DocPansen | 24.05.2020 10:24 | mbam.txt Vielen Dank für die schnelle Antwort!
Die 3 empfohlenen Deinstallationen habe ich durchgeführt.
Hier kommen die Logs:
mbam.txt: Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 24.05.20
Scan-Zeit: 10:53
Protokolldatei: 179b55ae-9d9c-11ea-96f8-408d5c5e3bb1.json
-Softwaredaten-
Version: 4.1.0.56
Komponentenversion: 1.0.920
Version des Aktualisierungspakets: 1.0.24352
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 18362.836)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-UHC18K6\Dr Mornje Pansen
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 380243
Erkannte Bedrohungen: 22
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 1 Min., 4 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 3
PUP.Optional.StartPage, HKLM\SOFTWARE\Websuche, Keine Aktion durch Benutzer, 241, 463409, 1.0.24352, , ame,
PUP.Optional.StartPage.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1BCC2F36-782A-458D-8DD2-7201A863EB2A}, Keine Aktion durch Benutzer, 3947, 396863, , , ,
PUP.Optional.StartPage.ShrtCln, HKU\S-1-5-21-488159366-2186065710-1513345262-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1BCC2F36-782A-458D-8DD2-7201A863EB2A}, Keine Aktion durch Benutzer, 3947, 396863, 1.0.24352, , ame,
Registrierungswert: 4
PUP.Optional.StartPage.ShrtCln, HKU\S-1-5-21-488159366-2186065710-1513345262-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1BCC2F36-782A-458D-8DD2-7201A863EB2A}|FAVICONURL, Keine Aktion durch Benutzer, 3947, 396863, 1.0.24352, , ame,
PUP.Optional.StartPage.ShrtCln, HKU\S-1-5-21-488159366-2186065710-1513345262-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1BCC2F36-782A-458D-8DD2-7201A863EB2A}|URL, Keine Aktion durch Benutzer, 3947, 396863, 1.0.24352, , ame,
PUP.Optional.StartPage.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1BCC2F36-782A-458D-8DD2-7201A863EB2A}|FAVICONURL, Keine Aktion durch Benutzer, 3947, 396862, 1.0.24352, , ame,
PUP.Optional.StartPage.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1BCC2F36-782A-458D-8DD2-7201A863EB2A}|URL, Keine Aktion durch Benutzer, 3947, 396862, 1.0.24352, , ame,
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 12
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers\2mtqp2yt.syr, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers\44y55mlh.2bf, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers\dt4voc05.iov, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers\gjm3g30c.q01, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers\hc2agap3.qzi, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers\hozajlfn.ue5, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers\iyirwhnv.b2v, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers\lfbrdqdg.sry, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers\omujujcb.05p, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers\sjip511y.cy1, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\drivers, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\USERS\DR MORNJE PANSEN\APPDATA\ROAMING\EASEWARE\DRIVERNAVIGATOR, Keine Aktion durch Benutzer, 1110, 728595, 1.0.24352, , ame,
Datei: 3
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\partner.xml, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.DriversFix, C:\Users\Dr Mornje Pansen\AppData\Roaming\Easeware\DriverNavigator\settings.dat, Keine Aktion durch Benutzer, 1110, 728595, , , ,
PUP.Optional.StartPage.ShrtCln, C:\USERS\DR MORNJE PANSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XBX5VKDP.DEFAULT\PREFS.JS, Keine Aktion durch Benutzer, 3947, 456658, 1.0.24352, , ame,
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end) Adwcleaner: Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-05-19.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-24-2020
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Dr Mornje Pansen\AppData\Roaming\MPC
Deleted C:\Users\Dr Mornje Pansen\Documents\MPC
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete IFEO
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1693 octets] - [15/09/2018 23:54:32]
AdwCleaner[C00].txt - [1747 octets] - [15/09/2018 23:55:26]
AdwCleaner[S01].txt - [1744 octets] - [24/05/2020 11:04:53]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ########## FRST.txt 1/2: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
durchgeführt von Dr Mornje Pansen (Administrator) auf DESKTOP-UHC18K6 (Gigabyte Technology Co., Ltd. Z170X-UD3) (24-05-2020 11:10:04)
Gestartet von E:\Downloads
Geladene Profile: Dr Mornje Pansen
Platform: Windows 10 Pro Version 1909 18363.836 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Articulate Global, Inc. -> Articulate Global, Inc.) C:\Program Files (x86)\Articulate\360\Desktop Application\Articulate 360 Desktop App.exe
(Articulate Global, Inc. -> Articulate Global, Inc.) C:\Program Files (x86)\Articulate\360\Desktop Application\Articulate 360 Installer Service.exe
(Articulate Global, Inc. -> Articulate Global, Inc.) C:\Program Files (x86)\Articulate\360\Desktop Service\Articulate 360 Desktop Service.exe
(Articulate Global, Inc. -> Articulate Global, Inc.) C:\Program Files (x86)\Articulate\360\Peek\Peek.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Docker Inc -> Docker.Service) C:\Program Files\Docker\Docker\com.docker.service
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\97.4.467\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> ) E:\Spiele\Origin\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) E:\Spiele\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) E:\Spiele\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) E:\Spiele\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) E:\Spiele\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(GOG Sp. z o.o. -> GOG.com) E:\Spiele\GOG\GOG Galaxy\GalaxyClient Helper.exe <2>
(GOG Sp. z o.o. -> GOG.com) E:\Spiele\GOG\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) E:\Spiele\GOG\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <29>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Dr Mornje Pansen\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Dr Mornje Pansen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12005.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
(Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe
(The CefSharp Authors) [Datei ist nicht signiert] C:\Program Files (x86)\Articulate\360\Desktop Application\CefSharp.BrowserSubprocess.exe <2>
(Ubisoft Entertainment Sweden AB -> Ubisoft) E:\Spiele\Uplay\Ubisoft Game Launcher\upc.exe
(Ubisoft Entertainment Sweden AB -> Ubisoft) E:\Spiele\Uplay\Ubisoft Game Launcher\UplayWebCore.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) E:\Spiele\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) E:\Spiele\Steam\steam.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942744 2018-12-17] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Articulate 360 Desktop Service] => C:\Program Files (x86)\Articulate\360\Desktop Service\Articulate 360 Desktop Service.lnk [2481 2020-05-19] () [Datei ist nicht signiert]
HKLM\...\Run: [Articulate 360 Desktop Application] => C:\Program Files (x86)\Articulate\360\Desktop Application\Articulate 360 Desktop App.lnk [2481 2020-05-24] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6867968 2020-05-12] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1226240 2017-09-20] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKU\S-1-5-21-488159366-2186065710-1513345262-1001\...\Run: [Steam] => E:\Spiele\Steam\steam.exe [3372832 2020-05-15] (Valve -> Valve Corporation)
HKU\S-1-5-21-488159366-2186065710-1513345262-1001\...\Run: [EADM] => E:\Spiele\Origin\Origin.exe [3140368 2020-05-21] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-488159366-2186065710-1513345262-1001\...\Run: [GalaxyClient] => E:\Spiele\GOG\GOG Galaxy\GalaxyClient.exe [13971528 2020-05-07] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-488159366-2186065710-1513345262-1001\...\Run: [Battle.net] => E:\Spiele\Blizzard\Battle.net\Battle.net.exe [1142248 2020-05-09] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-488159366-2186065710-1513345262-1001\...\Run: [EpicGamesLauncher] => E:\Spiele\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31867792 2020-05-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-488159366-2186065710-1513345262-1001\...\Run: [Ubisoft Game Launcher] => E:\Spiele\Uplay\Ubisoft Game Launcher\Uplay.exe [471360 2020-05-19] (Ubisoft Entertainment Sweden AB -> Ubisoft)
HKU\S-1-5-21-488159366-2186065710-1513345262-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [1644728 2020-01-31] (Docker Inc -> Docker Desktop)
HKU\S-1-5-21-488159366-2186065710-1513345262-1001\...\Run: [ArticulatePeek] => C:\Program Files (x86)\Articulate\360\Peek\Peek.exe [1113576 2019-05-08] (Articulate Global, Inc. -> Articulate Global, Inc.)
HKU\S-1-5-21-488159366-2186065710-1513345262-1001\...\Run: [launchOnStartup] => E:\Spiele\GOG\GOG Galaxy\GalaxyClient.exe [13971528 2020-05-07] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-488159366-2186065710-1513345262-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5417008 2020-05-04] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\Software\...\AppCompatFlags\Custom\1602.exe: [{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb] -> Anno 1602 Compatibility fix
HKLM\Software\...\AppCompatFlags\Custom\1602Edit.exe: [{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb] -> Anno 1602 Compatibility fix
HKLM\Software\...\AppCompatFlags\InstalledSDB\{b7082f5b-b3cc-44ac-a030-69ef3e35225d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb [2019-09-11]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-08] (Google LLC -> Google LLC)
AppInit_DLLs: prio.dll => C:\Program Files\Prio\prio.dll [16800 2017-01-15] (O&K Software Ltd. -> O&K Software)
AppInit_DLLs-x32: prio32.dll => C:\Program Files\Prio\prio32.dll [15264 2017-01-15] (O&K Software Ltd. -> O&K Software)
Startup: C:\Users\Dr Mornje Pansen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-09-11]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05CF484D-7C0B-4D3F-A64B-2FD600C91144} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0B87D844-1973-4B2F-B51F-9E18165EAAE3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {109A2F38-9966-4E98-8E21-9D79503471C8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772552 2020-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BC0E975-488B-4B90-8285-8E63B5977005} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {2307B559-D0BF-4BF2-BF39-84262B0F95EB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124752 2020-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {393BE35F-F76A-420B-8B79-602470DCE785} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124752 2020-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4755B931-7598-45C7-B22A-0C87C3A20970} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-06] (Google Inc -> Google Inc.)
Task: {4E6C1445-F986-4D6F-8E30-FA65A57F39D0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {510924CD-A65C-4BC1-BF32-5A4365D245F6} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [366792 2016-01-18] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {557B0158-CA91-4C41-9D83-A8DF131AA7E3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe [1454136 2020-05-12] (Adobe Inc. -> Adobe)
Task: {5636D5B6-F4DF-4605-AABE-83E931230D88} - System32\Tasks\Articulate\Articulate360InstallerTask => C:\Program Files (x86)\Articulate\360\Desktop Application\Articulate 360 Installer Service.exe [248800 2020-05-18] (Articulate Global, Inc. -> Articulate Global, Inc.)
Task: {58EE54FD-0F19-446A-91CE-0A94488724F8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5BDEB7AF-6655-47E0-8CB8-A948D055E9CC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {651EFC86-17E1-46A1-80E2-B2A3B8BED5FC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {66875C68-A01B-4574-A3DB-2A9E7BFF57B3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7F4C0C1C-EB86-4500-BD71-CEAE52A1F5B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-06] (Google Inc -> Google Inc.)
Task: {9779B68B-FD14-45C1-B563-4B49E2D89A2C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A88819AF-4C24-4DB7-A48B-D08DBAE82933} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A90196DD-7168-45B4-8327-AAECBFC81650} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [366792 2016-01-18] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {ADDD4434-2CB7-4F13-9CE1-BA31148BEC13} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BD25A057-84F0-47DF-A433-E49B93CCB1E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772552 2020-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF48C56B-C39F-4846-A2E3-6F7D7987D36D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
Task: {D3E543C9-0FDF-4ECE-800C-04B6D423038C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [1830088 2016-01-18] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {DB5EEBCC-E046-4D64-940A-7B99001BEF5C} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {DC03F4F8-238A-4E40-A502-6CE7B89937E9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E05F8EB9-0F79-4C0F-BAAA-1AC9122571BE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1429400 2020-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E42C9C45-AC3B-4BE5-A743-ABDA4FC8FE19} - System32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0xf) => C:\Users\Dr Mornje Pansen\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.22.8733\pcvisit_client.exe [7251840 2018-01-24] (pcvisit software ag -> pcvisit Software ag)
Task: {EAA2402C-056D-425B-87D8-BE60C450109B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {F1509BEC-7E2C-4DBF-B640-8D4B8305F25D} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe [535472 2017-06-01] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {F400BAD7-1064-42B7-8E57-CF7019DA50D9} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {F4FBF2C3-6B23-4D00-A3F3-A21BE5B22AE1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FD2BCC12-3555-46FC-85D2-73705EC2045B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6ff78fff-afb0-4f63-8b30-2baf5b55fdda}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {1BCC2F36-782A-458D-8DD2-7201A863EB2A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:/Program Files (x86)/Internet Explorer/Citavi Picker/x64/SwissAcademic.Citavi.IEPicker.DLL => Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:/Program Files (x86)/Internet Explorer/Citavi Picker/SwissAcademic.Citavi.IEPicker.DLL => Keine Datei
DPF: HKLM-x32 {C752FF21-A8EF-468E-B507-5BBAFB84359E} hxxps://hbciweb.olb.de/financebrowser5/plugin/Signlet-Plugin-1.0.49.0.CAB
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Dr Mornje Pansen\Downloads
FireFox:
========
FF DefaultProfile: xBx5vKdp.default
FF DefaultProfile: 2nevvce2.default
FF ProfilePath: C:\Users\Dr Mornje Pansen\AppData\Roaming\Mozilla\Firefox\Profiles\pnrzgv1b.default-release [2020-05-15]
FF ProfilePath: C:\Users\Dr Mornje Pansen\AppData\Roaming\Mozilla\Firefox\Profiles\xBx5vKdp.default [2020-04-25]
FF Extension: (Avira Browser Safety) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Mozilla\Firefox\Profiles\xBx5vKdp.default\Extensions\abs@avira.com [2016-10-05] []
FF Extension: (Avira Password Manager) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Mozilla\Firefox\Profiles\xBx5vKdp.default\Extensions\passwordmanager@avira.com [2019-10-17]
FF ProfilePath: C:\Users\Dr Mornje Pansen\AppData\Roaming\kompozer.net\KompoZer\Profiles\veqjzsn0.default [2020-02-01]
FF ProfilePath: C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default [2020-02-01]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-cs@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-de@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (English (US) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Español (España) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Finnish Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-fi@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Français Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-fr@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Galego (España) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-gl@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-he@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-hu@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-it@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Japanese Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-ja@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Korean (KR) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-ko@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-nl@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Polski Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-pl@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Russian (RU) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-ru@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-sl@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (српски (sr) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-sr@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Dr Mornje Pansen\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\2nevvce2.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2020-02-01] [] [ist nicht signiert]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-04-11] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-488159366-2186065710-1513345262-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Dr Mornje Pansen\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-24] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default [2020-05-24]
CHR Notifications: Default -> hxxp://slither.io; hxxps://calendar.google.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Präsentationen) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-05]
CHR Extension: (YouTube) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-05]
CHR Extension: (uBlock Origin) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-22]
CHR Extension: (Slate) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhmcmgkegfffbbfobhjpdbimgmoohap [2019-02-28]
CHR Extension: (Tabellen) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-09-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-05-15]
CHR Extension: (Cisco Webex Extension) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2020-05-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Citavi Picker) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2020-04-28]
CHR Extension: (Google Mail) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-24]
CHR Extension: (RSS Feed Reader) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2020-05-08]
CHR Extension: (Stadia) - C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnkcfpnngfokcnnijgkllghjlhkailce [2020-04-11]
CHR Profile: C:\Users\Dr Mornje Pansen\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-23]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8423760 2019-09-28] (BattlEye Innovations e.K. -> )
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10612592 2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
R2 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [16600 2020-01-31] (Docker Inc -> Docker.Service)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-05-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [147376 2017-06-01] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-05-19] (FUTUREMARK INC -> Futuremark)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [Datei ist nicht signiert]
S3 GalaxyClientService; E:\Spiele\GOG\GOG Galaxy\GalaxyClientService.exe [1748552 2020-05-07] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-25] (GOG Sp. z o.o. -> GOG.com)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-11-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [535544 2019-12-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
R2 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-02-20] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-05-13] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-05-13] (Microsoft Windows -> Microsoft Corporation)
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [341312 2010-06-24] (Nitro PDF Software -> Nitro PDF Software)
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [65856 2010-06-24] (Nitro PDF Software -> Nalpeiron Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [874472 2020-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [123824 2017-06-01] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S4 Origin Client Service; E:\Spiele\Origin\OriginClientService.exe [2496816 2020-05-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\Spiele\Origin\OriginWebHelperService.exe [3449656 2020-05-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-11-03] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1830088 2016-01-18] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146240 2020-04-11] (Cisco WebEx LLC -> Cisco WebEx LLC)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-09-06] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_b44028fc7fdf4fca\e1d68x64.sys [599920 2019-09-13] (Intel(R) INTELND1820 -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-05-24] (Malwarebytes Corporation -> Malwarebytes)
R3 gdrv; C:\WINDOWS\gdrv.sys [26192 2020-05-24] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [65320 2018-12-21] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO32; C:\Windows\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-10-05] (Martin Malik - REALiX -> REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [15470584 2019-12-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [125088 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [319448 2019-04-15] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R3 Netwtw08; C:\WINDOWS\System32\drivers\Netwtw08.sys [8835528 2020-03-05] (Intel Wireless Driver -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9952681a7bb1dfac\nvlddmkm.sys [23446968 2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 se64a; C:\WINDOWS\System32\drivers\se64a.sys [14032 2007-05-03] (EnTech Taiwan -> EnTech Taiwan)
R2 speedfan; C:\Windows\SysWoW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2016-08-12] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) |