|
Mülltonne: Windows 7 | Junk öffnet sich bei Besuch einer Website von alleineWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
17.11.2022, 17:09 | #1 |
| Windows 7 | Junk öffnet sich bei Besuch einer Website von alleine Hi zusammen, war vorhin auf einer Website, bei der sich von alleine mehrere Junksites (in weiteren Tabs) geöffnet haben. Farbar habe ich bereits drüber laufen lassen. Ist der Code soweit unfällig? (Downloads habe ich aufgrund von persönl. Dateien -mit meinem Namen- entfernt) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2022 durchgeführt von ... (Administrator) auf ...-PC (MSI MS-7916) (17-11-2022 16:49:39) Gestartet von C:\Users\...\Downloads Geladene Profile: ... Plattform: Microsoft Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksdeui.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKiller64.exe (explorer.exe ->) (Apple Inc. -> Apple Inc.) E:\Apple Computer\iTunesHelper.exe (explorer.exe ->) (DigiDNA) [Datei ist nicht signiert] E:\iMazing\iMazing Mini.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) E:\Greenshot\Greenshot.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (explorer.exe ->) (Surfshark B.V. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.exe (explorer.exe ->) (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <18> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe (services.exe ->) (Surfshark B.V. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.Service.exe (services.exe ->) (Surfshark B.V. -> Surfshark) C:\Program Files (x86)\Surfshark\SurfsharkWireGuard\Surfshark.WireguardService.exe (services.exe ->) (TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (taskeng.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) C:\Program Files\Tracker Software\PDF-XChange Lite 6\pdfSaver5L.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe konnte nicht auf den Prozess zugreifen -> WUDFHost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [iTunesHelper] => E:\Apple Computer\iTunesHelper.exe [333784 2021-03-30] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [Bdagent] => "C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe" (Keine Datei) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1796216 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7543000 2014-03-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [NvBackend] => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" (Keine Datei) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [41088 2014-02-21] (Creative Technology Ltd -> Creative Technology Ltd.) HKLM\...\Run: [Greenshot] => E:\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Datei ist nicht signiert] HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation) [Datei ist nicht signiert] HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\Run: [iMazing-Mini] => E:\iMazing\iMazing Mini.exe [2292224 2021-09-24] (DigiDNA) [Datei ist nicht signiert] HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\Run: [TIDAL] => C:\Users\...\AppData\Local\TIDAL\update.exe [1843232 2021-05-25] (TIDAL Music AS -> GitHub) HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\Run: [Surfshark] => C:\Program Files (x86)\Surfshark\Surfshark.exe [11199048 2022-10-26] (Surfshark B.V. -> Surfshark) HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [] => [X] HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-09-20] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\hpcpp103: C:\Windows\System32\spool\prtprocs\x64\hpcpp103.dll [323584 2010-10-13] (Hewlett-Packard Corporation) [Datei ist nicht signiert] HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert] HKLM\...\Print\Monitors\PDF-XChange V6 Printer Port Monitor (Lite): C:\Windows\system32\pxcpm5L.dll [150208 2016-09-13] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) HKLM\...\Print\Monitors\PJL Language Monitor: C:\Windows\system32\PJLMON.DLL [22016 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-10-04] ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks LLC -> Rivet Networks) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {00753129-99EA-4BF0-8555-3C1D33E4DACF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {10EA2FA7-B0DF-43FC-BF2B-429A760BC1A9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436344 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {12B2FE05-6BB2-498B-B77A-769FA7F57602} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {1C43796E-1E8C-461F-A71A-ECED9CFB19EC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655480 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2130D918-D2F1-47A5-9091-AB160F03BFD8} - System32\Tasks\{535A72E9-F323-4F60-9553-02647C620993} => C:\Windows\system32\pcalua.exe -a C:\Users\...\Downloads\jxpiinstall(1).exe -d C:\Users\...\Downloads Task: {27903D09-4F95-4955-96C9-90B4B4EC60DB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\...\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2021-11-07] (ESET, spol. s r.o. -> ESET) Task: {2CD78276-52FE-4131-9675-08F68F0B84D4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655480 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {48AB919C-20BC-4844-8043-30ECA20EEEF9} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\...\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2021-11-07] (ESET, spol. s r.o. -> ESET) Task: {4CECDE30-EAE3-40F1-B5EC-41B81526CC37} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6C14D8AC-0E9E-4286-8211-DECB4545E3D9} - System32\Tasks\Opera scheduled assistant Autoupdate 1598626072 => E:\Opera\launcher.exe [2569160 2022-10-24] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="E:\Opera\assistant" $(Arg0) Task: {7FE54155-4D53-4C66-B634-D738E4F76B75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-08] (Google Inc -> Google Inc.) Task: {86666CA2-7E88-44A5-B6FB-4793B75E8D77} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542264 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A686B2F1-8529-4ACF-8110-ADED0FFE0AD1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960632 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D3CF5C66-3ADD-4026-B3BA-E044CC9732FD} - System32\Tasks\Opera scheduled Autoupdate 1598626071 => E:\Opera\launcher.exe [2569160 2022-10-24] (Opera Norway AS -> Opera Software) Task: {E024BE00-AFE3-4D84-874E-B68D6431A319} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {E6255FF7-0C02-4300-A892-E074444DFFD6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EA7BC44D-FF5C-4993-9BE9-771F34C4787F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-08] (Google Inc -> Google Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{7A1C7FCF-F889-4FBB-ABCB-F0DA9837402A}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{853621EF-F2D9-4AD8-B39E-02606E073118}: [NameServer] 4.2.2.2,4.2.2.3 Tcpip\..\Interfaces\{853621EF-F2D9-4AD8-B39E-02606E073118}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{D9850109-D238-4B4E-98E5-3C279F1DE08D}: [NameServer] 162.252.172.57,149.154.159.92 Tcpip\..\Interfaces\{E83E6BFA-3185-438C-8E3E-20FA55522266}: [DhcpNameServer] 10.19.0.1 Tcpip\..\Interfaces\{F0D0D126-4212-4436-840C-557FBAECBC31}: [DhcpNameServer] 172.20.10.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\...\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-16] Edge Extension: (Kaspersky Protection 20.0) - C:\Users\...\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2021-06-07] Edge HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] FireFox: ======== FF DefaultProfile: ddsj6vno.default FF DefaultProfile: rzi615xw.Maxi-1630961535009 FF ProfilePath: C:\Users\...\AppData\Roaming\Zotero\Zotero\Profiles\ddsj6vno.default [2022-09-12] FF ProfilePath: C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\rzi615xw.Maxi-1630961535009 [2022-11-17] FF Homepage: Mozilla\Firefox\Profiles\rzi615xw.Maxi-1630961535009 -> hxxps://www.bing.com FF Extension: (AdBlocker Ultimate) - C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\rzi615xw.Maxi-1630961535009\Extensions\adblockultimate@adblockultimate.net.xpi [2022-11-17] FF Extension: (Zotero Connector) - C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\rzi615xw.Maxi-1630961535009\Extensions\zotero@chnm.gmu.edu.xpi [2022-11-09] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json] FF Extension: (Malwarebytes Browser Guard) - C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\rzi615xw.Maxi-1630961535009\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-10-10] FF Extension: (Citavi Picker) - C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\rzi615xw.Maxi-1630961535009\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-09-07] FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-01-11] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Datei ist nicht signiert] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Datei ist nicht signiert] FF Plugin-x32: @ptc.com/IsoView -> C:\Program Files (x86)\Common Files\PTC\npisoview.dll [2018-05-17] (PTC Inc. -> PTC Inc.) FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2018-05-17] (PTC Inc. -> PTC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-11-13] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-07-13] Chrome: ======= CHR Profile: C:\Users\...\AppData\Local\Google\Chrome\User Data\Default [2022-10-25] CHR Extension: (Kaspersky Protection) - C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-30] CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-08-30] CHR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2022-01-22] CHR Extension: (Google Docs Offline) - C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-22] CHR Extension: (Citavi Picker) - C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-10-25] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] Opera: ======= OPR Profile: C:\Users\...\AppData\Roaming\Opera Software\Opera Stable [2022-11-17] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\...\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-12] OPR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\...\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2020-08-28] OPR Extension: (Opera Wallet) - C:\Users\...\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-12] OPR Extension: (Amazon Assistant Promotion) - C:\Users\...\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-30] StartMenuInternet: (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000) OperaStable - "E:\Opera\Launcher.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-10-15] (BattlEye Innovations e.K. -> ) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert] R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks LLC -> Rivet Networks) S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 KSDE5.8; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe [32008 2022-10-13] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-12] (Malwarebytes Inc. -> Malwarebytes) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] S3 ProtonVPN Service; E:\ProtonVPN\ProtonVPNService.exe [98624 2020-07-22] (ProtonVPN AG -> ) S3 ProtonVPN Update Service; E:\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-07-22] (ProtonVPN AG -> ) R3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14715824 2022-11-15] (ADLICE -> ) R2 Surfshark Service; C:\Program Files (x86)\Surfshark\Surfshark.Service.exe [3603528 2022-10-26] (Surfshark B.V. -> Surfshark) R3 Surfshark WireGuard; C:\Program Files (x86)\Surfshark\SurfsharkWireGuard\Surfshark.WireGuardService.exe [475720 2022-10-26] (Surfshark B.V. -> Surfshark) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-19] (TeamViewer -> TeamViewer GmbH) S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5936680 2022-10-16] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [10099288 2022-10-16] (PUBG CORPORATION -> KRAFTON, Inc) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [147528 2016-01-24] (Rivet Networks LLC -> Rivet Networks, LLC.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [125488 2015-03-18] (Rivet Networks LLC -> Qualcomm Atheros, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [644320 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klflt; C:\Windows\System32\DRIVERS\klflt.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [176864 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [176864 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [55592 2022-10-13] (AnchorFree Inc -> The OpenVPN Project) R1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [78560 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) S3 ProtonVPNSplitTunnel; E:\ProtonVPN\x64\Win7\ProtonVPN.SplitTunnelDriver.sys [22456 2020-06-03] (ProtonVPN AG -> Proton Technologies AG) S3 SurfsharkSplitTunnelDriver; C:\Program Files (x86)\Surfshark\Resources\x64\SurfsharkSplitTunnelCalloutDriver.sys [39648 2022-02-01] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [Datei ist nicht signiert] S3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [39864 2020-04-06] (ProtonVPN AG -> The OpenVPN Project) R3 tapsurfshark; C:\Windows\System32\DRIVERS\tapsurfshark.sys [36544 2022-02-01] (Surfshark Ltd. -> The OpenVPN Project) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2022-11-17] (Adlice -> ) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Windows -> Microsoft Corporation) R3 wintunshark; C:\Windows\System32\DRIVERS\wintunshark.sys [28936 2021-06-23] (Surfshark Ltd. -> Surfshark Ltd) R3 WireGuard; C:\Windows\System32\DRIVERS\wireguard.sys [489368 2022-09-11] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) R3 kldlfmgr; C:\Windows\System32\Drivers\kldlfmgr.sys [24800 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kldlfwpk; C:\Windows\System32\Drivers\kldlfwpk.sys [24800 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 Kldlimpc; C:\Windows\System32\Drivers\Kldlimpc.sys [2524896 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kldlksec; C:\Windows\System32\Drivers\kldlksec.sys [24800 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kldlksl; C:\Windows\System32\Drivers\kldlksl.sys [24800 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kldlndis; C:\Windows\System32\Drivers\kldlndis.sys [24800 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kldlnio; C:\Windows\System32\Drivers\kldlnio.sys [24800 2022-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 MSICDSetup; \??\D:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) ... ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2022-11-17 16:50 - 2018-09-22 05:47 - 000029856 _____ C:\Users\...\Downloads\FRST.txt 2022-11-17 16:49 - 2018-09-22 05:47 - 000000000 ____D C:\FRST 2022-11-17 16:44 - 2022-01-05 00:51 - 000000000 ____D C:\ProgramData\RogueKiller 2022-11-17 16:43 - 2018-03-08 16:37 - 000000000 ____D C:\Program Files (x86)\Google 2022-11-17 16:30 - 2022-01-05 00:51 - 000000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2022-11-17 16:30 - 2022-01-05 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2022-11-17 16:30 - 2022-01-05 00:51 - 000000000 ____D C:\Program Files\RogueKiller 2022-11-17 15:55 - 2022-05-13 22:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-11-17 15:54 - 2022-01-21 16:39 - 000000000 ____D C:\Users\...\AppData\Roaming\TIDAL 2022-11-17 15:54 - 2016-11-23 07:56 - 000000000 ____D C:\Users\...\AppData\LocalLow\Mozilla 2022-11-17 15:48 - 2021-04-22 08:13 - 000000000 ____D C:\Users\...\Documents\Citavi 6 2022-11-17 13:46 - 2016-09-17 12:27 - 000000000 ____D C:\ProgramData\NVIDIA 2022-11-17 13:44 - 2022-06-07 07:38 - 000000000 ____D C:\Program Files\Google 2022-11-17 13:44 - 2009-07-14 05:45 - 000030752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-11-17 13:44 - 2009-07-14 05:45 - 000030752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-11-17 13:40 - 2009-07-14 18:58 - 000771352 _____ C:\Windows\system32\perfh007.dat 2022-11-17 13:40 - 2009-07-14 18:58 - 000174430 _____ C:\Windows\system32\perfc007.dat 2022-11-17 13:40 - 2009-07-14 06:13 - 001795112 _____ C:\Windows\system32\PerfStringBackup.INI 2022-11-17 13:40 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2022-11-17 13:36 - 2021-10-25 16:26 - 000000000 ____D C:\Users\...\AppData\Roaming\iMazing 2022-11-17 13:36 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-11-13 21:55 - 2022-10-03 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2022-11-13 18:59 - 2017-06-25 15:51 - 000000000 ____D C:\Users\...\Downloads\facebook-...bac 2022-11-13 17:08 - 2017-04-05 20:17 - 000000000 ____D C:\Users\...\AppData\Roaming\Spotify 2022-11-13 17:08 - 2017-04-05 20:17 - 000000000 ____D C:\Users\...\AppData\Local\Spotify 2022-11-12 22:04 - 2021-11-07 18:40 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-11-12 22:04 - 2021-11-07 18:40 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-11-12 22:02 - 2022-01-05 00:42 - 000000000 ____D C:\Program Files\Malwarebytes 2022-11-12 22:02 - 2021-11-07 18:39 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-11-12 21:58 - 2021-10-11 15:06 - 000000000 ____D C:\Users\...\AppData\Roaming\Surfshark 2022-11-12 21:57 - 2022-09-11 21:23 - 000000949 _____ C:\Users\Public\Desktop\Surfshark.lnk 2022-11-12 21:57 - 2021-10-11 15:07 - 000000000 ____D C:\ProgramData\Surfshark 2022-11-12 21:57 - 2021-10-11 15:07 - 000000000 ____D C:\Program Files (x86)\Surfshark 2022-11-11 08:44 - 2019-06-25 20:07 - 000002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-11-11 08:44 - 2019-06-25 20:07 - 000002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-11-08 17:28 - 2018-10-09 21:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-11-08 00:47 - 2016-09-20 14:34 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-11-06 19:33 - 2022-09-28 11:37 - 000000000 ____D C:\Users\...\Desktop\DSGVO 2022-10-30 18:09 - 2021-11-07 20:54 - 000003792 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn 2022-10-30 18:09 - 2021-11-07 20:54 - 000003352 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime 2022-10-28 10:39 - 2017-01-11 21:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2022-10-28 08:48 - 2019-12-25 22:36 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2022-10-26 20:40 - 2020-05-16 13:21 - 000756224 ___SH C:\Users\...\Documents\Thumbs.db 2022-10-26 09:14 - 2020-08-28 15:47 - 000004070 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1598626071 2022-10-25 12:41 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF 2022-10-24 14:08 - 2022-10-14 15:38 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2022-10-24 14:08 - 2022-10-14 15:38 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk 2022-10-23 13:53 - 2022-10-16 17:56 - 000000000 ____D C:\Program Files\Common Files\PUBG 2022-10-22 21:53 - 2022-09-29 13:33 - 000000000 ____D C:\Users\...\Documents\BA 2022 2023 2022-10-20 07:33 - 2020-08-28 15:47 - 000004212 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1598626072 2022-10-20 07:30 - 2021-04-21 07:48 - 000000000 ____D C:\Users\...\AppData\Roaming\Zoom ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2017-02-19 14:48 - 2017-02-19 14:48 - 000000268 ___RH () C:\Users\...\AppData\Roaming\Fruit 2017-02-19 14:48 - 2017-02-19 14:48 - 000000268 ___RH () C:\Users\...\AppData\Roaming\Funk Animals 2017-02-19 14:48 - 2017-02-19 14:48 - 000000268 ___RH () C:\Users\...\AppData\Roaming\Galactic Static 2017-02-19 14:46 - 2017-02-19 14:46 - 000000268 ___RH () C:\Users\...\AppData\Roaming\Halftone 2016-10-04 18:10 - 2016-10-04 18:16 - 000000000 _____ () C:\Users\...\AppData\Local\Driver_LOM_8161Present.flag 2022-10-22 12:24 - 2022-10-22 12:53 - 000000128 _____ () C:\Users\...\AppData\Local\PUTTY.RND ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) LastRegBack: 2022-11-04 15:16 ==================== Ende von FRST.txt ======================== Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-11-2022 durchgeführt von ...(17-11-2022 16:50:13) Gestartet von C:\Users\...\Downloads Microsoft Windows 7 Professional Service Pack 1 (X64) (2016-09-08 09:37:39) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-2107037291-4239383780-1378006347-500 - Administrator - Disabled) Gast (S-1-5-21-2107037291-4239383780-1378006347-501 - Limited - Enabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-2107037291-4239383780-1378006347-1007 - Limited - Enabled) ... (S-1-5-21-2107037291-4239383780-1378006347-1000 - Administrator - Enabled) => C:\Users\... ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {F41710F6-65D1-4F66-2B68-CCCF63D4A09E} FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden 7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov) Adobe Acrobat Reader - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 22.003.20263 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) ArcSoft Panorama Maker 6 (HKLM-x32\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0000 - Asmedia Technology) Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) BlockEQ 1.0.0 (only current user) (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\2d912ff9-3645-57d7-b591-4bcccba67fc9) (Version: 1.0.0 - BlockEquity Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.8.0.0 - Swiss Academic Software) CodeBlocks (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team) CrystalDiskInfo 8.17.8 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.8 - Crystal Dew World) Design & Print (HKLM-x32\...\Design & Print 3.0.2) (Version: 3.0.2 - Avery Zweckform) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software) dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 7.0.1 - CEWE Stiftung u Co. KGaA) EDIABAS 7.3.0 (HKLM-x32\...\{083933AF-00A2-4CFC-BE59-19DC385E8761}) (Version: 7.3.0 - BMW Group) EdrawMind(Build 10.0.2.188) (HKLM-x32\...\{B90063D2-500B-4097-96ED-74E349F8A6E5}_is1) (Version: 10.0.2.188 - EdrawSoft Co.,Ltd.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) FileZilla 3.61.0 (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\FileZilla Client) (Version: 3.61.0 - Tim Kosse) GitMind 1.0.8 (HKLM-x32\...\a0e10d84-6512-552f-a0ec-5dd2e61ffe64) (Version: 1.0.8 - Apowersoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC) Google Earth Pro (HKLM\...\{F5A0C4E5-0B6C-43B1-AEFA-7E0BE48214FF}) (Version: 7.3.6.9285 - Google) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) HP LaserJet Professional CP1520 Series (HKLM-x32\...\{5C069542-CA13-4f1b-B90C-28C6430F4992}) (Version: - Hewlett-Packard) iBackupBot for Windows 5.6.0 (HKLM-x32\...\iBackupBot for Windows) (Version: 5.6.0 - VOW Software) iMazing 2.14.4.0 (HKLM\...\iMazing_is1) (Version: 2.14.4.0 - DigiDNA SARL) Intel(R) Chipset Device Software (HKLM\...\{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A}) (Version: 10.0.13 - Intel Corporation) Hidden Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden iTunes (HKLM\...\{9B0CC558-0CE4-4911-B881-B2FA30F5D436}) (Version: 12.10.11.2 - Apple Inc.) Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kaspersky Internet Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Kaspersky VPN (HKLM-x32\...\{FEA95EF1-A4FE-3E02-B1C8-B79136C3A44A}) (Version: 21.8.5.452 - Kaspersky) Hidden Kaspersky VPN (HKLM-x32\...\InstallWIX_{FEA95EF1-A4FE-3E02-B1C8-B79136C3A44A}) (Version: 21.8.5.452 - Kaspersky) Killer Bandwidth Control Filter Driver (HKLM\...\{5B7A2B7B-CEA9-4E50-B0E4-E82F204CBE78}) (Version: 1.1.57.1125 - Rivet Networks) Hidden Killer E220x Drivers (HKLM\...\{77C95134-CA2D-4614-9C86-55B7A6A281AA}) (Version: 1.1.57.1125 - Rivet Networks) Hidden Killer Network Manager (HKLM\...\{51B5A084-A40D-4F4B-90AA-EF8354EA7D96}) (Version: 1.1.57.1125 - Rivet Networks) Hidden Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Ledger Live 2.46.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.46.0 - Ledger Live Team) Malwarebytes version 4.5.17.221 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.17.221 - Malwarebytes) Microsoft .NET Framework 4.8 (DEU) (HKLM\...\{21B11ACB-056E-30AE-BDF8-3C1BEAF0B3D3}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation) Microsoft Office Access MUI (German) 2010 (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (HKLM\...\{90140000-002A-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Teams (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\Teams) (Version: 1.5.00.21668 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 x64 Additional Runtime - 14.10.25008 (HKLM\...\{C668F044-4825-330D-8F9F-3CBFC9F2AB89}) (Version: 14.10.25008 - Microsoft Corporation) Hidden Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.10.25008 (HKLM\...\{8D50D8C6-1E3D-3BAB-B2B7-A5399EA1EBD1}) (Version: 14.10.25008 - Microsoft Corporation) Hidden Microsoft Visual C++ 2017 x86 Additional Runtime - 14.10.25008 (HKLM-x32\...\{E6222D59-608C-3018-B86B-69BD241ACDE5}) (Version: 14.10.25008 - Microsoft Corporation) Hidden Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.10.25008 (HKLM-x32\...\{C6CDA568-CD91-3CA0-9EDE-DAD98A13D6E1}) (Version: 14.10.25008 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 100.0 (x64 de)) (Version: 100.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.4.0 - Mozilla) Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 102.4.1 (x64 de)) (Version: 102.4.1 - Mozilla) NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609270201) (Version: 8.2 - NetBeans.org) Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation) NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation) NVIDIA Grafiktreiber 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden Octave 4.0.2 (HKLM-x32\...\Octave-4.0.2) (Version: 4.0.2 - GNU Octave) Opera Stable 79.0.4143.61 (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\Opera 79.0.4143.61) (Version: 79.0.4143.61 - Opera Software) Opera Stable 82.0.4227.33 (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\Opera 82.0.4227.33) (Version: 82.0.4227.33 - Opera Software) Opera Stable 92.0.4561.26 (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\Opera 92.0.4561.26) (Version: 92.0.4561.26 - Opera Software) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.318.0 - Tracker Software Products Ltd) PDF-XChange Lite V6 Home (HKLM\...\{61345CC1-3EB3-4721-AD2B-01CFCF314450}) (Version: 6.0.318.0 - Tracker Software Products (Canada) Ltd.) Hidden PDF-XChange Lite V6 Home (HKLM-x32\...\{b0741d5c-be91-49dd-b87c-d54479fd2f76}) (Version: 6.0.318.0 - Tracker Software Products (Canada) Ltd.) Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.0 - Nikon) ProtonVPN (HKLM-x32\...\{2E5B3FB1-FDCC-4BC8-AA99-E0EE5343CAF8}) (Version: 1.16.3 - Proton Technologies AG) Hidden ProtonVPN (HKLM-x32\...\ProtonVPN 1.16.3) (Version: 1.16.3 - Proton Technologies AG) ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG) PTC Creo 4 Platform Services (HKLM\...\{42D57648-6DBC-4310-9EC2-286BC2E1D643}) (Version: 1.0.591 - PTC) Hidden PTC Creo 4 Platform Services (HKLM-x32\...\{29f5fb24-4ff9-4e29-846d-6944be7d6fd7}) (Version: 1.0.590 - PTC) PTC Creo Direct Version 4.0 Datecode [M080] (HKLM-x32\...\PTC Creo Direct Version 4.0 Datecode [M080]) (Version: 4.0 - PTC) PTC Creo Layout Version 4.0 Datecode [M080] (HKLM-x32\...\PTC Creo Layout Version 4.0 Datecode [M080]) (Version: 4.0 - PTC) PTC Creo Parametric Version 4.0 Datecode [M080] (HKLM-x32\...\PTC Creo Parametric Version 4.0 Datecode [M080]) (Version: 4.0 - PTC) PTC Creo Platform Agent (HKLM\...\{CAEC322E-32E5-4318-840E-97EA9DCA1AEF}) (Version: 1.1.368 - PTC) Hidden PTC Creo Simulate Version 4.0 Datecode [M080] (HKLM-x32\...\PTC Creo Simulate Version 4.0 Datecode [M080]) (Version: 4.0 - PTC) PTC Creo Thumbnail Viewer 4.0 (HKLM\...\{1D19CFB6-C04F-4141-8C8F-2037974264B6}) (Version: 32.18.420 - PTC) PTC Creo View Express 5.0 (HKLM\...\{D2114A73-AC95-4E38-A511-9997B40458A5}) (Version: 12.0.0.26 - PTC) PTC Diagnostic Tools (HKLM\...\{A0E8EA5F-86D9-419C-9659-6C5E38CD17FE}) (Version: 4.0.0.0 - PTC) RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios) RealSpeak Solo fur Deutsch - Steffi (HKLM-x32\...\{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}) (Version: 4.00.0000 - ScanSoft) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.) Revo Uninstaller 2.3.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.0 - VS Revo Group, Ltd.) Revo Uninstaller Pro 4.0.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.0 - VS Revo Group, Ltd.) RogueKiller Version 15.6.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.6.3.0 - Adlice Software) Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{97099817-53F1-4CA1-ACEA-DA6D74371689}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{996096F8-956B-41C9-A7E3-9BA1E801014F}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{D505EC85-885F-4BE3-8A89-3EFE4F855692}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Skype Version 8.90 (HKLM-x32\...\Skype_is1) (Version: 8.90 - Skype Technologies S.A.) Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.06 - Creative Technology Limited) Spotify (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\Spotify) (Version: 1.1.97.962.g24733a46 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Struktograf2 (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\7ecb55ce0f9f54f4) (Version: 1.0.0.72 - Struktograf2) Surfshark (HKLM-x32\...\{3B27DD8D-8F47-48FD-BB58-EE243B81359A}) (Version: 4.4.1999 - Surfshark) Hidden Surfshark (HKLM-x32\...\Surfshark 4.4.1999) (Version: 4.4.1999 - Surfshark) Surfshark TAP Driver Windows (HKLM-x32\...\{51F73AB8-1008-4637-B82A-4DAC08F96D2F}) (Version: 1.0.1 - Surfshark) Surfshark TAP Driver Windows (HKLM-x32\...\{56142B6D-2B61-4BDC-A607-B06CB18FE179}) (Version: 1.0.1 - Surfshark) Surfshark TAP Driver Windows (HKLM-x32\...\{DE4A71A9-7A76-4479-A811-4AE8BF911C77}) (Version: 1.0.1 - Surfshark) Surfshark TUN Driver Windows (HKLM\...\{1C2B73ED-35C4-4BF5-B620-5C44E2E0CA42}) (Version: 1.0 - Surfshark) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66595 - TeamViewer) TIDAL (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\TIDAL) (Version: 2.33.2 - TIDAL Music AS) Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler) ToastWallet 2.3.10 (only current user) (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\9a4cec8a-3951-59d5-acca-a0a409a2ab3c) (Version: 2.3.10 - StarStone Limited) Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft) VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI) ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.9.0 - Nikon) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden WhoCrashed 5.54 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) Windows Driver Package - Surfshark Ltd (wintunshark) Net (08/10/2020 0.8.0.0) (HKLM\...\C3138B3DBCE6F9FCB8C067FECE833A62860FFB4C) (Version: 08/10/2020 0.8.0.0 - Surfshark Ltd) Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16432 - Microsoft Corporation) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) XMedia Recode Version 3.3.5.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.5.8 - XMedia Recode) XnViewMP 0.98.4 (HKLM\...\XnViewMP_is1) (Version: 0.98.4 - Gougelet Pierre-e) Zoom (HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\ZoomUMX) (Version: 5.12.2 (9281) - Zoom Video Communications, Inc.) Zotero (HKLM-x32\...\Zotero 6.0.13 (x86 en-US)) (Version: 6.0.13 - Corporation for Digital Scholarship) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2107037291-4239383780-1378006347-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\...\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22209.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\...\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\...\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\...\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\...\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\...\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\...\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\7 Zip\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll -> Keine Datei ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-04-11] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\...\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-04-11] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\...\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-30] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\...\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\7 Zip\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-04-11] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\...\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\7 Zip\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-04-11] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-30] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => E:\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2017-11-08 21:20 - 2017-10-27 17:06 - 000874368 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\...\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\...\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => Applications\notepad.exe ==================== Internet Explorer (Version 11) (Nicht auf der Ausnahmeliste) ========== HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2107037291-4239383780-1378006347-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\x64\SwissAcademic.Citavi.IEPicker.DLL [2021-01-11] (Swiss Academic Software -> Swiss Academic Software) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll [2021-11-13] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-11-13] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\SwissAcademic.Citavi.IEPicker.DLL [2021-01-11] (Swiss Academic Software -> Swiss Academic Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKU\S-1-5-21-2107037291-4239383780-1378006347-1000 -> Kein Name - {093F479D-712E-46CD-9E06-62E734A05F68} - Keine Datei Toolbar: HKU\S-1-5-21-2107037291-4239383780-1378006347-1000 -> Kein Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} - Keine Datei Toolbar: HKU\S-1-5-21-2107037291-4239383780-1378006347-1000 -> Kein Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - Keine Datei (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\...\localhost -> localhost ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2022-11-17 16:47 - 000001298 _____ C:\Windows\system32\drivers\etc\hosts 0.0.0.0 www.google-analytics.com 0.0.0.0 google-analytics.com 0.0.0.0 ssl.google-analytics.com 0.0.0.0 pagead.googlesyndication.com 0.0.0.0 adservices.google.com 0.0.0.0 video-stats.video.google.com 0.0.0.0 4.afs.googleadservices.com 0.0.0.0 imageads.googleadservices.com 0.0.0.0 www.googleadservices.com 0.0.0.0 apps5.oingo.com 0.0.0.0 www.appliedsemantics.com 0.0.0.0 service.urchin.com 84.247.49.21 sg-sng-st004.prod.surfshark.com #Temporary Surfshark mapping ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\EDIABAS\BIN\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;E:\MinGW\bin;%systemroot%\System32\WindowsPowerShell\v1.0\;%systemroot%\System32\WindowsPowerShell\v1.0\ HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\...\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp DNS Servers: 162.252.172.57 - 149.154.159.92 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) ist deaktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{12DD087E-7BC9-4DB9-9382-25DC22F08199}] => (Allow) C:\Users\...\AppData\Roaming\BitTorrent\BitTorrent.exe => Keine Datei FirewallRules: [{B2A40709-C422-45FE-B1EC-8B14180822E8}] => (Allow) C:\Users\...\AppData\Roaming\BitTorrent\BitTorrent.exe => Keine Datei FirewallRules: [{323781EC-73FB-4EA8-8915-34FB8A908D5F}] => (Allow) C:\Users\...\AppData\Roaming\BitTorrent\BitTorrent.exe => Keine Datei FirewallRules: [{1F978683-A23D-45ED-8BEC-FCD4E067F1DA}] => (Allow) C:\Users\...\AppData\Roaming\BitTorrent\BitTorrent.exe => Keine Datei FirewallRules: [{994E75C6-B7FC-4DBE-BF0B-4C5E24C8B049}] => (Allow) C:\Users\...\AppData\Roaming\BitTorrent\BitTorrent.exe => Keine Datei FirewallRules: [{FC3802BF-898F-4FF0-962B-45B99E2B5F64}] => (Allow) C:\Users\...\AppData\Roaming\BitTorrent\BitTorrent.exe => Keine Datei FirewallRules: [TCP Query User{688AA743-FC7A-42DE-9183-62E0741C6480}C:\ediabas\bin\ifhsrv32.exe] => (Block) C:\ediabas\bin\ifhsrv32.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{563BD710-BD5B-4CF8-A89B-48A51F1FC418}C:\ediabas\bin\ifhsrv32.exe] => (Block) C:\ediabas\bin\ifhsrv32.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{1990682E-0670-4E8D-909B-854B0C0F4018}C:\bmw\ista-d 4.01.21\rheingold\ediabas\bin\ifhsrv32.exe] => (Block) C:\bmw\ista-d 4.01.21\rheingold\ediabas\bin\ifhsrv32.exe => Keine Datei FirewallRules: [UDP Query User{25C83693-1EA9-4667-9A42-630D15F5CCAA}C:\bmw\ista-d 4.01.21\rheingold\ediabas\bin\ifhsrv32.exe] => (Block) C:\bmw\ista-d 4.01.21\rheingold\ediabas\bin\ifhsrv32.exe => Keine Datei FirewallRules: [{ACC69726-CB3E-40C4-BA08-49EB60408C69}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [{87615A03-45C2-43C0-BFF8-31FE39DB750A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [{6F18901B-E3F9-45C6-B187-83A44E315D94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [{AE4DD6DE-AC7A-496F-9BA2-B7F417925F3A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [VirtualPC-In-UDP-1] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [VirtualPC-In-UDP-2] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [VirtualPC-In-TCP-1] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{4ADB80AB-1E2E-4222-9DE2-200F1ED4D934}E:\alte bmw rheingold software\bmw\ista-d 3.56.21\rheingold\testergui\bin\release\istagui.exe] => (Allow) E:\alte bmw rheingold software\bmw\ista-d 3.56.21\rheingold\testergui\bin\release\istagui.exe => Keine Datei FirewallRules: [UDP Query User{5F5526D2-1B56-4AF4-86DB-75ADB07D310A}E:\alte bmw rheingold software\bmw\ista-d 3.56.21\rheingold\testergui\bin\release\istagui.exe] => (Allow) E:\alte bmw rheingold software\bmw\ista-d 3.56.21\rheingold\testergui\bin\release\istagui.exe => Keine Datei FirewallRules: [{59220FB0-F247-4C12-A187-975A1606A695}] => (Block) E:\alte bmw rheingold software\bmw\ista-d 3.56.21\rheingold\testergui\bin\release\istagui.exe => Keine Datei FirewallRules: [{F5619BEC-84E6-4304-8B2F-F53BCFD8BAF6}] => (Block) E:\alte bmw rheingold software\bmw\ista-d 3.56.21\rheingold\testergui\bin\release\istagui.exe => Keine Datei FirewallRules: [TCP Query User{1722D277-ACF8-4FED-9E1D-02516F10BD0B}E:\brheingold\testergui\bin\release\istagui.exe] => (Block) E:\brheingold\testergui\bin\release\istagui.exe => Keine Datei FirewallRules: [UDP Query User{D1CA2FCB-2BA1-4C2D-9B49-A5E8B33B0E97}E:\brheingold\testergui\bin\release\istagui.exe] => (Block) E:\brheingold\testergui\bin\release\istagui.exe => Keine Datei FirewallRules: [{2354BEB6-35D3-4D1E-ADFA-E95C30CFB2F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{6D558DA6-9AD5-4A22-B05F-0D183A19B1C2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{195987C8-2CB2-4229-99F6-8D4F25246921}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{286EA455-4A48-4156-B839-9A017048C567}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E5B1E529-6A41-4E8D-A4A9-A09E92AA5C1B}] => (Allow) E:\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F5B6E91E-7523-42C5-B513-7D8643CA482A}] => (Allow) E:\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{215C73B4-EE41-45A0-AED0-6CD818578D42}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C74ED29F-8EFE-4669-A76B-726FD58B7C9D}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{3F43DA04-E520-4876-A875-42253E6F977F}] => (Allow) E:\Steam\steamapps\common\DiRT 4\dirt4.exe => Keine Datei FirewallRules: [{352B8E67-DEAE-4BDA-A8BB-965DAB548818}] => (Allow) E:\Steam\steamapps\common\DiRT 4\dirt4.exe => Keine Datei FirewallRules: [{A0FDA835-8EB0-4EB6-B14C-DC4698A3927D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{68CFF611-4B11-4C14-AC5B-42AA592105CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FCDFC00A-85F7-4FFE-A05F-7B2920E0B7EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{83A30664-4115-4BCA-AA9C-C722AC2EA8B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{55032874-DDC3-4DE5-9871-97951653948A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{83F9406D-E5A7-48A3-B336-232993C9E0E5}C:\users\...\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\...\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{85E54172-2A9E-45EF-9D4D-BC6B7790D30A}C:\users\...\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\...\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A36FDDD4-68C6-4163-BCEC-C07DFE1D4CEC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{EBAFE9AC-73A7-483B-9C63-03206E081846}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{35501DC0-CC8A-414C-91B2-2D8C99EAD702}] => (Allow) C:\Users\...\AppData\Roaming\uTorrent\uTorrent.exe => Keine Datei FirewallRules: [{B560CD0B-FDFA-4037-AAC5-04AAA96E600A}] => (Allow) C:\Users\...\AppData\Roaming\uTorrent\uTorrent.exe => Keine Datei FirewallRules: [{D30041F3-3BF0-4EF4-96F4-C2FDFFBEA7BC}] => (Allow) E:\UPlay\games\Assassin's Creed Odyssey\ACOdyssey.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{1C29477E-A63D-44B0-9BA2-B3D13D83E47A}] => (Allow) E:\CREO\Utilities\Creo View Express\i486_nt\obj\productview.exe (PTC Inc. -> PTC Inc.) FirewallRules: [TCP Query User{A835C13E-4AE5-4720-84A3-EA8F7278A2BE}E:\creo\creo 4.0\m080\common files\x86e_win64\nms\nmsd.exe] => (Allow) E:\creo\creo 4.0\m080\common files\x86e_win64\nms\nmsd.exe (PTC Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{BE52727D-5D02-4120-8EBA-B329E6F75BAC}E:\creo\creo 4.0\m080\common files\x86e_win64\nms\nmsd.exe] => (Allow) E:\creo\creo 4.0\m080\common files\x86e_win64\nms\nmsd.exe (PTC Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{02E31676-D11B-4AB7-859C-C43CFDD094E3}E:\creo\creo 4.0\m080\common files\x86e_win64\obj\xtop.exe] => (Allow) E:\creo\creo 4.0\m080\common files\x86e_win64\obj\xtop.exe (PTC Inc. -> PTC Inc.) FirewallRules: [UDP Query User{305D7DA3-963F-4E99-8612-748448F6E9B6}E:\creo\creo 4.0\m080\common files\x86e_win64\obj\xtop.exe] => (Allow) E:\creo\creo 4.0\m080\common files\x86e_win64\obj\xtop.exe (PTC Inc. -> PTC Inc.) FirewallRules: [TCP Query User{E74EA8D3-E50D-41E4-92FD-5F5C7684FC6C}E:\creo\creo 4.0\m080\common files\x86e_win64\obj\pro_comm_msg.exe] => (Allow) E:\creo\creo 4.0\m080\common files\x86e_win64\obj\pro_comm_msg.exe (PTC Inc. -> PTC Inc.) FirewallRules: [UDP Query User{1605BD5F-F1DB-4797-BF5B-6EF7EF6C4B41}E:\creo\creo 4.0\m080\common files\x86e_win64\obj\pro_comm_msg.exe] => (Allow) E:\creo\creo 4.0\m080\common files\x86e_win64\obj\pro_comm_msg.exe (PTC Inc. -> PTC Inc.) FirewallRules: [{FC6459E3-2438-4545-81BE-C22C683D1E7E}] => (Allow) C:\Users\...\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{6309146D-D301-41E9-B255-EB36F7FAE645}] => (Allow) C:\Users\...\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei FirewallRules: [{D31480C3-6E03-4483-8317-7611F283EB95}] => (Allow) C:\Users\...\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei FirewallRules: [{96A26DF6-F98C-4D98-A8B9-DFDED1673034}] => (Allow) E:\Opera\79.0.4143.50\opera.exe => Keine Datei FirewallRules: [{9F06CBAE-B6CC-4C7C-A497-36767D203B4B}] => (Allow) E:\Apple Computer\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2F17CEA5-ADCC-4E32-AC8F-682498390632}] => (Allow) E:\Opera\82.0.4227.23\opera.exe => Keine Datei FirewallRules: [TCP Query User{E417EB95-BB97-432A-B246-373B91FD41E7}C:\users\...\appdata\local\tidal\app-2.29.7\tidal.exe] => (Block) C:\users\...\appdata\local\tidal\app-2.29.7\tidal.exe => Keine Datei FirewallRules: [UDP Query User{E013ACB5-85AA-49E2-B263-81F6F15600A9}C:\users\...\appdata\local\tidal\app-2.29.7\tidal.exe] => (Block) C:\users\...\appdata\local\tidal\app-2.29.7\tidal.exe => Keine Datei FirewallRules: [TCP Query User{4993523A-97A1-4CCC-AEA0-83E22B88272B}C:\users\...\appdata\local\tidal\app-2.29.7\tidal.exe] => (Block) C:\users\...\appdata\local\tidal\app-2.29.7\tidal.exe => Keine Datei FirewallRules: [UDP Query User{296BA85F-6A65-41BE-825F-E43B8D116020}C:\users\...\appdata\local\tidal\app-2.29.7\tidal.exe] => (Block) C:\users\...\appdata\local\tidal\app-2.29.7\tidal.exe => Keine Datei FirewallRules: [TCP Query User{1C98EE74-259D-412F-8F35-1274DDEEF9F7}C:\users\...\appdata\local\tidal\app-2.30.0\tidal.exe] => (Block) C:\users\...\appdata\local\tidal\app-2.30.0\tidal.exe => Keine Datei FirewallRules: [UDP Query User{D03D17B8-94DC-4746-9887-9B92B0EA9057}C:\users\...\appdata\local\tidal\app-2.30.0\tidal.exe] => (Block) C:\users\...\appdata\local\tidal\app-2.30.0\tidal.exe => Keine Datei FirewallRules: [TCP Query User{1537AAB4-E148-4304-90AB-E9DA380F68F1}C:\users\...\appdata\local\tidal\app-2.30.0\tidal.exe] => (Block) C:\users\...\appdata\local\tidal\app-2.30.0\tidal.exe => Keine Datei FirewallRules: [UDP Query User{8D177E96-904E-415C-A5B0-16F0063BE363}C:\users\...\appdata\local\tidal\app-2.30.0\tidal.exe] => (Block) C:\users\...\appdata\local\tidal\app-2.30.0\tidal.exe => Keine Datei FirewallRules: [TCP Query User{F98142AC-F971-44F6-9B85-A1563AE1C9E3}C:\users\...\appdata\local\tidal\app-2.30.4\tidal.exe] => (Block) C:\users\...\appdata\local\tidal\app-2.30.4\tidal.exe => Keine Datei FirewallRules: [UDP Query User{E8FFBFF7-00E4-47CE-BEDF-E6CEA3B28A42}C:\users\...\appdata\local\tidal\app-2.30.4\tidal.exe] => (Block) C:\users\...\appdata\local\tidal\app-2.30.4\tidal.exe => Keine Datei FirewallRules: [{4E08DF1E-4923-4BD2-8E83-F044542ED9B5}] => (Allow) E:\EdrawMind\Edrawsoft\EdrawMind\EdrawMind.exe (SHENZHEN EDRAW SOFTWARE CO.,LTD -> ) FirewallRules: [{DA26836D-32D7-480F-AA93-50C497AAFD0E}] => (Allow) E:\EdrawMind\Edrawsoft\EdrawMind\EdrawMind.exe (SHENZHEN EDRAW SOFTWARE CO.,LTD -> ) FirewallRules: [{3BD58363-6781-4C27-9632-C2AC5A93DE4B}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{36C16EA1-07DD-4933-8C7F-FE38F730D8F6}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{BC7DAA6A-82DF-418C-9A95-65153FF15072}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9F9E7E7C-E3F6-4B67-B33F-1621148F8337}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{79CF053E-3731-4190-A327-50DD6C8AB8AD}] => (Allow) E:\Steam\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei FirewallRules: [{DC3E0FD0-6A52-4D09-9E2D-05AF0F09743E}] => (Allow) E:\Steam\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei FirewallRules: [{AEFFE512-BE3A-48D2-9C05-21E1DD99C6A8}] => (Allow) E:\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei FirewallRules: [{30C8DD88-33A3-4C5D-9789-90C904995DC2}] => (Allow) E:\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei FirewallRules: [{A66E4D2A-FCAE-4B2A-8E06-34B6005B679D}] => (Allow) E:\Steam\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei FirewallRules: [{E8C12CBF-3CFA-413E-88F2-8EC55AD787EB}] => (Allow) E:\Steam\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei FirewallRules: [{6C07E04B-9129-4C1C-A552-47919AFA1E67}] => (Allow) E:\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei FirewallRules: [{CE0EC01B-91AB-456F-9E56-FAD61C6C6305}] => (Allow) E:\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei FirewallRules: [{90AACD9E-C445-44DC-B7BE-5C51133AE59D}] => (Allow) E:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.) FirewallRules: [{59328913-A737-433C-9B45-6238735B108A}] => (Allow) E:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.) FirewallRules: [{2A4A87DC-4D0D-408A-A32B-24921D0F0A32}] => (Allow) E:\Opera\91.0.4516.77\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{D05E3BF8-0F67-4569-9C74-EF9ADA47CC32}] => (Allow) E:\Opera\92.0.4561.26\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{775A6DB7-EE7D-4BE5-975F-C0BB95F87124}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D2242A31-CF88-4B91-AB2A-8A3380CF921C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{71858D44-9A46-4479-AEA0-CA8866AF013B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8FD03190-F4C9-4364-A987-537E4E73F4DF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Wiederherstellungspunkte ========================= 14-11-2022 09:30:50 Windows Update 17-11-2022 13:40:21 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: USB (Universal Serial Bus)-Controller Description: USB (Universal Serial Bus)-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: TAP-ProtonVPN Windows Adapter V9 Description: TAP-ProtonVPN Windows Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-ProtonVPN Windows Provider V9 Service: tapprotonvpn Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/17/2022 02:47:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5023 Error: (11/17/2022 02:47:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5023 Error: (11/17/2022 02:47:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/17/2022 02:47:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4009 Error: (11/17/2022 02:47:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4009 Error: (11/17/2022 02:47:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/17/2022 02:47:51 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3010 Error: (11/17/2022 02:47:51 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3010 Systemfehler: ============= Error: (11/17/2022 04:52:28 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Der Server "{BB6DF56B-CACE-11DC-9992-0019B93A3A84}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/15/2022 11:54:39 PM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden. Error: (11/15/2022 11:54:37 PM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden. Error: (11/13/2022 06:32:26 PM) (Source: BROWSER) (EventID: 8032) (User: ) Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{853621EF-F2D9-4AD8-B39E-02606E073118}" zu oft fehl. Der Sicherungssuchdienst wird beendet. Error: (11/13/2022 11:34:38 AM) (Source: TermDD) (EventID: 56) (User: ) Description: Von der Terminalserver-Sicherheitsschicht wurde ein Fehler im Protokollablauf erkannt, und die Clientverbindung wurde getrennt. Client-IP: 127.0.0.1. Error: (11/09/2022 08:46:03 PM) (Source: TermDD) (EventID: 56) (User: ) Description: Von der Terminalserver-Sicherheitsschicht wurde ein Fehler im Protokollablauf erkannt, und die Clientverbindung wurde getrennt. Client-IP: 127.0.0.1. Error: (11/08/2022 04:19:12 PM) (Source: TermDD) (EventID: 56) (User: ) Description: Von der Terminalserver-Sicherheitsschicht wurde ein Fehler im Protokollablauf erkannt, und die Clientverbindung wurde getrennt. Client-IP: 127.0.0.1. Error: (11/08/2022 12:36:50 AM) (Source: TermDD) (EventID: 56) (User: ) Description: Von der Terminalserver-Sicherheitsschicht wurde ein Fehler im Protokollablauf erkannt, und die Clientverbindung wurde getrennt. Client-IP: 127.0.0.1. Windows Defender: ================Event[0]: Date: 2022-05-29 20:07:36.648 Description: Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte Signaturen:Aktuell Fehlercode:0x80070002 Fehlerbeschreibung:Das System kann die angegebene Datei nicht finden. Signaturversion:0.0.0.0 Modulversion:0.0.0.0 Date: 2021-11-13 20:26:22.834 Description: Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte Signaturen:Aktuell Fehlercode:0x80070002 Fehlerbeschreibung:Das System kann die angegebene Datei nicht finden. Signaturversion:0.0.0.0 Modulversion:0.0.0.0 Date: 2021-11-13 15:01:40.674 Description: Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte Signaturen:Aktuell Fehlercode:0x80070002 Fehlerbeschreibung:Das System kann die angegebene Datei nicht finden. Signaturversion:0.0.0.0 Modulversion:0.0.0.0 Date: 2021-09-30 14:11:56.633 Description: Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte Signaturen:Aktuell Fehlercode:0x80070002 Fehlerbeschreibung:Das System kann die angegebene Datei nicht finden. Signaturversion:0.0.0.0 Modulversion:0.0.0.0 Date: 2021-09-30 13:48:48.005 Description: Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte Signaturen:Aktuell Fehlercode:0x80070002 Fehlerbeschreibung:Das System kann die angegebene Datei nicht finden. Signaturversion:0.0.0.0 Modulversion:0.0.0.0 ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. V1.1 04/25/2014 Hauptplatine: MSI Z97 GAMING 7 (MS-7916) Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz Prozentuale Nutzung des RAM: 66% Installierter physikalischer RAM: 8135.65 MB Verfügbarer physikalischer RAM: 2737.29 MB Summe virtueller Speicher: 16269.45 MB Verfügbarer virtueller Speicher: 9492.79 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:204.86 GB) (Free:29.74 GB) (Model: OCZ-VECTOR150 ATA Device) NTFS Drive e: (Programme) (Fixed) (Total:644.53 GB) (Free:80.76 GB) (Model: ST1000DM003-1CH162 ATA Device) NTFS Drive f: (Fotos) (Fixed) (Total:97.66 GB) (Free:44.86 GB) (Model: ST1000DM003-1CH162 ATA Device) NTFS Drive g: (Dokumente) (Fixed) (Total:117.19 GB) (Free:68.1 GB) (Model: ST1000DM003-1CH162 ATA Device) NTFS Drive h: (TOSHIBA) (Removable) (Total:57.64 GB) (Free:56.93 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 223.6 GB) (Disk ID: 6DFB8F47) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0D0F9C26) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42) ========================================================== Disk: 2 (MBR Code: Windows XP) (Size: 57.7 GB) (Disk ID: 68B53690) Partition 1: (Not Active) - (Size=57.7 GB) - (Type=0C) ==================== Ende von Addition.txt ======================= Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 17.11.22 Scan-Zeit: 16:13 Protokolldatei: 6a9490d6-668a-11ed-97b7-00fff2004513.json -Softwaredaten- Version: 4.5.17.221 Komponentenversion: 1.0.1806 Version des Aktualisierungspakets: 1.0.62416 Lizenz: Kostenlos -Systemdaten- Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ...-PC\... -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 343065 Erkannte Bedrohungen: 3 In die Quarantäne verschobene Bedrohungen: 3 Abgelaufene Zeit: 3 Min., 5 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.Conduit, HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, In Quarantäne, 157, 236865, 1.0.62416, , ame, , , Registrierungswert: 2 PUP.Optional.Conduit, HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, In Quarantäne, 157, 236865, 1.0.62416, , ame, , , PUP.Optional.Conduit, HKU\S-1-5-21-2107037291-4239383780-1378006347-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In Quarantäne, 157, 236865, 1.0.62416, , ame, , , Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) VG BChristian Geändert von BChristian (17.11.2022 um 17:16 Uhr) |
17.11.2022, 19:15 | #2 | |
/// TB-Ausbilder | Windows 7 | Junk öffnet sich bei Besuch einer Website von alleineVeraltete Systeme werden nicht mehr analysiert bzw. bereinigt: Plattform: Microsoft Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Bitte beachten: Zitat:
Nachzulesen hier: Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten? Daher verschiebe ich das Thema. Geändert von M-K-D-B (17.11.2022 um 21:39 Uhr) |
Themen zu Windows 7 | Junk öffnet sich bei Besuch einer Website von alleine |
bonjour, computer, desktop, excel, firefox, google, homepage, internet, internet explorer, kaspersky, kis, mozilla, performance, prozesse, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, system, udp, windows |