: 238.5 GB) (Disk ID: DE8C72A7) Partition 1: (Active) - (Size=237.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=889 MB) - (Type=27) ========================================================== Disk: 4 (Size: 2794.5 GB) (Disk ID: 16F2A91F) Partition: GPT. ========================================================== Disk: 5 (Size: 4657.5 GB) (Disk ID: 16F2A91F) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 6. ==================== Ende von Addition.txt ======================= |
02.02.2022, 00:17 | #3 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner. Microsoft Windows 10 Pro Version 2004 19041.1415
__________________Bitte das hier lesen - die bei dir installierte Version von Windows 10 ist veraltet und wird schon seit fast 2 Monaten nicht mehr supportet. Für dich geht es mit der Neuinstallation von Windows 10 weiter. Und lass in Zukunft so einen Müll wie Avast und Spybot weg.
__________________ Geändert von cosinus (02.02.2022 um 09:19 Uhr) Grund: typo |
02.02.2022, 09:07 | #4 |
| Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner. Was würdest du empfehlen an Antivirussoftware für die Zukunft? |
02.02.2022, 09:19 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner. Bitte lesen --> https://www.trojaner-board.de/199203...verwenden.html
__________________ Logfiles bitte immer in CODE-Tags posten |
03.02.2022, 17:17 | #6 |
/// TB-Ausbilder | Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner. Wir sind froh, dass wir helfen konnten Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
Themen zu Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner. |
administrator, adobe, antivirus, avast, coupons, defender, desktop, explorer, firefox, firewall, google, hijack, home, homepage, mozilla, no-ip, nvidia, opera, prozesse, registry, rundll, scan, software, system, usb, windows |