Großer verdacht auf adware

c642 · 06.09.2016, 13:26

Als ich neulich mal wieder meinen alten laptop gestartet habe und in firefox gegeangen bin wurde ich von ads zugemüllt

Ich freue mich über jede hilfe

cosinus · 06.09.2016, 13:30

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

c642 · 06.09.2016, 13:45

Hi cosinus danke für die schnelle hilfe der log kommt gleich

Hier die Frst.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von Ben (Administrator) auf BENSWIDERSKY (06-09-2016 14:34:19)
Gestartet von C:\Users\Ben\Desktop
Geladene Profile: Ben (Verfügbare Profile: Ben)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
() C:\Program Files (x86)\Droid4X\Droid4XService.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.SpeedupService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(Microsoft) C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Ascora GmbH) C:\Program Files (x86)\CheckDrive\CheckDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(© 2015 Microsoft Corporation) C:\Users\Ben\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Andy OS, inc.) C:\Program Files\Andy\HandyAndy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Andy OS, inc.) C:\Program Files\Andy\AndyADB.exe
(Andy OS, inc.) C:\Program Files\Andy\AndyDnD.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Und additon.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von Ben (06-09-2016 14:37:14)
Gestartet von C:\Users\Ben\Desktop
Windows 8.1 (Update) (X64) (2015-01-06 15:39:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-813788870-3651861006-301960843-500 - Administrator - Disabled)
Ben (S-1-5-21-813788870-3651861006-301960843-1001 - Administrator - Enabled) => C:\Users\Ben
Gast (S-1-5-21-813788870-3651861006-301960843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-813788870-3651861006-301960843-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Ableton Live 9 Intro (HKLM\...\{A87A85A4-4544-44A5-AD3F-4138E7551701}) (Version: 9.0.0.0 - Ableton)
Ableton Live 9 Standard (HKLM\...\{D752AC64-C335-4A06-BB7B-F90875680E17}) (Version: 9.0.0.0 - Ableton)
Acoustica MP3 To Wave Converter PLUS (HKLM-x32\...\Acoustica MP3 To Wave Converter PLUS) (Version: 2.5 - Acoustica, Inc.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Akai Professional MPK Mini MkII Editor (HKLM-x32\...\MPKminiMkIIEditor) (Version:  - )
Altitude (HKLM-x32\...\Steam App 41300) (Version:  - Nimbly Games)
Andy OS (HKLM\...\Andy OS) (Version:  - Andy OS, Inc)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.6.1.2751 - Avira Operations GmbH & Co. KG)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 1.07 - Abelssoft)
CLIP STUDIO PAINT 1.5.4 (HKLM-x32\...\{88B5A062-DDA1-4F62-A4DD-95D0C4F19979}) (Version: 1.5.4 - CELSYS)
Cloudfall 1.0 (HKLM-x32\...\Cloudfall) (Version: 1.0 - )
Club Cooee (HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\ClubCooee) (Version: 1.7.26.0 - cooee GmbH)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DECUS Gaming Mouse (HKLM-x32\...\{B62CC42A-D1D9-4E91-BEDE-8614DE2AD943}) (Version: 1.0 - SPEEDLINK)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Droid4X (HKLM-x32\...\Droid4X) (Version: 0.10.3 - Haiyu Dongxiang Co.,Ltd.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 9.4.49 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.39.1 - Dropbox, Inc.) Hidden
Electric Sheep 2.7b34 (HKLM-x32\...\Electric Sheep) (Version: 2.7b34 - Electricsheep)
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.15.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0.1 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.55 - FileZilla Project)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{7A564D11-817E-48B1-9830-91420BF6E339}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ENVY 4500 series Hilfe (HKLM-x32\...\{6767CCD2-B939-4542-BF08-015B5496D4EC}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\HP Photo Creations) (Version: 1.0.0.18922 - HP)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
HyperSnap 7 (HKLM-x32\...\HyperSnap 7) (Version: 7.29.03 - Hyperionics Technology LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JSkat  (HKLM-x32\...\JSkat) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.493 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.493 - LogMeIn, Inc.) Hidden
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{02ABEC70-68BD-458F-A302-B280FEA5E103}) (Version: 4.3.2.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium (Demosongs) (HKLM-x32\...\MX.{BF0BAC06-859A-43A0-9E63-EBB3A0C14BDE}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker 2015 Premium (Demosongs) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium (HKLM-x32\...\MX.{3DF585C2-BDD1-42F7-84E1-AB6191830E0E}) (Version: 21.0.0.30 - MAGIX Software GmbH)
MAGIX Music Maker 2015 Premium (Synthesizer und Effekte) (HKLM-x32\...\MX.{BC8A72AD-2199-4353-A999-98552C29B986}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker 2015 Premium (Synthesizer und Effekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium (Version: 21.0.0.30 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium (Visuals) (HKLM-x32\...\MX.{300D920D-C6AB-4453-ABC5-8B2F025059E9}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker 2015 Premium (Visuals) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium Update (Version: 21.0.3.38 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium Update (Version: 21.0.4.50 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Techno Edition 6 (HKLM-x32\...\MX.{6859754A-A628-46B0-BD8C-388EEBDFBB87}) (Version: 21.0.3.47 - MAGIX Software GmbH)
MAGIX Music Maker Techno Edition 6 (Version: 21.0.3.47 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Techno Edition 6 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Techno Edition 6 Update (Version: 21.0.4.50 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{AD4A2318-33E8-4E3C-90F5-5E91D0EE8572}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
Mahjong World Contest (HKLM-x32\...\{F31D44B8-107E-43CF-BAA0-27A7C86CC293}) (Version: 1.00.0000 - PurpleHills)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Halo Trial (HKLM-x32\...\Halo Trial) (Version:  - Microsoft)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4849.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mill 3D (HKLM-x32\...\mill3d) (Version:  - )
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movavi Video Editor 11 (HKLM-x32\...\Movavi Video Editor 11) (Version: 11.2.0 - Movavi)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version:  - Native Instruments)
Native Instruments Guitar Rig Factory Selection for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Factory Selection for Maschine) (Version:  - Native Instruments)
Native Instruments Komplete 8 Players (HKLM-x32\...\Native Instruments Komplete 8 Players) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.1.451 - Native Instruments)
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.4.2.419 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version:  - Native Instruments)
Native Instruments Reaktor Factory Selection (HKLM-x32\...\Native Instruments Reaktor Factory Selection) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Neverball  (HKLM-x32\...\Neverball) (Version:  - )
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA Graphics Driver 332.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.85 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4849.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4849.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4849.1003 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
osu! (HKLM-x32\...\{992321e2-e85c-4322-825b-51723f3fef4a}) (Version: latest - ppy Pty Ltd)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7224 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version:  - Dragonfly GF Co., LTD)
Should I Remove It (HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC)
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.22 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP ENVY 4500 series (HKLM\...\{36E08FE6-D9FF-44EE-8AD3-EC723390DE00}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Sylenth1 Demo v3.021 (HKLM\...\Sylenth1v3_is1) (Version:  - )
TAL-Chorus-LX (64bit) (HKLM\...\{387F3AC2-DC2C-4768-8DA1-DB3E73A130F3}) (Version: 1.0.0 - TAL - Togu Audio Line)
TAL-Reverb-4 (AAX 64bit) (HKLM\...\{51DC6492-3AE9-43BB-8FCD-620EAA88BC91}) (Version: 1.0.0 - TAL - Togu Audio Line)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version:  - Creative Assembly)
Unity Web Player (HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VirtualDJ 8 (HKLM-x32\...\{4D5A0E11-2E8C-4F1F-A847-CE6DA223250C}) (Version: 8.1.2770.0 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vita 2 (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita 2 Zusatzcontent (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Analog Synths (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Celtic Harp (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Drum Engine (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Jazz Drums (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Urban Drums (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita World Flutes (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM\...\{57AA4E8A-E2C9-4F1C-B3F1-762C36E34472}) (Version: 12.1.0 - VMware, Inc.)
VMware VIX (HKLM-x32\...\{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}) (Version: 1.15.2.00000 - VMware, Inc.)
Voxengo SPAN (HKLM\...\Voxengo SPAN_is1) (Version: 2.7 - Voxengo)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - ASUS (ATP) Mouse  (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zulu DJ Software (HKLM-x32\...\Zulu) (Version: 3.34 - NCH Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-813788870-3651861006-301960843-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Ben\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-813788870-3651861006-301960843-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ben\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-813788870-3651861006-301960843-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-813788870-3651861006-301960843-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07FB666E-E0EE-4A37-90AD-4CD7F2147C1A} - System32\Tasks\Abelssoft\ToolbarTerminator Background Guard => C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe [2015-04-10] (Microsoft)
Task: {099F2F02-DEFC-4818-AC19-F67117987F87} - System32\Tasks\ASC8_SkipUac_Ben => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: {0ABEA372-41F9-4C59-BCB2-3E53D0D21B34} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {173C6D4B-B118-434E-9221-A6930C666149} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {206256B1-B0EA-41BE-9A15-DF8B5F25E82D} - System32\Tasks\HP AR Program Upload - 01ba5763adda49afb37829aae79ea809d7ca54d2ea754f9689fb046b95e4e021 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {35F1E090-9EDC-4CB8-A141-3C7B5FA311E1} - System32\Tasks\HP AR Program Upload - 73904ccf716f4b50bee8bdaeb12693b61cb2727a22284b458fa901e0764802f8 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {4867FAC3-50A9-4C20-98CF-4CE04E475AE6} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {48818591-781C-4F34-AE77-18817A527B1B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-05] (Microsoft Corporation)
Task: {5058814C-52B2-4DD3-8BD9-208C0AF7577C} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {50B32207-1405-44D3-AF33-3DFC16984661} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
Task: {558C27EB-77BD-49FF-8EAA-DFF2030FDB88} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-813788870-3651861006-301960843-1001 => C:\Users\Ben\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-25] (Microsoft Corporation)
Task: {594D2544-448D-4F46-9FD3-9040D6284906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5DBEF2AE-E592-4B00-820F-38830D9AE1B5} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {66E1A934-81DE-4EFE-9DF1-245CB33F9FFC} - System32\Tasks\Abelssoft\StartBackgroundguardWithWindows => C:\Program Files (x86)\CheckDrive\CheckDrive.exe [2016-01-15] (Ascora GmbH)
Task: {75DC0BA9-F89A-4E87-8B01-F5B3DB73E6B9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-08-11] (Microsoft Corporation)
Task: {78C7E38E-5415-4F3D-A492-863E4E5B65FC} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {7C2E6A74-D9C1-452B-8F0D-A8B0C7D2C77B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {8C7BDCE0-3068-4C77-8733-6434500ED9CA} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe [2016-08-18] (Avira Operations GmbH & Co. KG)
Task: {9EC480A7-B4C3-4838-97C3-1B494CCCE0E3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-26] (Dropbox, Inc.)
Task: {B4774DA5-4110-4F63-9DFA-99AC0EBC986F} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Ben\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation)
Task: {BB7A4365-0451-425B-AE93-2D9F35B8DCF7} - System32\Tasks\Abelssoft\ToolbarTerminator Continous Scan_Ben => C:\Program Files (x86)\ToolbarTerminator\ToolbarTerminator.exe [2015-04-10] (Ascora GmbH)
Task: {C69B6965-8CDE-436B-9D91-9294A867FCA5} - System32\Tasks\Abelssoft\ToolbarTerminator AutoScan_Ben => C:\Program Files (x86)\ToolbarTerminator\ToolbarTerminator.exe [2015-04-10] (Ascora GmbH)
Task: {CDDA79A9-8A7C-49A3-8F5A-0B914B2B8BA5} - \OTRIG -> Keine Datei <==== ACHTUNG
Task: {CF92D9B9-77BC-4A5D-B18E-4835CE5A411F} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {CFCF4DF4-535E-44C9-854D-9447C9208032} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {D36FFB01-AEE5-43C6-A5CF-7739CEAC9174} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()
Task: {D42E6765-73D6-4717-91E9-DCD1E278622C} - System32\Tasks\Uninstaller_SkipUac_Ben => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {D876291A-5326-42AF-BF4B-E54239F97F3E} - System32\Tasks\HP AR Program Upload - 51a7edcea6bb432682c6ebd0a2dcf378c58339d856114ecd86286489203b4414 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {DAF4D192-5978-4B38-9D53-EEF0D9B53844} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Ben\AppData\Roaming\HP Photo Creations\Communicator.exe [2011-07-25] ()
Task: {DD3F1035-2943-4FDF-8F31-60C351C0AA5A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {E2BB93A2-A173-4076-8F57-6F20D25E7C71} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {F01BBDC9-8DD3-4B4D-954D-A72A64175D80} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {FE15E3BB-DA90-49F9-BBDC-2C16BF68A1E3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-26] (Dropbox, Inc.)
Task: {FE65403A-8DB4-4F50-AB32-F48333F0DE94} - System32\Tasks\HP AR Program Upload - ba958ca68a8b43e3914d55e49fc1499ac71d58f28ca84626849e28de31cf9d1e => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {FF2E1997-4CE3-4137-B221-0C65B9EF8ECC} - System32\Tasks\HP AR Program Upload - ad22b011147a4391bebbc7cdcd969fdcdf809067d6b641ffaead03a436c80de9 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {FFD26448-990F-4054-83D1-BEB9E463BE88} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-05] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASC8_SkipUac_Ben.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\Users\Ben\AppData\Roaming\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Ben.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Ben\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
Shortcut: C:\Users\Ben\Desktop\desktop alt\Papierkorb\mül\Real Desktop Webpage.lnk -> hxxp://www.real-desktop.de/
Shortcut: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/

ShortcutWithArgument: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Slither.io.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=cjghicgeckcjkbjkgidnadjjniedpaco

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-08-21 10:01 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-06-13 09:19 - 2016-06-13 09:19 - 00279552 _____ () C:\Program Files (x86)\Droid4X\Droid4XService.exe
2014-07-25 17:28 - 2014-03-13 21:26 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-11 18:08 - 2014-02-11 18:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-11 18:08 - 2014-02-11 18:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Ben\AppData\Local\MEGAsync\ShellExtX64.dll
2015-08-06 12:33 - 2014-07-17 22:47 - 03587584 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
2016-02-02 11:53 - 2016-02-02 11:53 - 00043472 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-01-17 11:27 - 2015-01-17 11:27 - 34734712 _____ () C:\Program Files (x86)\Image-Line\Shared\dsp_ipp_x64.dll
2015-03-18 18:18 - 2015-03-18 18:18 - 00872056 _____ () C:\Program Files (x86)\Image-Line\Shared\QuickFontCache_x64.dll
2014-12-02 21:32 - 2014-12-02 21:32 - 00607352 _____ () C:\Program Files (x86)\Image-Line\Shared\freetype_x64.dll
2010-04-07 22:56 - 2016-02-01 21:20 - 01860608 _____ () C:\Program Files\Steinberg\Vstplugins\TAL-Elek7ro-II.dll
2014-01-28 23:15 - 2016-05-21 22:20 - 02488832 _____ () C:\Program Files\Steinberg\Vstplugins\TAL-Filter-2-x64.dll
2016-07-16 15:00 - 2016-07-16 15:00 - 13063112 _____ () C:\ProgramData\Ableton\Live 9 Standard\Resources\Extensions\Index\Ableton Index.exe
2016-09-03 21:08 - 2016-09-03 21:08 - 09110528 _____ () C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1051.1_x64__a2t3txkz9j1jw\MuMaJamPlayer.exe
2016-09-03 21:08 - 2016-09-03 21:08 - 01569792 _____ () C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1051.1_x64__a2t3txkz9j1jw\cpprest120_app_2_2.dll
2016-09-03 21:08 - 2016-09-03 21:08 - 00030208 _____ () C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1051.1_x64__a2t3txkz9j1jw\MxSoundTouch_rel_metro_u_x64_vc11.dll
2016-09-03 21:08 - 2016-09-03 21:08 - 00772096 _____ () C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1051.1_x64__a2t3txkz9j1jw\GoogleAnalytics.Native.dll
2015-11-25 18:10 - 2015-11-25 18:10 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-07-25 17:24 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-10-08 21:41 - 2013-10-08 21:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 19:23 - 2013-09-09 19:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-08-21 10:03 - 2016-08-09 01:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-08-21 10:03 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-08-26 12:30 - 2016-08-23 21:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2016-08-21 10:03 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-08-21 10:03 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-08-21 10:03 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-08-21 10:03 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-08-21 10:03 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-08-21 10:03 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-08-21 10:03 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-08-26 12:30 - 2016-08-23 21:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-08-21 10:03 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-08-06 12:33 - 2013-09-30 13:39 - 00036864 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Lang.dll
2015-08-06 12:33 - 2013-01-29 16:15 - 00061440 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\hiddriver.dll
2016-09-03 18:27 - 2016-08-06 05:21 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-09-03 18:26 - 2016-08-06 05:21 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-09-03 18:26 - 2016-08-06 05:22 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-09-03 18:26 - 2016-08-06 05:21 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-03 18:27 - 2016-08-06 05:21 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-03 18:27 - 2016-08-06 05:21 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-03 18:27 - 2016-08-06 05:21 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-09-03 18:25 - 2016-08-30 23:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-03 18:27 - 2016-08-06 05:22 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-09-03 18:25 - 2016-08-30 23:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-09-03 18:25 - 2016-08-30 23:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-09-03 18:26 - 2016-08-06 05:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-09-03 18:26 - 2016-08-06 05:24 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-09-03 18:25 - 2016-08-30 23:38 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-03 18:27 - 2016-08-06 05:25 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-09-03 18:27 - 2016-08-06 05:21 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-09-03 18:27 - 2016-08-06 05:22 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-03 18:25 - 2016-08-30 23:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-03 18:27 - 2016-08-06 05:25 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-09-03 18:26 - 2016-08-06 05:18 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-09-03 18:26 - 2016-08-30 23:38 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-09-03 18:26 - 2016-08-30 23:38 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-03 18:27 - 2016-08-06 05:22 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-09-03 18:27 - 2016-08-06 05:24 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-03 18:27 - 2016-08-30 23:38 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-09-03 18:26 - 2016-08-30 23:38 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-08-21 10:03 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-08-21 10:03 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-08-09 10:54 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-09 10:54 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwf.sys => ""="Driver" <==== ACHTUNG
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwr.sys => ""="Driver" <==== ACHTUNG
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cmwf.sys => ""="Driver" <==== ACHTUNG
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CMWFP => ""="Driver" <==== ACHTUNG
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cmwr.sys => ""="Driver" <==== ACHTUNG
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4788 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-06-26 11:38 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Da befinden sich 4 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-813788870-3651861006-301960843-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ben\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\konachan.com - 200783 sample.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "Biet-O-Matic.lnk"
HKU\S-1-5-21-813788870-3651861006-301960843-1001\...\StartupApproved\StartupFolder: => "MadAppLauncher.lnk"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B79DCD3C-EC12-4456-9B2C-51ADF9122AA0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{75FFB8E7-0F62-46A7-B07C-0F838158032E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{256B8015-A0EC-4EF4-9764-E6242A31F9B7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C20BF004-E3F5-411C-96D7-828A3B70F277}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{C18C7605-5375-4FBF-B359-1908FDF46B98}] => (Allow) LPort=5357
FirewallRules: [{5C55E199-BEBD-4E4D-B9F9-FFC5E9A261EE}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{67D530B4-D8BB-4AC3-978B-EA4583B85E8A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F4FF820E-1BC1-4B5E-9CFD-9B4F7EBBA9D5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{2E3A8A03-FDF8-445F-82AC-9C9B4E23D559}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{B157BEAC-4792-4DD6-99BB-5EA240C1DB10}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{E054C848-79D0-4F00-96FA-0B0D2B2A87CF}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{1C12732F-F7EE-4194-AD72-88CD5425203A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{1B06A0B8-5944-44A9-A60E-BE32C79A69D1}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E1F4E362-FF96-4669-A6E9-689E7095A6C3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{A01BE7A7-E1A4-40AC-ADF5-F464F4F74A1C}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{96C19FCF-22D5-488C-9733-4CBDAE223F86}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{13E9A4D0-4EC6-48DE-81A6-C29C43A4ED8C}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{CF9BE4E6-022F-4865-B149-C1FF5EEA4AF9}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{638784C3-1DF2-4C5A-BAE1-113F0FB98D8D}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{535B9828-6692-4E5B-83A0-F6E78885FF7E}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{D52C9599-BCEF-4C23-9C67-0F4758065C34}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D2787178-F11F-405E-8EFE-E44E1534DD4D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{63AE4630-A4DE-45EB-A229-4D208528E3A2}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{6500117E-BA03-44F2-8DF5-80CD9B8BA7FA}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{1E84B398-EDA2-46F8-A03D-10B07F968586}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{EFE655D1-4BBD-4A88-A360-D72F713FAC20}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{E52B7908-AC9F-4523-BD61-F8148C966ECC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D2CEFEF5-18DA-48E3-9094-62BCDED1FAFB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{42A19422-EF11-4BDC-91E4-E30C0B5B5C02}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{25050611-6E6F-450F-BDC6-6F4A20239F57}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{24AC1D23-E891-4C5B-8430-57422CE19A9E}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{BE0E9CAA-1AD2-4773-A834-138E9A32ACFB}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{69B9F29F-8DFA-4BCB-827E-FAB310401693}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{756CDEB6-AB7B-4044-BF3A-557017A83896}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [TCP Query User{0DD6C36B-CB74-4FC9-B055-2CC7DBF24179}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{1F828BC8-DF2C-4040-80F4-86358CEECDCE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{33376415-D4ED-43E4-8948-1110EEBEFA80}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2BC657F1-D737-478A-A418-72ECF22AC915}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{34F02D40-268D-4474-BAE7-E34902738807}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A8390774-48DD-40AC-BC41-B8B2A3027279}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EB4F9815-7441-4BD9-BAC8-EBD207199687}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{4F39726D-EA52-4204-A18F-278F183EDDF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{7F8D4E1B-BC3A-4158-A8ED-DC428521237F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{346712AA-2E27-4F0D-8FDC-32C6697EB70C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{E291D376-4590-4029-9C8A-FDE780A7E325}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{962B836F-370F-4F94-8FF4-94E3D6FBF23E}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{03387E11-B3CD-4F83-8977-8F7BFE095E20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [{1D6E9BC8-E63F-4462-8020-B0F0476BE212}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [TCP Query User{0E46D74D-373B-4B35-B282-85D2F1B0C7C0}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
FirewallRules: [UDP Query User{017F875C-DD87-474E-8EC8-9F872513F80B}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
FirewallRules: [{AC9C745E-10C2-4347-BC8B-38CBE93F3EA2}] => (Block) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
FirewallRules: [{5373BABC-D058-4B98-A063-31E6F5BD9D87}] => (Block) C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
FirewallRules: [{BB177020-E90D-4B29-B4F2-B3A4CCA72823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{EA198F0E-C204-4D2E-9FAB-BEEBC36597A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{63FB8D2A-0B31-4C0B-B104-F4591BF29475}F:\ark survival evolved\ark survival evolved\shootergame\binaries\win64\shootergame.exe] => (Allow) F:\ark survival evolved\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [UDP Query User{B48563D2-3D85-47D8-BA5F-B9C2EB16F27B}F:\ark survival evolved\ark survival evolved\shootergame\binaries\win64\shootergame.exe] => (Allow) F:\ark survival evolved\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [TCP Query User{F3267C0A-0420-4893-8109-C9F549D1E9F5}C:\users\ben\desktop\spiele\ark survival evolved\ark survival evolved\shootergame\binaries\win64\shootergame.exe] => (Allow) C:\users\ben\desktop\spiele\ark survival evolved\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [UDP Query User{EE3271A6-9331-4DE2-98AE-0AE5B592E8C7}C:\users\ben\desktop\spiele\ark survival evolved\ark survival evolved\shootergame\binaries\win64\shootergame.exe] => (Allow) C:\users\ben\desktop\spiele\ark survival evolved\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [TCP Query User{A85E2A7B-DDD8-496D-AC1E-FFA6E1834CF8}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{9F9F4E0B-C606-4ABD-90D0-05C082A027C8}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{505E380F-5852-4656-BCB0-B6F586F06B9C}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{EE23E026-F766-4DE7-A052-29C27B36D00C}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [{B1FF7152-1077-4291-904C-53F652D8E8D5}] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [{D86412FA-3C0D-4237-B464-254B91F1FDCF}] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [{BBDE517B-55B4-49F7-B61C-479182CE8DE4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{248EF8F3-0553-4118-BBB7-2AF541ED39C3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C5AAA673-4B4D-4E0C-9C0B-40DA03E8E051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{746F7612-E654-4790-B454-9144D4DDE9FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [TCP Query User{5B58C8E3-04E5-46D0-85BE-EA7D4A10D015}C:\users\ben\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\ben\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [UDP Query User{A4375C1B-292E-45C3-9D40-628AC672E13D}C:\users\ben\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\ben\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [{B53E7616-46EF-4BCB-8500-A5B35F8E30B6}] => (Block) C:\users\ben\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [{EFD7E625-CFEF-49FB-A68F-A84BCAF6088B}] => (Block) C:\users\ben\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [{AF4F6C94-F683-4438-B284-6ED80C59DE44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Altitude\altitude.exe
FirewallRules: [{199C5742-5D0A-4D14-8E5C-10A32DE6AFA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Altitude\altitude.exe
FirewallRules: [TCP Query User{DD958D84-D9F9-4512-B39A-A6E63A2541D4}C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{B7A7028D-C570-4CCF-BC06-25A0B3D76834}C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [{90AFE71A-D44A-4492-B0F1-976C479047C0}] => (Block) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [{66B4689E-8775-4493-BD9C-42F51752EDDD}] => (Block) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [{B02333AF-31D4-48E9-A4F9-797D10055082}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{885D0572-9472-4E8F-9C49-56471CF5D804}] => (Allow) LPort=2869
FirewallRules: [{002962E0-E4F7-4495-8B40-C5F8221CF838}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{39C5ED5B-EFDA-4049-ADAF-6CBE3404EA26}C:\users\ben\appdata\roaming\skype\my skype received files\lukas´s  ftp client.exe] => (Allow) C:\users\ben\appdata\roaming\skype\my skype received files\lukas´s  ftp client.exe
FirewallRules: [UDP Query User{8EDE449F-C848-4FF9-86CB-0EA8A5B3BBD0}C:\users\ben\appdata\roaming\skype\my skype received files\lukas´s  ftp client.exe] => (Allow) C:\users\ben\appdata\roaming\skype\my skype received files\lukas´s  ftp client.exe
FirewallRules: [{7DF20739-4FB1-4C3D-BFB0-796698607192}] => (Block) C:\users\ben\appdata\roaming\skype\my skype received files\lukas´s  ftp client.exe
FirewallRules: [{F7FE2B4A-99B2-468C-BD9E-DD8894CD5C30}] => (Block) C:\users\ben\appdata\roaming\skype\my skype received files\lukas´s  ftp client.exe
FirewallRules: [TCP Query User{1A7F5E9B-E460-4472-9E7C-47BAFD218993}C:\users\ben\desktop\lukas´s  ftp client.exe] => (Allow) C:\users\ben\desktop\lukas´s  ftp client.exe
FirewallRules: [UDP Query User{EED077EA-2BD4-4CA6-888E-0B92129DFB0D}C:\users\ben\desktop\lukas´s  ftp client.exe] => (Allow) C:\users\ben\desktop\lukas´s  ftp client.exe
FirewallRules: [{473FAE40-9D69-4556-B2EF-63FE02A98805}] => (Block) C:\users\ben\desktop\lukas´s  ftp client.exe
FirewallRules: [{481D6145-54AB-49D9-A5A4-7948675695E1}] => (Block) C:\users\ben\desktop\lukas´s  ftp client.exe
FirewallRules: [{B3787F37-1CF0-43DE-B03B-2F01465C67E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{15637F07-80AA-4735-BA66-CDA5D441FE4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{160BFA5B-161A-45B6-B711-B29292A0C044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{CC9705B8-BC7D-41FE-B56A-8968B1E868ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{F9B22E73-D886-4157-9528-C7910B34E50F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{41C42FDF-AE1D-477D-A22F-3F158591B037}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8A4B88F4-A364-4D40-802A-05455E15BD0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{10002CC1-7108-46F9-9AD1-7DB97B541CA1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E8EAA1E3-374F-4D86-861E-D8C99E2939B7}] => (Allow) C:\Users\Ben\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{BA1C33B8-88C9-46C1-AF73-7F8497FE92A0}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{77BD5229-2499-4D80-B91C-226805D503D8}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{B90133BC-1B75-4DD1-A666-F6BBC8963787}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{4CC3E3C3-B6D3-4C22-807A-9928ACEA4AE2}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{C4683140-6180-4E09-B5EF-990E066C32A8}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{DB25A039-173D-4188-A1CA-818F473F6083}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{F511D700-6DEC-4266-85FA-03A6597471A8}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{0DD95CA0-CBC4-48D9-9ED9-F7578719C04E}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{4F173D4B-6777-4B25-ADAD-229192889916}] => (Allow) C:\Users\Ben\AppData\Local\Temp\Uninstall.exe
FirewallRules: [{9FCF5555-E135-4DE7-8C33-F4482D3E5FEE}] => (Allow) C:\Users\Ben\AppData\Local\Temp\Uninstall.exe
FirewallRules: [{2CAC4758-5DD4-404D-9C74-156BF0B1141D}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{4BC5C688-641B-4B0D-BB41-576C262C0021}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [TCP Query User{2BC2394C-04A1-4F18-81A5-1FD6DF83ECD3}C:\users\ben\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\ben\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [UDP Query User{E14DB948-EE74-4A4F-A26A-2499CEC42E4A}C:\users\ben\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\ben\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [{578C9B4A-CC8B-4F00-8D63-D47B55F35919}] => (Block) C:\users\ben\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [{54EF2557-C0CB-48B6-9597-DC6A59C94EFE}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X.exe
FirewallRules: [{5225E567-9C9A-443C-9E98-C054E9003B02}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe
FirewallRules: [{C1EC6A43-315F-4DBE-A3F5-4CA0E4EB0318}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe
FirewallRules: [{D022C4A6-6E9B-472C-8001-5645E5235F67}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
FirewallRules: [{B1B98047-B016-4481-9CB2-74B1EC8D7764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{5DA47324-C057-4AB2-8555-659F68CAD553}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{DEE787CF-18D5-46F2-8403-C4B6ABDCA2A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A6522CEC-805C-4C1C-B822-714273EE8775}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{E55C5A32-C48F-42EB-9A12-A988570CD4B4}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{671F440F-053C-4D22-B33D-B46E5AD72FA6}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{73D2305D-DA3F-4089-9C38-63DEAECA0D64}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{33734110-FB0F-4FBB-A619-8E8B8E41325B}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{98EB6267-A63D-46BF-B36C-399F5210A2E1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{9B8B2F51-6528-4C81-9C17-00CDA0EC2ABB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{053A288B-7B83-402B-942B-34800C75B5E7}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [UDP Query User{8E5BD63C-0C30-458F-BFD7-F2DA3802488C}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [{73633208-1622-4EA9-A960-6619EFDFC341}] => (Block) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [{36AF3F59-EA84-427B-A118-9368BBA1B883}] => (Block) C:\program files (x86)\microsoft games\halo trial\halo.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB Camera
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/05/2016 05:15:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AppVLp.exe, Version: 5.151.54.0, Zeitstempel: 0x566b59bf
Name des fehlerhaften Moduls: AppVIsvStream32.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000142
Fehleroffset: 0x0009d3c2
ID des fehlerhaften Prozesses: 0x32a4
Startzeit der fehlerhaften Anwendung: 0x01d207884ec046b2
Pfad der fehlerhaften Anwendung: C:\Program Files\Microsoft Office 15\Root\Client\AppVLp.exe
Pfad des fehlerhaften Moduls: AppVIsvStream32.dll
Berichtskennung: 8e76fc24-737b-11e6-82de-005056c00008
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/05/2016 05:15:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AppVLp.exe, Version: 5.151.54.0, Zeitstempel: 0x566b59bf
Name des fehlerhaften Moduls: AppVIsvStream32.dll, Version: 0.0.0.0, Zeitstempel: 0x566b5984
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0001f287
ID des fehlerhaften Prozesses: 0x32a4
Startzeit der fehlerhaften Anwendung: 0x01d207884ec046b2
Pfad der fehlerhaften Anwendung: C:\Program Files\Microsoft Office 15\Root\Client\AppVLp.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Microsoft Office 15\Root\Client\AppVIsvStream32.dll
Berichtskennung: 8d3055ce-737b-11e6-82de-005056c00008
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/05/2016 05:14:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 548

Startzeit: 01d20787759aa77f

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 6eaa5fad-737b-11e6-82de-005056c00008

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/05/2016 05:09:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxTray.exe, Version: 6.15.10.3574, Zeitstempel: 0x535821b3
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.18202, Zeitstempel: 0x569e6ee3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000394ca
ID des fehlerhaften Prozesses: 0x14e4
Startzeit der fehlerhaften Anwendung: 0x01d207876b1464e6
Pfad der fehlerhaften Anwendung: C:\Windows\system32\igfxTray.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\combase.dll
Berichtskennung: cce28431-737a-11e6-82de-005056c00008
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/03/2016 08:13:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dxdiag.exe, Version: 6.3.9600.17415, Zeitstempel: 0x54504e9f
Name des fehlerhaften Moduls: vorbis.acm, Version: 0.0.3.6, Zeitstempel: 0x50a51541
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001f4f
ID des fehlerhaften Prozesses: 0x21b4
Startzeit der fehlerhaften Anwendung: 0x01d2060ecd515786
Pfad der fehlerhaften Anwendung: C:\Windows\system32\dxdiag.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\vorbis.acm
Berichtskennung: 1325dd9c-7202-11e6-82de-005056c00008
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/03/2016 07:54:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80070005).

Error: (09/03/2016 06:17:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BENSWIDERSKY)
Description: Bei der Aktivierung der App „Microsoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/02/2016 06:02:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Ableton Live 9 Standard.exe, Version: 1.0.0.1, Zeitstempel: 0x5772e28c
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0x0000087a
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x9ac
Startzeit der fehlerhaften Anwendung: 0x01d20474dba7491a
Pfad der fehlerhaften Anwendung: C:\ProgramData\Ableton\Live 9 Standard\Program\Ableton Live 9 Standard.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: ac5eb4ad-7126-11e6-82de-005056c00008
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/29/2016 08:23:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AppVLp.exe, Version: 5.151.54.0, Zeitstempel: 0x566b59bf
Name des fehlerhaften Moduls: AppVIsvStream32.dll, Version: 0.0.0.0, Zeitstempel: 0x566b5984
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001f287
ID des fehlerhaften Prozesses: 0x1ebc
Startzeit der fehlerhaften Anwendung: 0x01d20222640dbd19
Pfad der fehlerhaften Anwendung: C:\Program Files\Microsoft Office 15\Root\Client\AppVLp.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Microsoft Office 15\Root\Client\AppVIsvStream32.dll
Berichtskennung: a846ba6a-6e15-11e6-82de-005056c00008
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/29/2016 08:20:47 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.


Systemfehler:
=============
Error: (09/05/2016 06:45:46 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/05/2016 05:15:52 PM) (Source: DCOM) (EventID: 10010) (User: BENSWIDERSKY)
Description: Der Server "{14286318-B6CF-49A1-81FC-D74AD94902F9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/04/2016 12:50:11 PM) (Source: DCOM) (EventID: 10010) (User: BENSWIDERSKY)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/04/2016 12:50:11 PM) (Source: DCOM) (EventID: 10010) (User: BENSWIDERSKY)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/04/2016 12:50:05 PM) (Source: DCOM) (EventID: 10010) (User: BENSWIDERSKY)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/04/2016 12:50:05 PM) (Source: DCOM) (EventID: 10010) (User: BENSWIDERSKY)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/04/2016 12:49:59 PM) (Source: DCOM) (EventID: 10010) (User: BENSWIDERSKY)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/04/2016 12:49:59 PM) (Source: DCOM) (EventID: 10010) (User: BENSWIDERSKY)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/04/2016 11:13:04 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/03/2016 09:00:58 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 12171.27 MB
Verfügbarer physikalischer RAM: 8404.91 MB
Summe virtueller Speicher: 14027.27 MB
Verfügbarer virtueller Speicher: 9470.58 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:3.23 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:272.31 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B4ADA6A4)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus · 06.09.2016, 14:21

Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

c642 · 07.09.2016, 20:06

Ich bis Montag im Urlaub danach deinstiere ich es (bin Grad am handy)

c642 · 15.09.2016, 17:45

Hilfe ich kann es nicht deinstallieren gibt es da ein tool?

cosinus · 15.09.2016, 18:55

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Avira Antivirus
Avira Launcher
Avira System Speedup
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Großer verdacht auf adware

Plagegeister aller Art und deren Bekämpfung: Großer verdacht auf adware