| |
| |||||||
Log-Analyse und Auswertung: Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.06.2016, 19:33
| #16 |
 |  Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 23.06.2016 Suchlaufzeit: 18:51 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.06.23.04 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Tomas Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 428678 Abgelaufene Zeit: 21 Min., 41 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 3 PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, 2108, Löschen bei Neustart, [79e75ea23268de5806dc652ca55c2bd5] PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray.exe, 6096, Löschen bei Neustart, [cc94f907f0aa92a4746eccc588791de3] PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, 4372, Löschen bei Neustart, [ec7404fcbbdf42f439a96c250ff201ff] Module: 36 PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [f36d1fe1801a0b2be8fa7a17e51c3cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [f36d1fe1801a0b2be8fa7a17e51c3cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Löschen bei Neustart, [75ebb64a2e6c38fe9949167bd130b947], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [0c54e719d9c1e74f3ba7a7ea2dd42ed2], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [0c54e719d9c1e74f3ba7a7ea2dd42ed2], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [4a1628d8dfbbe84e10d22f620bf63cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [4a1628d8dfbbe84e10d22f620bf63cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, Löschen bei Neustart, [7fe1b34d9efc0f2735adb6db926f817f], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, Löschen bei Neustart, [253b56aa6436d561875b99f8b54c06fa], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, Löschen bei Neustart, [253b53adb1e97cba657dd1c024dd2dd3], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, Löschen bei Neustart, [92ce37c9376367cf865c731e31d032ce], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, Löschen bei Neustart, [9dc327d9d5c5a294e5fdf29fa8597789], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, Löschen bei Neustart, [94cc04fc465485b121c1375a05fcbf41], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, Löschen bei Neustart, [303007f98416ad8912d0761b33ce27d9], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, Löschen bei Neustart, [590713edcbcfc86ea33f335eca37fa06], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, Löschen bei Neustart, [d789bb4527735fd7479b3f52d42d649c], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, Löschen bei Neustart, [045c8c740694b77ff2f0f69b0bf67e82], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, Löschen bei Neustart, [73ed2fd1b0ea94a20ad87918a16024dc], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], Registrierungsschlüssel: 42 PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCProtectService, In Quarantäne, [79e75ea23268de5806dc652ca55c2bd5], PUP.Optional.LyricsAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DA3D98A6-868D-4E1B-BB78-0887230DA405}, In Quarantäne, [4a16d927b1e9f44250122466b74b857b], PUP.Optional.LyricsAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DA3D98A6-868D-4E1B-BB78-0887230DA405}, In Quarantäne, [4a16d927b1e9f44250122466b74b857b], PUP.Optional.LyricsAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F76206C0-A31C-446B-B3ED-0FC3ADAA80C2}, In Quarantäne, [095752ae0892e551ea2ad6b3c53d32ce], PUP.Optional.LyricsAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F76206C0-A31C-446B-B3ED-0FC3ADAA80C2}, In Quarantäne, [095752ae0892e551ea2ad6b3c53d32ce], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}, In Quarantäne, [c29ee41c31692d096b19256d06fcc23e], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6A9570AF-C8CA-49E2-AE17-BD706CA976DF}, In Quarantäne, [b0b05aa6247684b2f13d3764e71c43bd], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-A59C-752AD39E1A5D}, In Quarantäne, [aeb2768adcbeae88e646debd3cc7619f], PUP.Optional.BrowserDefendert, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0A27C14E-E59A-4321-8DBF-3B382A052363}, Löschen bei Neustart, [92ce30d08317bb7bd2b2efd9729060a0], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{26D827C6-8499-43F6-A65D-BEDDBBC428EA}, Löschen bei Neustart, [0e52f9073e5c0c2ae20932bdd3300ef2], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{49AF581E-ED17-468A-9119-B45BB42B74A3}, Löschen bei Neustart, [3030bd43ecae89ad1ecd8768699a6898], PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{585F9124-F999-4489-A9EC-190C3B30DAD0}, Löschen bei Neustart, [0b5545bb1288f640399d4aa25fa4c23e], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{79E48FB3-5216-4B09-A600-EB31BF4FF9FA}, Löschen bei Neustart, [6ef2a858009a191d7f6c0ae5f50e03fd], PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7F593ED1-DF42-4E49-9AA5-89149CAC42D5}, Löschen bei Neustart, [a7b9f01052489b9b23a2973053afd12f], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C04FA793-8D8A-42A8-8B20-EE3CD6476D90}, Löschen bei Neustart, [6df3718f98026ec831ba35badf24c43c], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C3E4EC74-F2D5-4AE8-BA8D-FBB3EE83B88C}, Löschen bei Neustart, [71ef59a73a602b0ba7449e5122e1c63a], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EA95BFB6-57AA-40E0-B1C3-F2AD46A0CF0B}, Löschen bei Neustart, [e67a659b316993a345a6ae41cf34d22e], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-1, Löschen bei Neustart, [fc6412ee1f7bec4a1916d0cb877ccf31], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-11, Löschen bei Neustart, [481832ce6a3053e3022dc1da13f0f40c], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-2, Löschen bei Neustart, [e9771ee26238e84e6dc27526da298878], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-3, Löschen bei Neustart, [ce925ba5c6d4d165f23d3368d52e50b0], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-4, Löschen bei Neustart, [b5abbd437822d066f33c4c4fe320718f], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-5, Löschen bei Neustart, [da861de3bcde14221817e5b6ee1554ac], PUP.Optional.BrowserDefender, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BrowserDefendert, Löschen bei Neustart, [aab633cd0b8f979fc42e8411669d6898], PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Digital Sites, Löschen bei Neustart, [65fbc23e3961aa8c1f1ebedebe4507f9], PUP.Optional.VBates, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\FF Watcher {33623A7B-0D3C-4499-9DB8-0F8929B49502}, Löschen bei Neustart, [5a06db255b3f3ff713eb765e0df5a35d], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineCore, Löschen bei Neustart, [e0804fb181192c0a65b94d53b15223dd], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineUA, Löschen bei Neustart, [4d13be42a2f864d22ef160400af9bb45], PUP.Optional.VBates, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2, Löschen bei Neustart, [5010c33d6337e94dfd37e2d4dd26cf31], PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Pwtyfemuk Cache, Löschen bei Neustart, [eb75b24edfbb5dd9b90d77501ee45fa1], PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\MPCDisabled, In Quarantäne, [b0b0d828f9a1bb7b9160707535ce7090], PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, In Quarantäne, [6ef21ee21a80e15562e1d1f79e64936d], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6A9570AF-C8CA-49E2-AE17-BD706CA976DF}, In Quarantäne, [64fc4eb2e2b8a2942d0116856d969b65], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-A59C-752AD39E1A5D}, In Quarantäne, [bba56f91158584b235f7e6b551b2c23e], PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\MPCDisabled, In Quarantäne, [0f51936d564442f409e8c61f06fdcd33], PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC, In Quarantäne, [cc94eb15613967cfaaf0eeff8f743ec2], PUP.Optional.WinZipMalwareProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WinZip Malware Protector, In Quarantäne, [91cf58a8346688ae2f00f7ea32d10af6], PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKPT, In Quarantäne, [5907f40ce4b6f541831804e94fb4847c], PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6A9570AF-C8CA-49E2-AE17-BD706CA976DF}, In Quarantäne, [d48c8779e6b47cba4ace86154cb77c84], PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89E48313-56B1-4DEF-9EF3-14C517E889B4}, In Quarantäne, [045cad537b1f1d191bfcaaf1e41ff50b], PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-A59C-752AD39E1A5D}, In Quarantäne, [3a269c64faa0f83e72a41a81996ac937], PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D1A10E97-35D1-4BFF-98B5-93698F8E9C16}, In Quarantäne, [0957c63af9a1280ead6b4655ab589c64], Registrierungswerte: 24 PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6a9570af-c8ca-49e2-ae17-bd706ca976df}|AppName, Plus-HD-9.1-codedownloader.exe, In Quarantäne, [b0b05aa6247684b2f13d3764e71c43bd] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-a59c-752ad39e1a5d}|AppName, Plus-HD-9.1-bg.exe, In Quarantäne, [aeb2768adcbeae88e646debd3cc7619f] PUP.Optional.BrowserDefendert, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0A27C14E-E59A-4321-8DBF-3B382A052363}|Path, \BrowserDefendert, Löschen bei Neustart, [92ce30d08317bb7bd2b2efd9729060a0] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{26D827C6-8499-43F6-A65D-BEDDBBC428EA}|Path, \83041db3-6530-41d5-86d5-b6e664097760-4, Löschen bei Neustart, [0e52f9073e5c0c2ae20932bdd3300ef2] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{49AF581E-ED17-468A-9119-B45BB42B74A3}|Path, \83041db3-6530-41d5-86d5-b6e664097760-2, Löschen bei Neustart, [3030bd43ecae89ad1ecd8768699a6898] PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{585F9124-F999-4489-A9EC-190C3B30DAD0}|Path, \Digital Sites, Löschen bei Neustart, [0b5545bb1288f640399d4aa25fa4c23e] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{79E48FB3-5216-4B09-A600-EB31BF4FF9FA}|Path, \83041db3-6530-41d5-86d5-b6e664097760-3, Löschen bei Neustart, [6ef2a858009a191d7f6c0ae5f50e03fd] PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7F593ED1-DF42-4E49-9AA5-89149CAC42D5}|Path, \Pwtyfemuk Cache, Löschen bei Neustart, [a7b9f01052489b9b23a2973053afd12f] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C04FA793-8D8A-42A8-8B20-EE3CD6476D90}|Path, \83041db3-6530-41d5-86d5-b6e664097760-1, Löschen bei Neustart, [6df3718f98026ec831ba35badf24c43c] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C3E4EC74-F2D5-4AE8-BA8D-FBB3EE83B88C}|Path, \83041db3-6530-41d5-86d5-b6e664097760-5, Löschen bei Neustart, [71ef59a73a602b0ba7449e5122e1c63a] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EA95BFB6-57AA-40E0-B1C3-F2AD46A0CF0B}|Path, \83041db3-6530-41d5-86d5-b6e664097760-11, Löschen bei Neustart, [e67a659b316993a345a6ae41cf34d22e] PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, hxxp://www.hohosearch.com/?ts=AHEqAHEoA3MkC0..&v=20160415&uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&mode=ffsengext, In Quarantäne, [6ef21ee21a80e15562e1d1f79e64936d] PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, hxxp://www.hohosearch.com/?ts=AHEqAHEoA3MkC0..&v=20160415&uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&mode=ffsengext, In Quarantäne, [88d8b44c4d4d4ceaee558642a9596a96] PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, hxxp://www.hohosearch.com/chrome.php?uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&q={searchTerms}&ts=AHEqAHEoA3MkC0..&v=20160415&mode=ffsengext, In Quarantäne, [a5bb9f61eeac60d68eb5488036ccef11] PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, hxxp://www.hohosearch.com/chrome.php?uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&ts=AHEqAHEoA3MkC0..&v=20160415&mode=ffexttoolbar&q=, In Quarantäne, [dc843bc5edad0f274cf730988f733ac6] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6a9570af-c8ca-49e2-ae17-bd706ca976df}|AppName, Plus-HD-9.1-codedownloader.exe, In Quarantäne, [64fc4eb2e2b8a2942d0116856d969b65] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-a59c-752ad39e1a5d}|AppName, Plus-HD-9.1-bg.exe, In Quarantäne, [bba56f91158584b235f7e6b551b2c23e] PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC|Location, C:\Program Files (x86)\MPC Cleaner, In Quarantäne, [cc94eb15613967cfaaf0eeff8f743ec2] PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKPT|Description, MPC Driver, In Quarantäne, [5907f40ce4b6f541831804e94fb4847c] PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCPROTECTSERVICE|ImagePath, "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe", In Quarantäne, [f46c629e4f4beb4b64114da11be84bb5] PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6a9570af-c8ca-49e2-ae17-bd706ca976df}|AppName, Plus-HD-9.1-codedownloader.exe, In Quarantäne, [d48c8779e6b47cba4ace86154cb77c84] PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89E48313-56B1-4DEF-9EF3-14C517E889B4}|AppName, 83041db3-6530-41d5-86d5-b6e664097760-2.exe-buttonutil.exe, In Quarantäne, [045cad537b1f1d191bfcaaf1e41ff50b] PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-a59c-752ad39e1a5d}|AppName, Plus-HD-9.1-bg.exe, In Quarantäne, [3a269c64faa0f83e72a41a81996ac937] PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D1A10E97-35D1-4BFF-98B5-93698F8E9C16}|AppName, 83041db3-6530-41d5-86d5-b6e664097760-2.exe-codedownloader.exe, In Quarantäne, [0957c63af9a1280ead6b4655ab589c64] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 26 PUP.Optional.VBates, C:\Users\Tomas\AppData\LocalLow\Company\Product\1.0, In Quarantäne, [332dc13fbdddbf771358f3cda45f13ed], PUP.Optional.VBates, C:\Users\Tomas\AppData\LocalLow\Company\Product, In Quarantäne, [332dc13fbdddbf771358f3cda45f13ed], PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC, In Quarantäne, [baa6a65a1486fa3c1ece875ede25768a], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\51d9fecea530ca7b7b8869bd346a8219, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\8e47404261cd88c4c5b49fcd58810203, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.MCorp, C:\Users\Tomas\AppData\Roaming\MCorp\1147, In Quarantäne, [2a3638c8316988aea7f5f009bc478779], PUP.Optional.MCorp, C:\Users\Tomas\AppData\Roaming\MCorp, In Quarantäne, [2a3638c8316988aea7f5f009bc478779], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Exe, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\DB, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\News, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Tray, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.Plumbytes, C:\Users\Tomas\AppData\Local\{698D0BA5-6E4B-44BD-9F9A-AA32F2E98D9A}, In Quarantäne, [f7699c641e7cd66071a4d526fd06669a], PUP.Optional.FakeFFProfile, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F, In Quarantäne, [ca96c33dc1d9f442881ceaade91be21e], Dateien: 207 PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, Löschen bei Neustart, [79e75ea23268de5806dc652ca55c2bd5], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [f36d1fe1801a0b2be8fa7a17e51c3cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Löschen bei Neustart, [75ebb64a2e6c38fe9949167bd130b947], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [0c54e719d9c1e74f3ba7a7ea2dd42ed2], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [4a1628d8dfbbe84e10d22f620bf63cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray.exe, Löschen bei Neustart, [cc94f907f0aa92a4746eccc588791de3], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, Löschen bei Neustart, [7fe1b34d9efc0f2735adb6db926f817f], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, Löschen bei Neustart, [253b56aa6436d561875b99f8b54c06fa], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, Löschen bei Neustart, [253b53adb1e97cba657dd1c024dd2dd3], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, Löschen bei Neustart, [92ce37c9376367cf865c731e31d032ce], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, Löschen bei Neustart, [9dc327d9d5c5a294e5fdf29fa8597789], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, Löschen bei Neustart, [94cc04fc465485b121c1375a05fcbf41], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, Löschen bei Neustart, [303007f98416ad8912d0761b33ce27d9], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, Löschen bei Neustart, [590713edcbcfc86ea33f335eca37fa06], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, Löschen bei Neustart, [d789bb4527735fd7479b3f52d42d649c], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, Löschen bei Neustart, [045c8c740694b77ff2f0f69b0bf67e82], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, Löschen bei Neustart, [73ed2fd1b0ea94a20ad87918a16024dc], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, Löschen bei Neustart, [ec7404fcbbdf42f439a96c250ff201ff], PUP.Optional.Wajam, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\cb9aae2e479e1a308dde88f94820b13f.sys, In Quarantäne, [bba539c7b7e3979fd4fb16bbcc35dc24], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Löschen bei Neustart, [0a56758bbddd03338a58bbd68180fb05], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MainFrame.dll, In Quarantäne, [124e60a09efccc6a07db2e63ed1450b0], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPC.exe, In Quarantäne, [d58b42bed2c8e254cc16e3aea75ac63a], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCAutoClean.exe, In Quarantäne, [3828a759e1b9d5616082266bed1458a8], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCNews.exe, In Quarantäne, [9fc11ee2b5e545f105dd9ff2ab56d32d], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSecurity.exe, In Quarantäne, [3e223cc4f3a73105657d4d444eb37d83], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSetting.exe, In Quarantäne, [70f0758b6535d6602ab86c2529d817e9], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi64.dll, Löschen bei Neustart, [7fe18a7661398ea826bc1e73a65b07f9], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SetupFrame.dll, In Quarantäne, [bea2ab553d5d1d1917cb01906a9721df], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Uninstall.exe, In Quarantäne, [f16f11ef772388ae04dea6ebd62b6c94], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstallFrame.dll, In Quarantäne, [91cf70907d1dfd394f93850c49b856aa], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstDelete.exe, In Quarantäne, [c49c09f71981f2441fc3c4cd16eb34cc], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UpdateHost.exe, In Quarantäne, [b8a8e818683248ee3aa88809f011e11f], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Upgrade.dll, In Quarantäne, [154be020c0da26109052424fbd44eb15], PUP.Optional.PicBadges, C:\Program Files (x86)\PicBadges\PicBadgesGui.exe, In Quarantäne, [87d9f60a8a10c76f4c2449e322dfaa56], PUP.Optional.Plumbytes, C:\Users\Tomas\Downloads\antimalwaresetup.exe, In Quarantäne, [ce92669a1e7c102685be8161659c03fd], PUP.Optional.VBates, C:\Users\Tomas\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt, In Quarantäne, [332dc13fbdddbf771358f3cda45f13ed], PUP.Optional.MorePowerfulCleaner, C:\Users\Public\Desktop\MPC Cleaner.lnk, In Quarantäne, [a2be54ac3763fd3942a94a9b60a34fb1], PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC\MPC Cleaner.lnk, In Quarantäne, [baa6a65a1486fa3c1ece875ede25768a], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\51d9fecea530ca7b7b8869bd346a8219\252bcd16d4ad84e00819308e213bbe41.ico, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\51d9fecea530ca7b7b8869bd346a8219\5094f05368c1ef5c681d0d9bbbe010cb.ico, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\51d9fecea530ca7b7b8869bd346a8219\59099feaaae8862bb332abeaed6d943b.ico, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\51d9fecea530ca7b7b8869bd346a8219\a731e8b1b10d51530ec5e013fe3a8162.ico, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\31cba78ef052919654a1812b431f5464.exe, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\59099feaaae8862bb332abeaed6d943b.ico, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\836b5d521120ef96b6b04d6b34acb976.exe, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\b0a3cd15362edd64105b9adbbd96118f, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\bcbf819e7c8ed56cc6ad85c1aafa97c7.exe, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\cb9aae2e479e1a308dde88f94820b13f.cfg, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\cb9aae2e479e1a308dde88f94820b13f.inf, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\f82907e77df91d76297b0a0819cf16be, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\8e47404261cd88c4c5b49fcd58810203\heolng.dll, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.ProntSpooler, C:\Users\Tomas\AppData\Local\Apps\2.0\abril.exe, In Quarantäne, [3030b7498d0d2c0a3a72718353b042be], PUP.Optional.ProntSpooler, C:\Users\Tomas\AppData\Local\Apps\2.0\abril.InstallLog, In Quarantäne, [1e42768a514987af6d3f8a6ac14251af], PUP.Optional.ProntSpooler, C:\Users\Tomas\AppData\Local\Apps\2.0\abril.InstallState, In Quarantäne, [2e32ed13b2e870c604a8896b04ffda26], PUP.Optional.ProntSpooler, C:\Users\Tomas\AppData\Local\Apps\2.0\abril.stt, In Quarantäne, [6ff1c7393f5bd264327a8470aa59c739], PUP.Optional.MCorp, C:\Users\Tomas\AppData\Roaming\MCorp\1147\udpx, In Quarantäne, [2a3638c8316988aea7f5f009bc478779], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\symsrv.yes, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\snh.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AdcManager.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\CeBase.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\CrashReport.exe, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\dbgkpt.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT.manifest, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\msvcm90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\msvcp90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\msvcr90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\nmlct, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\symsrv.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\wfhxte.dat, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\xadb.exe, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Exe\ADC_qd00000.exe, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\Clean.xf, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\PlugIn.xf, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\DB\as.db, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\DB\cf.db, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\DB\run.db, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\DB\st.db, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCBase_32.sys, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.inf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.sys, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_32.sys, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_64.sys, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_xp_32.sys, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q2.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\ad_gray.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\ad_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\ad_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\ad_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g1.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g10.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g11.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g12.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g2.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g3.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g4.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g5.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g6.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g7.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g8.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g9.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q1.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q10.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q11.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q12.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q3.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q4.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q5.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q6.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q7.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q8.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q9.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r1.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r10.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r11.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r12.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r2.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r3.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r4.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r5.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r6.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r7.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r8.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r9.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\sys_gray.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\sys_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\sys_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\sys_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y1.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y10.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y11.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y12.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y2.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y3.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y4.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y5.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y6.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y7.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y8.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y9.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{08DA4B46-E0EB-4B4D-8C8B-558C967AF6C5}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{22A8D5A3-F368-4C6B-BF4D-3C901EBCF242}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{3F9A707D-2C36-4344-8621-B8E4ADC95C18}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{ADC520A9-B4B3-791E-B149-845C11673CB0}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{CDA529A9-B1B3-793E-B449-845C11673CB5}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{D8EC46AF-529F-4636-963B-C086429C73DA}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{DE37CD8C-DE7B-481F-A676-303ABAFBEE04}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{EDA029A1-B5BA-793E-B649-875C18673CC5}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{F154C596-75A9-4028-90E8-9752BD7CA05B}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{FDA029A2-A5BA-797E-B689-875E18673FC2}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\toasts_waring.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcapp.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcweb.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\block.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\home.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\ie.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\search.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcm90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcp90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcr90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Lang.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Skin.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Lang.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Skin.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\News\Lang.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\News\Skin.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Lang.xf, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Skin.xf, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Lang.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Skin.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.Plumbytes, C:\Users\Tomas\AppData\Local\{698D0BA5-6E4B-44BD-9F9A-AA32F2E98D9A}\ScanLogs.xml, In Quarantäne, [f7699c641e7cd66071a4d526fd06669a], PUP.Optional.MorePowerfulCleaner, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "search.mpc.am");), Ersetzt,[7fe14cb48a1069cd3327e5b329db649c] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.searchengine.hp", "hxxp://www.hohosearch.com/?ts=AHEqAHEoA3MkC0..&v=20160415&uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&mode=ffsengext");), Ersetzt,[f16fe41cbcde3df9b9cfd2c6c04446ba] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (), Schlecht: (hile the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user), Ersetzt,[1e429769d4c69c9a07810f8940c433cd] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (), Schlecht: (nning, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("accessibility.blocka), Ersetzt,[fc64966af4a67bbb0a7e5246c63e54ac] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (), Schlecht: (???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????), Ersetzt,[a3bd857b1882a78f137573252ada629e] PUP.Optional.MorePowerfulCleaner, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "search.mpc.am");), Ersetzt,[c9970af6920863d3b5e1376322e29e62] PUP.Optional.FakeFFProfile, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, In Quarantäne, [ca96c33dc1d9f442881ceaade91be21e], PUP.Optional.FakeFFProfile, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\Invalidprefs.js, In Quarantäne, [ca96c33dc1d9f442881ceaade91be21e], PUP.Optional.FakeFFProfile, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\search-metadata.json, In Quarantäne, [ca96c33dc1d9f442881ceaade91be21e], PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.hohosearch.com/?ts=AHEqAHEoA3MkC0..&v=20160415&uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&mode=ffseng");), Ersetzt,[d58b738d7c1e57df2f593f5952b28f71] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (==\":1,\"6PIcMQQLcHsRW3uKIhoHrA==\":1,\"oxduZokazirpWYSwm7urPA==\":1,\"KPwyh4oHfdicXfyO7wAsNA==\":1,\"iwN372vFWW/PUqZJoMMRww==\":1,\"4SWLHcpLB4MI8D4qxl60wQ==\":1,\"sM), Ersetzt,[66faae5268328fa797f1752341c38d73] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (hile the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user), Ersetzt,[2b35ea1619818ea82b5d9701e71d2dd3] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (nning, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("accessibility.typeah), Ersetzt,[8dd34eb2bae01620147440586d976898] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (ateTime.blocklist-background-update-timer", 1461421551); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1461439181); user_pref("app.upda), Ersetzt,[ff6119e7643680b66d1beaae8b79e61a] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
23.06.2016, 19:38
| #17 |
| | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.Code:
ATTFilter
|
|
23.06.2016, 19:41
| #18 |
| /// TB-Ausbilder   | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. Servus,
__________________wieso postest du die Logdatei von MBAM zweimal? Weiter mit AdwCleaner, JRT und FRST bitte. |
|
23.06.2016, 19:47
| #19 |
| | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 23.06.2016 Suchlaufzeit: 18:51 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.06.23.04 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Tomas Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 428678 Abgelaufene Zeit: 21 Min., 41 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 3 PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, 2108, Löschen bei Neustart, [79e75ea23268de5806dc652ca55c2bd5] PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray.exe, 6096, Löschen bei Neustart, [cc94f907f0aa92a4746eccc588791de3] PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, 4372, Löschen bei Neustart, [ec7404fcbbdf42f439a96c250ff201ff] Module: 36 PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [f36d1fe1801a0b2be8fa7a17e51c3cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [f36d1fe1801a0b2be8fa7a17e51c3cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Löschen bei Neustart, [75ebb64a2e6c38fe9949167bd130b947], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [0c54e719d9c1e74f3ba7a7ea2dd42ed2], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [0c54e719d9c1e74f3ba7a7ea2dd42ed2], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [4a1628d8dfbbe84e10d22f620bf63cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [4a1628d8dfbbe84e10d22f620bf63cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, Löschen bei Neustart, [7fe1b34d9efc0f2735adb6db926f817f], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, Löschen bei Neustart, [253b56aa6436d561875b99f8b54c06fa], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, Löschen bei Neustart, [253b53adb1e97cba657dd1c024dd2dd3], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, Löschen bei Neustart, [92ce37c9376367cf865c731e31d032ce], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, Löschen bei Neustart, [9dc327d9d5c5a294e5fdf29fa8597789], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, Löschen bei Neustart, [94cc04fc465485b121c1375a05fcbf41], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, Löschen bei Neustart, [303007f98416ad8912d0761b33ce27d9], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, Löschen bei Neustart, [590713edcbcfc86ea33f335eca37fa06], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, Löschen bei Neustart, [d789bb4527735fd7479b3f52d42d649c], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, Löschen bei Neustart, [045c8c740694b77ff2f0f69b0bf67e82], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, Löschen bei Neustart, [73ed2fd1b0ea94a20ad87918a16024dc], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], Registrierungsschlüssel: 42 PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCProtectService, In Quarantäne, [79e75ea23268de5806dc652ca55c2bd5], PUP.Optional.LyricsAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DA3D98A6-868D-4E1B-BB78-0887230DA405}, In Quarantäne, [4a16d927b1e9f44250122466b74b857b], PUP.Optional.LyricsAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DA3D98A6-868D-4E1B-BB78-0887230DA405}, In Quarantäne, [4a16d927b1e9f44250122466b74b857b], PUP.Optional.LyricsAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F76206C0-A31C-446B-B3ED-0FC3ADAA80C2}, In Quarantäne, [095752ae0892e551ea2ad6b3c53d32ce], PUP.Optional.LyricsAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F76206C0-A31C-446B-B3ED-0FC3ADAA80C2}, In Quarantäne, [095752ae0892e551ea2ad6b3c53d32ce], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}, In Quarantäne, [c29ee41c31692d096b19256d06fcc23e], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6A9570AF-C8CA-49E2-AE17-BD706CA976DF}, In Quarantäne, [b0b05aa6247684b2f13d3764e71c43bd], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-A59C-752AD39E1A5D}, In Quarantäne, [aeb2768adcbeae88e646debd3cc7619f], PUP.Optional.BrowserDefendert, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0A27C14E-E59A-4321-8DBF-3B382A052363}, Löschen bei Neustart, [92ce30d08317bb7bd2b2efd9729060a0], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{26D827C6-8499-43F6-A65D-BEDDBBC428EA}, Löschen bei Neustart, [0e52f9073e5c0c2ae20932bdd3300ef2], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{49AF581E-ED17-468A-9119-B45BB42B74A3}, Löschen bei Neustart, [3030bd43ecae89ad1ecd8768699a6898], PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{585F9124-F999-4489-A9EC-190C3B30DAD0}, Löschen bei Neustart, [0b5545bb1288f640399d4aa25fa4c23e], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{79E48FB3-5216-4B09-A600-EB31BF4FF9FA}, Löschen bei Neustart, [6ef2a858009a191d7f6c0ae5f50e03fd], PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7F593ED1-DF42-4E49-9AA5-89149CAC42D5}, Löschen bei Neustart, [a7b9f01052489b9b23a2973053afd12f], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C04FA793-8D8A-42A8-8B20-EE3CD6476D90}, Löschen bei Neustart, [6df3718f98026ec831ba35badf24c43c], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C3E4EC74-F2D5-4AE8-BA8D-FBB3EE83B88C}, Löschen bei Neustart, [71ef59a73a602b0ba7449e5122e1c63a], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EA95BFB6-57AA-40E0-B1C3-F2AD46A0CF0B}, Löschen bei Neustart, [e67a659b316993a345a6ae41cf34d22e], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-1, Löschen bei Neustart, [fc6412ee1f7bec4a1916d0cb877ccf31], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-11, Löschen bei Neustart, [481832ce6a3053e3022dc1da13f0f40c], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-2, Löschen bei Neustart, [e9771ee26238e84e6dc27526da298878], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-3, Löschen bei Neustart, [ce925ba5c6d4d165f23d3368d52e50b0], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-4, Löschen bei Neustart, [b5abbd437822d066f33c4c4fe320718f], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83041db3-6530-41d5-86d5-b6e664097760-5, Löschen bei Neustart, [da861de3bcde14221817e5b6ee1554ac], PUP.Optional.BrowserDefender, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BrowserDefendert, Löschen bei Neustart, [aab633cd0b8f979fc42e8411669d6898], PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Digital Sites, Löschen bei Neustart, [65fbc23e3961aa8c1f1ebedebe4507f9], PUP.Optional.VBates, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\FF Watcher {33623A7B-0D3C-4499-9DB8-0F8929B49502}, Löschen bei Neustart, [5a06db255b3f3ff713eb765e0df5a35d], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineCore, Löschen bei Neustart, [e0804fb181192c0a65b94d53b15223dd], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineUA, Löschen bei Neustart, [4d13be42a2f864d22ef160400af9bb45], PUP.Optional.VBates, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2, Löschen bei Neustart, [5010c33d6337e94dfd37e2d4dd26cf31], PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Pwtyfemuk Cache, Löschen bei Neustart, [eb75b24edfbb5dd9b90d77501ee45fa1], PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\MPCDisabled, In Quarantäne, [b0b0d828f9a1bb7b9160707535ce7090], PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, In Quarantäne, [6ef21ee21a80e15562e1d1f79e64936d], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6A9570AF-C8CA-49E2-AE17-BD706CA976DF}, In Quarantäne, [64fc4eb2e2b8a2942d0116856d969b65], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-A59C-752AD39E1A5D}, In Quarantäne, [bba56f91158584b235f7e6b551b2c23e], PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\MPCDisabled, In Quarantäne, [0f51936d564442f409e8c61f06fdcd33], PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC, In Quarantäne, [cc94eb15613967cfaaf0eeff8f743ec2], PUP.Optional.WinZipMalwareProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WinZip Malware Protector, In Quarantäne, [91cf58a8346688ae2f00f7ea32d10af6], PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKPT, In Quarantäne, [5907f40ce4b6f541831804e94fb4847c], PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6A9570AF-C8CA-49E2-AE17-BD706CA976DF}, In Quarantäne, [d48c8779e6b47cba4ace86154cb77c84], PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89E48313-56B1-4DEF-9EF3-14C517E889B4}, In Quarantäne, [045cad537b1f1d191bfcaaf1e41ff50b], PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-A59C-752AD39E1A5D}, In Quarantäne, [3a269c64faa0f83e72a41a81996ac937], PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D1A10E97-35D1-4BFF-98B5-93698F8E9C16}, In Quarantäne, [0957c63af9a1280ead6b4655ab589c64], Registrierungswerte: 24 PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6a9570af-c8ca-49e2-ae17-bd706ca976df}|AppName, Plus-HD-9.1-codedownloader.exe, In Quarantäne, [b0b05aa6247684b2f13d3764e71c43bd] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-a59c-752ad39e1a5d}|AppName, Plus-HD-9.1-bg.exe, In Quarantäne, [aeb2768adcbeae88e646debd3cc7619f] PUP.Optional.BrowserDefendert, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0A27C14E-E59A-4321-8DBF-3B382A052363}|Path, \BrowserDefendert, Löschen bei Neustart, [92ce30d08317bb7bd2b2efd9729060a0] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{26D827C6-8499-43F6-A65D-BEDDBBC428EA}|Path, \83041db3-6530-41d5-86d5-b6e664097760-4, Löschen bei Neustart, [0e52f9073e5c0c2ae20932bdd3300ef2] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{49AF581E-ED17-468A-9119-B45BB42B74A3}|Path, \83041db3-6530-41d5-86d5-b6e664097760-2, Löschen bei Neustart, [3030bd43ecae89ad1ecd8768699a6898] PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{585F9124-F999-4489-A9EC-190C3B30DAD0}|Path, \Digital Sites, Löschen bei Neustart, [0b5545bb1288f640399d4aa25fa4c23e] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{79E48FB3-5216-4B09-A600-EB31BF4FF9FA}|Path, \83041db3-6530-41d5-86d5-b6e664097760-3, Löschen bei Neustart, [6ef2a858009a191d7f6c0ae5f50e03fd] PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7F593ED1-DF42-4E49-9AA5-89149CAC42D5}|Path, \Pwtyfemuk Cache, Löschen bei Neustart, [a7b9f01052489b9b23a2973053afd12f] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C04FA793-8D8A-42A8-8B20-EE3CD6476D90}|Path, \83041db3-6530-41d5-86d5-b6e664097760-1, Löschen bei Neustart, [6df3718f98026ec831ba35badf24c43c] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C3E4EC74-F2D5-4AE8-BA8D-FBB3EE83B88C}|Path, \83041db3-6530-41d5-86d5-b6e664097760-5, Löschen bei Neustart, [71ef59a73a602b0ba7449e5122e1c63a] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EA95BFB6-57AA-40E0-B1C3-F2AD46A0CF0B}|Path, \83041db3-6530-41d5-86d5-b6e664097760-11, Löschen bei Neustart, [e67a659b316993a345a6ae41cf34d22e] PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, hxxp://www.hohosearch.com/?ts=AHEqAHEoA3MkC0..&v=20160415&uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&mode=ffsengext, In Quarantäne, [6ef21ee21a80e15562e1d1f79e64936d] PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, hxxp://www.hohosearch.com/?ts=AHEqAHEoA3MkC0..&v=20160415&uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&mode=ffsengext, In Quarantäne, [88d8b44c4d4d4ceaee558642a9596a96] PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, hxxp://www.hohosearch.com/chrome.php?uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&q={searchTerms}&ts=AHEqAHEoA3MkC0..&v=20160415&mode=ffsengext, In Quarantäne, [a5bb9f61eeac60d68eb5488036ccef11] PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, hxxp://www.hohosearch.com/chrome.php?uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&ts=AHEqAHEoA3MkC0..&v=20160415&mode=ffexttoolbar&q=, In Quarantäne, [dc843bc5edad0f274cf730988f733ac6] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6a9570af-c8ca-49e2-ae17-bd706ca976df}|AppName, Plus-HD-9.1-codedownloader.exe, In Quarantäne, [64fc4eb2e2b8a2942d0116856d969b65] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-a59c-752ad39e1a5d}|AppName, Plus-HD-9.1-bg.exe, In Quarantäne, [bba56f91158584b235f7e6b551b2c23e] PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC|Location, C:\Program Files (x86)\MPC Cleaner, In Quarantäne, [cc94eb15613967cfaaf0eeff8f743ec2] PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKPT|Description, MPC Driver, In Quarantäne, [5907f40ce4b6f541831804e94fb4847c] PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCPROTECTSERVICE|ImagePath, "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe", In Quarantäne, [f46c629e4f4beb4b64114da11be84bb5] PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6a9570af-c8ca-49e2-ae17-bd706ca976df}|AppName, Plus-HD-9.1-codedownloader.exe, In Quarantäne, [d48c8779e6b47cba4ace86154cb77c84] PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89E48313-56B1-4DEF-9EF3-14C517E889B4}|AppName, 83041db3-6530-41d5-86d5-b6e664097760-2.exe-buttonutil.exe, In Quarantäne, [045cad537b1f1d191bfcaaf1e41ff50b] PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96911894-8390-4027-a59c-752ad39e1a5d}|AppName, Plus-HD-9.1-bg.exe, In Quarantäne, [3a269c64faa0f83e72a41a81996ac937] PUP.Optional.CrossRider, HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D1A10E97-35D1-4BFF-98B5-93698F8E9C16}|AppName, 83041db3-6530-41d5-86d5-b6e664097760-2.exe-codedownloader.exe, In Quarantäne, [0957c63af9a1280ead6b4655ab589c64] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 26 PUP.Optional.VBates, C:\Users\Tomas\AppData\LocalLow\Company\Product\1.0, In Quarantäne, [332dc13fbdddbf771358f3cda45f13ed], PUP.Optional.VBates, C:\Users\Tomas\AppData\LocalLow\Company\Product, In Quarantäne, [332dc13fbdddbf771358f3cda45f13ed], PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC, In Quarantäne, [baa6a65a1486fa3c1ece875ede25768a], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\51d9fecea530ca7b7b8869bd346a8219, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\8e47404261cd88c4c5b49fcd58810203, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.MCorp, C:\Users\Tomas\AppData\Roaming\MCorp\1147, In Quarantäne, [2a3638c8316988aea7f5f009bc478779], PUP.Optional.MCorp, C:\Users\Tomas\AppData\Roaming\MCorp, In Quarantäne, [2a3638c8316988aea7f5f009bc478779], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Exe, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\DB, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\News, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Tray, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.Plumbytes, C:\Users\Tomas\AppData\Local\{698D0BA5-6E4B-44BD-9F9A-AA32F2E98D9A}, In Quarantäne, [f7699c641e7cd66071a4d526fd06669a], PUP.Optional.FakeFFProfile, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F, In Quarantäne, [ca96c33dc1d9f442881ceaade91be21e], Dateien: 207 PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [75eb4fb15644db5b60828e03f30ea55b], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, Löschen bei Neustart, [79e75ea23268de5806dc652ca55c2bd5], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [f36d1fe1801a0b2be8fa7a17e51c3cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Löschen bei Neustart, [75ebb64a2e6c38fe9949167bd130b947], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [0c54e719d9c1e74f3ba7a7ea2dd42ed2], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [4a1628d8dfbbe84e10d22f620bf63cc4], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray.exe, Löschen bei Neustart, [cc94f907f0aa92a4746eccc588791de3], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, Löschen bei Neustart, [7fe1b34d9efc0f2735adb6db926f817f], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, Löschen bei Neustart, [253b56aa6436d561875b99f8b54c06fa], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, Löschen bei Neustart, [253b53adb1e97cba657dd1c024dd2dd3], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, Löschen bei Neustart, [92ce37c9376367cf865c731e31d032ce], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, Löschen bei Neustart, [9dc327d9d5c5a294e5fdf29fa8597789], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, Löschen bei Neustart, [94cc04fc465485b121c1375a05fcbf41], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, Löschen bei Neustart, [303007f98416ad8912d0761b33ce27d9], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, Löschen bei Neustart, [590713edcbcfc86ea33f335eca37fa06], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, Löschen bei Neustart, [d789bb4527735fd7479b3f52d42d649c], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, Löschen bei Neustart, [045c8c740694b77ff2f0f69b0bf67e82], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, Löschen bei Neustart, [73ed2fd1b0ea94a20ad87918a16024dc], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, Löschen bei Neustart, [ec7404fcbbdf42f439a96c250ff201ff], PUP.Optional.Wajam, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\cb9aae2e479e1a308dde88f94820b13f.sys, In Quarantäne, [bba539c7b7e3979fd4fb16bbcc35dc24], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Löschen bei Neustart, [0a56758bbddd03338a58bbd68180fb05], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MainFrame.dll, In Quarantäne, [124e60a09efccc6a07db2e63ed1450b0], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPC.exe, In Quarantäne, [d58b42bed2c8e254cc16e3aea75ac63a], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCAutoClean.exe, In Quarantäne, [3828a759e1b9d5616082266bed1458a8], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCNews.exe, In Quarantäne, [9fc11ee2b5e545f105dd9ff2ab56d32d], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSecurity.exe, In Quarantäne, [3e223cc4f3a73105657d4d444eb37d83], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSetting.exe, In Quarantäne, [70f0758b6535d6602ab86c2529d817e9], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi64.dll, Löschen bei Neustart, [7fe18a7661398ea826bc1e73a65b07f9], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SetupFrame.dll, In Quarantäne, [bea2ab553d5d1d1917cb01906a9721df], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Uninstall.exe, In Quarantäne, [f16f11ef772388ae04dea6ebd62b6c94], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstallFrame.dll, In Quarantäne, [91cf70907d1dfd394f93850c49b856aa], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstDelete.exe, In Quarantäne, [c49c09f71981f2441fc3c4cd16eb34cc], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UpdateHost.exe, In Quarantäne, [b8a8e818683248ee3aa88809f011e11f], PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Upgrade.dll, In Quarantäne, [154be020c0da26109052424fbd44eb15], PUP.Optional.PicBadges, C:\Program Files (x86)\PicBadges\PicBadgesGui.exe, In Quarantäne, [87d9f60a8a10c76f4c2449e322dfaa56], PUP.Optional.Plumbytes, C:\Users\Tomas\Downloads\antimalwaresetup.exe, In Quarantäne, [ce92669a1e7c102685be8161659c03fd], PUP.Optional.VBates, C:\Users\Tomas\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt, In Quarantäne, [332dc13fbdddbf771358f3cda45f13ed], PUP.Optional.MorePowerfulCleaner, C:\Users\Public\Desktop\MPC Cleaner.lnk, In Quarantäne, [a2be54ac3763fd3942a94a9b60a34fb1], PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC\MPC Cleaner.lnk, In Quarantäne, [baa6a65a1486fa3c1ece875ede25768a], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\51d9fecea530ca7b7b8869bd346a8219\252bcd16d4ad84e00819308e213bbe41.ico, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\51d9fecea530ca7b7b8869bd346a8219\5094f05368c1ef5c681d0d9bbbe010cb.ico, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\51d9fecea530ca7b7b8869bd346a8219\59099feaaae8862bb332abeaed6d943b.ico, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\51d9fecea530ca7b7b8869bd346a8219\a731e8b1b10d51530ec5e013fe3a8162.ico, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\31cba78ef052919654a1812b431f5464.exe, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\59099feaaae8862bb332abeaed6d943b.ico, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\836b5d521120ef96b6b04d6b34acb976.exe, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\b0a3cd15362edd64105b9adbbd96118f, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\bcbf819e7c8ed56cc6ad85c1aafa97c7.exe, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\cb9aae2e479e1a308dde88f94820b13f.cfg, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\cb9aae2e479e1a308dde88f94820b13f.inf, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\f82907e77df91d76297b0a0819cf16be, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.Wajam.Gen, C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e\8e47404261cd88c4c5b49fcd58810203\heolng.dll, In Quarantäne, [243cf60a09910b2b7b7707e971924cb4], PUP.Optional.ProntSpooler, C:\Users\Tomas\AppData\Local\Apps\2.0\abril.exe, In Quarantäne, [3030b7498d0d2c0a3a72718353b042be], PUP.Optional.ProntSpooler, C:\Users\Tomas\AppData\Local\Apps\2.0\abril.InstallLog, In Quarantäne, [1e42768a514987af6d3f8a6ac14251af], PUP.Optional.ProntSpooler, C:\Users\Tomas\AppData\Local\Apps\2.0\abril.InstallState, In Quarantäne, [2e32ed13b2e870c604a8896b04ffda26], PUP.Optional.ProntSpooler, C:\Users\Tomas\AppData\Local\Apps\2.0\abril.stt, In Quarantäne, [6ff1c7393f5bd264327a8470aa59c739], PUP.Optional.MCorp, C:\Users\Tomas\AppData\Roaming\MCorp\1147\udpx, In Quarantäne, [2a3638c8316988aea7f5f009bc478779], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\symsrv.yes, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\snh.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AdcManager.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\CeBase.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\CrashReport.exe, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\dbgkpt.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT.manifest, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\msvcm90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\msvcp90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\msvcr90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\nmlct, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\symsrv.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\wfhxte.dat, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\xadb.exe, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Exe\ADC_qd00000.exe, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\Clean.xf, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\PlugIn.xf, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\DB\as.db, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\DB\cf.db, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\DB\run.db, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Config\DB\st.db, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCBase_32.sys, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.inf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.sys, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_32.sys, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_64.sys, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_xp_32.sys, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q2.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\ad_gray.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\ad_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\ad_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\ad_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g1.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g10.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g11.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g12.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g2.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g3.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g4.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g5.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g6.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g7.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g8.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\g9.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q1.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q10.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q11.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q12.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q3.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q4.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q5.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q6.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q7.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q8.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\q9.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r1.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r10.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r11.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r12.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r2.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r3.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r4.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r5.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r6.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r7.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r8.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\r9.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\sys_gray.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\sys_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\sys_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\sys_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y1.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y10.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y11.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y12.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y2.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y3.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y4.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y5.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y6.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y7.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y8.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\y9.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{08DA4B46-E0EB-4B4D-8C8B-558C967AF6C5}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{22A8D5A3-F368-4C6B-BF4D-3C901EBCF242}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{3F9A707D-2C36-4344-8621-B8E4ADC95C18}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{ADC520A9-B4B3-791E-B149-845C11673CB0}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{CDA529A9-B1B3-793E-B449-845C11673CB5}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{D8EC46AF-529F-4636-963B-C086429C73DA}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{DE37CD8C-DE7B-481F-A676-303ABAFBEE04}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{EDA029A1-B5BA-793E-B649-875C18673CC5}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{F154C596-75A9-4028-90E8-9752BD7CA05B}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{FDA029A2-A5BA-797E-B689-875E18673FC2}.ico, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\toasts_waring.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcapp.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcweb.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\block.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\home.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\ie.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\search.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_green.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_org.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_red.png, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcm90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcp90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcr90.dll, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Lang.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Skin.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Lang.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Skin.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\News\Lang.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\News\Skin.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Lang.xf, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Skin.xf, Löschen bei Neustart, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Lang.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.MorePowerfulCleaner.BrwsrFlsh, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Skin.xf, In Quarantäne, [0e5250b01486e452ad57fcff2dd6b749], PUP.Optional.Plumbytes, C:\Users\Tomas\AppData\Local\{698D0BA5-6E4B-44BD-9F9A-AA32F2E98D9A}\ScanLogs.xml, In Quarantäne, [f7699c641e7cd66071a4d526fd06669a], PUP.Optional.MorePowerfulCleaner, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "search.mpc.am");), Ersetzt,[7fe14cb48a1069cd3327e5b329db649c] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.searchengine.hp", "hxxp://www.hohosearch.com/?ts=AHEqAHEoA3MkC0..&v=20160415&uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&mode=ffsengext");), Ersetzt,[f16fe41cbcde3df9b9cfd2c6c04446ba] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (), Schlecht: (hile the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user), Ersetzt,[1e429769d4c69c9a07810f8940c433cd] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (), Schlecht: (nning, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("accessibility.blocka), Ersetzt,[fc64966af4a67bbb0a7e5246c63e54ac] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (), Schlecht: (???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????), Ersetzt,[a3bd857b1882a78f137573252ada629e] PUP.Optional.MorePowerfulCleaner, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "search.mpc.am");), Ersetzt,[c9970af6920863d3b5e1376322e29e62] PUP.Optional.FakeFFProfile, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, In Quarantäne, [ca96c33dc1d9f442881ceaade91be21e], PUP.Optional.FakeFFProfile, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\Invalidprefs.js, In Quarantäne, [ca96c33dc1d9f442881ceaade91be21e], PUP.Optional.FakeFFProfile, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\search-metadata.json, In Quarantäne, [ca96c33dc1d9f442881ceaade91be21e], PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.hohosearch.com/?ts=AHEqAHEoA3MkC0..&v=20160415&uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&mode=ffseng");), Ersetzt,[d58b738d7c1e57df2f593f5952b28f71] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (==\":1,\"6PIcMQQLcHsRW3uKIhoHrA==\":1,\"oxduZokazirpWYSwm7urPA==\":1,\"KPwyh4oHfdicXfyO7wAsNA==\":1,\"iwN372vFWW/PUqZJoMMRww==\":1,\"4SWLHcpLB4MI8D4qxl60wQ==\":1,\"sM), Ersetzt,[66faae5268328fa797f1752341c38d73] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (hile the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user), Ersetzt,[2b35ea1619818ea82b5d9701e71d2dd3] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (nning, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("accessibility.typeah), Ersetzt,[8dd34eb2bae01620147440586d976898] PUP.Optional.HohoSearch, C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (ateTime.blocklist-background-update-timer", 1461421551); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1461439181); user_pref("app.upda), Ersetzt,[ff6119e7643680b66d1beaae8b79e61a] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.200 - Bericht erstellt am 23/06/2016 um 19:40:20
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-23.1 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Tomas - TOMAS-HP
# Gestartet von : C:\Users\Tomas\Downloads\adwcleaner_5.200.exe
# Option : Suchlauf
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner gefunden : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
***** [ Dateien ] *****
Datei gefunden : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\invalidprefs.js
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
Geplante Aufgabe gefunden : LaunchApp
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] gefunden : search.mpc.am
[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] gefunden : search.mpc.am
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [31436 Bytes] - [22/06/2016 15:39:56]
C:\AdwCleaner\AdwCleaner[C2].txt - [9276 Bytes] - [23/06/2016 14:20:55]
C:\AdwCleaner\AdwCleaner[R0].txt - [28205 Bytes] - [13/06/2014 21:04:08]
C:\AdwCleaner\AdwCleaner[S0].txt - [24333 Bytes] - [13/06/2014 21:04:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [31912 Bytes] - [22/06/2016 15:35:31]
C:\AdwCleaner\AdwCleaner[S2].txt - [8606 Bytes] - [22/06/2016 18:24:59]
C:\AdwCleaner\AdwCleaner[S3].txt - [8737 Bytes] - [23/06/2016 14:13:55]
C:\AdwCleaner\AdwCleaner[S4].txt - [8810 Bytes] - [23/06/2016 14:18:46]
C:\AdwCleaner\AdwCleaner[S5].txt - [1743 Bytes] - [23/06/2016 19:40:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1816 Bytes] ##########
Code:
ATTFilter # AdwCleaner v5.200 - Bericht erstellt am 23/06/2016 um 19:40:20
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-23.1 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Tomas - TOMAS-HP
# Gestartet von : C:\Users\Tomas\Downloads\adwcleaner_5.200.exe
# Option : Suchlauf
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner gefunden : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
***** [ Dateien ] *****
Datei gefunden : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\invalidprefs.js
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
Geplante Aufgabe gefunden : LaunchApp
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] gefunden : search.mpc.am
[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] gefunden : search.mpc.am
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [31436 Bytes] - [22/06/2016 15:39:56]
C:\AdwCleaner\AdwCleaner[C2].txt - [9276 Bytes] - [23/06/2016 14:20:55]
C:\AdwCleaner\AdwCleaner[R0].txt - [28205 Bytes] - [13/06/2014 21:04:08]
C:\AdwCleaner\AdwCleaner[S0].txt - [24333 Bytes] - [13/06/2014 21:04:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [31912 Bytes] - [22/06/2016 15:35:31]
C:\AdwCleaner\AdwCleaner[S2].txt - [8606 Bytes] - [22/06/2016 18:24:59]
C:\AdwCleaner\AdwCleaner[S3].txt - [8737 Bytes] - [23/06/2016 14:13:55]
C:\AdwCleaner\AdwCleaner[S4].txt - [8810 Bytes] - [23/06/2016 14:18:46]
C:\AdwCleaner\AdwCleaner[S5].txt - [1743 Bytes] - [23/06/2016 19:40:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1816 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64
Ran by Tomas (Administrator) on 23.06.2016 at 20:20:28,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.06.2016 at 20:23:04,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64
Ran by Tomas (Administrator) on 23.06.2016 at 20:20:28,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.06.2016 at 20:23:04,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
23.06.2016, 19:48
| #20 |
| | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Tomas (2016-06-23 20:29:43)
Gestartet von C:\Users\Tomas\Downloads
Windows 10 Home Version 1511 (X64) (2016-05-14 21:13:29)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2924648203-2002222509-804629142-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2924648203-2002222509-804629142-503 - Limited - Disabled)
Gast (S-1-5-21-2924648203-2002222509-804629142-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2924648203-2002222509-804629142-1002 - Limited - Enabled)
Tomas (S-1-5-21-2924648203-2002222509-804629142-1001 - Administrator - Enabled) => C:\Users\Tomas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Spybot - Search and Destroy (Disabled - Up to date) {1A0DDE8C-B4BA-EFDD-22A8-0F557C7985F0}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Alpha Protocol (HKLM-x32\...\{D37FE0E3-B1A9-4E41-AB5D-DA62E04D2C42}) (Version: 1.00.0000 - SEGA Corporation)
Amazon Kindle (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Amazon Kindle) (Version: - Amazon)
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anno 1701 - Der Fluch des Drachen (HKLM-x32\...\{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}) (Version: 2.03 - Sunflowers)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crossfire 1.9 (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Crossfire 1.9) (Version: 1.90.00.00 - SWAT-Portal)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deus Ex: The Fall (HKLM-x32\...\Steam App 258180) (Version: - Square Enix)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version: - Obsidian Entertainment)
Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.0.0.10960 - Landesfinanzdirektion Thüringen)
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.18 - NCH Software)
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
Facebook Games Arcade 0.6.0.1 (HKLM-x32\...\{F31484D6-A5E7-401E-B571-8B035E27AB56}) (Version: 0.6.0.1 - Facebook)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät (HKLM\...\{48DF59F8-2ACD-4F1F-87F3-D820FE7A6178}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.4.18.7 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 3.2.0 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 8.2 - EasyBits Software AS)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SiSoftware Sandra Lite 2014.SP3e (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 20.50.2014.10 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
SMSC LAN7500 Device Driver (HKLM\...\{0F646F15-F7F6-448C-BF1C-FAB816D4AEB1}) (Version: 1.2.0.0 - SMSC)
SpellForce 2 - Faith in Destiny (HKLM-x32\...\Steam App 65530) (Version: - Mind Over Matter Studios)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Star Wars(tm) Knights of the Old Republic(tm) II: The Sith Lords(tm) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3070 B611 series Produkten (HKLM\...\{CAD7B6DD-9C82-4D17-BAE8-3E9AE4971B90}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Tom Clancy's Rainbow Six 3: Athena Sword (HKLM-x32\...\Steam App 19840) (Version: - Ubisoft)
Tom Clancy's Rainbow Six 3: Gold Edition (HKLM-x32\...\Steam App 19830) (Version: - Red Storm Entertainment)
Tom Clancy's Rainbow Six: Lockdown (HKLM-x32\...\Steam App 15000) (Version: - Red Storm Entertainment)
Tom Clancy's Rainbow Six: Vegas (HKLM-x32\...\Steam App 13540) (Version: - Ubisoft Montreal)
Tom Clancy's Rainbow Six: Vegas 2 (HKLM-x32\...\Steam App 15120) (Version: - Ubisoft Montreal)
Two Worlds II (HKLM-x32\...\Steam App 7520) (Version: - Reality Pump Studios)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.3.2.0 - Reality Pump)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Venetica (HKLM-x32\...\Venetica_is1) (Version: - dtp)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.31 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WISO Vermieter (HKLM-x32\...\WISO Vermieter) (Version: - Buhl Data Service GmbH)
WISO Vermieter (x32 Version: 4.00.0000 - Buhl Data Service GmbH) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zombie Army Trilogy (HKLM\...\Steam App 301640) (Version: - Rebellion)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {015B764E-5136-476A-8F87-E213A96E883B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {043FA639-3230-4EE0-9CE2-6E1D96F2A286} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {074B6866-9535-4836-8B7C-B8DFDAE57FA2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {07776147-8691-463C-B435-92D2BEB7E872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {0EC14F9F-BE55-4CFF-B762-316E6CEBD782} - System32\Tasks\{AB9E92A4-9344-45A0-A4D5-B72E4938858B} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {19F2EBFF-6628-4197-A076-5BD3287107E9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {1D888F88-4ED9-4B8C-B7AA-A41342992511} - System32\Tasks\{6A425AC8-5D22-4853-93BB-13822683B9F2} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {1DC1CCB9-5375-4B5D-BEA4-552AD4124021} - System32\Tasks\HPCeeScheduleForTOMAS-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {2648CAA3-2936-41F8-8DB9-D7431A887171} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {36BDF27F-4931-416F-A382-055ABB6F6C9D} - System32\Tasks\{6D102FA2-4A2E-4DC2-814D-7FC7F8778D33} => pcalua.exe -a E:\launcher.exe -d E:\
Task: {3BC7D25B-5FE8-4282-BE86-9B7B8DF7ACED} - System32\Tasks\{FE7E28D6-4641-4E00-B13B-9F2749A4ABB8} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {4039B1C6-6B0E-43D3-98D9-EC13E662136F} - System32\Tasks\{11ED1B38-420D-4E94-84C1-6F3B4185F78B} => C:\Users\Tomas\Desktop\Simcity 2000 (2)\Simcity 2000\SC2000.EXE
Task: {448270B0-5154-498D-B24D-AE71E7DB5927} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {47495CB1-90A6-4F5E-9B59-7CEA95DF5E39} - System32\Tasks\{F8B5979A-1B28-4844-B885-D7673855CC71} => pcalua.exe -a "C:\Program Files (x86)\Plus-HD-9.1\Uninstall.exe" -c /fcp=1
Task: {4C87DCF1-75A5-4A32-96AD-2D6352BF757B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {50D38761-4B0C-4CA2-B442-D7ACA5178106} - System32\Tasks\{23FCA87D-2232-4A50-ACC8-26501ECEA08D} => pcalua.exe -a E:\setup.exe -d E:\
Task: {5228B819-0A60-478B-B146-793795A54A85} - \FF Watcher {33623A7B-0D3C-4499-9DB8-0F8929B49502} -> Keine Datei <==== ACHTUNG
Task: {55FDF64B-3C5A-49F4-9EC4-597B575CA285} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {5B054539-F896-4349-8680-9AD87C217855} - System32\Tasks\HPCeeScheduleForTomas => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {5FFF9050-DFE2-4DF5-BC04-9AD8161DE825} - System32\Tasks\Google Updater and Installer => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {60C6872D-D8C5-4B88-8980-45D08F81447E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {623B5983-DF32-4F30-9D46-C6B9DC565EDB} - System32\Tasks\{1F88F87F-59B4-4461-A9E1-1564A2B8AF3A} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/203750
Task: {64F932D1-B6F2-41E0-9C5C-C3FCE821F644} - System32\Tasks\{B189FDA8-FD07-40E4-B63E-F34993074BD3} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {66373DB8-4A8D-49A8-88A9-7AC45A9257AE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {685CDC09-3548-4954-8F39-7750EC8605FF} - \Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 -> Keine Datei <==== ACHTUNG
Task: {6D922CB3-386D-44ED-AF78-D0FABC2C64AA} - \globalUpdateUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {6E5B304E-12BC-46EF-AA2D-587AF5746DDC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {7DC60A66-FEFA-45F1-B37C-96DEAC5E33EF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {7E4454CE-1F54-425A-9AD1-56D68600E626} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {8077FE7E-1BBD-4C75-9F66-CA17637ACD4F} - System32\Tasks\{5F44405C-4518-442E-BE7A-4717FF655443} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {80C3446E-A855-4A45-8843-7F807577AF4A} - \LaunchApp -> Keine Datei <==== ACHTUNG
Task: {81E5D8B7-FD56-4812-B3EA-0154B9B76F95} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {82945558-549F-4466-8CE7-AEC7C78A4429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {836816D2-5E8E-4204-8A0B-783FED231681} - System32\Tasks\{D68979DF-ACBB-4CEB-BB52-49121E0EE6FE} => pcalua.exe -a E:\demo32.exe -d E:\
Task: {837C3237-9508-4DB5-A012-098E91C0228E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {8EE75E20-09C6-4241-AA8E-90407BAA4A8E} - \globalUpdateUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
Task: {92341218-CB13-418D-A3ED-8C032B692686} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {931A7F3A-87EA-4784-9CA3-829508FC1DD0} - System32\Tasks\{43D05B11-7642-477D-88F7-9FC81EBD085F} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {947E8B85-6B88-414C-9F36-A0B52F2A92BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {97D57FBC-B035-440C-88E7-9E676CD64057} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {98771609-FE6E-4395-ABDE-646A70DA8FF9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {995DAC08-14F8-4AEA-9E7C-E650A14B20D1} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {9EE88514-786B-4C6B-B761-AD00A3815399} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {A08D7A04-51DC-48F1-BC25-3A4BA794242A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A0CCCDAD-5986-47CC-B123-05664BAE5E92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A13A7458-83D7-4361-A0B5-4DC7F109A993} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {A2D69FEC-BB6C-4569-8481-C5F7EE81F2E1} - System32\Tasks\{DAB547CB-8B06-42D5-9B76-EB98741270D2} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {A326FCAB-2038-4FB9-8D1E-02EBA937CB45} - System32\Tasks\{920C9929-92D7-448D-868C-0B8AB880DE2E} => pcalua.exe -a "C:\Users\Tomas\Downloads\2012-2_Flex-Neo-44 (2).exe" -d C:\Users\Tomas\Desktop
Task: {AAEF11FD-C50D-4CB7-8A51-37F0C839BAC0} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {ABE81196-0AAC-419A-993A-CA0F9FA7E738} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B0783751-AFAE-4BFF-B02A-3C74BBADC98E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {BB891099-3F04-45DA-8DFA-066AB33B0F7D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {C08595E8-34D9-4560-BC9C-F8A5842C5411} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {C24F2A9B-D53F-476D-9FA6-3F1A9FAC2223} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C6429797-F491-4F5C-BD36-6AC08CF60D18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {C72FB687-FCDC-4A14-8297-42EA47D82DF9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DB27CABE-D07C-443D-B627-CD6B113E76AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {DDE8F577-7F7E-451F-BAC0-0BD924EC25CD} - System32\Tasks\{4EE4C141-7087-4003-891A-77226BE5F133} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
Task: {DFC1C1FF-7B49-408F-A8FA-1DDB498A32CF} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E4BA5D5E-0152-4B79-A57B-178F490CD608} - System32\Tasks\SafeZone scheduled Autoupdate 1461445001 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {E5BEEF19-6A21-4360-80FC-AC88B769AE8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {E83B962E-9EAC-41E1-905D-0315BDE4E230} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-09] (AVAST Software)
Task: {EDDE585F-6556-4451-B797-A427B3314F42} - System32\Tasks\{137F0F0B-9CAC-4B90-BD84-3AC07862630C} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {EF928D9F-F645-4BC7-8B5B-95BF88337607} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {F445CF6C-69E2-455D-8C04-D24EF3EC1628} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {FD159878-3EDA-45B4-A402-1C38542C5B04} - System32\Tasks\{3AAC1151-7BFD-4D4F-9A36-AFD5BD7B702B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}\setup.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Oblivion" -c /M{35CB6715-41F8-4F99-8881-6FC75BF054B0}
Task: {FEE156CD-4156-4C22-AB6E-249DD66648B9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTomas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-08 21:34 - 2015-11-15 21:52 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-10-08 21:34 - 2015-11-15 21:52 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-01-07 19:26 - 2015-12-16 19:34 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-14 22:44 - 2016-05-14 22:44 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-14 22:44 - 2016-05-14 22:44 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-21 09:29 - 2016-05-21 09:29 - 00959168 _____ () C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-15 09:27 - 2016-05-15 09:27 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-14 22:44 - 2016-05-14 22:44 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-14 19:25 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 19:25 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 19:25 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 19:25 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-23 16:46 - 2016-06-23 16:46 - 02948608 _____ () C:\Program Files\AVAST Software\Avast\defs\16062302\algo.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-23 19:30 - 2016-06-23 19:30 - 02948608 _____ () C:\Program Files\AVAST Software\Avast\defs\16062303\algo.dll
2016-05-15 09:03 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-05-15 09:03 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-05-15 09:03 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-05-15 09:27 - 2016-05-15 09:27 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-15 09:27 - 2016-05-15 09:27 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-23 22:51 - 2016-04-23 22:51 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\localhost -> localhost
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-06-19 16:31 - 00001036 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{BC72B0B2-008D-4ACC-BADC-4724F01C2177}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{8E7EDB47-1942-48E7-A875-1384B89336A5}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{486BBF95-9C53-4541-8F37-1A09675972DA}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{FF228F36-C5B7-4E04-8971-CEC821877B5C}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\DeviceSetup.exe
FirewallRules: [{3C66EC13-9713-42A7-832C-FCBF4605893A}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5482\hppiw.exe
FirewallRules: [{2DDBCEB5-6BDB-42CF-8BE9-0A1A854B6DF0}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5482\hppiw.exe
FirewallRules: [{F778022F-9FFD-44B3-B1C8-13C1C72EF195}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{BC353BF2-CBD3-4180-9B76-0C04D474DBEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{FE47BC15-2274-40F9-B4BA-1DEF39DC8F2D}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS2D7F\hppiw.exe
FirewallRules: [{1ED94C8A-B647-491E-A9C0-5E6F57AF1855}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS2D7F\hppiw.exe
FirewallRules: [{DDFDEDE6-26E2-4115-A926-70AE05B9B03D}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5801\hppiw.exe
FirewallRules: [{0A5DF2AE-6FF3-45A4-BA44-21CDD994BE44}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5801\hppiw.exe
FirewallRules: [{8B39FE93-7A55-4503-9513-6C65B06B4540}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5723\hppiw.exe
FirewallRules: [{EC08A9F5-2039-4564-85C7-BCFB70898064}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5723\hppiw.exe
FirewallRules: [{3E48CB04-668E-40AF-B25A-406676B6184D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{CDF75322-BED5-4400-ACCB-6BD8AA925C01}] => (Allow) LPort=3074
FirewallRules: [{74BDA901-9661-4F28-ACEE-7F32D5E35EF6}] => (Allow) LPort=3074
FirewallRules: [{C082EC7D-1265-4287-8441-769C6DD74E94}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{2C262B5B-C5A5-4F18-A796-A6F22BF5946F}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{886C4E83-5266-4704-BB8D-8323DB998389}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D3231A09-4030-4E4D-BCCA-96F14838B72F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3CC0B9D7-3BE1-4963-916F-F3AE0D6B4A64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{504A9536-2F6C-4049-9EF1-0B8AADDD56A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FFDEE91D-847F-422F-9D1C-D702C3C6FE7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61D7C4EB-C820-4163-A4FF-6CC64A757732}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A13A7EFF-E296-4E4F-B517-0FB953860368}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7458260C-9F66-4BF7-B5AD-BFB8E2A56530}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5EEFABE4-C717-4602-8C44-CC76B82F7711}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{40A77B7F-E735-4567-AB92-4B9BFBFD8D60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4D178AA9-1370-4706-B316-63C3807841D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5478CC0C-C4AF-44DB-93C9-9C8E93D1DF46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D2838B64-74A4-436C-B656-D669493F89CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{45761442-A197-477A-BCA5-F002C0A32AD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{44F8300D-DB9F-4C8B-AAF8-DF93293CF90A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{59EDCEAC-116F-4F3E-A197-B14905A46FB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{AC58D492-6A5A-4987-876C-78F21E5C16C4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2948F798-4BA0-406B-989B-25908874862B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7D0E2B03-6C32-4596-B323-0265E4011EB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4DF7E6E3-AA53-4AF5-B290-C16CD848D187}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{690DFD43-9F3D-43E0-9BC3-1DCCE1F45364}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas\Binaries\runme.exe
FirewallRules: [{452DBAE1-A10D-4D14-AC4D-6128E83521B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas\Binaries\runme.exe
FirewallRules: [{0B472C3D-3229-4BAD-A2D8-21A201F46A87}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{4A3E0DBB-ABFD-4F81-B9E6-B4E4C215E8CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{C1C72568-98CB-4F29-9BD7-1C73B10424B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Lockdown\lockdown.exe
FirewallRules: [{7D19C097-0CF4-4C3A-9C92-677DBA51DA1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Lockdown\lockdown.exe
FirewallRules: [{ED79CA32-0015-41ED-BF4E-FA75E79B5122}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six 3 Gold\system\RavenShield.exe
FirewallRules: [{B7BE17F4-763C-4BE8-8865-BA8783EB9E27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six 3 Gold\system\RavenShield.exe
FirewallRules: [{3A64016C-6F3D-4D75-B7B7-7ED8A559014C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39E473AF-8424-48FA-B2FE-4821BCDDA898}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6C4ACAC7-9580-4F20-A867-97FC8F0E8456}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{37B34069-0690-4A4C-9253-62A3CAEA2035}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{ACD5A8A5-8083-4E7D-8995-E124F129AE22}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5345C5A6-EBAF-423B-915B-61FB20FE6E79}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{48E3F0D8-1F82-4DFF-87EC-E94D042446FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{B6D91525-33EF-4E47-B5B0-6A175FDFE9BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{78266EAE-899C-4A4D-A1EC-CBD9E1E43956}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{F66D0B47-CB90-426B-B22C-06CFD3C8C8F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{BB0A8B0B-1893-409B-9E5C-CFC6CDABE4A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B44D2430-1965-4C0C-B148-599328CCBFDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{CAF95CB1-DBCA-491E-8A97-CF7A63B9D2B6}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{024E554E-8371-44DC-88DE-2550012CB6B5}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F5541F92-752B-4A10-A4D0-8339B5291747}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe
FirewallRules: [{BDB16204-A7DE-4A2F-A891-4903CA7107AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E7A1F02A-9436-4EC9-8103-F2BD2C6D8F44}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{765B0CBF-155E-45AE-BA56-5C80E2F46747}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [TCP Query User{2AA69840-EA09-4655-8057-EBB3F78C7DBB}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{C6CCFC75-853C-47E4-8A39-CD3F6D43FA74}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{B7414F31-6BE6-4DAA-B031-2E5789DA37E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{3793790D-E44F-46DE-8262-A4FF851BC947}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{4AEFB139-C303-4C49-A2A1-48F45924AFB6}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{77BA5C03-63C2-4FDC-B82E-FD248AB541C1}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{66F7D118-A2AA-434B-ABC8-A61E8067AC6B}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{CA084FBA-2E58-4FA3-B998-EA2769858ACD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{A71695B1-B31A-47C3-B323-22B0DBD31058}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{BB1EFC01-39D4-40C3-98C4-7431C9526984}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{2E7BFEF4-5164-45F7-B63C-5F9AF60B07D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{7F3A9522-B474-40CE-878E-60991D4A9168}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{11B5E6FA-12CB-4071-9203-3CA7F096E52F}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{E3BDEDAE-93B3-45EC-9699-9B172262F45A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A9F42220-CF62-4162-8EAB-4987DD6A599C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4940015B-4DD2-4D71-B33B-7762CC8A5C61}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{E0CD193B-268F-4B60-8E2B-DB7ED50B64F9}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{DBB541BD-E078-4DB7-8C18-75023FD0D634}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{084D4899-F745-4D31-AB78-50400BB964C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{088A97C5-A737-4F86-92DD-0C7175913B44}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{A3C6876D-FEC7-4853-B96D-36584D4450FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{B89018B0-FD68-486E-B59A-56FFEEC19AEC}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{6BEE8CBA-1EBB-452A-BE83-E5ECB7FB9202}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{1F210A28-7AFB-4BC4-9E87-EA1E331EB606}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithInDestiny.exe
FirewallRules: [{7E0E6576-8008-4B47-8C67-DB410CBD83DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithInDestiny.exe
FirewallRules: [{7EBAEC30-6320-4FA7-A5A1-A3AFF238BB7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\MapEditorFirstSteps.pdf
FirewallRules: [{14B8A8B5-2E0F-4553-91AC-A7D60E95FCD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\MapEditorFirstSteps.pdf
FirewallRules: [{C0BB5ED7-AC4A-4DFB-8DF1-96BF468EF67E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\SF2_FiD_Manual.pdf
FirewallRules: [{A26AF132-4589-4374-B96E-8DD9A22239EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\SF2_FiD_Manual.pdf
FirewallRules: [{E284E498-0E1D-44EF-80B8-24ABA76FC47F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithinDestinyEditor.exe
FirewallRules: [{0ABAB3FF-C609-4D59-BFD1-57CBDBD59EF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithinDestinyEditor.exe
FirewallRules: [{F7C2905F-C675-44A9-A119-D772AEAAA425}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D8D141F9-E04F-4367-8738-97AED5DA2032}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C2F4072B-72D7-4149-9354-D23062AD0060}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B1942367-F127-4CA4-B935-80DABB3057F4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{277B75FC-E6B4-4904-9505-5B0B2D07D14C}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{F6DA87B7-FBC6-4759-BE5B-F12728280F8D}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{8EE08553-A5FB-4CD3-AFD5-FADFAA9A4D10}] => (Allow) C:\Program Files (x86)\SEGA\Alpha Protocol\Binaries\APGame.exe
FirewallRules: [{C9A79531-EA58-4374-ABC5-3F68D804FEBF}] => (Allow) C:\Program Files (x86)\SEGA\Alpha Protocol\Binaries\APGame.exe
FirewallRules: [{5181CCC8-DA6F-4712-933C-BCD4D3E9FB5C}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{00B6FED3-59F6-4292-AA8B-609F2A5700B5}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{A6FA8FDB-D992-4A46-B3E1-06F50F433D41}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{D418144B-5124-4608-BDE6-13ECCAA997D4}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{8FBF5B78-356C-4A18-968A-63CA004207E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{0BE4E037-77B4-4966-8975-18E3C6F0304B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{43269863-3231-4C64-9921-3A5672E6B17D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{8E51BB4A-CB63-4642-9DE2-EAD26B94859F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{7D3CFC1A-7182-40A4-8FFA-CBB85C3F56C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B7B8D4F2-CE46-4780-B75A-DC0B3EF2E169}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2F9B65C7-ED06-4A42-B6DD-3D1CADAA9233}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{EE9FD726-1077-4EBB-98DE-730F7A7B7A7A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{841F574E-8B1B-41EA-A8A1-E17A017F666F}] => (Allow) LPort=1900
FirewallRules: [{1F7D10EA-AC30-4F79-BA27-6E4B0DDB68E4}] => (Allow) LPort=2869
FirewallRules: [{442EBAD6-8886-486F-804B-88709C1174F7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F4B1AA47-1FCD-4DAE-8782-C1C8CED97BEB}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{97C35FCC-9DF3-4EA3-AEC3-3490B7C115E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{540E9FBD-CBEF-4CD4-8CCE-42B479CBE565}] => (Allow) C:\Program Files\iTunes\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
13-06-2016 18:05:31 Geplanter Prüfpunkt
17-06-2016 15:33:07 Windows Update
18-06-2016 22:13:29 ASU_MSI_TRAN
22-06-2016 12:16:53 ASU_MSI_TRAN
23-06-2016 16:42:32 Malwarebytes Anti-Rootkit Restore Point
23-06-2016 20:14:10 JRT Pre-Junkware Removal
23-06-2016 20:16:42 JRT Pre-Junkware Removal
23-06-2016 20:20:28 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/23/2016 08:20:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/23/2016 08:16:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/23/2016 08:14:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/23/2016 04:42:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/22/2016 05:15:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RuntimeBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7e0
Name des fehlerhaften Moduls: Windows.Internal.Shell.Broker.dll, Version: 10.0.10586.420, Zeitstempel: 0x57491a6f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003baba
ID des fehlerhaften Prozesses: 0x99c
Startzeit der fehlerhaften Anwendung: 0xRuntimeBroker.exe0
Pfad der fehlerhaften Anwendung: RuntimeBroker.exe1
Pfad des fehlerhaften Moduls: RuntimeBroker.exe2
Berichtskennung: RuntimeBroker.exe3
Vollständiger Name des fehlerhaften Pakets: RuntimeBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RuntimeBroker.exe5
Error: (06/22/2016 04:30:43 PM) (Source: MsiInstaller) (EventID: 1002) (User: Tomas-HP)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".
Error: (06/22/2016 04:30:05 PM) (Source: HP Active Health) (EventID: 401) (User: )
Description: SmartDrive executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]
Error: (06/22/2016 04:29:56 PM) (Source: HP Active Health) (EventID: 1100) (User: )
Description: Agent DiskPhysical threw an exception: System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei HP.ActiveHealth.Agents.DiskPhysical.DiskPhysicalAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
bei HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
Error: (06/22/2016 04:29:54 PM) (Source: HP Active Health) (EventID: 1101) (User: )
Description: DiskPhysical executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]
Error: (06/22/2016 04:18:23 PM) (Source: HP Active Health) (EventID: 401) (User: )
Description: SmartDrive executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]
Systemfehler:
=============
Error: (06/23/2016 07:33:19 PM) (Source: DCOM) (EventID: 10016) (User: Tomas-HP)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Tomas-HPTomasS-1-5-21-2924648203-2002222509-804629142-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (06/23/2016 07:33:19 PM) (Source: DCOM) (EventID: 10016) (User: Tomas-HP)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Tomas-HPTomasS-1-5-21-2924648203-2002222509-804629142-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (06/23/2016 07:29:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetPipeActivator" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/23/2016 07:29:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.
Error: (06/23/2016 07:29:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/23/2016 07:29:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.
Error: (06/23/2016 07:29:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SDScannerService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/23/2016 07:29:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SDScannerService erreicht.
Error: (06/23/2016 07:29:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/23/2016 07:29:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.
CodeIntegrity:
===================================
Date: 2016-06-23 16:43:12.673
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 16:25:02.539
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 16:25:02.532
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-23 16:25:02.525
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-23 15:32:03.240
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 14:33:55.110
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 14:31:05.771
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 14:25:56.821
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 14:23:13.809
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-22 22:51:51.368
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 6124.83 MB
Verfügbarer physikalischer RAM: 4182.58 MB
Summe virtueller Speicher: 6508.83 MB
Verfügbarer virtueller Speicher: 4480.04 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:917.96 GB) (Free:604 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.01 GB) (Free:1.54 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB976AF0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
23.06.2016, 20:04
| #21 |
| | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01 durchgeführt von Tomas (Administrator) auf TOMAS-HP (23-06-2016 20:29:05) Gestartet von C:\Users\Tomas\Downloads Geladene Profile: Tomas & DefaultAppPool (Verfügbare Profile: Tomas & DefaultAppPool) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Opera) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (McAfee, Inc.) C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Windows\SysWOW64\PnkBstrB.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries) ShellExecuteHooks: - {E54729E8-643D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook64.dll [773192 2013-12-25] () ShellExecuteHooks-x32: - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook32.dll [484936 2013-12-25] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-09] (AVAST Software) BootExecute: autocheck autochk * sdnclean64.exebddel.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.192.1 Tcpip\..\Interfaces\{30abc813-0b6f-41ab-b7c0-c838f2f7156b}: [DhcpNameServer] 192.168.192.1 Tcpip\..\Interfaces\{c88d17ef-686f-4942-b383-4d8b5ce72c67}: [NameServer] 77.234.40.79 ManualProxies: Internet Explorer: ================== HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE10DEDE/MSE_WCP HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000 HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000 SearchScopes: HKLM -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox SearchScopes: HKLM -> {0EE6A110-BA3A-44A5-B8A3-CB03C6956FA4} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> DefaultScope {C6E811D7-0F9E-448D-B384-B99F7F30B0CF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> {C6E811D7-0F9E-448D-B384-B99F7F30B0CF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 BHO: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-23] (AVAST Software) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-06] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-23] (AVAST Software) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-11-19] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-06] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.) Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default FF NewTab: about:newtab FF DefaultSearchEngine: Avast Search FF SelectedSearchEngine: Avast Search FF Homepage: hxxps://search.avast.com/AV772/ FF DefaultSearchUrl: hxxps://search.avast.com/AV772/search/web?q={searchTerms} FF SearchEngineOrder.1: Avast Search FF Keyword.URL: hxxps://search.avast.com/AV772/search/web?q={searchTerms} FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-19] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-19] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-06] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-03-22] (RocketLife, LLP) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Tomas\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP) FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tomas\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @talk.google.com/O1DPlugin -> C:\Users\Tomas\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tomas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-01] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-04-26] () FF Plugin ProgramFiles/Appdata: C:\Users\Tomas\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Tomas\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF SearchPlugin: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\searchplugins\google-lavasoft.xml [2016-04-17] FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2016-06-22] [ist nicht signiert] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-09] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-09] FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\extensions\cliqz@cliqz.com => nicht gefunden Chrome: ======= CHR HomePage: Default -> search.mpc.am CHR StartupUrls: Default -> "search.mpc.am" CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-15] CHR Extension: (Google Docs) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-15] CHR Extension: (Google Drive) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-15] CHR Extension: (YouTube) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-15] CHR Extension: (Avast Passwords) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2016-05-15] CHR Extension: (Google Sheets) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-15] CHR Extension: (Google Docs Offline) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-15] CHR Extension: (Chrome Web Store Payments) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-15] CHR Extension: (Gmail) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-15] CHR HKLM-x32\...\Chrome\Extension: [emhginjpijfggbofeediiojmdlmlkoik] - C:\Program Files\AVAST Software\Avast\pam\Chrome\pam.crx [2016-05-09] CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03] CHR HKLM-x32\...\Chrome\Extension: [kioiabaigfcehjmemdmnnmjegnjjckai] - C:\Users\Tomas\AppData\Local\PicBadges\Chrome\PicBadges.crx [2012-09-20] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-09] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-05-09] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Datei ist nicht signiert] S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries) S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation) S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company) R2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [153352 2016-04-05] (McAfee, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-03-29] (Electronic Arts) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-11-15] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-11-15] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-08-01] (Realtek Semiconductor) S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe [73200 2014-10-06] (SiSoftware) [Datei ist nicht signiert] S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-09] (AVAST Software) S3 aswNetNd6; C:\Windows\system32\DRIVERS\aswNetNd6.sys [28312 2016-04-23] (AVAST Software) R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [536312 2016-05-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-09] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-09] (AVAST Software) S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-04-23] (The OpenVPN Project) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-09] (AVAST Software) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-11-03] () S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows (R) Codename Longhorn DDK provider) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-03] (GFI Software) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-01-10] () S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-23] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-12-16] (NVIDIA Corporation) S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-09-15] () R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896752 2015-08-07] (Realtek ) S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys [23112 2009-08-08] (SiSoftware) R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [65576 2015-06-16] (Safer-Networking Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; kein ImagePath U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-23 20:23 - 2016-06-23 20:23 - 00000547 _____ C:\Users\Tomas\Desktop\JRT.txt 2016-06-23 20:13 - 2016-06-23 20:13 - 01610816 _____ (Malwarebytes) C:\Users\Tomas\Downloads\JRT.exe 2016-06-23 20:11 - 2016-06-23 20:11 - 00001898 _____ C:\Users\Tomas\Desktop\AdwCleaner[S5].txt 2016-06-23 19:35 - 2016-06-23 19:35 - 00058028 _____ C:\Users\Tomas\Desktop\mbam.txt 2016-06-23 19:34 - 2016-06-23 19:34 - 00017595 _____ C:\Users\Tomas\Desktop\mbam1.txt 2016-06-23 18:49 - 2016-06-23 19:41 - 00001167 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-06-23 18:49 - 2016-06-23 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-06-23 18:49 - 2016-06-23 18:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-06-23 18:49 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-06-23 18:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-06-23 18:47 - 2016-06-23 18:48 - 22851472 _____ (Malwarebytes ) C:\Users\Tomas\Downloads\mbam-setup-2.2.1.1043.exe 2016-06-23 15:34 - 2016-06-23 20:24 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-06-23 15:34 - 2016-06-23 19:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-06-23 15:32 - 2016-06-23 17:39 - 00000000 ____D C:\Users\Tomas\Desktop\mbar 2016-06-23 15:32 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-06-23 15:31 - 2016-06-23 15:31 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Tomas\Downloads\mbar-1.09.3.1001.exe 2016-06-23 14:32 - 2016-06-23 15:14 - 00269828 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_14.32.45_log.txt 2016-06-23 14:31 - 2016-06-23 14:31 - 00154392 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_14.31.12_log.txt 2016-06-23 14:05 - 2016-06-23 14:05 - 00000000 ____D C:\TDSKILLER_23.06.16_14Uhr06 2016-06-23 14:00 - 2016-06-23 14:09 - 00270142 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_14.00.06_log.txt 2016-06-23 13:58 - 2016-06-23 13:59 - 00270570 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_13.58.59_log.txt 2016-06-23 13:52 - 2016-06-23 13:54 - 00004486 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_13.52.45_log.txt 2016-06-23 13:52 - 2016-06-23 13:52 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Tomas\Downloads\tdsskiller.exe 2016-06-22 17:24 - 2016-06-23 19:40 - 00001339 _____ C:\Users\Tomas\Desktop\Revo Uninstaller.lnk 2016-06-22 17:24 - 2016-06-22 17:24 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2016-06-22 17:23 - 2016-06-22 17:23 - 01473544 _____ C:\Users\Tomas\Downloads\Windows Installer Cleanup Alternative - CHIP-Installer.exe 2016-06-22 17:22 - 2016-06-22 17:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tomas\Downloads\revosetup95.exe 2016-06-22 16:32 - 2016-06-22 16:33 - 139692312 _____ (Microsoft Corporation) C:\Users\Tomas\Downloads\msert.exe 2016-06-22 16:14 - 2016-06-22 16:14 - 50716384 _____ (Microsoft Corporation) C:\Users\Tomas\Downloads\Windows-KB890830-x64-V5.37.exe 2016-06-22 15:34 - 2016-06-22 15:35 - 03703360 _____ C:\Users\Tomas\Downloads\adwcleaner_5.200.exe 2016-06-22 15:09 - 2016-06-22 15:11 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\Tomas\Downloads\SpyHunter-Installer (1).exe 2016-06-22 13:43 - 2016-06-22 15:10 - 00000000 ____D C:\Program Files\Plumbytes Software 2016-06-22 13:13 - 2016-06-22 13:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tomas\Downloads\revosetup-195.exe 2016-06-22 12:49 - 2016-06-22 13:14 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Geek Uninstaller 2016-06-22 12:47 - 2016-06-23 19:40 - 00002043 _____ C:\Users\Tomas\Desktop\GeekUninstaller - CHIP Installer.lnk 2016-06-22 12:46 - 2016-06-22 12:46 - 02620536 _____ C:\Users\Tomas\Downloads\geek_1.4.0.83.zip 2016-06-22 12:45 - 2016-06-22 12:45 - 01473544 _____ C:\Users\Tomas\Downloads\GeekUninstaller - CHIP-Installer.exe 2016-06-22 12:43 - 2016-06-22 12:43 - 01473544 _____ C:\Users\Tomas\Downloads\Revo Uninstaller - CHIP-Installer.exe 2016-06-22 12:21 - 2016-06-23 19:41 - 00001818 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-06-22 12:21 - 2016-06-22 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-06-22 12:20 - 2016-06-22 12:21 - 00000000 ____D C:\Program Files\iTunes 2016-06-22 12:20 - 2016-06-22 12:20 - 00000000 ____D C:\Program Files\iPod 2016-06-22 12:20 - 2016-06-22 12:20 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-06-22 12:06 - 2016-06-22 12:06 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\Tomas\Downloads\SpyHunter-Installer.exe 2016-06-22 12:05 - 2016-06-23 13:56 - 00078030 _____ C:\Users\Tomas\Downloads\Addition.txt 2016-06-22 12:03 - 2016-06-23 20:29 - 00027691 _____ C:\Users\Tomas\Downloads\FRST.txt 2016-06-22 11:56 - 2016-06-22 12:03 - 00000262 _____ C:\Users\Tomas\Downloads\Search.txt 2016-06-22 11:55 - 2016-06-23 20:29 - 00000000 ____D C:\FRST 2016-06-22 11:54 - 2016-06-22 11:55 - 02387456 _____ (Farbar) C:\Users\Tomas\Downloads\FRST64.exe 2016-06-21 04:53 - 2016-06-21 04:53 - 00064110 _____ C:\WINDOWS\SysWOW64\bddel.dat 2016-06-20 20:08 - 2016-06-20 20:09 - 00558336 _____ (Safer-Networking Ltd. ) C:\Users\Tomas\Downloads\spybot2-license.exe 2016-06-19 16:28 - 2016-06-21 04:57 - 00000000 ____D C:\Users\Tomas\AppData\Local\NanoNet 2016-06-19 13:53 - 2016-06-19 13:53 - 01091699 _____ C:\Users\Tomas\Downloads\03-SGB_III_Juni_I_2016.pdf 2016-06-19 13:03 - 2016-06-23 19:40 - 00001288 _____ C:\Users\Tomas\Desktop\Facebook Games Arcade (BETA).lnk 2016-06-19 13:03 - 2016-06-19 13:03 - 00000000 ____D C:\Users\Tomas\AppData\Local\FacebookGames 2016-06-19 13:02 - 2016-06-19 13:02 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup (3).exe 2016-06-19 13:02 - 2016-06-19 13:02 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup (2).exe 2016-06-19 13:02 - 2016-06-19 13:02 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup (1).exe 2016-06-18 22:26 - 2016-06-18 22:26 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup.exe 2016-06-17 21:09 - 2016-06-17 21:09 - 00404128 _____ C:\Users\Tomas\Downloads\received_1099156500158013.jpeg 2016-06-14 19:25 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-06-14 19:25 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-06-14 19:25 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-06-14 19:25 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-06-14 19:25 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-06-14 19:25 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-06-14 19:25 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-14 19:25 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-06-14 19:25 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-06-14 19:25 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-06-14 19:25 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-06-14 19:25 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-06-14 19:25 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-06-14 19:25 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-06-14 19:25 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-06-14 19:25 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-06-14 19:25 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-06-14 19:25 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-06-14 19:25 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys 2016-06-14 19:25 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-06-14 19:25 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-06-14 19:25 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-06-14 19:25 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-06-14 19:25 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-06-14 19:25 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-06-14 19:25 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-06-14 19:25 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-06-14 19:25 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-06-14 19:25 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-06-14 19:25 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2016-06-14 19:25 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-06-14 19:25 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-14 19:25 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2016-06-14 19:25 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-06-14 19:25 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-06-14 19:25 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-06-14 19:25 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-06-14 19:25 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-06-14 19:25 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-06-14 19:25 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-06-14 19:25 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-06-14 19:25 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-06-14 19:25 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-06-14 19:25 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-06-14 19:25 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-06-14 19:25 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-14 19:25 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-06-14 19:25 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-14 19:25 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-14 19:25 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-06-14 19:25 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-06-14 19:25 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-14 19:25 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-06-14 19:25 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2016-06-14 19:25 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-06-14 19:25 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-14 19:25 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-06-14 19:25 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-06-14 19:25 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-06-14 19:25 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-14 19:25 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-06-14 19:25 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-06-14 19:25 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll 2016-06-14 19:25 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-06-14 19:25 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2016-06-14 19:25 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-06-14 19:25 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-06-14 19:25 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-06-14 19:25 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-06-14 19:25 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-06-14 19:25 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-06-14 19:25 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-06-14 19:25 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-06-14 19:25 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-06-14 19:25 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-06-14 19:24 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-06-14 19:24 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-06-14 19:24 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-06-14 19:24 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2016-06-14 19:24 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-14 19:24 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-14 19:24 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2016-06-14 19:24 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2016-06-14 19:24 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-06-14 19:24 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-06-14 19:24 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2016-06-14 19:24 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2016-06-14 19:24 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-06-14 19:24 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-06-14 19:24 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe 2016-06-14 19:24 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-06-14 19:24 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-06-14 19:24 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-06-14 19:24 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-06-14 19:24 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-06-14 19:24 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-06-14 19:24 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-06-14 19:24 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-06-14 19:24 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-06-14 19:24 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-06-14 19:24 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-06-14 19:24 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-06-14 19:24 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-06-14 19:24 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-14 19:24 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-06-14 19:24 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-06-14 19:24 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-06-14 19:24 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2016-06-14 19:24 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-06-14 19:24 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-06-14 19:24 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-06-14 19:24 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-06-14 19:24 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-14 19:24 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-06-14 19:24 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-06-14 19:24 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2016-06-14 19:24 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll 2016-06-14 19:24 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll 2016-06-14 19:24 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-06-14 19:24 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2016-06-14 19:24 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-06-14 19:24 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-06-14 19:24 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-06-14 19:24 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2016-06-14 19:24 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-06-14 19:24 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-06-14 19:24 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-06-14 19:24 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-14 19:24 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-06-14 19:24 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys 2016-06-14 19:24 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-06-14 19:24 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-06-14 19:24 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-06-14 19:24 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-06-14 19:24 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2016-06-14 19:24 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-14 19:24 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-06-14 19:24 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2016-06-14 19:24 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-06-14 19:24 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-06-14 19:24 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2016-06-14 19:24 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-06-14 19:24 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2016-06-14 19:24 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-06-14 19:24 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-06-14 19:24 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll 2016-06-14 19:24 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-06-14 19:24 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-06-14 19:24 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll 2016-06-14 19:24 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-06-14 19:24 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-06-14 19:24 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-06-14 19:24 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll 2016-06-14 19:24 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2016-06-14 19:24 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2016-06-14 19:24 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll 2016-06-14 19:24 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll 2016-06-14 19:24 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2016-06-14 19:24 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-06-14 19:24 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-06-14 19:24 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2016-06-14 19:24 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2016-06-14 19:24 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-06-14 19:24 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2016-06-14 19:24 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2016-06-14 19:24 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2016-06-14 19:24 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-06-14 19:24 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll 2016-06-14 19:24 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-06-14 19:24 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-06-14 19:24 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-06-14 19:24 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-06-14 19:24 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-06-14 19:24 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2016-06-14 19:24 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-06-14 19:24 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2016-06-14 19:24 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-06-14 19:24 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-06-14 19:24 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-06-14 19:24 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2016-06-14 19:24 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2016-06-14 19:24 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-06-14 19:24 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-06-14 19:24 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-06-14 19:24 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-06-14 19:24 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-06-14 19:24 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-06-14 19:24 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-06-14 19:24 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2016-06-14 19:24 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-14 19:24 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-06-14 19:24 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-06-14 19:24 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-06-14 19:24 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-06-14 19:24 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2016-06-14 19:24 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-06-14 19:24 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-06-14 19:24 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-06-14 19:24 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2016-06-14 19:24 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-06-14 19:24 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-06-14 19:24 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-06-14 19:24 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-06-14 19:24 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-14 19:24 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-06-14 19:24 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-06-14 19:24 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-06-14 19:24 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-06-14 19:24 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-06-14 19:24 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-06-14 19:24 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-06-14 19:24 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-06-14 19:24 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-06-14 19:24 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-06-14 19:24 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2016-06-12 21:42 - 2016-06-12 21:42 - 00072013 _____ C:\Users\Tomas\Downloads\Kuendigungsschreiben-Wohnung-Außerordentliche-Kuendigung-PDF.pdf 2016-06-11 20:32 - 2016-06-11 20:32 - 00345591 _____ C:\Users\Tomas\Downloads\58ba3144916749b13a954f6b154dc97dd9d-3ad0_main (3).pdf 2016-06-10 18:36 - 2016-06-10 18:36 - 00345591 _____ C:\Users\Tomas\Downloads\58ba3144916749b13a954f6b154dc97dd9d-3ad0_main (2).pdf 2016-06-09 21:32 - 2016-06-09 21:32 - 00170293 _____ C:\Users\Tomas\Downloads\Rückmeldebogen Getränkestände SoFe 2016.pdf 2016-05-30 20:50 - 2016-05-30 20:50 - 00345591 _____ C:\Users\Tomas\Downloads\58ba3144916749b13a954f6b154dc97dd9d-3ad0_main (1).pdf 2016-05-26 21:33 - 2016-05-26 21:33 - 00854546 _____ C:\Users\Tomas\Downloads\Ihr_Vertrags_Angebot_0450721021_0300_4274940.pdf 2016-05-26 10:27 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2016-05-26 10:12 - 2016-05-26 10:13 - 20381888 _____ (Adobe Systems Incorporated) C:\Users\Tomas\Downloads\install_flash_player_ppapi (1).exe 2016-05-26 10:09 - 2016-06-20 05:38 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-05-26 10:09 - 2016-06-19 11:02 - 00004084 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-05-26 10:08 - 2016-05-26 10:08 - 20381888 _____ (Adobe Systems Incorporated) C:\Users\Tomas\Downloads\install_flash_player_ppapi.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-23 19:41 - 2016-05-15 10:41 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-23 19:41 - 2016-05-15 10:41 - 00002248 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-06-23 19:41 - 2016-05-15 09:03 - 00001462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2016-06-23 19:41 - 2016-05-15 09:03 - 00001444 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2016-06-23 19:41 - 2016-05-14 22:15 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-06-23 19:41 - 2016-04-23 22:56 - 00001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-06-23 19:41 - 2016-01-10 20:29 - 00001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk 2016-06-23 19:41 - 2015-12-12 12:06 - 00002693 _____ C:\Users\Public\Desktop\Skype.lnk 2016-06-23 19:41 - 2015-11-14 14:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-06-23 19:41 - 2015-06-08 20:28 - 00000940 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2016-06-23 19:41 - 2014-09-13 18:43 - 00001151 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2016-06-23 19:41 - 2014-09-13 18:43 - 00001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2016-06-23 19:41 - 2014-07-22 14:49 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-06-23 19:41 - 2014-06-13 21:16 - 00001875 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-06-23 19:41 - 2013-12-25 11:51 - 00001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Desktop.lnk 2016-06-23 19:41 - 2013-12-25 11:51 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Control.lnk 2016-06-23 19:41 - 2012-09-18 16:53 - 00002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk 2016-06-23 19:41 - 2011-11-02 21:48 - 00001787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garantie.lnk 2016-06-23 19:41 - 2011-09-15 13:23 - 00001376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk 2016-06-23 19:41 - 2011-09-15 13:23 - 00001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk 2016-06-23 19:41 - 2011-09-15 13:22 - 00002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2016-06-23 19:41 - 2011-09-15 13:22 - 00001492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2016-06-23 19:41 - 2011-09-15 13:16 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint.lnk 2016-06-23 19:41 - 2011-09-15 13:14 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk 2016-06-23 19:40 - 2016-05-14 23:18 - 00002425 _____ C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-06-23 19:40 - 2016-05-14 23:16 - 00001049 _____ C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk 2016-06-23 19:40 - 2014-06-13 21:03 - 00000000 ____D C:\AdwCleaner 2016-06-23 19:30 - 2016-04-23 22:52 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-06-23 19:29 - 2011-11-02 21:48 - 00000000 ____D C:\Users\Tomas\AppData\LocalLow\AuthenTec 2016-06-23 19:29 - 2011-09-15 13:20 - 00000000 ____D C:\ProgramData\PDFC 2016-06-23 19:28 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-06-23 19:28 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-06-23 19:28 - 2013-01-10 20:37 - 00000000 ____D C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP 2016-06-23 19:28 - 2011-12-01 20:22 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-23 19:17 - 2011-12-06 22:36 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2016-06-23 19:17 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-06-23 19:16 - 2015-11-23 18:57 - 00000000 ____D C:\Users\Tomas\Desktop\Games 2016-06-23 19:16 - 2012-09-24 10:23 - 00000000 ____D C:\Program Files (x86)\PicBadges 2016-06-23 19:16 - 2011-11-05 17:05 - 00000000 ____D C:\Users\Tomas\AppData\Local\Apps\2.0 2016-06-23 19:11 - 2011-11-05 17:05 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA.job 2016-06-23 18:49 - 2013-02-02 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-06-23 16:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-06-23 14:22 - 2012-05-21 19:50 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-06-23 14:22 - 2012-05-21 19:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-06-23 14:21 - 2016-05-14 23:13 - 00000008 __RSH C:\Users\Tomas\ntuser.pol 2016-06-23 14:21 - 2016-05-14 22:05 - 00000000 ____D C:\Users\Tomas 2016-06-23 14:21 - 2014-06-13 20:09 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-06-23 12:41 - 2012-05-21 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-06-23 12:36 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-06-23 00:56 - 2011-09-15 13:26 - 00000000 ____D C:\ProgramData\truesuite 2016-06-22 18:49 - 2016-04-08 19:33 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTomas.job 2016-06-22 18:49 - 2013-09-24 21:17 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-06-22 18:49 - 2012-12-04 06:47 - 00000342 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-HP$.job 2016-06-22 18:49 - 2011-12-01 20:22 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-22 17:25 - 2016-05-10 18:08 - 00003304 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A7FD3D56-A56E-4E9D-A6E2-DCE91523FFC5} 2016-06-22 17:25 - 2016-05-10 14:35 - 00003304 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D8EAA7E8-A87F-4868-98AA-BDA3CC094837} 2016-06-22 17:25 - 2016-04-08 19:33 - 00002846 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTomas 2016-06-22 17:25 - 2014-12-25 09:27 - 00003038 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-06-22 17:25 - 2014-09-14 21:48 - 00002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask 2016-06-22 17:25 - 2014-03-01 23:24 - 00003170 _____ C:\WINDOWS\System32\Tasks\Java Update Scheduler 2016-06-22 17:25 - 2014-03-01 23:24 - 00003160 _____ C:\WINDOWS\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2016-06-22 17:25 - 2013-09-24 21:17 - 00003202 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-06-22 17:25 - 2013-05-19 11:31 - 00003358 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AE1EECA5-C038-4711-88D0-00157B2BDB06} 2016-06-22 17:25 - 2012-12-04 06:47 - 00002678 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTOMAS-HP$ 2016-06-22 17:25 - 2011-12-01 20:22 - 00003706 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-06-22 17:24 - 2014-06-13 20:42 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2016-06-22 17:13 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-06-22 16:24 - 2016-05-14 22:00 - 00000000 ____D C:\ProgramData\NVIDIA 2016-06-22 16:14 - 2011-11-06 09:47 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-06-22 15:23 - 2016-05-15 09:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-06-22 13:05 - 2011-11-02 21:13 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\SoftGrid Client 2016-06-22 12:20 - 2014-07-22 14:49 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-06-22 12:16 - 2016-04-12 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-06-20 20:14 - 2016-05-15 09:03 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-06-20 06:11 - 2011-11-05 17:05 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core.job 2016-06-19 11:10 - 2011-12-01 20:24 - 00000000 ____D C:\Users\Tomas\AppData\Local\Adobe 2016-06-18 22:50 - 2015-12-12 12:06 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Skype 2016-06-18 22:17 - 2015-12-12 12:06 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-06-18 22:17 - 2015-12-12 12:06 - 00000000 ____D C:\ProgramData\Skype 2016-06-17 15:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-06-16 20:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-06-16 03:37 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-06-16 03:34 - 2016-02-13 10:21 - 00285304 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-06-16 03:31 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-06-16 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-06-16 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-14 19:43 - 2013-08-03 10:27 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-06-13 20:41 - 2016-05-14 22:02 - 02087744 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-06-13 20:41 - 2016-02-13 18:59 - 00888590 _____ C:\WINDOWS\system32\perfh007.dat 2016-06-13 20:41 - 2016-02-13 18:59 - 00197416 _____ C:\WINDOWS\system32\perfc007.dat 2016-06-07 16:38 - 2012-11-02 19:17 - 00000000 ____D C:\Users\Tomas\AppData\Local\ElevatedDiagnostics 2016-06-06 14:29 - 2011-11-13 22:12 - 00000000 ____D C:\Users\Tomas\Documents\Elke 2016-05-28 07:55 - 2016-02-13 19:27 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-05-26 01:18 - 2013-10-06 12:33 - 00000000 ____D C:\Program Files (x86)\Steam 2016-05-26 01:12 - 2016-01-23 14:03 - 00000000 ____D C:\Users\Tomas\AppData\Local\Battle.net 2016-05-25 22:16 - 2016-01-23 14:04 - 00000000 ____D C:\Program Files (x86)\Diablo III 2016-05-25 22:13 - 2016-01-23 14:03 - 00000000 ____D C:\Program Files (x86)\Battle.net ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2011-09-15 13:25 - 2011-06-10 01:44 - 0002792 _____ () C:\Program Files\HP SimplePass 2011 2012-09-18 18:02 - 2012-05-15 10:33 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager classic.msi 2012-10-03 11:42 - 2013-07-08 10:37 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi 2015-02-21 21:47 - 2015-02-21 21:57 - 0000115 _____ () C:\Users\Tomas\AppData\Roaming\LogFile.txt 2014-10-26 13:02 - 2014-10-26 13:48 - 14364672 _____ () C:\Users\Tomas\AppData\Roaming\Sandra.mdb 2014-04-24 16:37 - 2014-04-26 11:37 - 0000043 _____ () C:\Users\Tomas\AppData\Roaming\WB.CFG 2015-06-08 20:31 - 2015-06-08 20:31 - 0000877 _____ () C:\Users\Tomas\AppData\Local\recently-used.xbel 2014-01-19 13:09 - 2014-09-13 10:32 - 0007599 _____ () C:\Users\Tomas\AppData\Local\Resmon.ResmonCfg 2014-10-27 11:01 - 2014-10-27 11:02 - 0000000 _____ () C:\Users\Tomas\AppData\Local\{CC88A7B1-283C-40EC-B03B-FE52DF639021} 2013-02-02 14:58 - 2013-02-02 14:58 - 0000060 _____ () C:\ProgramData\1548094.bat 2013-02-02 14:58 - 2013-02-02 14:58 - 0000153 _____ () C:\ProgramData\1548094.reg 2012-04-13 14:33 - 2012-04-13 14:33 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-01-28 20:38 - 2012-01-28 21:02 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\1548094.bat C:\ProgramData\1548094.reg ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-06-17 15:33 ==================== Ende von FRST.txt ============================ Hallo Matthias, bin ich blind oder sind die geposteten Daten weg? Gruß Tomas |
|
23.06.2016, 20:34
| #22 |
| /// TB-Ausbilder | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. Servus, hast du die Funde von AdwCleaner entfernen lassen? Sieht irgendwie nicht so aus... Wieso hast du AdwCleaner nicht mit den Optionen ausgeführt wie ich beschrieben habe? Stattdessen postest du mir die Logdatei des Suchlaufs... Werden die Anleitungen auch gelesen oder machst du nur das, worauf du Lust hast??? Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKLM -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei
FF NewTab: about:newtab
FF HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\extensions\cliqz@cliqz.com => nicht gefunden
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR HKLM-x32\...\Chrome\Extension: [kioiabaigfcehjmemdmnnmjegnjjckai] - C:\Users\Tomas\AppData\Local\PicBadges\Chrome\PicBadges.crx [2012-09-20]
C:\Users\Tomas\AppData\Local\PicBadges
C:\Users\Tomas\Downloads\*CHIP-Installer.exe
C:\Users\Tomas\Downloads\SpyHunter-Installer*.exe
C:\Program Files (x86)\PicBadges
C:\ProgramData\1548094.reg
C:\ProgramData\1548094.bat
Task: {19F2EBFF-6628-4197-A076-5BD3287107E9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {47495CB1-90A6-4F5E-9B59-7CEA95DF5E39} - System32\Tasks\{F8B5979A-1B28-4844-B885-D7673855CC71} => pcalua.exe -a "C:\Program Files (x86)\Plus-HD-9.1\Uninstall.exe" -c /fcp=1
C:\Program Files (x86)\Plus-HD-9.1
Task: {5228B819-0A60-478B-B146-793795A54A85} - \FF Watcher {33623A7B-0D3C-4499-9DB8-0F8929B49502} -> Keine Datei <==== ACHTUNG
Task: {685CDC09-3548-4954-8F39-7750EC8605FF} - \Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 -> Keine Datei <==== ACHTUNG
Task: {6D922CB3-386D-44ED-AF78-D0FABC2C64AA} - \globalUpdateUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {7E4454CE-1F54-425A-9AD1-56D68600E626} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {80C3446E-A855-4A45-8843-7F807577AF4A} - \LaunchApp -> Keine Datei <==== ACHTUNG
Task: {836816D2-5E8E-4204-8A0B-783FED231681} - System32\Tasks\{D68979DF-ACBB-4CEB-BB52-49121E0EE6FE} => pcalua.exe -a E:\demo32.exe -d E:\
Task: {8EE75E20-09C6-4241-AA8E-90407BAA4A8E} - \globalUpdateUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e
Task: {A0CCCDAD-5986-47CC-B123-05664BAE5E92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C24F2A9B-D53F-476D-9FA6-3F1A9FAC2223} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DB27CABE-D07C-443D-B627-CD6B113E76AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {DDE8F577-7F7E-451F-BAC0-0BD924EC25CD} - System32\Tasks\{4EE4C141-7087-4003-891A-77226BE5F133} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
Task: {FD159878-3EDA-45B4-A402-1C38542C5B04} - System32\Tasks\{3AAC1151-7BFD-4D4F-9A36-AFD5BD7B702B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}\setup.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Oblivion" -c /M{35CB6715-41F8-4F99-8881-6FC75BF054B0}
Unlock: C:\WINDOWS\system32\Drivers\etc\hosts
C:\WINDOWS\system32\Drivers\etc\hosts
Hosts:
CMD: type "C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\profiles.ini"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 3
Bitte poste mit deiner nächsten Antwort
Geändert von M-K-D-B (23.06.2016 um 20:44 Uhr) |
|
24.06.2016, 14:43
| #23 |
| | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. Hallo Matthias, ich möchte nicht undankbar erscheinen, aber kannst du dir vorstellen, dass die Menschen die sich hier an euch wenden nicht mit einem PC aufgewachsen sind? Und sich bei dem Einen oder Anderen etwas schwer tun? Wenn du denkst ich möchte dich hier auf den Arm nehmen, was bestimmt nicht der Fall ist, dann sag es einfach und wir beenden das. Gruß Tomas Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Tomas (2016-06-24 15:16:44) Run:1
Gestartet von C:\Users\Tomas\Desktop
Geladene Profile: Tomas & DefaultAppPool (Verfügbare Profile: Tomas & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKLM -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei
FF NewTab: about:newtab
FF HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\extensions\cliqz@cliqz.com => nicht gefunden
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR HKLM-x32\...\Chrome\Extension: [kioiabaigfcehjmemdmnnmjegnjjckai] - C:\Users\Tomas\AppData\Local\PicBadges\Chrome\PicBadges.crx [2012-09-20]
C:\Users\Tomas\AppData\Local\PicBadges
C:\Users\Tomas\Downloads\*CHIP-Installer.exe
C:\Users\Tomas\Downloads\SpyHunter-Installer*.exe
C:\Program Files (x86)\PicBadges
C:\ProgramData\1548094.reg
C:\ProgramData\1548094.bat
Task: {19F2EBFF-6628-4197-A076-5BD3287107E9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {47495CB1-90A6-4F5E-9B59-7CEA95DF5E39} - System32\Tasks\{F8B5979A-1B28-4844-B885-D7673855CC71} => pcalua.exe -a "C:\Program Files (x86)\Plus-HD-9.1\Uninstall.exe" -c /fcp=1
C:\Program Files (x86)\Plus-HD-9.1
Task: {5228B819-0A60-478B-B146-793795A54A85} - \FF Watcher {33623A7B-0D3C-4499-9DB8-0F8929B49502} -> Keine Datei <==== ACHTUNG
Task: {685CDC09-3548-4954-8F39-7750EC8605FF} - \Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 -> Keine Datei <==== ACHTUNG
Task: {6D922CB3-386D-44ED-AF78-D0FABC2C64AA} - \globalUpdateUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {7E4454CE-1F54-425A-9AD1-56D68600E626} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {80C3446E-A855-4A45-8843-7F807577AF4A} - \LaunchApp -> Keine Datei <==== ACHTUNG
Task: {836816D2-5E8E-4204-8A0B-783FED231681} - System32\Tasks\{D68979DF-ACBB-4CEB-BB52-49121E0EE6FE} => pcalua.exe -a E:\demo32.exe -d E:\
Task: {8EE75E20-09C6-4241-AA8E-90407BAA4A8E} - \globalUpdateUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e
Task: {A0CCCDAD-5986-47CC-B123-05664BAE5E92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C24F2A9B-D53F-476D-9FA6-3F1A9FAC2223} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DB27CABE-D07C-443D-B627-CD6B113E76AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {DDE8F577-7F7E-451F-BAC0-0BD924EC25CD} - System32\Tasks\{4EE4C141-7087-4003-891A-77226BE5F133} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
Task: {FD159878-3EDA-45B4-A402-1C38542C5B04} - System32\Tasks\{3AAC1151-7BFD-4D4F-9A36-AFD5BD7B702B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}\setup.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Oblivion" -c /M{35CB6715-41F8-4F99-8881-6FC75BF054B0}
Unlock: C:\WINDOWS\system32\Drivers\etc\hosts
C:\WINDOWS\system32\Drivers\etc\hosts
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
durchgeführt von Tomas (Administrator) auf TOMAS-HP (24-06-2016 15:38:31)
Gestartet von C:\Users\Tomas\Desktop
Geladene Profile: Tomas & DefaultAppPool (Verfügbare Profile: Tomas & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser_crashreporter.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
ShellExecuteHooks: - {E54729E8-643D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook64.dll [773192 2013-12-25] ()
ShellExecuteHooks-x32: - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook32.dll [484936 2013-12-25] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-09] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exebddel.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{30abc813-0b6f-41ab-b7c0-c838f2f7156b}: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{c88d17ef-686f-4942-b383-4d8b5ce72c67}: [NameServer] 77.234.40.79
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE10DEDE/MSE_WCP
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0EE6A110-BA3A-44A5-B8A3-CB03C6956FA4} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> DefaultScope {C6E811D7-0F9E-448D-B384-B99F7F30B0CF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> {C6E811D7-0F9E-448D-B384-B99F7F30B0CF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-23] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-23] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-11-19] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-06] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default
FF DefaultSearchEngine: Avast Search
FF SelectedSearchEngine: Avast Search
FF Homepage: hxxps://search.avast.com/AV772/
FF DefaultSearchUrl: hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF SearchEngineOrder.1: Avast Search
FF Keyword.URL: hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-03-22] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Tomas\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tomas\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @talk.google.com/O1DPlugin -> C:\Users\Tomas\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tomas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-01] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-04-26] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Tomas\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tomas\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\searchplugins\google-lavasoft.xml [2016-04-17]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2016-06-22] [ist nicht signiert]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-09]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-15]
CHR Extension: (Google Docs) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-15]
CHR Extension: (Google Drive) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-15]
CHR Extension: (YouTube) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-15]
CHR Extension: (Avast Passwords) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2016-05-15]
CHR Extension: (Google Sheets) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-15]
CHR Extension: (Google Docs Offline) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-15]
CHR Extension: (Gmail) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-15]
CHR HKLM-x32\...\Chrome\Extension: [emhginjpijfggbofeediiojmdlmlkoik] - C:\Program Files\AVAST Software\Avast\pam\Chrome\pam.crx [2016-05-09]
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-05-09] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Datei ist nicht signiert]
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation)
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [153352 2016-04-05] (McAfee, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-03-29] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-11-15] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-11-15] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-08-01] (Realtek Semiconductor)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe [73200 2014-10-06] (SiSoftware) [Datei ist nicht signiert]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-09] (AVAST Software)
S3 aswNetNd6; C:\Windows\system32\DRIVERS\aswNetNd6.sys [28312 2016-04-23] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [536312 2016-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-09] (AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-04-23] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-09] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-11-03] ()
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows (R) Codename Longhorn DDK provider)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-03] (GFI Software)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-01-10] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-24] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-12-16] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-09-15] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896752 2015-08-07] (Realtek )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys [23112 2009-08-08] (SiSoftware)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [65576 2015-06-16] (Safer-Networking Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-24 15:37 - 2016-06-24 15:37 - 00013412 _____ C:\Users\Tomas\Desktop\SystemLook.txt
2016-06-24 15:25 - 2016-06-24 15:30 - 00013410 _____ C:\Users\Tomas\Downloads\SystemLook.txt
2016-06-24 15:16 - 2016-06-24 15:17 - 00016563 _____ C:\Users\Tomas\Desktop\Fixlog.txt
2016-06-24 15:13 - 2016-06-24 15:14 - 00165376 _____ C:\Users\Tomas\Desktop\SystemLook_x64.exe
2016-06-24 14:52 - 2016-06-24 14:52 - 00001190 _____ C:\mbam1.txt
2016-06-23 20:31 - 2016-06-24 15:38 - 00028717 _____ C:\Users\Tomas\Desktop\FRST.txt
2016-06-23 20:30 - 2016-06-23 20:30 - 00076178 _____ C:\Users\Tomas\Desktop\Addition.txt
2016-06-23 20:23 - 2016-06-23 20:23 - 00000547 _____ C:\Users\Tomas\Desktop\JRT.txt
2016-06-23 20:13 - 2016-06-23 20:13 - 01610816 _____ (Malwarebytes) C:\Users\Tomas\Downloads\JRT.exe
2016-06-23 20:11 - 2016-06-23 20:11 - 00001898 _____ C:\Users\Tomas\Desktop\AdwCleaner[S5].txt
2016-06-23 19:35 - 2016-06-23 19:35 - 00058028 _____ C:\Users\Tomas\Desktop\mbam.txt
2016-06-23 18:49 - 2016-06-23 19:41 - 00001167 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-06-23 18:49 - 2016-06-23 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-06-23 18:49 - 2016-06-23 18:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-06-23 18:49 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-06-23 18:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-06-23 18:47 - 2016-06-23 18:48 - 22851472 _____ (Malwarebytes ) C:\Users\Tomas\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-23 15:34 - 2016-06-24 14:05 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-23 15:34 - 2016-06-23 19:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-06-23 15:32 - 2016-06-23 17:39 - 00000000 ____D C:\Users\Tomas\Desktop\mbar
2016-06-23 15:32 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-06-23 15:31 - 2016-06-23 15:31 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Tomas\Downloads\mbar-1.09.3.1001.exe
2016-06-23 14:32 - 2016-06-23 15:14 - 00269828 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_14.32.45_log.txt
2016-06-23 14:31 - 2016-06-23 14:31 - 00154392 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_14.31.12_log.txt
2016-06-23 14:05 - 2016-06-23 14:05 - 00000000 ____D C:\TDSKILLER_23.06.16_14Uhr06
2016-06-23 14:00 - 2016-06-23 14:09 - 00270142 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_14.00.06_log.txt
2016-06-23 13:58 - 2016-06-23 13:59 - 00270570 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_13.58.59_log.txt
2016-06-23 13:52 - 2016-06-23 13:54 - 00004486 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_13.52.45_log.txt
2016-06-23 13:52 - 2016-06-23 13:52 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Tomas\Downloads\tdsskiller.exe
2016-06-22 17:24 - 2016-06-23 19:40 - 00001339 _____ C:\Users\Tomas\Desktop\Revo Uninstaller.lnk
2016-06-22 17:24 - 2016-06-22 17:24 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-06-22 17:22 - 2016-06-22 17:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tomas\Downloads\revosetup95.exe
2016-06-22 16:32 - 2016-06-22 16:33 - 139692312 _____ (Microsoft Corporation) C:\Users\Tomas\Downloads\msert.exe
2016-06-22 16:14 - 2016-06-22 16:14 - 50716384 _____ (Microsoft Corporation) C:\Users\Tomas\Downloads\Windows-KB890830-x64-V5.37.exe
2016-06-22 15:34 - 2016-06-22 15:35 - 03703360 _____ C:\Users\Tomas\Downloads\adwcleaner_5.200.exe
2016-06-22 13:43 - 2016-06-22 15:10 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-06-22 13:13 - 2016-06-22 13:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tomas\Downloads\revosetup-195.exe
2016-06-22 12:49 - 2016-06-22 13:14 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Geek Uninstaller
2016-06-22 12:47 - 2016-06-23 19:40 - 00002043 _____ C:\Users\Tomas\Desktop\GeekUninstaller - CHIP Installer.lnk
2016-06-22 12:46 - 2016-06-22 12:46 - 02620536 _____ C:\Users\Tomas\Downloads\geek_1.4.0.83.zip
2016-06-22 12:21 - 2016-06-23 19:41 - 00001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-22 12:21 - 2016-06-22 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-22 12:20 - 2016-06-22 12:21 - 00000000 ____D C:\Program Files\iTunes
2016-06-22 12:20 - 2016-06-22 12:20 - 00000000 ____D C:\Program Files\iPod
2016-06-22 12:20 - 2016-06-22 12:20 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-22 12:05 - 2016-06-23 20:30 - 00076178 _____ C:\Users\Tomas\Downloads\Addition.txt
2016-06-22 12:03 - 2016-06-23 20:30 - 00073257 _____ C:\Users\Tomas\Downloads\FRST.txt
2016-06-22 11:56 - 2016-06-22 12:03 - 00000262 _____ C:\Users\Tomas\Downloads\Search.txt
2016-06-22 11:55 - 2016-06-24 15:38 - 00000000 ____D C:\FRST
2016-06-22 11:54 - 2016-06-22 11:55 - 02387456 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe
2016-06-21 04:53 - 2016-06-21 04:53 - 00064110 _____ C:\WINDOWS\SysWOW64\bddel.dat
2016-06-20 20:08 - 2016-06-20 20:09 - 00558336 _____ (Safer-Networking Ltd. ) C:\Users\Tomas\Downloads\spybot2-license.exe
2016-06-19 16:28 - 2016-06-21 04:57 - 00000000 ____D C:\Users\Tomas\AppData\Local\NanoNet
2016-06-19 13:53 - 2016-06-19 13:53 - 01091699 _____ C:\Users\Tomas\Downloads\03-SGB_III_Juni_I_2016.pdf
2016-06-19 13:03 - 2016-06-23 19:40 - 00001288 _____ C:\Users\Tomas\Desktop\Facebook Games Arcade (BETA).lnk
2016-06-19 13:03 - 2016-06-19 13:03 - 00000000 ____D C:\Users\Tomas\AppData\Local\FacebookGames
2016-06-19 13:02 - 2016-06-19 13:02 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup (3).exe
2016-06-19 13:02 - 2016-06-19 13:02 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup (2).exe
2016-06-19 13:02 - 2016-06-19 13:02 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup (1).exe
2016-06-18 22:26 - 2016-06-18 22:26 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup.exe
2016-06-17 21:09 - 2016-06-17 21:09 - 00404128 _____ C:\Users\Tomas\Downloads\received_1099156500158013.jpeg
2016-06-14 19:25 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-14 19:25 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-14 19:25 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-14 19:25 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-14 19:25 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-14 19:25 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-14 19:25 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-14 19:25 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-14 19:25 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-14 19:25 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-14 19:25 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-14 19:25 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-14 19:25 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-14 19:25 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-14 19:25 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-14 19:25 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-14 19:25 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-14 19:25 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-14 19:25 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-14 19:25 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-14 19:25 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-14 19:25 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-14 19:25 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-14 19:25 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-14 19:25 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-14 19:25 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-14 19:25 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-14 19:25 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-14 19:25 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-14 19:25 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-14 19:25 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-14 19:25 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-14 19:25 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-14 19:25 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-14 19:25 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-14 19:25 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-14 19:25 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-14 19:25 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-14 19:25 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-14 19:25 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-14 19:25 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-14 19:25 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-14 19:25 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-14 19:25 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-14 19:25 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-14 19:25 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-14 19:25 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-14 19:25 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-14 19:25 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-14 19:25 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-14 19:25 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-14 19:25 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-14 19:25 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-14 19:25 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 19:25 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-14 19:25 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-14 19:25 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-14 19:25 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-14 19:25 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-14 19:25 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-14 19:25 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-14 19:25 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 19:25 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-14 19:25 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-14 19:25 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-14 19:25 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-14 19:25 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-14 19:25 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-14 19:25 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-14 19:24 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-14 19:24 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-14 19:24 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-14 19:24 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-14 19:24 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-14 19:24 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-14 19:24 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-14 19:24 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-14 19:24 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-14 19:24 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-14 19:24 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-14 19:24 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-14 19:24 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-14 19:24 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-14 19:24 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-14 19:24 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-14 19:24 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-14 19:24 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-14 19:24 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-14 19:24 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-14 19:24 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-14 19:24 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-14 19:24 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 19:24 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-14 19:24 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-14 19:24 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-14 19:24 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-14 19:24 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-14 19:24 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-14 19:24 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-14 19:24 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-14 19:24 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-14 19:24 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-14 19:24 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-14 19:24 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-14 19:24 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-14 19:24 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-14 19:24 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-14 19:24 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-14 19:24 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-14 19:24 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-14 19:24 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-14 19:24 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-14 19:24 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-14 19:24 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-14 19:24 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-14 19:24 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-14 19:24 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-14 19:24 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-14 19:24 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-14 19:24 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-14 19:24 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-14 19:24 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-14 19:24 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-14 19:24 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-14 19:24 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-14 19:24 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-14 19:24 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-14 19:24 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-14 19:24 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-14 19:24 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-14 19:24 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-14 19:24 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-14 19:24 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-14 19:24 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-14 19:24 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-14 19:24 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-14 19:24 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-14 19:24 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-14 19:24 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-14 19:24 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-14 19:24 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-14 19:24 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-14 19:24 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-14 19:24 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-14 19:24 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-14 19:24 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-14 19:24 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-14 19:24 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-14 19:24 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-14 19:24 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-14 19:24 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-14 19:24 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-14 19:24 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-14 19:24 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-14 19:24 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-14 19:24 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-14 19:24 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-14 19:24 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-14 19:24 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-14 19:24 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-14 19:24 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-14 19:24 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-14 19:24 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-14 19:24 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-14 19:24 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-14 19:24 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-14 19:24 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-14 19:24 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-14 19:24 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-14 19:24 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-14 19:24 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-14 19:24 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-14 19:24 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-14 19:24 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-14 19:24 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-14 19:24 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 19:24 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-14 19:24 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-14 19:24 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-14 19:24 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-14 19:24 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-14 19:24 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-14 19:24 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-14 19:24 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-14 19:24 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-14 19:24 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-14 19:24 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-14 19:24 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-12 21:42 - 2016-06-12 21:42 - 00072013 _____ C:\Users\Tomas\Downloads\Kuendigungsschreiben-Wohnung-Außerordentliche-Kuendigung-PDF.pdf
2016-06-11 20:32 - 2016-06-11 20:32 - 00345591 _____ C:\Users\Tomas\Downloads\58ba3144916749b13a954f6b154dc97dd9d-3ad0_main (3).pdf
2016-06-10 18:36 - 2016-06-10 18:36 - 00345591 _____ C:\Users\Tomas\Downloads\58ba3144916749b13a954f6b154dc97dd9d-3ad0_main (2).pdf
2016-06-09 21:32 - 2016-06-09 21:32 - 00170293 _____ C:\Users\Tomas\Downloads\Rückmeldebogen Getränkestände SoFe 2016.pdf
2016-05-30 20:50 - 2016-05-30 20:50 - 00345591 _____ C:\Users\Tomas\Downloads\58ba3144916749b13a954f6b154dc97dd9d-3ad0_main (1).pdf
2016-05-26 21:33 - 2016-05-26 21:33 - 00854546 _____ C:\Users\Tomas\Downloads\Ihr_Vertrags_Angebot_0450721021_0300_4274940.pdf
2016-05-26 10:27 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-05-26 10:12 - 2016-05-26 10:13 - 20381888 _____ (Adobe Systems Incorporated) C:\Users\Tomas\Downloads\install_flash_player_ppapi (1).exe
2016-05-26 10:09 - 2016-06-20 05:38 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-26 10:09 - 2016-06-19 11:02 - 00004084 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-26 10:08 - 2016-05-26 10:08 - 20381888 _____ (Adobe Systems Incorporated) C:\Users\Tomas\Downloads\install_flash_player_ppapi.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-24 15:22 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-24 15:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-24 15:19 - 2016-04-23 22:52 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-06-24 15:18 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-24 15:18 - 2011-12-01 20:22 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-24 15:18 - 2011-11-02 21:48 - 00000000 ____D C:\Users\Tomas\AppData\LocalLow\AuthenTec
2016-06-24 15:18 - 2011-09-15 13:20 - 00000000 ____D C:\ProgramData\PDFC
2016-06-24 15:17 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-24 15:17 - 2013-01-10 06:16 - 00000000 ____D C:\Users\Tomas\AppData\LocalLow\Temp
2016-06-24 15:11 - 2011-11-05 17:05 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA.job
2016-06-24 10:08 - 2011-09-15 13:26 - 00000000 ____D C:\ProgramData\truesuite
2016-06-23 19:41 - 2016-05-15 10:41 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-23 19:41 - 2016-05-15 10:41 - 00002248 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-23 19:41 - 2016-05-15 09:03 - 00001462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-06-23 19:41 - 2016-05-15 09:03 - 00001444 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-06-23 19:41 - 2016-05-14 22:15 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-06-23 19:41 - 2016-04-23 22:56 - 00001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-23 19:41 - 2016-01-10 20:29 - 00001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk
2016-06-23 19:41 - 2015-12-12 12:06 - 00002693 _____ C:\Users\Public\Desktop\Skype.lnk
2016-06-23 19:41 - 2015-11-14 14:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-23 19:41 - 2015-06-08 20:28 - 00000940 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-06-23 19:41 - 2014-09-13 18:43 - 00001151 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-06-23 19:41 - 2014-09-13 18:43 - 00001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-06-23 19:41 - 2014-07-22 14:49 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-06-23 19:41 - 2014-06-13 21:16 - 00001875 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-23 19:41 - 2013-12-25 11:51 - 00001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Desktop.lnk
2016-06-23 19:41 - 2013-12-25 11:51 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Control.lnk
2016-06-23 19:41 - 2012-09-18 16:53 - 00002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2016-06-23 19:41 - 2011-11-02 21:48 - 00001787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garantie.lnk
2016-06-23 19:41 - 2011-09-15 13:23 - 00001376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-06-23 19:41 - 2011-09-15 13:23 - 00001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-06-23 19:41 - 2011-09-15 13:22 - 00002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-06-23 19:41 - 2011-09-15 13:22 - 00001492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-06-23 19:41 - 2011-09-15 13:16 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint.lnk
2016-06-23 19:41 - 2011-09-15 13:14 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2016-06-23 19:40 - 2016-05-14 23:18 - 00002425 _____ C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-06-23 19:40 - 2016-05-14 23:16 - 00001049 _____ C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-06-23 19:40 - 2014-06-13 21:03 - 00000000 ____D C:\AdwCleaner
2016-06-23 19:28 - 2013-01-10 20:37 - 00000000 ____D C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP
2016-06-23 19:17 - 2011-12-06 22:36 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-06-23 19:17 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-23 19:16 - 2015-11-23 18:57 - 00000000 ____D C:\Users\Tomas\Desktop\Games
2016-06-23 19:16 - 2011-11-05 17:05 - 00000000 ____D C:\Users\Tomas\AppData\Local\Apps\2.0
2016-06-23 18:49 - 2013-02-02 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-23 14:22 - 2012-05-21 19:50 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 14:22 - 2012-05-21 19:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 14:21 - 2016-05-14 23:13 - 00000008 __RSH C:\Users\Tomas\ntuser.pol
2016-06-23 14:21 - 2016-05-14 22:05 - 00000000 ____D C:\Users\Tomas
2016-06-23 14:21 - 2014-06-13 20:09 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-23 12:41 - 2012-05-21 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-22 18:49 - 2016-04-08 19:33 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTomas.job
2016-06-22 18:49 - 2013-09-24 21:17 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-22 18:49 - 2012-12-04 06:47 - 00000342 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-HP$.job
2016-06-22 18:49 - 2011-12-01 20:22 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-22 17:25 - 2016-05-10 18:08 - 00003304 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A7FD3D56-A56E-4E9D-A6E2-DCE91523FFC5}
2016-06-22 17:25 - 2016-05-10 14:35 - 00003304 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D8EAA7E8-A87F-4868-98AA-BDA3CC094837}
2016-06-22 17:25 - 2016-04-08 19:33 - 00002846 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTomas
2016-06-22 17:25 - 2014-12-25 09:27 - 00003038 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-06-22 17:25 - 2014-09-14 21:48 - 00002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-06-22 17:25 - 2014-03-01 23:24 - 00003170 _____ C:\WINDOWS\System32\Tasks\Java Update Scheduler
2016-06-22 17:25 - 2014-03-01 23:24 - 00003160 _____ C:\WINDOWS\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2016-06-22 17:25 - 2013-09-24 21:17 - 00003202 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-06-22 17:25 - 2013-05-19 11:31 - 00003358 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AE1EECA5-C038-4711-88D0-00157B2BDB06}
2016-06-22 17:25 - 2012-12-04 06:47 - 00002678 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTOMAS-HP$
2016-06-22 17:25 - 2011-12-01 20:22 - 00003706 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-22 17:24 - 2014-06-13 20:42 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-06-22 17:13 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-22 16:24 - 2016-05-14 22:00 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-22 16:14 - 2011-11-06 09:47 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-22 15:23 - 2016-05-15 09:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-22 13:05 - 2011-11-02 21:13 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\SoftGrid Client
2016-06-22 12:20 - 2014-07-22 14:49 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-22 12:16 - 2016-04-12 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-20 20:14 - 2016-05-15 09:03 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-20 06:11 - 2011-11-05 17:05 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core.job
2016-06-19 11:10 - 2011-12-01 20:24 - 00000000 ____D C:\Users\Tomas\AppData\Local\Adobe
2016-06-18 22:50 - 2015-12-12 12:06 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Skype
2016-06-18 22:17 - 2015-12-12 12:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-18 22:17 - 2015-12-12 12:06 - 00000000 ____D C:\ProgramData\Skype
2016-06-17 15:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 20:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-16 03:37 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 03:34 - 2016-02-13 10:21 - 00285304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 03:31 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 19:43 - 2013-08-03 10:27 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-13 20:41 - 2016-05-14 22:02 - 02087744 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-13 20:41 - 2016-02-13 18:59 - 00888590 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-13 20:41 - 2016-02-13 18:59 - 00197416 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-07 16:38 - 2012-11-02 19:17 - 00000000 ____D C:\Users\Tomas\AppData\Local\ElevatedDiagnostics
2016-06-06 14:29 - 2011-11-13 22:12 - 00000000 ____D C:\Users\Tomas\Documents\Elke
2016-05-28 07:55 - 2016-02-13 19:27 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-05-26 01:18 - 2013-10-06 12:33 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-26 01:12 - 2016-01-23 14:03 - 00000000 ____D C:\Users\Tomas\AppData\Local\Battle.net
2016-05-25 22:16 - 2016-01-23 14:04 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-05-25 22:13 - 2016-01-23 14:03 - 00000000 ____D C:\Program Files (x86)\Battle.net
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-09-15 13:25 - 2011-06-10 01:44 - 0002792 _____ () C:\Program Files\HP SimplePass 2011
2012-09-18 18:02 - 2012-05-15 10:33 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager classic.msi
2012-10-03 11:42 - 2013-07-08 10:37 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
2015-02-21 21:47 - 2015-02-21 21:57 - 0000115 _____ () C:\Users\Tomas\AppData\Roaming\LogFile.txt
2014-10-26 13:02 - 2014-10-26 13:48 - 14364672 _____ () C:\Users\Tomas\AppData\Roaming\Sandra.mdb
2014-04-24 16:37 - 2014-04-26 11:37 - 0000043 _____ () C:\Users\Tomas\AppData\Roaming\WB.CFG
2015-06-08 20:31 - 2015-06-08 20:31 - 0000877 _____ () C:\Users\Tomas\AppData\Local\recently-used.xbel
2014-01-19 13:09 - 2014-09-13 10:32 - 0007599 _____ () C:\Users\Tomas\AppData\Local\Resmon.ResmonCfg
2014-10-27 11:01 - 2014-10-27 11:02 - 0000000 _____ () C:\Users\Tomas\AppData\Local\{CC88A7B1-283C-40EC-B03B-FE52DF639021}
2012-04-13 14:33 - 2012-04-13 14:33 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-01-28 20:38 - 2012-01-28 21:02 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-17 15:33
==================== Ende von FRST.txt ============================
|
|
24.06.2016, 14:45
| #24 |
| | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Tomas (2016-06-24 15:39:12)
Gestartet von C:\Users\Tomas\Desktop
Windows 10 Home Version 1511 (X64) (2016-05-14 21:13:29)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2924648203-2002222509-804629142-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2924648203-2002222509-804629142-503 - Limited - Disabled)
Gast (S-1-5-21-2924648203-2002222509-804629142-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2924648203-2002222509-804629142-1002 - Limited - Enabled)
Tomas (S-1-5-21-2924648203-2002222509-804629142-1001 - Administrator - Enabled) => C:\Users\Tomas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Spybot - Search and Destroy (Disabled - Up to date) {1A0DDE8C-B4BA-EFDD-22A8-0F557C7985F0}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Alpha Protocol (HKLM-x32\...\{D37FE0E3-B1A9-4E41-AB5D-DA62E04D2C42}) (Version: 1.00.0000 - SEGA Corporation)
Amazon Kindle (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Amazon Kindle) (Version: - Amazon)
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anno 1701 - Der Fluch des Drachen (HKLM-x32\...\{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}) (Version: 2.03 - Sunflowers)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crossfire 1.9 (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Crossfire 1.9) (Version: 1.90.00.00 - SWAT-Portal)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deus Ex: The Fall (HKLM-x32\...\Steam App 258180) (Version: - Square Enix)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version: - Obsidian Entertainment)
Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.0.0.10960 - Landesfinanzdirektion Thüringen)
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.18 - NCH Software)
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
Facebook Games Arcade 0.6.0.1 (HKLM-x32\...\{F31484D6-A5E7-401E-B571-8B035E27AB56}) (Version: 0.6.0.1 - Facebook)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät (HKLM\...\{48DF59F8-2ACD-4F1F-87F3-D820FE7A6178}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.4.18.7 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 3.2.0 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 8.2 - EasyBits Software AS)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SiSoftware Sandra Lite 2014.SP3e (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 20.50.2014.10 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
SMSC LAN7500 Device Driver (HKLM\...\{0F646F15-F7F6-448C-BF1C-FAB816D4AEB1}) (Version: 1.2.0.0 - SMSC)
SpellForce 2 - Faith in Destiny (HKLM-x32\...\Steam App 65530) (Version: - Mind Over Matter Studios)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Star Wars(tm) Knights of the Old Republic(tm) II: The Sith Lords(tm) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3070 B611 series Produkten (HKLM\...\{CAD7B6DD-9C82-4D17-BAE8-3E9AE4971B90}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Tom Clancy's Rainbow Six 3: Athena Sword (HKLM-x32\...\Steam App 19840) (Version: - Ubisoft)
Tom Clancy's Rainbow Six 3: Gold Edition (HKLM-x32\...\Steam App 19830) (Version: - Red Storm Entertainment)
Tom Clancy's Rainbow Six: Lockdown (HKLM-x32\...\Steam App 15000) (Version: - Red Storm Entertainment)
Tom Clancy's Rainbow Six: Vegas (HKLM-x32\...\Steam App 13540) (Version: - Ubisoft Montreal)
Tom Clancy's Rainbow Six: Vegas 2 (HKLM-x32\...\Steam App 15120) (Version: - Ubisoft Montreal)
Two Worlds II (HKLM-x32\...\Steam App 7520) (Version: - Reality Pump Studios)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.3.2.0 - Reality Pump)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Venetica (HKLM-x32\...\Venetica_is1) (Version: - dtp)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.31 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WISO Vermieter (HKLM-x32\...\WISO Vermieter) (Version: - Buhl Data Service GmbH)
WISO Vermieter (x32 Version: 4.00.0000 - Buhl Data Service GmbH) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zombie Army Trilogy (HKLM\...\Steam App 301640) (Version: - Rebellion)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {015B764E-5136-476A-8F87-E213A96E883B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {043FA639-3230-4EE0-9CE2-6E1D96F2A286} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {074B6866-9535-4836-8B7C-B8DFDAE57FA2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {07776147-8691-463C-B435-92D2BEB7E872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {0EC14F9F-BE55-4CFF-B762-316E6CEBD782} - System32\Tasks\{AB9E92A4-9344-45A0-A4D5-B72E4938858B} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {1D888F88-4ED9-4B8C-B7AA-A41342992511} - System32\Tasks\{6A425AC8-5D22-4853-93BB-13822683B9F2} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {1DC1CCB9-5375-4B5D-BEA4-552AD4124021} - System32\Tasks\HPCeeScheduleForTOMAS-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {2648CAA3-2936-41F8-8DB9-D7431A887171} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {36BDF27F-4931-416F-A382-055ABB6F6C9D} - System32\Tasks\{6D102FA2-4A2E-4DC2-814D-7FC7F8778D33} => pcalua.exe -a E:\launcher.exe -d E:\
Task: {3BC7D25B-5FE8-4282-BE86-9B7B8DF7ACED} - System32\Tasks\{FE7E28D6-4641-4E00-B13B-9F2749A4ABB8} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {4039B1C6-6B0E-43D3-98D9-EC13E662136F} - System32\Tasks\{11ED1B38-420D-4E94-84C1-6F3B4185F78B} => C:\Users\Tomas\Desktop\Simcity 2000 (2)\Simcity 2000\SC2000.EXE
Task: {448270B0-5154-498D-B24D-AE71E7DB5927} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4C87DCF1-75A5-4A32-96AD-2D6352BF757B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {50D38761-4B0C-4CA2-B442-D7ACA5178106} - System32\Tasks\{23FCA87D-2232-4A50-ACC8-26501ECEA08D} => pcalua.exe -a E:\setup.exe -d E:\
Task: {55FDF64B-3C5A-49F4-9EC4-597B575CA285} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {5B054539-F896-4349-8680-9AD87C217855} - System32\Tasks\HPCeeScheduleForTomas => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {5FFF9050-DFE2-4DF5-BC04-9AD8161DE825} - System32\Tasks\Google Updater and Installer => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {60C6872D-D8C5-4B88-8980-45D08F81447E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {623B5983-DF32-4F30-9D46-C6B9DC565EDB} - System32\Tasks\{1F88F87F-59B4-4461-A9E1-1564A2B8AF3A} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/203750
Task: {64F932D1-B6F2-41E0-9C5C-C3FCE821F644} - System32\Tasks\{B189FDA8-FD07-40E4-B63E-F34993074BD3} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {66373DB8-4A8D-49A8-88A9-7AC45A9257AE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {6E5B304E-12BC-46EF-AA2D-587AF5746DDC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {7DC60A66-FEFA-45F1-B37C-96DEAC5E33EF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {8077FE7E-1BBD-4C75-9F66-CA17637ACD4F} - System32\Tasks\{5F44405C-4518-442E-BE7A-4717FF655443} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {81E5D8B7-FD56-4812-B3EA-0154B9B76F95} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {82945558-549F-4466-8CE7-AEC7C78A4429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {837C3237-9508-4DB5-A012-098E91C0228E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {92341218-CB13-418D-A3ED-8C032B692686} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {931A7F3A-87EA-4784-9CA3-829508FC1DD0} - System32\Tasks\{43D05B11-7642-477D-88F7-9FC81EBD085F} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {947E8B85-6B88-414C-9F36-A0B52F2A92BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {97D57FBC-B035-440C-88E7-9E676CD64057} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {98771609-FE6E-4395-ABDE-646A70DA8FF9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {995DAC08-14F8-4AEA-9E7C-E650A14B20D1} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {9EE88514-786B-4C6B-B761-AD00A3815399} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {A08D7A04-51DC-48F1-BC25-3A4BA794242A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A13A7458-83D7-4361-A0B5-4DC7F109A993} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {A2D69FEC-BB6C-4569-8481-C5F7EE81F2E1} - System32\Tasks\{DAB547CB-8B06-42D5-9B76-EB98741270D2} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {A326FCAB-2038-4FB9-8D1E-02EBA937CB45} - System32\Tasks\{920C9929-92D7-448D-868C-0B8AB880DE2E} => pcalua.exe -a "C:\Users\Tomas\Downloads\2012-2_Flex-Neo-44 (2).exe" -d C:\Users\Tomas\Desktop
Task: {AAEF11FD-C50D-4CB7-8A51-37F0C839BAC0} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {ABE81196-0AAC-419A-993A-CA0F9FA7E738} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B0783751-AFAE-4BFF-B02A-3C74BBADC98E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {BB891099-3F04-45DA-8DFA-066AB33B0F7D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {C08595E8-34D9-4560-BC9C-F8A5842C5411} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {C6429797-F491-4F5C-BD36-6AC08CF60D18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {C72FB687-FCDC-4A14-8297-42EA47D82DF9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DFC1C1FF-7B49-408F-A8FA-1DDB498A32CF} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E4BA5D5E-0152-4B79-A57B-178F490CD608} - System32\Tasks\SafeZone scheduled Autoupdate 1461445001 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {E5BEEF19-6A21-4360-80FC-AC88B769AE8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {E83B962E-9EAC-41E1-905D-0315BDE4E230} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-09] (AVAST Software)
Task: {EDDE585F-6556-4451-B797-A427B3314F42} - System32\Tasks\{137F0F0B-9CAC-4B90-BD84-3AC07862630C} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {EF928D9F-F645-4BC7-8B5B-95BF88337607} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {F445CF6C-69E2-455D-8C04-D24EF3EC1628} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {FEE156CD-4156-4C22-AB6E-249DD66648B9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTomas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-08 21:34 - 2015-11-15 21:52 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-10-08 21:34 - 2015-11-15 21:52 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-01-07 19:26 - 2015-12-16 19:34 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-14 22:44 - 2016-05-14 22:44 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-14 22:44 - 2016-05-14 22:44 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-21 09:29 - 2016-05-21 09:29 - 00959168 _____ () C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-01-10 20:29 - 2016-01-10 20:29 - 00088576 _____ () C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2016-05-15 09:27 - 2016-05-15 09:27 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-14 22:44 - 2016-05-14 22:44 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-14 19:25 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 19:25 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 19:25 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 19:25 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00259472 _____ () C:\Program Files\AVAST Software\Avast\AvastNM.exe
2016-05-09 21:15 - 2016-05-09 21:15 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-23 19:30 - 2016-06-23 19:30 - 02948608 _____ () C:\Program Files\AVAST Software\Avast\defs\16062303\algo.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-15 09:03 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-05-15 09:03 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-05-15 09:03 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-05-15 09:27 - 2016-05-15 09:27 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-15 09:27 - 2016-05-15 09:27 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-21 09:29 - 2016-05-21 09:29 - 00679624 _____ () C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-04-23 22:51 - 2016-04-23 22:51 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-05-10 14:35 - 2016-04-15 14:45 - 62334968 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.dll
2016-05-10 14:35 - 2016-04-15 14:45 - 02074104 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\libglesv2.dll
2016-05-10 14:35 - 2016-04-15 14:45 - 00081400 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\localhost -> localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-06-24 15:16 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{BC72B0B2-008D-4ACC-BADC-4724F01C2177}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{8E7EDB47-1942-48E7-A875-1384B89336A5}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{486BBF95-9C53-4541-8F37-1A09675972DA}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{FF228F36-C5B7-4E04-8971-CEC821877B5C}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\DeviceSetup.exe
FirewallRules: [{3C66EC13-9713-42A7-832C-FCBF4605893A}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5482\hppiw.exe
FirewallRules: [{2DDBCEB5-6BDB-42CF-8BE9-0A1A854B6DF0}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5482\hppiw.exe
FirewallRules: [{F778022F-9FFD-44B3-B1C8-13C1C72EF195}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{BC353BF2-CBD3-4180-9B76-0C04D474DBEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{FE47BC15-2274-40F9-B4BA-1DEF39DC8F2D}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS2D7F\hppiw.exe
FirewallRules: [{1ED94C8A-B647-491E-A9C0-5E6F57AF1855}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS2D7F\hppiw.exe
FirewallRules: [{DDFDEDE6-26E2-4115-A926-70AE05B9B03D}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5801\hppiw.exe
FirewallRules: [{0A5DF2AE-6FF3-45A4-BA44-21CDD994BE44}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5801\hppiw.exe
FirewallRules: [{8B39FE93-7A55-4503-9513-6C65B06B4540}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5723\hppiw.exe
FirewallRules: [{EC08A9F5-2039-4564-85C7-BCFB70898064}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5723\hppiw.exe
FirewallRules: [{3E48CB04-668E-40AF-B25A-406676B6184D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{CDF75322-BED5-4400-ACCB-6BD8AA925C01}] => (Allow) LPort=3074
FirewallRules: [{74BDA901-9661-4F28-ACEE-7F32D5E35EF6}] => (Allow) LPort=3074
FirewallRules: [{C082EC7D-1265-4287-8441-769C6DD74E94}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{2C262B5B-C5A5-4F18-A796-A6F22BF5946F}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{886C4E83-5266-4704-BB8D-8323DB998389}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D3231A09-4030-4E4D-BCCA-96F14838B72F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3CC0B9D7-3BE1-4963-916F-F3AE0D6B4A64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{504A9536-2F6C-4049-9EF1-0B8AADDD56A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FFDEE91D-847F-422F-9D1C-D702C3C6FE7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61D7C4EB-C820-4163-A4FF-6CC64A757732}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A13A7EFF-E296-4E4F-B517-0FB953860368}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7458260C-9F66-4BF7-B5AD-BFB8E2A56530}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5EEFABE4-C717-4602-8C44-CC76B82F7711}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{40A77B7F-E735-4567-AB92-4B9BFBFD8D60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4D178AA9-1370-4706-B316-63C3807841D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5478CC0C-C4AF-44DB-93C9-9C8E93D1DF46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D2838B64-74A4-436C-B656-D669493F89CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{45761442-A197-477A-BCA5-F002C0A32AD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{44F8300D-DB9F-4C8B-AAF8-DF93293CF90A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{59EDCEAC-116F-4F3E-A197-B14905A46FB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{AC58D492-6A5A-4987-876C-78F21E5C16C4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2948F798-4BA0-406B-989B-25908874862B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7D0E2B03-6C32-4596-B323-0265E4011EB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4DF7E6E3-AA53-4AF5-B290-C16CD848D187}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{690DFD43-9F3D-43E0-9BC3-1DCCE1F45364}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas\Binaries\runme.exe
FirewallRules: [{452DBAE1-A10D-4D14-AC4D-6128E83521B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas\Binaries\runme.exe
FirewallRules: [{0B472C3D-3229-4BAD-A2D8-21A201F46A87}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{4A3E0DBB-ABFD-4F81-B9E6-B4E4C215E8CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{C1C72568-98CB-4F29-9BD7-1C73B10424B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Lockdown\lockdown.exe
FirewallRules: [{7D19C097-0CF4-4C3A-9C92-677DBA51DA1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Lockdown\lockdown.exe
FirewallRules: [{ED79CA32-0015-41ED-BF4E-FA75E79B5122}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six 3 Gold\system\RavenShield.exe
FirewallRules: [{B7BE17F4-763C-4BE8-8865-BA8783EB9E27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six 3 Gold\system\RavenShield.exe
FirewallRules: [{3A64016C-6F3D-4D75-B7B7-7ED8A559014C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39E473AF-8424-48FA-B2FE-4821BCDDA898}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6C4ACAC7-9580-4F20-A867-97FC8F0E8456}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{37B34069-0690-4A4C-9253-62A3CAEA2035}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{ACD5A8A5-8083-4E7D-8995-E124F129AE22}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5345C5A6-EBAF-423B-915B-61FB20FE6E79}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{48E3F0D8-1F82-4DFF-87EC-E94D042446FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{B6D91525-33EF-4E47-B5B0-6A175FDFE9BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{78266EAE-899C-4A4D-A1EC-CBD9E1E43956}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{F66D0B47-CB90-426B-B22C-06CFD3C8C8F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{BB0A8B0B-1893-409B-9E5C-CFC6CDABE4A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B44D2430-1965-4C0C-B148-599328CCBFDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{CAF95CB1-DBCA-491E-8A97-CF7A63B9D2B6}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{024E554E-8371-44DC-88DE-2550012CB6B5}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F5541F92-752B-4A10-A4D0-8339B5291747}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe
FirewallRules: [{BDB16204-A7DE-4A2F-A891-4903CA7107AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E7A1F02A-9436-4EC9-8103-F2BD2C6D8F44}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{765B0CBF-155E-45AE-BA56-5C80E2F46747}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [TCP Query User{2AA69840-EA09-4655-8057-EBB3F78C7DBB}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{C6CCFC75-853C-47E4-8A39-CD3F6D43FA74}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{B7414F31-6BE6-4DAA-B031-2E5789DA37E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{3793790D-E44F-46DE-8262-A4FF851BC947}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{4AEFB139-C303-4C49-A2A1-48F45924AFB6}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{77BA5C03-63C2-4FDC-B82E-FD248AB541C1}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{66F7D118-A2AA-434B-ABC8-A61E8067AC6B}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{CA084FBA-2E58-4FA3-B998-EA2769858ACD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{A71695B1-B31A-47C3-B323-22B0DBD31058}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{BB1EFC01-39D4-40C3-98C4-7431C9526984}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{2E7BFEF4-5164-45F7-B63C-5F9AF60B07D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{7F3A9522-B474-40CE-878E-60991D4A9168}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{11B5E6FA-12CB-4071-9203-3CA7F096E52F}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{E3BDEDAE-93B3-45EC-9699-9B172262F45A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A9F42220-CF62-4162-8EAB-4987DD6A599C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4940015B-4DD2-4D71-B33B-7762CC8A5C61}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{E0CD193B-268F-4B60-8E2B-DB7ED50B64F9}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{DBB541BD-E078-4DB7-8C18-75023FD0D634}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{084D4899-F745-4D31-AB78-50400BB964C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{088A97C5-A737-4F86-92DD-0C7175913B44}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{A3C6876D-FEC7-4853-B96D-36584D4450FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{B89018B0-FD68-486E-B59A-56FFEEC19AEC}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{6BEE8CBA-1EBB-452A-BE83-E5ECB7FB9202}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{1F210A28-7AFB-4BC4-9E87-EA1E331EB606}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithInDestiny.exe
FirewallRules: [{7E0E6576-8008-4B47-8C67-DB410CBD83DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithInDestiny.exe
FirewallRules: [{7EBAEC30-6320-4FA7-A5A1-A3AFF238BB7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\MapEditorFirstSteps.pdf
FirewallRules: [{14B8A8B5-2E0F-4553-91AC-A7D60E95FCD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\MapEditorFirstSteps.pdf
FirewallRules: [{C0BB5ED7-AC4A-4DFB-8DF1-96BF468EF67E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\SF2_FiD_Manual.pdf
FirewallRules: [{A26AF132-4589-4374-B96E-8DD9A22239EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\SF2_FiD_Manual.pdf
FirewallRules: [{E284E498-0E1D-44EF-80B8-24ABA76FC47F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithinDestinyEditor.exe
FirewallRules: [{0ABAB3FF-C609-4D59-BFD1-57CBDBD59EF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithinDestinyEditor.exe
FirewallRules: [{F7C2905F-C675-44A9-A119-D772AEAAA425}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D8D141F9-E04F-4367-8738-97AED5DA2032}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C2F4072B-72D7-4149-9354-D23062AD0060}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B1942367-F127-4CA4-B935-80DABB3057F4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{277B75FC-E6B4-4904-9505-5B0B2D07D14C}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{F6DA87B7-FBC6-4759-BE5B-F12728280F8D}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{8EE08553-A5FB-4CD3-AFD5-FADFAA9A4D10}] => (Allow) C:\Program Files (x86)\SEGA\Alpha Protocol\Binaries\APGame.exe
FirewallRules: [{C9A79531-EA58-4374-ABC5-3F68D804FEBF}] => (Allow) C:\Program Files (x86)\SEGA\Alpha Protocol\Binaries\APGame.exe
FirewallRules: [{5181CCC8-DA6F-4712-933C-BCD4D3E9FB5C}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{00B6FED3-59F6-4292-AA8B-609F2A5700B5}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{A6FA8FDB-D992-4A46-B3E1-06F50F433D41}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{D418144B-5124-4608-BDE6-13ECCAA997D4}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{8FBF5B78-356C-4A18-968A-63CA004207E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{0BE4E037-77B4-4966-8975-18E3C6F0304B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{43269863-3231-4C64-9921-3A5672E6B17D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{8E51BB4A-CB63-4642-9DE2-EAD26B94859F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{7D3CFC1A-7182-40A4-8FFA-CBB85C3F56C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B7B8D4F2-CE46-4780-B75A-DC0B3EF2E169}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2F9B65C7-ED06-4A42-B6DD-3D1CADAA9233}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{EE9FD726-1077-4EBB-98DE-730F7A7B7A7A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{841F574E-8B1B-41EA-A8A1-E17A017F666F}] => (Allow) LPort=1900
FirewallRules: [{1F7D10EA-AC30-4F79-BA27-6E4B0DDB68E4}] => (Allow) LPort=2869
FirewallRules: [{442EBAD6-8886-486F-804B-88709C1174F7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F4B1AA47-1FCD-4DAE-8782-C1C8CED97BEB}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{97C35FCC-9DF3-4EA3-AEC3-3490B7C115E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{540E9FBD-CBEF-4CD4-8CCE-42B479CBE565}] => (Allow) C:\Program Files\iTunes\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
13-06-2016 18:05:31 Geplanter Prüfpunkt
17-06-2016 15:33:07 Windows Update
18-06-2016 22:13:29 ASU_MSI_TRAN
22-06-2016 12:16:53 ASU_MSI_TRAN
23-06-2016 16:42:32 Malwarebytes Anti-Rootkit Restore Point
23-06-2016 20:14:10 JRT Pre-Junkware Removal
23-06-2016 20:16:42 JRT Pre-Junkware Removal
23-06-2016 20:20:28 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/23/2016 08:20:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/23/2016 08:16:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/23/2016 08:14:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/23/2016 04:42:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/22/2016 05:15:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RuntimeBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7e0
Name des fehlerhaften Moduls: Windows.Internal.Shell.Broker.dll, Version: 10.0.10586.420, Zeitstempel: 0x57491a6f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003baba
ID des fehlerhaften Prozesses: 0x99c
Startzeit der fehlerhaften Anwendung: 0xRuntimeBroker.exe0
Pfad der fehlerhaften Anwendung: RuntimeBroker.exe1
Pfad des fehlerhaften Moduls: RuntimeBroker.exe2
Berichtskennung: RuntimeBroker.exe3
Vollständiger Name des fehlerhaften Pakets: RuntimeBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RuntimeBroker.exe5
Error: (06/22/2016 04:30:43 PM) (Source: MsiInstaller) (EventID: 1002) (User: Tomas-HP)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".
Error: (06/22/2016 04:30:05 PM) (Source: HP Active Health) (EventID: 401) (User: )
Description: SmartDrive executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]
Error: (06/22/2016 04:29:56 PM) (Source: HP Active Health) (EventID: 1100) (User: )
Description: Agent DiskPhysical threw an exception: System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei HP.ActiveHealth.Agents.DiskPhysical.DiskPhysicalAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
bei HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
Error: (06/22/2016 04:29:54 PM) (Source: HP Active Health) (EventID: 1101) (User: )
Description: DiskPhysical executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]
Error: (06/22/2016 04:18:23 PM) (Source: HP Active Health) (EventID: 401) (User: )
Description: SmartDrive executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]
Systemfehler:
=============
Error: (06/24/2016 03:19:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetMsmqActivator" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/24/2016 03:19:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetMsmqActivator erreicht.
Error: (06/24/2016 03:19:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetPipeActivator" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/24/2016 03:19:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.
Error: (06/24/2016 03:18:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/24/2016 03:18:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.
Error: (06/24/2016 03:18:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SDScannerService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/24/2016 03:18:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SDScannerService erreicht.
Error: (06/24/2016 03:18:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/24/2016 03:18:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.
CodeIntegrity:
===================================
Date: 2016-06-23 21:09:08.302
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Microsoft signing level requirements.
Date: 2016-06-23 21:09:07.104
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook32.dll that did not meet the Microsoft signing level requirements.
Date: 2016-06-23 21:09:02.276
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-23 20:46:50.508
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 20:42:52.818
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 20:42:49.023
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 16:43:12.673
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 16:25:02.539
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-23 16:25:02.532
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-23 16:25:02.525
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 6124.83 MB
Verfügbarer physikalischer RAM: 3808.23 MB
Summe virtueller Speicher: 6508.83 MB
Verfügbarer virtueller Speicher: 3371.29 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:917.96 GB) (Free:604.71 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.01 GB) (Free:1.54 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB976AF0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 15:25 on 24/06/2016 by Tomas
Administrator - Elevation successful
========== folderfind ==========
Searching for "*PicBadges*"
C:\FRST\Quarantine\C\Program Files (x86)\PicBadges d------ [08:23 24/09/2012]
C:\FRST\Quarantine\C\Users\Tomas\AppData\Local\PicBadges d------ [13:16 24/06/2016]
C:\FRST\Quarantine\C\Users\Tomas\AppData\Local\PicBadges\PicBadges d------ [08:23 24/09/2012]
========== regfind ==========
Searching for "search.mpc.am"
No data found.
Searching for "MPC Cleaner"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\1a46430d_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0662&subsys_103c2abf&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\MPC Cleaner\MPCNews.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\1a46430d_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0662&subsys_103c2abf&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\MPC Cleaner\MPCNews.exe%b{00000000-0000-0000-0000-000000000000}"
Searching for "PicBadges"
[HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\PicBadges]
[HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\PicBadges\Code]
"AppJavaScript"="
appAPI.ready(function($) {
//open invisible iframe to send the trackEvent to GA
function sendTrackEvent(msg) {
/*var frame = document.createElement('iframe');
//this is unknown to get a fake page which doesn't need to be loaded.
frame.setAttribute('src','hxxp://www.picbadges.com/unknown.html');
document.body.appendChild(frame);
frame.onload = function () {
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-16293780-2']);
_gaq.push(['_trackEvent', msg.eventCategory, msg.eventAction]);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = 'https://ssl.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
};*/
}
//settings of GA
appAPI.analytics.settings.account = 'UA-16293780-2';
appAPI.analytics.settings.domain = 'picbadges.com';
appAPI.message.addListen
[HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\PicBadges\Code]
"BgJavaScript"="
appAPI.ready(function () {
var jewelTimeout = null;
var pbServer = 'www.picbadges.com';
// Browser button related
appAPI.browserAction.setResourceIcon("images/icon19.png");
appAPI.browserAction.setTitle("PicBadges");
appAPI.browserAction.onClick(function() {
appAPI.openURL('hxxp://' + pbServer + '/activity/?ref=plugin', "tab");
// Clear the current timeout and check again in 10 seconds as the feed count should be zeroed
clearTimeout(jewelTimeout);
jewelTimeout = setTimeout(updateJewel, 1000 * 10);
});
//
if(!appAPI.db.get("plugin_installed")) {
appAPI.db.set("plugin_installed", true);
appAPI.message.toActiveTab({ action : 'trackEvent', eventCategory : 'Plugin', eventAction : 'Installed'});
}
// Update jewel count
function updateJewel() {
appAPI.request.get('hxxp://' + pbServer + '/activity/stats/', function(data) {
//Tracks the server pings
appAPI.me
[HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\PicBadges\Installer]
"Folder"="C:\Program Files (x86)\PicBadges"
[HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\PicBadges\Manifest]
"Name"="PicBadges"
[HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\PicBadges\Manifest]
"Description"="PicBadges"
[HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\PicBadges\Manifest]
"PublisherName"="PicBadges.com"
[HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\PicBadges]
[HKEY_USERS\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\AppDataLow\Software\PicBadges]
[HKEY_USERS\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\AppDataLow\Software\PicBadges\Code]
"AppJavaScript"="
appAPI.ready(function($) {
//open invisible iframe to send the trackEvent to GA
function sendTrackEvent(msg) {
/*var frame = document.createElement('iframe');
//this is unknown to get a fake page which doesn't need to be loaded.
frame.setAttribute('src','hxxp://www.picbadges.com/unknown.html');
document.body.appendChild(frame);
frame.onload = function () {
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-16293780-2']);
_gaq.push(['_trackEvent', msg.eventCategory, msg.eventAction]);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = 'https://ssl.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
};*/
}
//settings of GA
appAPI.analytics.settings.account = 'UA-16293780-2';
appAPI.analytics.settings.domain = 'pic
[HKEY_USERS\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\AppDataLow\Software\PicBadges\Code]
"BgJavaScript"="
appAPI.ready(function () {
var jewelTimeout = null;
var pbServer = 'www.picbadges.com';
// Browser button related
appAPI.browserAction.setResourceIcon("images/icon19.png");
appAPI.browserAction.setTitle("PicBadges");
appAPI.browserAction.onClick(function() {
appAPI.openURL('hxxp://' + pbServer + '/activity/?ref=plugin', "tab");
// Clear the current timeout and check again in 10 seconds as the feed count should be zeroed
clearTimeout(jewelTimeout);
jewelTimeout = setTimeout(updateJewel, 1000 * 10);
});
//
if(!appAPI.db.get("plugin_installed")) {
appAPI.db.set("plugin_installed", true);
appAPI.message.toActiveTab({ action : 'trackEvent', eventCategory : 'Plugin', eventAction : 'Installed'});
}
// Update jewel count
function updateJewel() {
appAPI.request.get('hxxp://' + pbServer + '/activity/stats/', function(data) {
//
[HKEY_USERS\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\AppDataLow\Software\PicBadges\Installer]
"Folder"="C:\Program Files (x86)\PicBadges"
[HKEY_USERS\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\AppDataLow\Software\PicBadges\Manifest]
"Name"="PicBadges"
[HKEY_USERS\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\AppDataLow\Software\PicBadges\Manifest]
"Description"="PicBadges"
[HKEY_USERS\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\AppDataLow\Software\PicBadges\Manifest]
"PublisherName"="PicBadges.com"
[HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\PicBadges]
-= EOF =-
|
|
24.06.2016, 21:10
| #25 |
| /// TB-Ausbilder | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. Servus, wenn du Probleme mit den Schritten hast, dann kannst du mir das jederzeit mitteilen. Einfach mit der Bearbeitung stoppen und nachfragen (siehe meinen Eingangspost). Wenn es keine Probleme gibt, dann darf ich doch annehmen, dass man beispielsweise nach dem Suchlauf von AdwCleaner auch auf den "Löschen"-Button klickt (wie in der Anleitung beschrieben)... siehst du das anders? Bitte den Inhalt der fixlog.txt von FRST nochmal posten, sie ist unvollständig. Ich benötige die vollständige Logdatei. |
|
25.06.2016, 15:30
| #26 |
| | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Tomas (2016-06-24 15:16:44) Run:1
Gestartet von C:\Users\Tomas\Desktop
Geladene Profile: Tomas & DefaultAppPool (Verfügbare Profile: Tomas & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKLM -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei
FF NewTab: about:newtab
FF HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\extensions\cliqz@cliqz.com => nicht gefunden
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR HKLM-x32\...\Chrome\Extension: [kioiabaigfcehjmemdmnnmjegnjjckai] - C:\Users\Tomas\AppData\Local\PicBadges\Chrome\PicBadges.crx [2012-09-20]
C:\Users\Tomas\AppData\Local\PicBadges
C:\Users\Tomas\Downloads\*CHIP-Installer.exe
C:\Users\Tomas\Downloads\SpyHunter-Installer*.exe
C:\Program Files (x86)\PicBadges
C:\ProgramData\1548094.reg
C:\ProgramData\1548094.bat
Task: {19F2EBFF-6628-4197-A076-5BD3287107E9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {47495CB1-90A6-4F5E-9B59-7CEA95DF5E39} - System32\Tasks\{F8B5979A-1B28-4844-B885-D7673855CC71} => pcalua.exe -a "C:\Program Files (x86)\Plus-HD-9.1\Uninstall.exe" -c /fcp=1
C:\Program Files (x86)\Plus-HD-9.1
Task: {5228B819-0A60-478B-B146-793795A54A85} - \FF Watcher {33623A7B-0D3C-4499-9DB8-0F8929B49502} -> Keine Datei <==== ACHTUNG
Task: {685CDC09-3548-4954-8F39-7750EC8605FF} - \Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 -> Keine Datei <==== ACHTUNG
Task: {6D922CB3-386D-44ED-AF78-D0FABC2C64AA} - \globalUpdateUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {7E4454CE-1F54-425A-9AD1-56D68600E626} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {80C3446E-A855-4A45-8843-7F807577AF4A} - \LaunchApp -> Keine Datei <==== ACHTUNG
Task: {836816D2-5E8E-4204-8A0B-783FED231681} - System32\Tasks\{D68979DF-ACBB-4CEB-BB52-49121E0EE6FE} => pcalua.exe -a E:\demo32.exe -d E:\
Task: {8EE75E20-09C6-4241-AA8E-90407BAA4A8E} - \globalUpdateUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e
Task: {A0CCCDAD-5986-47CC-B123-05664BAE5E92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C24F2A9B-D53F-476D-9FA6-3F1A9FAC2223} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DB27CABE-D07C-443D-B627-CD6B113E76AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {DDE8F577-7F7E-451F-BAC0-0BD924EC25CD} - System32\Tasks\{4EE4C141-7087-4003-891A-77226BE5F133} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
Task: {FD159878-3EDA-45B4-A402-1C38542C5B04} - System32\Tasks\{3AAC1151-7BFD-4D4F-9A36-AFD5BD7B702B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}\setup.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Oblivion" -c /M{35CB6715-41F8-4F99-8881-6FC75BF054B0}
Unlock: C:\WINDOWS\system32\Drivers\etc\hosts
C:\WINDOWS\system32\Drivers\etc\hosts
Hosts:
CMD: type "C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\profiles.ini"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => Wert erfolgreich entfernt
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => Wert erfolgreich entfernt
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => Wert erfolgreich entfernt
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWith => Wert erfolgreich entfernt
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => Wert erfolgreich entfernt
"HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
"HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Schlüssel nicht gefunden.
Firefox "newtab" erfolgreich entfernt
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Mozilla\Firefox\Extensions\\cliqz@cliqz.com => Wert erfolgreich entfernt
Chrome HomePage => erfolgreich entfernt
Chrome StartupUrls => erfolgreich entfernt
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kioiabaigfcehjmemdmnnmjegnjjckai" => Schlüssel erfolgreich entfernt
C:\Users\Tomas\AppData\Local\PicBadges\Chrome\PicBadges.crx => erfolgreich verschoben
C:\Users\Tomas\AppData\Local\PicBadges => erfolgreich verschoben
=========== "C:\Users\Tomas\Downloads\*CHIP-Installer.exe" ==========
C:\Users\Tomas\Downloads\GeekUninstaller - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Tomas\Downloads\Revo Uninstaller - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Tomas\Downloads\Windows Installer Cleanup Alternative - CHIP-Installer.exe => erfolgreich verschoben
========= Ende -> "C:\Users\Tomas\Downloads\*CHIP-Installer.exe" ========
=========== "C:\Users\Tomas\Downloads\SpyHunter-Installer*.exe" ==========
C:\Users\Tomas\Downloads\SpyHunter-Installer (1).exe => erfolgreich verschoben
C:\Users\Tomas\Downloads\SpyHunter-Installer.exe => erfolgreich verschoben
========= Ende -> "C:\Users\Tomas\Downloads\SpyHunter-Installer*.exe" ========
C:\Program Files (x86)\PicBadges => erfolgreich verschoben
C:\ProgramData\1548094.reg => erfolgreich verschoben
C:\ProgramData\1548094.bat => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19F2EBFF-6628-4197-A076-5BD3287107E9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19F2EBFF-6628-4197-A076-5BD3287107E9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47495CB1-90A6-4F5E-9B59-7CEA95DF5E39}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47495CB1-90A6-4F5E-9B59-7CEA95DF5E39}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{F8B5979A-1B28-4844-B885-D7673855CC71} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F8B5979A-1B28-4844-B885-D7673855CC71}" => Schlüssel erfolgreich entfernt
"C:\Program Files (x86)\Plus-HD-9.1" => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5228B819-0A60-478B-B146-793795A54A85}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5228B819-0A60-478B-B146-793795A54A85}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FF Watcher {33623A7B-0D3C-4499-9DB8-0F8929B49502} => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{685CDC09-3548-4954-8F39-7750EC8605FF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{685CDC09-3548-4954-8F39-7750EC8605FF}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D922CB3-386D-44ED-AF78-D0FABC2C64AA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D922CB3-386D-44ED-AF78-D0FABC2C64AA}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E4454CE-1F54-425A-9AD1-56D68600E626}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E4454CE-1F54-425A-9AD1-56D68600E626}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80C3446E-A855-4A45-8843-7F807577AF4A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80C3446E-A855-4A45-8843-7F807577AF4A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchApp" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{836816D2-5E8E-4204-8A0B-783FED231681}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{836816D2-5E8E-4204-8A0B-783FED231681}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{D68979DF-ACBB-4CEB-BB52-49121E0EE6FE} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D68979DF-ACBB-4CEB-BB52-49121E0EE6FE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8EE75E20-09C6-4241-AA8E-90407BAA4A8E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EE75E20-09C6-4241-AA8E-90407BAA4A8E}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore => Schlüssel nicht gefunden.
"C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e" => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0CCCDAD-5986-47CC-B123-05664BAE5E92}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0CCCDAD-5986-47CC-B123-05664BAE5E92}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C24F2A9B-D53F-476D-9FA6-3F1A9FAC2223}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C24F2A9B-D53F-476D-9FA6-3F1A9FAC2223}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB27CABE-D07C-443D-B627-CD6B113E76AE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB27CABE-D07C-443D-B627-CD6B113E76AE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDE8F577-7F7E-451F-BAC0-0BD924EC25CD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDE8F577-7F7E-451F-BAC0-0BD924EC25CD}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{4EE4C141-7087-4003-891A-77226BE5F133} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4EE4C141-7087-4003-891A-77226BE5F133}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD159878-3EDA-45B4-A402-1C38542C5B04}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD159878-3EDA-45B4-A402-1C38542C5B04}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{3AAC1151-7BFD-4D4F-9A36-AFD5BD7B702B} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3AAC1151-7BFD-4D4F-9A36-AFD5BD7B702B}" => Schlüssel erfolgreich entfernt
"C:\WINDOWS\system32\Drivers\etc\hosts" => wurde entsperrt
C:\WINDOWS\system32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
========= type "C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\profiles.ini" =========
[General]
StartWithLastProfile=1
[Profile0]
Name=default
IsRelative=1
Path=Profiles/oriifoaj.default
========= Ende von CMD: =========
========= RemoveProxy: =========
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 48397 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 69853026 B
Java, Flash, Steam htmlcache => 370561579 B
Windows/system/drivers => 168294794 B
Edge => 1489897 B
Chrome => 13709706 B
Firefox => 50985412 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 23661334 B
NetworkService => 30000000 B
Tomas => 185259053 B
DefaultAppPool => 0 B
RecycleBin => 0 B
EmptyTemp: => 871.5 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 15:17:03 ====
 Hi, machst du nie Fehler?Solltest du mal in der Nähe von Stuttgart sein, lade ich gerne auf ein Kaffee oder Bier ein und dann können wir gerne darüber diskutieren. |
|
25.06.2016, 19:54
| #27 |
| /// TB-Ausbilder | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. Servus, klar, ständig.  Ich weiß nicht, ob ich mal nach Stuttgart kommen werde, wohne in Bayern.  Für ein Bierchen bin ich aber immer zu haben, sofern es gut ist.  Kannst du bitte AdwCleaner nochmal ausführen?
|
|
26.06.2016, 15:33
| #28 |
| | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.Code:
ATTFilter # AdwCleaner v5.200 - Bericht erstellt am 26/06/2016 um 16:26:06
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-25.3 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Tomas - TOMAS-HP
# Gestartet von : C:\Users\Tomas\Downloads\adwcleaner_5.200.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [31436 Bytes] - [22/06/2016 15:39:56]
C:\AdwCleaner\AdwCleaner[C2].txt - [9276 Bytes] - [23/06/2016 14:20:55]
C:\AdwCleaner\AdwCleaner[C3].txt - [2170 Bytes] - [25/06/2016 16:39:58]
C:\AdwCleaner\AdwCleaner[C4].txt - [1968 Bytes] - [26/06/2016 12:25:28]
C:\AdwCleaner\AdwCleaner[C5].txt - [1229 Bytes] - [26/06/2016 16:26:06]
C:\AdwCleaner\AdwCleaner[R0].txt - [28205 Bytes] - [13/06/2014 21:04:08]
C:\AdwCleaner\AdwCleaner[S0].txt - [24333 Bytes] - [13/06/2014 21:04:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [31912 Bytes] - [22/06/2016 15:35:31]
C:\AdwCleaner\AdwCleaner[S2].txt - [8606 Bytes] - [22/06/2016 18:24:59]
C:\AdwCleaner\AdwCleaner[S3].txt - [8737 Bytes] - [23/06/2016 14:13:55]
C:\AdwCleaner\AdwCleaner[S4].txt - [8810 Bytes] - [23/06/2016 14:18:46]
C:\AdwCleaner\AdwCleaner[S5].txt - [1895 Bytes] - [23/06/2016 19:40:20]
C:\AdwCleaner\AdwCleaner[S6].txt - [1909 Bytes] - [25/06/2016 16:34:54]
C:\AdwCleaner\AdwCleaner[S7].txt - [1638 Bytes] - [26/06/2016 12:23:53]
C:\AdwCleaner\AdwCleaner[S8].txt - [1784 Bytes] - [26/06/2016 16:24:32]
########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [2035 Bytes] ##########
Hi, natürlich gibts bei uns gutes Bier und gutes Essen... |
|
27.06.2016, 13:14
| #29 |
| /// TB-Ausbilder | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. Servus, nochmal FRST bitte. Wie läuft der Rechner bisher? Ist noch was von MPC Cleaner zu sehen?
|
|
27.06.2016, 15:12
| #30 |
| | Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02
durchgeführt von Tomas (2016-06-27 16:00:28)
Gestartet von C:\Users\Tomas\Desktop
Windows 10 Home Version 1511 (X64) (2016-05-14 21:13:29)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2924648203-2002222509-804629142-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2924648203-2002222509-804629142-503 - Limited - Disabled)
Gast (S-1-5-21-2924648203-2002222509-804629142-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2924648203-2002222509-804629142-1002 - Limited - Enabled)
Tomas (S-1-5-21-2924648203-2002222509-804629142-1001 - Administrator - Enabled) => C:\Users\Tomas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Spybot - Search and Destroy (Disabled - Up to date) {1A0DDE8C-B4BA-EFDD-22A8-0F557C7985F0}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Alpha Protocol (HKLM-x32\...\{D37FE0E3-B1A9-4E41-AB5D-DA62E04D2C42}) (Version: 1.00.0000 - SEGA Corporation)
Amazon Kindle (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Amazon Kindle) (Version: - Amazon)
Amazon Kindle (HKU\S-1-5-21-2924648203-2002222509-804629142-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version: - Amazon)
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anno 1701 - Der Fluch des Drachen (HKLM-x32\...\{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}) (Version: 2.03 - Sunflowers)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crossfire 1.9 (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Crossfire 1.9) (Version: 1.90.00.00 - SWAT-Portal)
Crossfire 1.9 (HKU\S-1-5-21-2924648203-2002222509-804629142-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Crossfire 1.9) (Version: 1.90.00.00 - SWAT-Portal)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deus Ex: The Fall (HKLM-x32\...\Steam App 258180) (Version: - Square Enix)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version: - Obsidian Entertainment)
Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.0.0.10960 - Landesfinanzdirektion Thüringen)
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.18 - NCH Software)
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
Facebook Games Arcade 0.6.0.1 (HKLM-x32\...\{F31484D6-A5E7-401E-B571-8B035E27AB56}) (Version: 0.6.0.1 - Facebook)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät (HKLM\...\{48DF59F8-2ACD-4F1F-87F3-D820FE7A6178}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.4.18.7 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 3.2.0 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 8.2 - EasyBits Software AS)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.96.5684 - Electronic Arts)
SiSoftware Sandra Lite 2014.SP3e (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 20.50.2014.10 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
SMSC LAN7500 Device Driver (HKLM\...\{0F646F15-F7F6-448C-BF1C-FAB816D4AEB1}) (Version: 1.2.0.0 - SMSC)
SpellForce 2 - Faith in Destiny (HKLM-x32\...\Steam App 65530) (Version: - Mind Over Matter Studios)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Star Wars(tm) Knights of the Old Republic(tm) II: The Sith Lords(tm) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3070 B611 series Produkten (HKLM\...\{CAD7B6DD-9C82-4D17-BAE8-3E9AE4971B90}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Tom Clancy's Rainbow Six 3: Athena Sword (HKLM-x32\...\Steam App 19840) (Version: - Ubisoft)
Tom Clancy's Rainbow Six 3: Gold Edition (HKLM-x32\...\Steam App 19830) (Version: - Red Storm Entertainment)
Tom Clancy's Rainbow Six: Lockdown (HKLM-x32\...\Steam App 15000) (Version: - Red Storm Entertainment)
Tom Clancy's Rainbow Six: Vegas (HKLM-x32\...\Steam App 13540) (Version: - Ubisoft Montreal)
Tom Clancy's Rainbow Six: Vegas 2 (HKLM-x32\...\Steam App 15120) (Version: - Ubisoft Montreal)
Two Worlds II (HKLM-x32\...\Steam App 7520) (Version: - Reality Pump Studios)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.3.2.0 - Reality Pump)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2924648203-2002222509-804629142-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Venetica (HKLM-x32\...\Venetica_is1) (Version: - dtp)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.31 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WISO Vermieter (HKLM-x32\...\WISO Vermieter) (Version: - Buhl Data Service GmbH)
WISO Vermieter (x32 Version: 4.00.0000 - Buhl Data Service GmbH) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zombie Army Trilogy (HKLM\...\Steam App 301640) (Version: - Rebellion)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {015B764E-5136-476A-8F87-E213A96E883B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {043FA639-3230-4EE0-9CE2-6E1D96F2A286} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {074B6866-9535-4836-8B7C-B8DFDAE57FA2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {07776147-8691-463C-B435-92D2BEB7E872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {0EC14F9F-BE55-4CFF-B762-316E6CEBD782} - System32\Tasks\{AB9E92A4-9344-45A0-A4D5-B72E4938858B} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {1D888F88-4ED9-4B8C-B7AA-A41342992511} - System32\Tasks\{6A425AC8-5D22-4853-93BB-13822683B9F2} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {1DC1CCB9-5375-4B5D-BEA4-552AD4124021} - System32\Tasks\HPCeeScheduleForTOMAS-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {2648CAA3-2936-41F8-8DB9-D7431A887171} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {36BDF27F-4931-416F-A382-055ABB6F6C9D} - System32\Tasks\{6D102FA2-4A2E-4DC2-814D-7FC7F8778D33} => pcalua.exe -a E:\launcher.exe -d E:\
Task: {3BC7D25B-5FE8-4282-BE86-9B7B8DF7ACED} - System32\Tasks\{FE7E28D6-4641-4E00-B13B-9F2749A4ABB8} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {4039B1C6-6B0E-43D3-98D9-EC13E662136F} - System32\Tasks\{11ED1B38-420D-4E94-84C1-6F3B4185F78B} => C:\Users\Tomas\Desktop\Simcity 2000 (2)\Simcity 2000\SC2000.EXE
Task: {448270B0-5154-498D-B24D-AE71E7DB5927} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4C87DCF1-75A5-4A32-96AD-2D6352BF757B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {50D38761-4B0C-4CA2-B442-D7ACA5178106} - System32\Tasks\{23FCA87D-2232-4A50-ACC8-26501ECEA08D} => pcalua.exe -a E:\setup.exe -d E:\
Task: {55FDF64B-3C5A-49F4-9EC4-597B575CA285} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {5B054539-F896-4349-8680-9AD87C217855} - System32\Tasks\HPCeeScheduleForTomas => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {5FFF9050-DFE2-4DF5-BC04-9AD8161DE825} - System32\Tasks\Google Updater and Installer => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {60C6872D-D8C5-4B88-8980-45D08F81447E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {623B5983-DF32-4F30-9D46-C6B9DC565EDB} - System32\Tasks\{1F88F87F-59B4-4461-A9E1-1564A2B8AF3A} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/203750
Task: {64F932D1-B6F2-41E0-9C5C-C3FCE821F644} - System32\Tasks\{B189FDA8-FD07-40E4-B63E-F34993074BD3} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {66373DB8-4A8D-49A8-88A9-7AC45A9257AE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {6E5B304E-12BC-46EF-AA2D-587AF5746DDC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {7DC60A66-FEFA-45F1-B37C-96DEAC5E33EF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {8077FE7E-1BBD-4C75-9F66-CA17637ACD4F} - System32\Tasks\{5F44405C-4518-442E-BE7A-4717FF655443} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {81E5D8B7-FD56-4812-B3EA-0154B9B76F95} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {82945558-549F-4466-8CE7-AEC7C78A4429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {837C3237-9508-4DB5-A012-098E91C0228E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {92341218-CB13-418D-A3ED-8C032B692686} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {931A7F3A-87EA-4784-9CA3-829508FC1DD0} - System32\Tasks\{43D05B11-7642-477D-88F7-9FC81EBD085F} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {947E8B85-6B88-414C-9F36-A0B52F2A92BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {97D57FBC-B035-440C-88E7-9E676CD64057} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {98771609-FE6E-4395-ABDE-646A70DA8FF9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {995DAC08-14F8-4AEA-9E7C-E650A14B20D1} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {9EE88514-786B-4C6B-B761-AD00A3815399} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {A08D7A04-51DC-48F1-BC25-3A4BA794242A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A13A7458-83D7-4361-A0B5-4DC7F109A993} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {A2D69FEC-BB6C-4569-8481-C5F7EE81F2E1} - System32\Tasks\{DAB547CB-8B06-42D5-9B76-EB98741270D2} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {A326FCAB-2038-4FB9-8D1E-02EBA937CB45} - System32\Tasks\{920C9929-92D7-448D-868C-0B8AB880DE2E} => pcalua.exe -a "C:\Users\Tomas\Downloads\2012-2_Flex-Neo-44 (2).exe" -d C:\Users\Tomas\Desktop
Task: {AAEF11FD-C50D-4CB7-8A51-37F0C839BAC0} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {ABE81196-0AAC-419A-993A-CA0F9FA7E738} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B0783751-AFAE-4BFF-B02A-3C74BBADC98E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {BB891099-3F04-45DA-8DFA-066AB33B0F7D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {C08595E8-34D9-4560-BC9C-F8A5842C5411} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {C6429797-F491-4F5C-BD36-6AC08CF60D18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {C72FB687-FCDC-4A14-8297-42EA47D82DF9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DFC1C1FF-7B49-408F-A8FA-1DDB498A32CF} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E4BA5D5E-0152-4B79-A57B-178F490CD608} - System32\Tasks\SafeZone scheduled Autoupdate 1461445001 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {E5BEEF19-6A21-4360-80FC-AC88B769AE8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {E83B962E-9EAC-41E1-905D-0315BDE4E230} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-09] (AVAST Software)
Task: {EDDE585F-6556-4451-B797-A427B3314F42} - System32\Tasks\{137F0F0B-9CAC-4B90-BD84-3AC07862630C} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {EF928D9F-F645-4BC7-8B5B-95BF88337607} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {F445CF6C-69E2-455D-8C04-D24EF3EC1628} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {FEE156CD-4156-4C22-AB6E-249DD66648B9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTomas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Tomas\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.html (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{F484D788-8D4B-4C99-93BE-F2AEF8BEE21A}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{F484D788-8D4B-4C99-93BE-F2AEF8BEE21A}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.kotor2.com/ (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{F450AC81-5367-4E1F-8D33-C00BA2371DDB}\SupportTasks\1\Support.lnk -> hxxp://support.ubi.com/ (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{F450AC81-5367-4E1F-8D33-C00BA2371DDB}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.raven-shield.com/ (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{ED7B5F84-4D14-45B2-90B5-995FBC1C51FE}\SupportTasks\1\Technische hilfe.lnk -> hxxp:\assassinscreed.de.ubi.com\( (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{ED7B5F84-4D14-45B2-90B5-995FBC1C51FE}\SupportTasks\0\Internetseite.lnk -> hxxp:\assassinscreed.de.ubi.com\( (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{7EE1CC57-525D-405D-8563-22822906D4E3}\SupportTasks\1\Ubi.com besuchen.lnk -> hxxp:\www.ubi.com\( (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{7EE1CC57-525D-405D-8563-22822906D4E3}\SupportTasks\0\Anno-Portal.de besuchen.lnk -> hxxp:\( (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{7CABEDD8-D114-4637-9D70-D8D189FC4521}\SupportTasks\1\Ubi.com.lnk -> hxxp:\www.ubi.com\( (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{7CABEDD8-D114-4637-9D70-D8D189FC4521}\SupportTasks\0\Anno-Portal.de besuchen.lnk -> hxxp:\( (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{135C0151-9447-4953-AC9D-69193B7520A5}\SupportTasks\1\Support.lnk -> hxxp://support.microsoft.com/directory/ (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{135C0151-9447-4953-AC9D-69193B7520A5}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.microsoft.com/games/age2/ (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{123D432C-E78F-4F99-BDFB-BF71B4FB4243}\SupportTasks\1\Support.lnk -> hxxp://support.microsoft.com/directory/ (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{123D432C-E78F-4F99-BDFB-BF71B4FB4243}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.ensemblestudios.com/aoeiix/index.shtml/ (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{07C76A24-1C5E-4A23-9B69-5ACA9A5B511C}\SupportTasks\1\Support.lnk -> hxxp://support.ubi.com/ (Keine Datei)
Shortcut: C:\Users\Tomas\AppData\Local\Microsoft\Windows\GameExplorer\{07C76A24-1C5E-4A23-9B69-5ACA9A5B511C}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.rainbowsixgame.com/ (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-08 21:34 - 2015-11-15 21:52 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-05-14 22:44 - 2016-05-14 22:44 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-14 22:44 - 2016-05-14 22:44 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-21 09:29 - 2016-05-21 09:29 - 00959168 _____ () C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-15 09:27 - 2016-05-15 09:27 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-07 19:26 - 2015-12-16 19:34 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-10-08 21:34 - 2015-11-15 21:52 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-14 22:44 - 2016-05-14 22:44 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-14 19:25 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 19:25 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 19:25 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 19:25 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00259472 _____ () C:\Program Files\AVAST Software\Avast\AvastNM.exe
2016-05-09 21:15 - 2016-05-09 21:15 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-26 20:29 - 2016-06-26 20:29 - 02948608 _____ () C:\Program Files\AVAST Software\Avast\defs\16062601\algo.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-27 11:34 - 2016-06-27 11:34 - 02948608 _____ () C:\Program Files\AVAST Software\Avast\defs\16062700\algo.dll
2016-05-15 09:27 - 2016-05-15 09:27 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-15 09:27 - 2016-05-15 09:27 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-15 09:03 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-05-15 09:03 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-05-15 09:03 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-05-21 09:29 - 2016-05-21 09:29 - 00679624 _____ () C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-04-23 22:51 - 2016-04-23 22:51 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-03-27 19:32 - 2016-06-26 16:35 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2016-03-27 19:32 - 2016-06-26 16:35 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2016-03-27 19:32 - 2016-06-26 16:35 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2016-03-27 19:32 - 2016-06-26 16:35 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2016-03-27 19:32 - 2016-06-26 16:35 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2016-03-27 19:32 - 2016-06-26 16:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2016-03-27 19:32 - 2016-06-26 16:35 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2016-03-27 19:32 - 2016-06-26 16:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2016-03-27 19:32 - 2016-06-26 16:35 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2016-05-10 14:35 - 2016-04-15 14:45 - 62334968 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.dll
2016-05-10 14:35 - 2016-04-15 14:45 - 02074104 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\libglesv2.dll
2016-05-10 14:35 - 2016-04-15 14:45 - 00081400 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2924648203-2002222509-804629142-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-2924648203-2002222509-804629142-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\localhost -> localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-06-24 15:16 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2924648203-2002222509-804629142-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{BC72B0B2-008D-4ACC-BADC-4724F01C2177}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{8E7EDB47-1942-48E7-A875-1384B89336A5}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{486BBF95-9C53-4541-8F37-1A09675972DA}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{FF228F36-C5B7-4E04-8971-CEC821877B5C}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\DeviceSetup.exe
FirewallRules: [{3C66EC13-9713-42A7-832C-FCBF4605893A}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5482\hppiw.exe
FirewallRules: [{2DDBCEB5-6BDB-42CF-8BE9-0A1A854B6DF0}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5482\hppiw.exe
FirewallRules: [{F778022F-9FFD-44B3-B1C8-13C1C72EF195}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{BC353BF2-CBD3-4180-9B76-0C04D474DBEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{FE47BC15-2274-40F9-B4BA-1DEF39DC8F2D}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS2D7F\hppiw.exe
FirewallRules: [{1ED94C8A-B647-491E-A9C0-5E6F57AF1855}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS2D7F\hppiw.exe
FirewallRules: [{DDFDEDE6-26E2-4115-A926-70AE05B9B03D}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5801\hppiw.exe
FirewallRules: [{0A5DF2AE-6FF3-45A4-BA44-21CDD994BE44}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5801\hppiw.exe
FirewallRules: [{8B39FE93-7A55-4503-9513-6C65B06B4540}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5723\hppiw.exe
FirewallRules: [{EC08A9F5-2039-4564-85C7-BCFB70898064}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5723\hppiw.exe
FirewallRules: [{3E48CB04-668E-40AF-B25A-406676B6184D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{CDF75322-BED5-4400-ACCB-6BD8AA925C01}] => (Allow) LPort=3074
FirewallRules: [{74BDA901-9661-4F28-ACEE-7F32D5E35EF6}] => (Allow) LPort=3074
FirewallRules: [{886C4E83-5266-4704-BB8D-8323DB998389}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D3231A09-4030-4E4D-BCCA-96F14838B72F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3CC0B9D7-3BE1-4963-916F-F3AE0D6B4A64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{504A9536-2F6C-4049-9EF1-0B8AADDD56A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FFDEE91D-847F-422F-9D1C-D702C3C6FE7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61D7C4EB-C820-4163-A4FF-6CC64A757732}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A13A7EFF-E296-4E4F-B517-0FB953860368}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7458260C-9F66-4BF7-B5AD-BFB8E2A56530}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5EEFABE4-C717-4602-8C44-CC76B82F7711}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{40A77B7F-E735-4567-AB92-4B9BFBFD8D60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4D178AA9-1370-4706-B316-63C3807841D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5478CC0C-C4AF-44DB-93C9-9C8E93D1DF46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D2838B64-74A4-436C-B656-D669493F89CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{45761442-A197-477A-BCA5-F002C0A32AD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{44F8300D-DB9F-4C8B-AAF8-DF93293CF90A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{59EDCEAC-116F-4F3E-A197-B14905A46FB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{AC58D492-6A5A-4987-876C-78F21E5C16C4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2948F798-4BA0-406B-989B-25908874862B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7D0E2B03-6C32-4596-B323-0265E4011EB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4DF7E6E3-AA53-4AF5-B290-C16CD848D187}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{690DFD43-9F3D-43E0-9BC3-1DCCE1F45364}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas\Binaries\runme.exe
FirewallRules: [{452DBAE1-A10D-4D14-AC4D-6128E83521B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas\Binaries\runme.exe
FirewallRules: [{0B472C3D-3229-4BAD-A2D8-21A201F46A87}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{4A3E0DBB-ABFD-4F81-B9E6-B4E4C215E8CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{C1C72568-98CB-4F29-9BD7-1C73B10424B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Lockdown\lockdown.exe
FirewallRules: [{7D19C097-0CF4-4C3A-9C92-677DBA51DA1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Lockdown\lockdown.exe
FirewallRules: [{ED79CA32-0015-41ED-BF4E-FA75E79B5122}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six 3 Gold\system\RavenShield.exe
FirewallRules: [{B7BE17F4-763C-4BE8-8865-BA8783EB9E27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six 3 Gold\system\RavenShield.exe
FirewallRules: [{3A64016C-6F3D-4D75-B7B7-7ED8A559014C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39E473AF-8424-48FA-B2FE-4821BCDDA898}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6C4ACAC7-9580-4F20-A867-97FC8F0E8456}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{37B34069-0690-4A4C-9253-62A3CAEA2035}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{ACD5A8A5-8083-4E7D-8995-E124F129AE22}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5345C5A6-EBAF-423B-915B-61FB20FE6E79}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{48E3F0D8-1F82-4DFF-87EC-E94D042446FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{B6D91525-33EF-4E47-B5B0-6A175FDFE9BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{78266EAE-899C-4A4D-A1EC-CBD9E1E43956}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{F66D0B47-CB90-426B-B22C-06CFD3C8C8F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{BB0A8B0B-1893-409B-9E5C-CFC6CDABE4A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B44D2430-1965-4C0C-B148-599328CCBFDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{CAF95CB1-DBCA-491E-8A97-CF7A63B9D2B6}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{024E554E-8371-44DC-88DE-2550012CB6B5}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F5541F92-752B-4A10-A4D0-8339B5291747}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe
FirewallRules: [{BDB16204-A7DE-4A2F-A891-4903CA7107AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E7A1F02A-9436-4EC9-8103-F2BD2C6D8F44}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{765B0CBF-155E-45AE-BA56-5C80E2F46747}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [TCP Query User{2AA69840-EA09-4655-8057-EBB3F78C7DBB}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{C6CCFC75-853C-47E4-8A39-CD3F6D43FA74}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{B7414F31-6BE6-4DAA-B031-2E5789DA37E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{3793790D-E44F-46DE-8262-A4FF851BC947}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{4AEFB139-C303-4C49-A2A1-48F45924AFB6}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{77BA5C03-63C2-4FDC-B82E-FD248AB541C1}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{66F7D118-A2AA-434B-ABC8-A61E8067AC6B}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{CA084FBA-2E58-4FA3-B998-EA2769858ACD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{A71695B1-B31A-47C3-B323-22B0DBD31058}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{BB1EFC01-39D4-40C3-98C4-7431C9526984}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{2E7BFEF4-5164-45F7-B63C-5F9AF60B07D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{7F3A9522-B474-40CE-878E-60991D4A9168}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{11B5E6FA-12CB-4071-9203-3CA7F096E52F}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{E3BDEDAE-93B3-45EC-9699-9B172262F45A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A9F42220-CF62-4162-8EAB-4987DD6A599C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4940015B-4DD2-4D71-B33B-7762CC8A5C61}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{E0CD193B-268F-4B60-8E2B-DB7ED50B64F9}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{DBB541BD-E078-4DB7-8C18-75023FD0D634}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{084D4899-F745-4D31-AB78-50400BB964C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{088A97C5-A737-4F86-92DD-0C7175913B44}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{A3C6876D-FEC7-4853-B96D-36584D4450FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{B89018B0-FD68-486E-B59A-56FFEEC19AEC}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{6BEE8CBA-1EBB-452A-BE83-E5ECB7FB9202}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{1F210A28-7AFB-4BC4-9E87-EA1E331EB606}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithInDestiny.exe
FirewallRules: [{7E0E6576-8008-4B47-8C67-DB410CBD83DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithInDestiny.exe
FirewallRules: [{7EBAEC30-6320-4FA7-A5A1-A3AFF238BB7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\MapEditorFirstSteps.pdf
FirewallRules: [{14B8A8B5-2E0F-4553-91AC-A7D60E95FCD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\MapEditorFirstSteps.pdf
FirewallRules: [{C0BB5ED7-AC4A-4DFB-8DF1-96BF468EF67E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\SF2_FiD_Manual.pdf
FirewallRules: [{A26AF132-4589-4374-B96E-8DD9A22239EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\SF2_FiD_Manual.pdf
FirewallRules: [{E284E498-0E1D-44EF-80B8-24ABA76FC47F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithinDestinyEditor.exe
FirewallRules: [{0ABAB3FF-C609-4D59-BFD1-57CBDBD59EF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithinDestinyEditor.exe
FirewallRules: [{F7C2905F-C675-44A9-A119-D772AEAAA425}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D8D141F9-E04F-4367-8738-97AED5DA2032}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C2F4072B-72D7-4149-9354-D23062AD0060}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B1942367-F127-4CA4-B935-80DABB3057F4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{277B75FC-E6B4-4904-9505-5B0B2D07D14C}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{F6DA87B7-FBC6-4759-BE5B-F12728280F8D}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{8EE08553-A5FB-4CD3-AFD5-FADFAA9A4D10}] => (Allow) C:\Program Files (x86)\SEGA\Alpha Protocol\Binaries\APGame.exe
FirewallRules: [{C9A79531-EA58-4374-ABC5-3F68D804FEBF}] => (Allow) C:\Program Files (x86)\SEGA\Alpha Protocol\Binaries\APGame.exe
FirewallRules: [{5181CCC8-DA6F-4712-933C-BCD4D3E9FB5C}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{00B6FED3-59F6-4292-AA8B-609F2A5700B5}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{A6FA8FDB-D992-4A46-B3E1-06F50F433D41}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{D418144B-5124-4608-BDE6-13ECCAA997D4}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{8FBF5B78-356C-4A18-968A-63CA004207E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{0BE4E037-77B4-4966-8975-18E3C6F0304B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{43269863-3231-4C64-9921-3A5672E6B17D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{8E51BB4A-CB63-4642-9DE2-EAD26B94859F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{7D3CFC1A-7182-40A4-8FFA-CBB85C3F56C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B7B8D4F2-CE46-4780-B75A-DC0B3EF2E169}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2F9B65C7-ED06-4A42-B6DD-3D1CADAA9233}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{EE9FD726-1077-4EBB-98DE-730F7A7B7A7A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{841F574E-8B1B-41EA-A8A1-E17A017F666F}] => (Allow) LPort=1900
FirewallRules: [{1F7D10EA-AC30-4F79-BA27-6E4B0DDB68E4}] => (Allow) LPort=2869
FirewallRules: [{442EBAD6-8886-486F-804B-88709C1174F7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F4B1AA47-1FCD-4DAE-8782-C1C8CED97BEB}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{97C35FCC-9DF3-4EA3-AEC3-3490B7C115E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{540E9FBD-CBEF-4CD4-8CCE-42B479CBE565}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{470D3440-0191-41C2-86C2-225DD87D4B73}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{4CD90E25-858E-4461-8D1B-ECBF7D8F0A9E}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
13-06-2016 18:05:31 Geplanter Prüfpunkt
17-06-2016 15:33:07 Windows Update
18-06-2016 22:13:29 ASU_MSI_TRAN
22-06-2016 12:16:53 ASU_MSI_TRAN
23-06-2016 16:42:32 Malwarebytes Anti-Rootkit Restore Point
23-06-2016 20:14:10 JRT Pre-Junkware Removal
23-06-2016 20:16:42 JRT Pre-Junkware Removal
23-06-2016 20:20:28 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/26/2016 12:31:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tomas-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/26/2016 12:28:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tomas-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/26/2016 12:28:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tomas-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/26/2016 12:28:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tomas-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/26/2016 12:28:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tomas-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/26/2016 12:28:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tomas-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/26/2016 12:28:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tomas-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/23/2016 08:20:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/23/2016 08:16:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/23/2016 08:14:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (06/27/2016 11:33:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SDScannerService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/27/2016 11:33:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SDScannerService erreicht.
Error: (06/27/2016 11:33:08 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058 = Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (06/26/2016 11:01:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1d043" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/26/2016 04:28:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetMsmqActivator" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/26/2016 04:28:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetMsmqActivator erreicht.
Error: (06/26/2016 04:28:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetPipeActivator" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/26/2016 04:28:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.
Error: (06/26/2016 04:28:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SDScannerService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/26/2016 04:28:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SDScannerService erreicht.
CodeIntegrity:
===================================
Date: 2016-06-26 16:20:12.570
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 15:05:58.952
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 14:54:39.526
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 14:41:33.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 14:28:48.376
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 12:52:04.911
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 12:44:14.463
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 12:29:34.573
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-26 12:27:49.943
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-25 20:43:52.214
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 6124.83 MB
Verfügbarer physikalischer RAM: 3236.92 MB
Summe virtueller Speicher: 6508.83 MB
Verfügbarer virtueller Speicher: 2838.21 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:917.96 GB) (Free:602.16 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.01 GB) (Free:1.54 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB976AF0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
| Themen zu Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. |
| adaware, ahnung, avast, cleaner, desktop, diverse, eingefangen, forum, gen, hinweis, icon, installer, installiert, lieber, nicht mehr, nichts, programme, programmen, revo uninstaller, sache, sachen, schonmal, spybot, versucht, win, windows |
Linear-Darstellung
