| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Quickshare von linkuryWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.08.2017, 13:02
| #1 |
 |  Quickshare von linkury Hallo, Ich habe in meiner systemsteuerung ein Programm Namens QuickShare vom Herausgeber Linkury Inc. gefunden, Nach reichlichen Googlen habe ich gemerkt das es sich hierbei um einen Virus handelt. Als ich es Installieren wollte war kurz das Deinstallations Kästchen da und dann kam der typische Avira Ton und das Kästchen verschwand. Wäre super wenn mir jemand helfen würde diesen Virus von meinem Laptop zu verbannen und zu löschen und alle Spuren die dieser Virus hinterlassen hat. Danke im voraus!! |
|
24.08.2017, 13:03
| #2 |
| /// TB-Ausbilder   | Quickshare von linkury Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
24.08.2017, 13:34
| #3 |
| | Quickshare von linkury Hallo Matthias,
__________________ersteinmal DANKE!!! für die schnelle Antwort und die angebotene Hilfe! :-) Hier die gewünschten Sachen :-) SCHRITT 1 FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von Pflügl (Administrator) auf PFLÜGL-PC (24-08-2017 14:12:15)
Gestartet von C:\Users\lol12
Geladene Profile: Pflügl (Verfügbare Profile: Pflügl & nathalie & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-08-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2013-12-26]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk [2017-08-24]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{75ff37bc-f35e-4fd1-8f72-5840205e2664}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
URLSearchHook: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 - (Kein Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - Keine Datei
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM-x32 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^YYA^de&si=flvrunner&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&ind=2013072811&n=77fd0dab&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {3E5C233F-F334-43B2-87BA-0B102B44359D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {609F3A36-D7A7-45F3-B223-E2F3E96CC3B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {6CB0C3DC-BCBD-4D81-9DD0-96BD1A294EE9} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {95ED1396-3F7D-478C-AD6A-B97A247F1AD6} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a4ae2de500000000000074de2b60baf1&r=947
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_403bc9d4f41241b69d0dd74ec0d909d6_39_1006_20130621_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {E10C5AE2-82EC-4B63-9AAB-2DD26A68FE3F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default [2017-08-24]
FF user.js: detected! => C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js [2013-11-17]
FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nca6gzm3.default -> Sweetpacks Search
FF Homepage: Mozilla\Firefox\Profiles\nca6gzm3.default -> www.google.de
FF Extension: (Avira Browser Safety) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\abs@avira.com.xpi [2017-08-03]
FF Extension: (Adblock Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Tab Mix Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-05-18]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-24] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-02] <==== ACHTUNG
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR Profile: C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-04-01]
CHR Extension: (Google Wallet) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-01]
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Pflügl\AppData\Local\Smartbar/Application\1Extension.crx <nicht gefunden>
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-08-11] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [604216 2017-02-01] (REINER SCT)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.)
S3 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-23] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [173784 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-31] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\WINDOWS\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
Error(1) reading file: "C:\Users\Pflügl\Desktop\www.bildkontakte.de - einfach einen Partner finden profil klaus g.j.c. div."
2017-08-24 14:12 - 2017-08-24 14:15 - 000022061 _____ C:\Users\lol12\FRST.txt
2017-08-24 14:12 - 2017-08-24 14:12 - 000000000 ____D C:\FRST
2017-08-24 14:10 - 2017-08-24 14:12 - 000000000 ____D C:\Users\lol12
2017-08-24 14:08 - 2017-08-24 14:11 - 002395648 _____ (Farbar) C:\Users\lol12\FRST64.exe
2017-08-24 12:44 - 2017-08-24 12:44 - 005763072 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-08-24 14:11 - 2015-04-01 19:00 - 000000000 ____D C:\Users\Pflügl\Downloads\Firefox
2017-08-24 14:06 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-24 14:03 - 2016-12-11 22:08 - 000000000 ____D C:\Users\Pflügl\AppData\LocalLow\Mozilla
2017-08-24 14:00 - 2017-01-11 00:34 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-24 13:56 - 2017-01-11 00:40 - 000000000 ____D C:\Users\Pflügl
2017-08-24 13:56 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-24 13:52 - 2017-01-11 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-24 13:52 - 2017-01-11 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-24 13:52 - 2015-04-01 17:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-24 13:14 - 2011-08-11 13:30 - 000000000 ____D C:\Program Files (x86)\CyberLink
2017-08-24 13:14 - 2011-08-11 12:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-24 12:44 - 2013-12-26 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-11 20:10 - 2016-07-16 08:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-11 19:08 - 2016-07-29 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-11 19:03 - 2015-04-01 18:29 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-08-11 19:03 - 2015-04-01 18:29 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-08-03 08:59 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-03 08:52 - 2009-07-14 04:34 - 000000669 _____ C:\WINDOWS\win.ini
2017-08-03 08:39 - 2017-01-11 00:38 - 002580902 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-03 08:39 - 2016-07-17 00:51 - 001057478 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-03 08:39 - 2016-07-17 00:51 - 000256306 _____ C:\WINDOWS\system32\perfc007.dat
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-02-02 19:44 - 2013-07-28 17:17 - 000194952 _____ () C:\Program Files (x86)\8hres.dll
2014-02-02 19:44 - 2013-07-28 17:17 - 000712264 _____ (MindSpark) C:\Program Files (x86)\8hUninstall Allin1Convert.dll
2015-05-17 22:42 - 2015-05-17 22:42 - 006420480 _____ () C:\Program Files (x86)\GUTA86F.tmp
2013-09-13 19:54 - 2013-09-13 19:54 - 000017740 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.dat
2013-09-13 19:54 - 2013-09-13 19:54 - 000013844 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.msg
2014-02-03 12:09 - 2014-07-18 23:20 - 000000106 _____ () C:\Users\Pflügl\AppData\Roaming\WB.CFG
2016-07-15 14:04 - 2016-07-15 14:04 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-01-11 00:33 - 2017-01-11 00:33 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\lol12\FRST64.exe
C:\Users\Public\AlexaNSISPlugin.6676.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-03 20:38
==================== Ende von FRST.txt ============================
Addition.txt FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Pflügl (24-08-2017 14:16:09)
Gestartet von C:\Users\lol12
Windows 10 Home Version 1607 (X64) (2017-01-11 11:18:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1664608947-3428569484-2814311379-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1664608947-3428569484-2814311379-503 - Limited - Disabled)
Gast (S-1-5-21-1664608947-3428569484-2814311379-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1664608947-3428569484-2814311379-1003 - Limited - Enabled)
nathalie (S-1-5-21-1664608947-3428569484-2814311379-1005 - Administrator - Enabled) => C:\Users\nathalie.Pflügl-PC
Pflügl (S-1-5-21-1664608947-3428569484-2814311379-1001 - Administrator - Enabled) => C:\Users\Pflügl
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.29.32 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.6.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Collector's Edition 251 (HKLM-x32\...\Collector's Edition 251) (Version: - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.3.5 - REINER SCT)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{25175695-4B20-4298-9F34-C2C57CD277B3}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{DF37555F-0259-43DA-B60C-47106FA14AA3}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.7.22.13 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.1.5.4 - ) <==== ACHTUNG
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
LUXOR 5th Passage (HKLM-x32\...\LUXOR 5th Passage) (Version: 1.1.0.0 - MumboJumbo)
LUXOR Amun Rising HD (HKLM-x32\...\LUXOR Amun Rising HD) (Version: 1.1.0.0 - MumboJumbo)
LUXOR HD (HKLM-x32\...\LUXOR HD) (Version: 1.1.0.0 - MumboJumbo)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3503 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0811.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Packard Bell)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickShare (HKLM-x32\...\{AF860F85-54A3-4A28-879B-BF9E6E325776}) (Version: 1.6.1.952 - Linkury Inc.) <==== ACHTUNG
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rommé 1 (HKLM-x32\...\Rommé 1) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{C559DE9F-9451-49E5-9176-316E36192409}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
TuneUp Utilities Language Pack (de-DE) (HKLM-x32\...\{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}) (Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Video Web Camera (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3503 - Packard Bell)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinFunktion Mathematik plus 20 (HKLM-x32\...\{CDBA97DF-63B9-44E7-B900-92E8165260C0}) (Version: 1.00.0000 - bhv Publishing GmbH)
Woodcutter Simulator 2011 (HKLM-x32\...\Woodcutter Simulator 2011) (Version: - )
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => -> Keine Datei
ShellIconOverlayIdentifiers: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => -> Keine Datei
ShellIconOverlayIdentifiers: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [04MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => -> Keine Datei
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01BB4D1B-818C-42A0-8B4B-F0BE210EEA30} - System32\Tasks\{03604C09-673A-46D7-91D0-CA6847E45206} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {020DD405-A394-493E-A0CB-B783EBD3F509} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {043089C6-8ECC-41BA-8C31-9D399E684526} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {04DDA79F-A03A-4D1D-92C9-818DDB94FB9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) <==== ACHTUNG
Task: {06B82B36-C8DB-4E88-8657-3141B92BD458} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08482869-7638-449B-A5EA-666DC75E2230} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0B7079CF-6583-4042-A382-32A46A0A17F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BAF5FB1-CE07-4410-810F-D2A94D3999DC} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {0E4E0451-2A7E-4E1D-AB7D-C88EE1D220ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {102215A6-16FA-4986-8E15-553FDA45B53F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {10A5FE77-F8C1-47C8-BE1B-C5428967A6D8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {10ED276C-DD72-4CA8-BCF2-D376268DDEE7} - System32\Tasks\{033A4D70-36D7-46FA-9F7D-A9996B7334EF} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {115C02AF-C7DF-4330-A688-E92B8C8CC4C5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1927C3E0-3CC2-4151-8F7F-F8296774A57D} - System32\Tasks\hpUrlLauncher.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\utils\hpUrlLauncher.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {2802C96A-F077-4A17-8011-3294DAF7C369} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {29CDB149-4C4B-477B-9755-08A513679DEB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C9B83-785F-431C-85BF-97D2AA0F4D8C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3E1954-1BC7-40A1-8F0D-5AA94B0302B1} - System32\Tasks\{EB5F7CC8-1425-4DAB-BF0A-DB808FA16761} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {302E1C0A-0A15-44AD-BA44-1786E28CB20C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3151EB25-0E8A-4AE8-992F-BD36A730A79B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3163DEF0-BC1D-47B8-9AF8-DBCF9E8556D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {35F823C9-B2FC-4792-B8D9-3464229D5382} - System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3B1331CB-2787-440D-B754-4090BED944E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3B14775C-29A3-477E-9E6C-E263967BD99C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3B31208C-629E-4B92-AA6A-7C9FC6883795} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {45D9E40C-1CC9-4A5B-ACA5-97ED713ACF04} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {499F3997-E54C-421E-B526-5F6648D49F51} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AA2C224-1479-45B5-8AE5-605F6BB9EED8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4ADD35B4-9050-421C-9098-0EEB76AC112D} - System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {4BBE6D73-6050-437A-80DE-B8233F98BEF5} - System32\Tasks\{1C26DB06-23AC-4B07-B041-48C78A9D1CBD} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {4C2AED65-E5A5-41F8-BCAD-92EF44FF8907} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Pflügl\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {4D3D5094-88FE-4CE0-A91C-2113C2000A42} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-24] (Adobe Systems Incorporated)
Task: {4E44E590-0AAA-4A64-A753-17B70F4280EF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} - System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {5814C7F6-0FFE-44A5-835F-803CF84A9A24} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A8A4A0D-86EE-43C6-8E78-1417869112A8} - System32\Tasks\{A7B29540-1879-4028-B3B8-C127971DA397} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {5F7202B8-6B43-46D4-B496-BD78C43A044A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {628EDDD5-1054-40F0-852F-29C1C5048AB7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {64FCA12B-117D-4AF7-A494-268A560BFF01} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EDF7077-E62B-4942-82AF-20B5A2C43BC4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {722FEC1C-89F5-444A-9226-EE14DBE764E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {75FE8499-D9D8-43D7-9340-6CCCD29A37DE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7755D443-2648-4B89-9EA8-EAF190163556} - System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => C:\Windows\system32\pcalua.exe -a C:\Users\Pflügl\AppData\Roaming\Allmyapps\Allmyapps.exe -c uninstall
Task: {778EF4BA-BFC7-480A-9270-1825B71C55A5} - System32\Tasks\{9DF84523-FD29-4C9E-82DD-775A63EB0FB1} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {800860D9-C124-49BC-93CC-1985C6E97327} - System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {818D08B0-AB79-40A5-9AF8-7C65320AE798} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {83CFBC6A-B820-4018-B988-7BBCBA3EF8DE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85639F17-6779-492C-90D3-2A04C81EAF20} - System32\Tasks\{25B82541-8571-45E6-83AB-4AF95DABF24A} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {8569E4D6-C467-4B53-9C7B-6D6D3A207AEC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AD0768E-4A9E-494C-951A-8D6B0158C676} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8E3C62E9-BB57-4328-BD78-3F42CAE4DE4A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {8EE3DC86-4A70-4349-9AA9-F0203D291B72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {90D8AB43-209E-4370-BAD1-D5259AB7396C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {950A73AF-EF0A-4F16-814B-2894C2203ABB} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe start BrowserDefendert <==== ACHTUNG
Task: {9D8EF176-E6FB-4931-8DB6-99D24652A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A2F0F64E-16E2-4DE3-BD2C-5E63E84C7090} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A421C8AC-59B4-4306-A012-784EB2DEA81A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A6716755-233F-4A56-A111-02A2D4DD0A9B} - System32\Tasks\{0E5B43A1-4CBC-49B7-B663-FC61E5FBB58F} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {A72A0967-0AB3-4972-A197-0DCFCC791D8F} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-Pflügl => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {ABF8455B-5FDC-4FBF-A21F-B8E4F38DE2E2} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-nathalie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {B18AA8C6-1B5E-4934-8263-757AA676496E} - System32\Tasks\{F9402AE5-ACC8-4BA8-9E7E-0375A8F72E09} => C:\Windows\system32\pcalua.exe -a F:\install_flash_player_active_x.exe -d F:\
Task: {B278D98E-6409-45E9-8A49-416935FC9A9B} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {B6F48632-6D52-4C8A-AFF3-9899AB8B5AE7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B85D8103-15F1-4054-9C89-21D9B559D123} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {BFB32430-75BB-4606-BD31-CE87342D524F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {C7A4899A-F1FE-4A82-808D-6CFAE45C319E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFB1136A-F1BC-4634-9CBF-A999C7B3A3C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) <==== ACHTUNG
Task: {D627BDDD-E3F7-4578-9963-518C3686B0C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) <==== ACHTUNG
Task: {D718E290-E157-4664-A9F3-8B04A0A02DC8} - System32\Tasks\{9711830A-13DD-481F-A336-AA3C7885661B} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D71B6264-3754-414A-BF96-9E2E2E614FF8} - System32\Tasks\{B0CE2170-76B6-4422-A267-413ED3F67B11} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D84A16D9-413C-46C6-9768-09EF6339DF29} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {DCAF2E5C-9386-4622-BD13-B534BB0F78A3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {DD91A8EB-DA59-473D-969E-320501B67A7F} - System32\Tasks\{D81F541F-3DE9-4EC6-9DAE-1BF798040AC6} => C:\Windows\system32\pcalua.exe -a "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)\NeoGamma Installer by Wii-Homebrew.exe" -d "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)"
Task: {E8CFFA40-C104-4B30-BD9D-1B3420B5D4C4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB64C26B-0806-4248-8678-D6FE1375A527} - System32\Tasks\{463E93F0-2199-42B9-8D18-DBD746D676A9} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {EC056EB6-2863-4CE6-94AB-5748B2D8EDCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) <==== ACHTUNG
Task: {EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F1C99E32-F492-4038-BD10-731DA69C2968} - System32\Tasks\{1A9F0B80-4630-434D-A4D3-C672A48987F2} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {F2E1695E-1F6E-4122-BB8F-98AF48FAC07A} - \DealPlyUpdate -> Keine Datei <==== ACHTUNG
Task: {F44EBEAB-A6B2-4B21-96BA-E4465EF19E75} - System32\Tasks\{966A14DB-D34B-4A06-BC26-743C4C42F131} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {F518F3A1-B8F3-401C-A21C-3FA1BCF4A3A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F70666D8-716B-49F8-B3AD-5CC32FAEE9E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {FB3379A3-B190-40F2-A65D-03A35D445AD9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Pflügl\Desktop\eBay.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-13 22:48 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-11 18:04 - 2016-12-29 15:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-01-11 00:07 - 2017-01-11 00:07 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 12:02 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 12:03 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-07-13 22:47 - 2017-06-21 08:36 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-07-13 22:47 - 2017-06-21 08:35 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-07-13 22:47 - 2017-06-21 08:37 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-07-24 11:23 - 2017-07-24 11:25 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-24 11:23 - 2017-07-24 11:25 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-24 11:23 - 2017-07-24 11:25 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-24 11:23 - 2017-07-24 11:25 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 003774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-11 17:24 - 2017-02-23 16:30 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-01-11 17:24 - 2017-02-23 16:30 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile: <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile: <==== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Control Panel\Desktop\\Wallpaper -> c:\users\pflügl\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{ceedc30e-03f3-4223-aeb0-1bb4c000d5a6}.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{6764BC9A-AB39-4504-8F82-9BDA992F3446}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [UDP Query User{823B4211-7E40-4248-98CF-BE85E7AC7085}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{53EC6C2E-FAAC-4F66-9EF9-3520406A6913}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4692755E-2E62-439A-8D1C-8A1EE34316D0}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{12F65F9D-A5BE-4325-98C7-E6278A2CDE17}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [{B1908BEA-AD44-41F3-B7FB-8639558AB54D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0E349DC-E761-452A-A9C8-FF5372646FE2}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{09B2A8BF-15F4-49C1-AB92-DCD9C3EF35D3}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{4B4D1B33-47F8-4FA5-A55A-5984420C7F87}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{B617C342-BBB7-4B32-B821-505EAAB675BB}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{A06D5442-904C-441E-BBFB-D978E61202D3}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{DA1C4275-AAF6-4019-9F46-4E7BF1F14776}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{1C8A7C60-770C-4F71-AF74-DFB5A766E952}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{B85F5BC9-5B59-4EBA-A6C2-7BA604913A9A}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{02AF66E7-A9F6-45F0-89FE-093EA2A1B1D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{565DC845-DF99-4033-9771-B3277CA0BA27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6535CE99-10FD-4752-A321-1CFA1864D1D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{A1A6D11E-B062-466A-9269-32740E3A90C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D6417DF7-A14F-414F-906E-771A3732508C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CB0909D1-9148-41EF-A181-315C3D60A4BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6A09E45E-391E-4FAF-966C-BAF4700D2641}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
==================== Wiederherstellungspunkte =========================
09-07-2017 11:34:16 Windows Update
13-07-2017 23:18:01 Windows Update
13-07-2017 23:19:20 Windows Update
03-08-2017 08:48:12 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/24/2017 01:11:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (08/24/2017 01:09:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/24/2017 12:48:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1316.Das angegebene Konto ist bereits vorhanden.
Error: (08/24/2017 12:43:33 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.
Error: (08/24/2017 12:43:33 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.
Error: (08/11/2017 06:55:50 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.
Error: (08/03/2017 08:48:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/24/2017 11:42:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Pflügl\Pictures\SoftonicDownloader_fuer_abiword.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (07/24/2017 11:27:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pflügl-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/24/2017 11:06:05 AM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.
Systemfehler:
=============
Error: (08/24/2017 01:58:32 PM) (Source: DCOM) (EventID: 10016) (User: Pflügl-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Pflügl-PC\Pflügl" (SID: S-1-5-21-1664608947-3428569484-2814311379-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/24/2017 01:56:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_5733f" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (08/24/2017 01:53:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetPipeActivator" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (08/24/2017 01:53:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.
Error: (08/24/2017 01:53:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira.ServiceHost erreicht.
Error: (08/24/2017 01:53:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (08/24/2017 01:52:45 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.08.2017 um 13:31:21 unerwartet heruntergefahren.
Error: (08/24/2017 12:43:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_39527" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (08/24/2017 12:41:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/24/2017 12:41:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 1152.6 MB
Summe virtueller Speicher: 7915.86 MB
Verfügbarer virtueller Speicher: 4794.09 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:678.54 GB) (Free:597.2 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 8397C1BA)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=678.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
SCHRITT 2 Code:
ATTFilter 14:28:31.0557 0x1e48 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
14:28:37.0369 0x1e48 ============================================================
14:28:37.0369 0x1e48 Current date / time: 2017/08/24 14:28:37.0369
14:28:37.0369 0x1e48 SystemInfo:
14:28:37.0369 0x1e48
14:28:37.0369 0x1e48 OS Version: 10.0.14393 ServicePack: 0.0
14:28:37.0369 0x1e48 Product type: Workstation
14:28:37.0369 0x1e48 ComputerName: PFLÜGL-PC
14:28:37.0369 0x1e48 UserName: Pflügl
14:28:37.0369 0x1e48 Windows directory: C:\WINDOWS
14:28:37.0369 0x1e48 System windows directory: C:\WINDOWS
14:28:37.0369 0x1e48 Running under WOW64
14:28:37.0369 0x1e48 Processor architecture: Intel x64
14:28:37.0369 0x1e48 Number of processors: 4
14:28:37.0369 0x1e48 Page size: 0x1000
14:28:37.0369 0x1e48 Boot type: Normal boot
14:28:37.0369 0x1e48 CodeIntegrityOptions = 0x00000001
14:28:37.0369 0x1e48 ============================================================
14:28:37.0369 0x1e48 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1480, osProperties = 0x19
14:28:37.0666 0x1e48 System UUID: {87F4E558-BE4F-298E-ECB8-1DA4EEBA9E42}
14:28:38.0213 0x1e48 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:28:38.0229 0x1e48 ============================================================
14:28:38.0229 0x1e48 \Device\Harddisk0\DR0:
14:28:38.0260 0x1e48 MBR partitions:
14:28:38.0260 0x1e48 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
14:28:38.0260 0x1e48 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x54D13000
14:28:38.0260 0x1e48 ============================================================
14:28:38.0307 0x1e48 C: <-> \Device\Harddisk0\DR0\Partition2
14:28:38.0307 0x1e48 ============================================================
14:28:38.0307 0x1e48 Initialize success
14:28:38.0307 0x1e48 ============================================================
14:29:00.0433 0x1d0c ============================================================
14:29:00.0433 0x1d0c Scan started
14:29:00.0433 0x1d0c Mode: Manual;
14:29:00.0433 0x1d0c ============================================================
14:29:00.0433 0x1d0c KSN ping started
14:29:00.0480 0x1d0c KSN ping finished: true
14:29:01.0902 0x1d0c ================ Scan system memory ========================
14:29:01.0902 0x1d0c System memory - ok
14:29:01.0902 0x1d0c ================ Scan services =============================
14:29:03.0340 0x1d0c 1394ohci - ok
14:29:03.0371 0x1d0c 3ware - ok
14:29:03.0387 0x1d0c ACPI - ok
14:29:03.0402 0x1d0c AcpiDev - ok
14:29:03.0418 0x1d0c acpiex - ok
14:29:03.0418 0x1d0c acpipagr - ok
14:29:03.0433 0x1d0c AcpiPmi - ok
14:29:03.0449 0x1d0c acpitime - ok
14:29:03.0668 0x1d0c [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
14:29:03.0683 0x1d0c AdobeActiveFileMonitor9.0 - ok
14:29:03.0824 0x1d0c [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:29:03.0840 0x1d0c AdobeARMservice - ok
14:29:04.0496 0x1d0c [ C52B8980692CACB057742C450D734149, BB2D7034592B6EBBECE5A73FB625E1352FD59972620523022CABA68EE00B7B98 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:29:04.0512 0x1d0c AdobeFlashPlayerUpdateSvc - ok
14:29:04.0543 0x1d0c ADP80XX - ok
14:29:04.0558 0x1d0c AFD - ok
14:29:04.0590 0x1d0c ahcache - ok
14:29:04.0621 0x1d0c AJRouter - ok
14:29:04.0637 0x1d0c ALG - ok
14:29:04.0683 0x1d0c AmdK8 - ok
14:29:04.0699 0x1d0c AmdPPM - ok
14:29:04.0715 0x1d0c amdsata - ok
14:29:04.0715 0x1d0c amdsbs - ok
14:29:04.0715 0x1d0c amdxata - ok
14:29:05.0074 0x1d0c [ 0ACC38DF0CFF151C63AD6F6F35C55D0C, E77574F3FBF50FA6935D79AB2282971FBA5FC52FD626797CDFEA50889DFEAE2B ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
14:29:05.0168 0x1d0c AntiVirMailService - ok
14:29:05.0246 0x1d0c [ 22B27C504A06096CDF3D5D0D46893EA0, 587B1A8AD24526A300563EACB0157099AA5CC3F2208534C91698758364EBE0AE ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:29:05.0277 0x1d0c AntiVirSchedulerService - ok
14:29:05.0340 0x1d0c [ 22B27C504A06096CDF3D5D0D46893EA0, 587B1A8AD24526A300563EACB0157099AA5CC3F2208534C91698758364EBE0AE ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:29:05.0355 0x1d0c AntiVirService - ok
14:29:05.0527 0x1d0c [ 8D2DD42AA98E1BD156FB59B320C0C613, 8711ECB09D420B3A3CA81F9326B23E9ED38D3D39CBDA332E59770DAA3E8A6CD3 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
14:29:05.0590 0x1d0c AntiVirWebService - ok
14:29:05.0637 0x1d0c AppHostSvc - ok
14:29:05.0668 0x1d0c AppID - ok
14:29:05.0715 0x1d0c AppIDSvc - ok
14:29:05.0746 0x1d0c Appinfo - ok
14:29:05.0777 0x1d0c applockerfltr - ok
14:29:05.0824 0x1d0c AppReadiness - ok
14:29:05.0840 0x1d0c AppXSvc - ok
14:29:05.0840 0x1d0c arcsas - ok
14:29:06.0090 0x1d0c aspnet_state - ok
14:29:06.0105 0x1d0c AsyncMac - ok
14:29:06.0152 0x1d0c atapi - ok
14:29:06.0199 0x1d0c athr - ok
14:29:06.0246 0x1d0c AudioEndpointBuilder - ok
14:29:06.0262 0x1d0c Audiosrv - ok
14:29:06.0309 0x1d0c [ 4621EA3385170B087A03F3C90E276B4A, 1513802CF844B1B7A70C820AEF732EDA432D44CD8726560D95F05EB5CA556CD7 ] avdevprot C:\WINDOWS\system32\DRIVERS\avdevprot.sys
14:29:06.0324 0x1d0c avdevprot - ok
14:29:06.0371 0x1d0c [ 6FA5F3EA4F088EEECC5519A8C92ACC6D, 197BEFF6AFCA9A4E9C8504DCA4D039D497E05288ABC0927F3521425A14B3DAF9 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:29:06.0387 0x1d0c avgntflt - ok
14:29:06.0418 0x1d0c [ C320148D031EA49D210C6DDEC4405EE3, 5DF6A142F399A2BAA1F3708A92F284BB2905229A1E9D438275BF04C918DBE1A3 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:29:06.0418 0x1d0c avipbb - ok
14:29:06.0512 0x1d0c [ 899C706D9C5A829BEA290CD02A95B07C, 40121149932C76E2377386D4C286E1C0CE5AE382515C8DE391B68A0E77478B28 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
14:29:06.0543 0x1d0c Avira.ServiceHost - ok
14:29:06.0574 0x1d0c [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:29:06.0574 0x1d0c avkmgr - ok
14:29:06.0590 0x1d0c [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
14:29:06.0590 0x1d0c avnetflt - ok
14:29:06.0605 0x1d0c AxInstSV - ok
14:29:06.0621 0x1d0c b06bdrv - ok
14:29:06.0652 0x1d0c [ 0630C8915B747E88E825CE7F73B66A5D, E9B465EE23487B59B1C906B04F9235B0BFBF254C1760E2462A7D1D7FE1655088 ] b57xdbd C:\WINDOWS\System32\drivers\b57xdbd.sys
14:29:06.0668 0x1d0c b57xdbd - ok
14:29:06.0684 0x1d0c [ CA8457E528E13B38F8DC3B86B6BA4C6B, 532E48BBBA806608EBEFE10A94DCE2BFE8918D8DD6DEF6871F44FEEDA51238B8 ] b57xdmp C:\WINDOWS\System32\drivers\b57xdmp.sys
14:29:06.0699 0x1d0c b57xdmp - ok
14:29:06.0730 0x1d0c BasicDisplay - ok
14:29:06.0793 0x1d0c BasicRender - ok
14:29:06.0840 0x1d0c bcmfn - ok
14:29:06.0840 0x1d0c bcmfn2 - ok
14:29:06.0871 0x1d0c BDESVC - ok
14:29:06.0887 0x1d0c Beep - ok
14:29:06.0934 0x1d0c BFE - ok
14:29:06.0980 0x1d0c BITS - ok
14:29:06.0980 0x1d0c bowser - ok
14:29:07.0012 0x1d0c BrokerInfrastructure - ok
14:29:07.0043 0x1d0c Browser - ok
14:29:07.0090 0x1d0c [ 0E9B28782D0E5DE7C25207432B791B33, FE33E3B27BEED03922DB2565DECC0E12F8CD586B5060EE4A1A87FF99EEC77B22 ] bScsiMSa C:\WINDOWS\System32\drivers\bScsiMSa.sys
14:29:07.0105 0x1d0c bScsiMSa - ok
14:29:07.0137 0x1d0c [ 59CA958CBB12C3344A22D33D3582F4C0, 29F06D9B507703D6F4DA28230E067340FC11B63DDEB5C113E6F991C4EC87FB7A ] bScsiSDa C:\WINDOWS\System32\drivers\bScsiSDa.sys
14:29:07.0137 0x1d0c bScsiSDa - ok
14:29:07.0168 0x1d0c BthAvrcpTg - ok
14:29:07.0184 0x1d0c BthHFEnum - ok
14:29:07.0184 0x1d0c bthhfhid - ok
14:29:07.0215 0x1d0c BthHFSrv - ok
14:29:07.0230 0x1d0c BTHMODEM - ok
14:29:07.0262 0x1d0c bthserv - ok
14:29:07.0309 0x1d0c buttonconverter - ok
14:29:07.0340 0x1d0c CapImg - ok
14:29:07.0371 0x1d0c cdfs - ok
14:29:07.0387 0x1d0c CDPSvc - ok
14:29:07.0387 0x1d0c CDPUserSvc - ok
14:29:07.0480 0x1d0c cdrom - ok
14:29:07.0527 0x1d0c CertPropSvc - ok
14:29:07.0543 0x1d0c cht4iscsi - ok
14:29:07.0559 0x1d0c cht4vbd - ok
14:29:07.0574 0x1d0c circlass - ok
14:29:08.0527 0x1d0c [ E6C13708EC768ABE89BC45F7F12F49DB, 713C2FC2DF6EC3E79871A639686FE0358A564927D696EB2ED9AB5EDEAA9D47D2 ] cjpcsc C:\WINDOWS\SysWOW64\cjpcsc.exe
14:29:08.0731 0x1d0c cjpcsc - ok
14:29:08.0746 0x1d0c [ E3B86AB029D1C523981C3476DE859521, F787284359F6322DB7135FCDFD3DA3EFD92FBBB95F3DC5C9D77B881A8351B080 ] cjusb C:\WINDOWS\system32\DRIVERS\cjusb.sys
14:29:08.0746 0x1d0c cjusb - ok
14:29:08.0762 0x1d0c CLFS - ok
14:29:08.0793 0x1d0c ClipSVC - ok
14:29:08.0809 0x1d0c clreg - ok
14:29:08.0840 0x1d0c CmBatt - ok
14:29:08.0871 0x1d0c CNG - ok
14:29:08.0871 0x1d0c cnghwassist - ok
14:29:09.0277 0x1d0c CompositeBus - ok
14:29:09.0293 0x1d0c COMSysApp - ok
14:29:09.0309 0x1d0c condrv - ok
14:29:09.0340 0x1d0c CoreMessagingRegistrar - ok
14:29:09.0731 0x1d0c [ 5D19617245C798A0EED86D4D36B8C6E8, 90AB9125B1A56134489E81CE5AEE1F2C7005BE505E52603B1A884A2B8C3C4735 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:29:10.0106 0x1d0c cphs - ok
14:29:10.0121 0x1d0c CryptSvc - ok
14:29:10.0153 0x1d0c dam - ok
14:29:10.0168 0x1d0c DcomLaunch - ok
14:29:10.0199 0x1d0c DcpSvc - ok
14:29:10.0215 0x1d0c defragsvc - ok
14:29:10.0246 0x1d0c DeviceAssociationService - ok
14:29:10.0278 0x1d0c DeviceInstall - ok
14:29:10.0293 0x1d0c DevQueryBroker - ok
14:29:10.0309 0x1d0c Dfsc - ok
14:29:10.0340 0x1d0c [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
14:29:10.0356 0x1d0c dg_ssudbus - ok
14:29:10.0403 0x1d0c Dhcp - ok
14:29:10.0481 0x1d0c diagnosticshub.standardcollector.service - ok
14:29:10.0528 0x1d0c DiagTrack - ok
14:29:10.0559 0x1d0c disk - ok
14:29:10.0606 0x1d0c DmEnrollmentSvc - ok
14:29:10.0653 0x1d0c dmvsc - ok
14:29:10.0684 0x1d0c dmwappushservice - ok
14:29:10.0746 0x1d0c Dnscache - ok
14:29:10.0762 0x1d0c dot3svc - ok
14:29:10.0793 0x1d0c DPS - ok
14:29:10.0809 0x1d0c drmkaud - ok
14:29:11.0012 0x1d0c [ 9DD3A22F804697606C2B7FF9E912FF6B, BBE2FC0D554030BA9E3A96CC4A360D61DBCCAA1D81BD7547809F29A3AF0B3A25 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
14:29:11.0012 0x1d0c DsiWMIService - ok
14:29:11.0074 0x1d0c DsmSvc - ok
14:29:11.0090 0x1d0c DsSvc - ok
14:29:11.0121 0x1d0c DXGKrnl - ok
14:29:11.0168 0x1d0c EapHost - ok
14:29:11.0184 0x1d0c ebdrv - ok
14:29:11.0215 0x1d0c EFS - ok
14:29:11.0246 0x1d0c EhStorClass - ok
14:29:11.0293 0x1d0c EhStorTcgDrv - ok
14:29:11.0309 0x1d0c embeddedmode - ok
14:29:11.0340 0x1d0c EntAppSvc - ok
14:29:11.0590 0x1d0c [ 48425C93B6F36529707206E4FA680CF3, 328BD59DEDFAD359EF79CCFBC2AD3E9C95657EC616AE0611F5EFEB34B810692A ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
14:29:11.0637 0x1d0c ePowerSvc - ok
14:29:11.0653 0x1d0c ErrDev - ok
14:29:11.0715 0x1d0c [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
14:29:11.0731 0x1d0c ETD - ok
14:29:11.0824 0x1d0c [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService C:\Program Files\Elantech\ETDService.exe
14:29:11.0824 0x1d0c ETDService - ok
14:29:11.0887 0x1d0c EventSystem - ok
14:29:11.0887 0x1d0c exfat - ok
14:29:11.0918 0x1d0c fastfat - ok
14:29:11.0934 0x1d0c Fax - ok
14:29:11.0949 0x1d0c fdc - ok
14:29:11.0981 0x1d0c fdPHost - ok
14:29:11.0996 0x1d0c FDResPub - ok
14:29:12.0043 0x1d0c fhsvc - ok
14:29:12.0074 0x1d0c FileCrypt - ok
14:29:12.0121 0x1d0c FileInfo - ok
14:29:12.0153 0x1d0c Filetrace - ok
14:29:12.0184 0x1d0c flpydisk - ok
14:29:12.0184 0x1d0c FltMgr - ok
14:29:12.0246 0x1d0c FontCache - ok
14:29:12.0434 0x1d0c FontCache3.0.0.0 - ok
14:29:12.0512 0x1d0c FrameServer - ok
14:29:12.0528 0x1d0c FsDepends - ok
14:29:12.0528 0x1d0c Fs_Rec - ok
14:29:12.0543 0x1d0c fvevol - ok
14:29:12.0590 0x1d0c gencounter - ok
14:29:12.0668 0x1d0c genericusbfn - ok
14:29:12.0700 0x1d0c GPIOClx0101 - ok
14:29:12.0746 0x1d0c gpsvc - ok
14:29:12.0778 0x1d0c GpuEnergyDrv - ok
14:29:12.0809 0x1d0c HDAudBus - ok
14:29:12.0809 0x1d0c HidBatt - ok
14:29:12.0809 0x1d0c HidBth - ok
14:29:12.0825 0x1d0c hidi2c - ok
14:29:12.0840 0x1d0c hidinterrupt - ok
14:29:12.0871 0x1d0c HidIr - ok
14:29:12.0903 0x1d0c hidserv - ok
14:29:12.0934 0x1d0c HidUsb - ok
14:29:12.0965 0x1d0c HomeGroupListener - ok
14:29:12.0981 0x1d0c HomeGroupProvider - ok
14:29:13.0028 0x1d0c HpSAMD - ok
14:29:13.0106 0x1d0c [ EA0047216B112D4E2B38ECF6F9D769AC, 92250C8CBE4373716FF777A929AC0D88181660BA94B0BB656EFA1BF448D858C8 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
14:29:13.0106 0x1d0c HPSupportSolutionsFrameworkService - ok
14:29:13.0153 0x1d0c HTTP - ok
14:29:13.0184 0x1d0c HvHost - ok
14:29:13.0231 0x1d0c hvservice - ok
14:29:13.0231 0x1d0c hwpolicy - ok
14:29:13.0262 0x1d0c hyperkbd - ok
14:29:13.0278 0x1d0c i8042prt - ok
14:29:13.0278 0x1d0c iagpio - ok
14:29:13.0293 0x1d0c iai2c - ok
14:29:13.0309 0x1d0c iaLPSS2i_GPIO2 - ok
14:29:13.0340 0x1d0c iaLPSS2i_I2C - ok
14:29:13.0340 0x1d0c iaLPSSi_GPIO - ok
14:29:13.0356 0x1d0c iaLPSSi_I2C - ok
14:29:13.0371 0x1d0c iaStorAV - ok
14:29:13.0387 0x1d0c iaStorV - ok
14:29:13.0418 0x1d0c ibbus - ok
14:29:13.0450 0x1d0c icssvc - ok
14:29:13.0996 0x1d0c [ 226EAECA4F21F899E3F0C95297678A0B, DC18AAE3F1505C9BECB75218F4CCCD8DC6E1C6258EDA9A57B57028246EF346FA ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:29:14.0168 0x1d0c igfx - ok
14:29:14.0200 0x1d0c IKEEXT - ok
14:29:14.0215 0x1d0c IndirectKmd - ok
14:29:14.0606 0x1d0c [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:29:14.0731 0x1d0c IntcAzAudAddService - ok
14:29:14.0809 0x1d0c [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
14:29:14.0825 0x1d0c IntcDAud - ok
14:29:14.0840 0x1d0c intelide - ok
14:29:14.0856 0x1d0c intelpep - ok
14:29:14.0887 0x1d0c intelppm - ok
14:29:14.0918 0x1d0c iorate - ok
14:29:14.0934 0x1d0c IpFilterDriver - ok
14:29:14.0965 0x1d0c iphlpsvc - ok
14:29:14.0997 0x1d0c IPMIDRV - ok
14:29:15.0028 0x1d0c IPNAT - ok
14:29:15.0028 0x1d0c irda - ok
14:29:15.0028 0x1d0c IRENUM - ok
14:29:15.0059 0x1d0c irmon - ok
14:29:15.0106 0x1d0c isapnp - ok
14:29:15.0122 0x1d0c iScsiPrt - ok
14:29:15.0153 0x1d0c k57nd60a - ok
14:29:15.0168 0x1d0c kbdclass - ok
14:29:15.0200 0x1d0c kbdhid - ok
14:29:15.0247 0x1d0c kdnic - ok
14:29:15.0262 0x1d0c KeyIso - ok
14:29:15.0278 0x1d0c KSecDD - ok
14:29:15.0309 0x1d0c KSecPkg - ok
14:29:15.0325 0x1d0c ksthunk - ok
14:29:15.0340 0x1d0c KtmRm - ok
14:29:15.0356 0x1d0c LanmanServer - ok
14:29:15.0372 0x1d0c LanmanWorkstation - ok
14:29:15.0512 0x1d0c [ D186AAAE72691136BDE00BBB41F48D12, C64885A726C0642C92BC4993667696DFEC8D284C20872D58E49786EE280A01ED ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
14:29:15.0528 0x1d0c LBTServ - ok
14:29:15.0543 0x1d0c lfsvc - ok
14:29:15.0575 0x1d0c [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
14:29:15.0590 0x1d0c LHidFilt - ok
14:29:15.0622 0x1d0c LicenseManager - ok
14:29:15.0747 0x1d0c [ B705C7097F9A0EC941D02DCE7C7D426C, 1A137BEA25BF7BA1EF190212CD6E556B53293D6388E9F7E790BF53F641F3CF89 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
14:29:15.0762 0x1d0c Live Updater Service - ok
14:29:15.0778 0x1d0c lltdio - ok
14:29:15.0793 0x1d0c lltdsvc - ok
14:29:15.0825 0x1d0c lmhosts - ok
14:29:15.0856 0x1d0c [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
14:29:15.0856 0x1d0c LMouFilt - ok
14:29:15.0934 0x1d0c [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:29:15.0950 0x1d0c LMS - ok
14:29:15.0981 0x1d0c LSI_SAS - ok
14:29:15.0997 0x1d0c LSI_SAS2i - ok
14:29:15.0997 0x1d0c LSI_SAS3i - ok
14:29:16.0012 0x1d0c LSI_SSS - ok
14:29:16.0043 0x1d0c LSM - ok
14:29:16.0043 0x1d0c luafv - ok
14:29:16.0090 0x1d0c MapsBroker - ok
14:29:16.0106 0x1d0c megasas - ok
14:29:16.0137 0x1d0c megasas2i - ok
14:29:16.0168 0x1d0c megasr - ok
14:29:16.0200 0x1d0c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
14:29:16.0215 0x1d0c MEIx64 - ok
14:29:16.0247 0x1d0c MessagingService - ok
14:29:16.0434 0x1d0c Microsoft SharePoint Workspace Audit Service - ok
14:29:16.0450 0x1d0c mlx4_bus - ok
14:29:16.0465 0x1d0c MMCSS - ok
14:29:16.0497 0x1d0c Modem - ok
14:29:16.0543 0x1d0c monitor - ok
14:29:16.0575 0x1d0c mouclass - ok
14:29:16.0590 0x1d0c mouhid - ok
14:29:16.0590 0x1d0c mountmgr - ok
14:29:16.0653 0x1d0c [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:29:16.0668 0x1d0c MozillaMaintenance - ok
14:29:16.0684 0x1d0c mpsdrv - ok
14:29:16.0700 0x1d0c MpsSvc - ok
14:29:16.0747 0x1d0c MQAC - ok
14:29:16.0762 0x1d0c MRxDAV - ok
14:29:16.0793 0x1d0c mrxsmb - ok
14:29:16.0809 0x1d0c mrxsmb10 - ok
14:29:16.0825 0x1d0c mrxsmb20 - ok
14:29:16.0856 0x1d0c MsBridge - ok
14:29:16.0872 0x1d0c MSDTC - ok
14:29:16.0872 0x1d0c Msfs - ok
14:29:16.0934 0x1d0c msgpiowin32 - ok
14:29:16.0965 0x1d0c mshidkmdf - ok
14:29:16.0981 0x1d0c mshidumdf - ok
14:29:16.0981 0x1d0c msisadrv - ok
14:29:17.0028 0x1d0c MSiSCSI - ok
14:29:17.0043 0x1d0c msiserver - ok
14:29:17.0075 0x1d0c MSKSSRV - ok
14:29:17.0075 0x1d0c MsLldp - ok
14:29:17.0122 0x1d0c MSMQ - ok
14:29:17.0137 0x1d0c MSPCLOCK - ok
14:29:17.0137 0x1d0c MSPQM - ok
14:29:17.0153 0x1d0c MsRPC - ok
14:29:17.0184 0x1d0c mssmbios - ok
14:29:17.0184 0x1d0c MSTEE - ok
14:29:17.0215 0x1d0c MTConfig - ok
14:29:17.0231 0x1d0c Mup - ok
14:29:17.0247 0x1d0c mvumis - ok
14:29:17.0278 0x1d0c NativeWifiP - ok
14:29:17.0418 0x1d0c [ 13AA2130F2A104DD775EAD0F0EE5417B, EBA07599FC2D10750CE6372EA6BA94EDDAFFF732223A1135F1971B958A6B57A2 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
14:29:17.0450 0x1d0c NAUpdate - ok
14:29:17.0450 0x1d0c NcaSvc - ok
14:29:17.0481 0x1d0c NcbService - ok
14:29:17.0481 0x1d0c NcdAutoSetup - ok
14:29:17.0512 0x1d0c ndfltr - ok
14:29:17.0544 0x1d0c NDIS - ok
14:29:17.0544 0x1d0c NdisCap - ok
14:29:17.0590 0x1d0c NdisImPlatform - ok
14:29:17.0590 0x1d0c NdisTapi - ok
14:29:17.0606 0x1d0c Ndisuio - ok
14:29:17.0606 0x1d0c NdisVirtualBus - ok
14:29:17.0622 0x1d0c NdisWan - ok
14:29:17.0637 0x1d0c ndiswanlegacy - ok
14:29:17.0637 0x1d0c ndproxy - ok
14:29:17.0637 0x1d0c Ndu - ok
14:29:17.0669 0x1d0c NetAdapterCx - ok
14:29:17.0684 0x1d0c NetBIOS - ok
14:29:17.0700 0x1d0c NetBT - ok
14:29:17.0700 0x1d0c Netlogon - ok
14:29:17.0715 0x1d0c Netman - ok
14:29:18.0028 0x1d0c NetMsmqActivator - ok
14:29:18.0044 0x1d0c NetPipeActivator - ok
14:29:18.0059 0x1d0c netprofm - ok
14:29:18.0106 0x1d0c NetSetupSvc - ok
14:29:18.0106 0x1d0c NetTcpActivator - ok
14:29:18.0106 0x1d0c NetTcpPortSharing - ok
14:29:18.0137 0x1d0c NgcCtnrSvc - ok
14:29:18.0137 0x1d0c NgcSvc - ok
14:29:18.0153 0x1d0c NlaSvc - ok
14:29:18.0169 0x1d0c Npfs - ok
14:29:18.0215 0x1d0c npsvctrig - ok
14:29:18.0231 0x1d0c nsi - ok
14:29:18.0231 0x1d0c nsiproxy - ok
14:29:18.0262 0x1d0c NTFS - ok
14:29:18.0278 0x1d0c Null - ok
14:29:18.0387 0x1d0c [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
14:29:18.0403 0x1d0c NvContainerLocalSystem - ok
14:29:18.0419 0x1d0c [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
14:29:18.0419 0x1d0c NvContainerNetworkService - ok
14:29:20.0575 0x1d0c [ 88F3EEDD47473E7206C0A049AE96A0F7, 3A02CF546993270E3DE2715F1065A4832CC1F2C6CCB62D87DDB939C423EF1EA1 ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys
14:29:20.0981 0x1d0c nvlddmkm - ok
14:29:21.0028 0x1d0c [ 63718B0FF94E14B883650DA9CD7DBED9, 37BA4B85E677E041277051B476A640E8FA270B423B5D41874050AAAE91619AFE ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
14:29:21.0044 0x1d0c nvpciflt - ok
14:29:21.0091 0x1d0c nvraid - ok
14:29:21.0106 0x1d0c nvstor - ok
14:29:21.0169 0x1d0c [ 05FECCB901276013D16A42AD4CFCE24B, 281E2F23E5C820FA670E908EA1798F3FA062C4DD37B16DF73CE13E58B6F3C56E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:29:21.0184 0x1d0c NvStreamKms - ok
14:29:21.0294 0x1d0c [ 40B216E2D52371BC377C892FE83E63E9, AFD5466C86F0B0B54BE9AE6EF172D1B8F1F828C867FDA91CDD4E0A805D6EF71E ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
14:29:21.0325 0x1d0c NvTelemetryContainer - ok
14:29:21.0356 0x1d0c [ FC7835536FA1EA57B2996B6340A08D1B, D2CF883103316E747C11D10121C65742D748FC79BF7E3665A648FF5586AADA0A ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
14:29:21.0356 0x1d0c nvvad_WaveExtensible - ok
14:29:21.0387 0x1d0c [ 848DD3F4E7346B03F380AEA9A50F829B, F8B6E6F88619E9F0A7CB8039B4AC8765796857F634CCC73A1EC9768D16517F75 ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
14:29:21.0403 0x1d0c nvvhci - ok
14:29:21.0434 0x1d0c OneSyncSvc - ok
14:29:21.0512 0x1d0c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:29:21.0528 0x1d0c ose - ok
14:29:22.0012 0x1d0c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:29:22.0153 0x1d0c osppsvc - ok
14:29:22.0184 0x1d0c p2pimsvc - ok
14:29:22.0200 0x1d0c p2psvc - ok
14:29:22.0231 0x1d0c Parport - ok
14:29:22.0247 0x1d0c partmgr - ok
14:29:22.0263 0x1d0c PcaSvc - ok
14:29:22.0294 0x1d0c pci - ok
14:29:22.0341 0x1d0c pciide - ok
14:29:22.0341 0x1d0c pcmcia - ok
14:29:22.0341 0x1d0c pcw - ok
14:29:22.0372 0x1d0c pdc - ok
14:29:22.0388 0x1d0c PEAUTH - ok
14:29:22.0434 0x1d0c percsas2i - ok
14:29:22.0434 0x1d0c percsas3i - ok
14:29:23.0075 0x1d0c PerfHost - ok
14:29:23.0122 0x1d0c PhoneSvc - ok
14:29:23.0153 0x1d0c PimIndexMaintenanceSvc - ok
14:29:23.0200 0x1d0c pla - ok
14:29:23.0231 0x1d0c PlugPlay - ok
14:29:23.0247 0x1d0c PNRPAutoReg - ok
14:29:23.0247 0x1d0c PNRPsvc - ok
14:29:23.0278 0x1d0c PolicyAgent - ok
14:29:23.0278 0x1d0c Power - ok
14:29:23.0325 0x1d0c PptpMiniport - ok
14:29:23.0622 0x1d0c [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:29:23.0747 0x1d0c PrintNotify - ok
14:29:23.0778 0x1d0c Processor - ok
14:29:23.0809 0x1d0c ProfSvc - ok
14:29:23.0809 0x1d0c Psched - ok
14:29:23.0872 0x1d0c [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys
14:29:23.0888 0x1d0c PxHlpa64 - ok
14:29:23.0903 0x1d0c QWAVE - ok
14:29:23.0919 0x1d0c QWAVEdrv - ok
14:29:23.0934 0x1d0c RasAcd - ok
14:29:23.0997 0x1d0c RasAgileVpn - ok
14:29:23.0997 0x1d0c RasAuto - ok
14:29:24.0013 0x1d0c Rasl2tp - ok
14:29:24.0028 0x1d0c RasMan - ok
14:29:24.0028 0x1d0c RasPppoe - ok
14:29:24.0044 0x1d0c RasSstp - ok
14:29:24.0059 0x1d0c rdbss - ok
14:29:24.0075 0x1d0c rdpbus - ok
14:29:24.0075 0x1d0c RDPDR - ok
14:29:24.0106 0x1d0c RdpVideoMiniport - ok
14:29:24.0138 0x1d0c rdyboost - ok
14:29:24.0169 0x1d0c ReFSv1 - ok
14:29:24.0184 0x1d0c RemoteAccess - ok
14:29:24.0216 0x1d0c RemoteRegistry - ok
14:29:24.0247 0x1d0c RetailDemo - ok
14:29:24.0263 0x1d0c RmSvc - ok
14:29:24.0294 0x1d0c RpcEptMapper - ok
14:29:24.0310 0x1d0c RpcLocator - ok
14:29:24.0341 0x1d0c RpcSs - ok
14:29:24.0356 0x1d0c rspndr - ok
14:29:24.0388 0x1d0c s3cap - ok
14:29:24.0434 0x1d0c SamSs - ok
14:29:24.0466 0x1d0c sbp2port - ok
14:29:24.0513 0x1d0c SCardSvr - ok
14:29:24.0560 0x1d0c ScDeviceEnum - ok
14:29:24.0622 0x1d0c scfilter - ok
14:29:24.0653 0x1d0c Schedule - ok
14:29:24.0669 0x1d0c scmbus - ok
14:29:24.0700 0x1d0c scmdisk0101 - ok
14:29:24.0731 0x1d0c SCPolicySvc - ok
14:29:24.0763 0x1d0c sdbus - ok
14:29:24.0810 0x1d0c SDRSVC - ok
14:29:24.0856 0x1d0c sdstor - ok
14:29:24.0856 0x1d0c seclogon - ok
14:29:24.0888 0x1d0c SENS - ok
14:29:24.0935 0x1d0c SensorDataService - ok
14:29:24.0950 0x1d0c SensorService - ok
14:29:24.0966 0x1d0c SensrSvc - ok
14:29:24.0981 0x1d0c SerCx - ok
14:29:24.0981 0x1d0c SerCx2 - ok
14:29:25.0013 0x1d0c Serenum - ok
14:29:25.0013 0x1d0c Serial - ok
14:29:25.0013 0x1d0c sermouse - ok
14:29:25.0044 0x1d0c SessionEnv - ok
14:29:25.0044 0x1d0c sfloppy - ok
14:29:25.0106 0x1d0c SharedAccess - ok
14:29:25.0138 0x1d0c ShellHWDetection - ok
14:29:25.0153 0x1d0c shpamsvc - ok
14:29:25.0216 0x1d0c SiSRaid2 - ok
14:29:25.0216 0x1d0c SiSRaid4 - ok
14:29:25.0263 0x1d0c smphost - ok
14:29:25.0310 0x1d0c SmsRouter - ok
14:29:25.0356 0x1d0c SNMPTRAP - ok
14:29:25.0403 0x1d0c spaceport - ok
14:29:25.0435 0x1d0c SpbCx - ok
14:29:25.0450 0x1d0c Spooler - ok
14:29:25.0466 0x1d0c sppsvc - ok
14:29:25.0481 0x1d0c srv - ok
14:29:25.0497 0x1d0c srv2 - ok
14:29:25.0513 0x1d0c srvnet - ok
14:29:25.0544 0x1d0c SSDPSRV - ok
14:29:25.0606 0x1d0c SstpSvc - ok
14:29:25.0669 0x1d0c [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
14:29:25.0669 0x1d0c ssudmdm - ok
14:29:25.0716 0x1d0c StateRepository - ok
14:29:25.0763 0x1d0c stexstor - ok
14:29:25.0794 0x1d0c stisvc - ok
14:29:25.0825 0x1d0c storahci - ok
14:29:25.0872 0x1d0c storflt - ok
14:29:25.0903 0x1d0c stornvme - ok
14:29:25.0950 0x1d0c storqosflt - ok
14:29:26.0013 0x1d0c StorSvc - ok
14:29:26.0028 0x1d0c storufs - ok
14:29:26.0044 0x1d0c storvsc - ok
14:29:26.0106 0x1d0c svsvc - ok
14:29:26.0138 0x1d0c swenum - ok
14:29:26.0153 0x1d0c swprv - ok
14:29:26.0185 0x1d0c Synth3dVsc - ok
14:29:26.0200 0x1d0c SysMain - ok
14:29:26.0231 0x1d0c SystemEventsBroker - ok
14:29:26.0263 0x1d0c TabletInputService - ok
14:29:26.0278 0x1d0c TapiSrv - ok
14:29:26.0310 0x1d0c Tcpip - ok
14:29:26.0310 0x1d0c Tcpip6 - ok
14:29:26.0341 0x1d0c tcpipreg - ok
14:29:26.0341 0x1d0c tdx - ok
14:29:26.0372 0x1d0c terminpt - ok
14:29:26.0419 0x1d0c TermService - ok
14:29:26.0450 0x1d0c Themes - ok
14:29:26.0513 0x1d0c TieringEngineService - ok
14:29:26.0560 0x1d0c tiledatamodelsvc - ok
14:29:26.0575 0x1d0c TimeBrokerSvc - ok
14:29:26.0607 0x1d0c TPM - ok
14:29:26.0622 0x1d0c TrkWks - ok
14:29:26.0669 0x1d0c TrustedInstaller - ok
14:29:26.0685 0x1d0c tsusbflt - ok
14:29:26.0700 0x1d0c TsUsbGD - ok
14:29:26.0716 0x1d0c tunnel - ok
14:29:26.0763 0x1d0c [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB C:\WINDOWS\system32\DRIVERS\TurboB.sys
14:29:26.0778 0x1d0c TurboB - ok
14:29:26.0950 0x1d0c [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
14:29:26.0982 0x1d0c TurboBoost - ok
14:29:27.0013 0x1d0c tzautoupdate - ok
14:29:27.0060 0x1d0c UASPStor - ok
14:29:27.0060 0x1d0c UcmCx0101 - ok
14:29:27.0091 0x1d0c UcmTcpciCx0101 - ok
14:29:27.0091 0x1d0c UcmUcsi - ok
14:29:27.0107 0x1d0c Ucx01000 - ok
14:29:27.0107 0x1d0c UdeCx - ok
14:29:27.0107 0x1d0c udfs - ok
14:29:27.0107 0x1d0c UEFI - ok
14:29:27.0138 0x1d0c Ufx01000 - ok
14:29:27.0153 0x1d0c UfxChipidea - ok
14:29:27.0153 0x1d0c ufxsynopsys - ok
14:29:27.0200 0x1d0c UI0Detect - ok
14:29:27.0232 0x1d0c umbus - ok
14:29:27.0247 0x1d0c UmPass - ok
14:29:27.0278 0x1d0c UmRdpService - ok
14:29:27.0310 0x1d0c UnistoreSvc - ok
14:29:27.0716 0x1d0c [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:29:27.0810 0x1d0c UNS - ok
14:29:27.0841 0x1d0c upnphost - ok
14:29:27.0857 0x1d0c UrsChipidea - ok
14:29:27.0872 0x1d0c UrsCx01000 - ok
14:29:27.0872 0x1d0c UrsSynopsys - ok
14:29:27.0903 0x1d0c usbccgp - ok
14:29:27.0950 0x1d0c usbcir - ok
14:29:27.0950 0x1d0c usbehci - ok
14:29:27.0982 0x1d0c usbhub - ok
14:29:27.0997 0x1d0c USBHUB3 - ok
14:29:28.0028 0x1d0c usbohci - ok
14:29:28.0044 0x1d0c usbprint - ok
14:29:28.0091 0x1d0c [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:29:28.0107 0x1d0c usbscan - ok
14:29:28.0107 0x1d0c usbser - ok
14:29:28.0107 0x1d0c USBSTOR - ok
14:29:28.0138 0x1d0c usbuhci - ok
14:29:28.0169 0x1d0c usbvideo - ok
14:29:28.0200 0x1d0c USBXHCI - ok
14:29:28.0247 0x1d0c UserDataSvc - ok
14:29:28.0263 0x1d0c UserManager - ok
14:29:28.0278 0x1d0c UsoSvc - ok
14:29:28.0278 0x1d0c VaultSvc - ok
14:29:28.0310 0x1d0c vdrvroot - ok
14:29:28.0310 0x1d0c vds - ok
14:29:28.0325 0x1d0c VerifierExt - ok
14:29:28.0357 0x1d0c vhdmp - ok
14:29:28.0388 0x1d0c vhf - ok
14:29:28.0403 0x1d0c vmbus - ok
14:29:28.0419 0x1d0c VMBusHID - ok
14:29:28.0435 0x1d0c vmgid - ok
14:29:28.0466 0x1d0c vmicguestinterface - ok
14:29:28.0466 0x1d0c vmicheartbeat - ok
14:29:28.0466 0x1d0c vmickvpexchange - ok
14:29:28.0513 0x1d0c vmicrdv - ok
14:29:28.0513 0x1d0c vmicshutdown - ok
14:29:28.0513 0x1d0c vmictimesync - ok
14:29:28.0513 0x1d0c vmicvmsession - ok
14:29:28.0528 0x1d0c vmicvss - ok
14:29:28.0544 0x1d0c volmgr - ok
14:29:28.0544 0x1d0c volmgrx - ok
14:29:28.0560 0x1d0c volsnap - ok
14:29:28.0575 0x1d0c volume - ok
14:29:28.0591 0x1d0c vpci - ok
14:29:28.0607 0x1d0c vsmraid - ok
14:29:28.0622 0x1d0c VSS - ok
14:29:28.0653 0x1d0c VSTXRAID - ok
14:29:28.0700 0x1d0c vwifibus - ok
14:29:28.0700 0x1d0c vwififlt - ok
14:29:28.0732 0x1d0c vwifimp - ok
14:29:28.0763 0x1d0c W32Time - ok
14:29:28.0825 0x1d0c w3logsvc - ok
14:29:28.0841 0x1d0c W3SVC - ok
14:29:28.0841 0x1d0c WacomPen - ok
14:29:28.0857 0x1d0c WalletService - ok
14:29:28.0872 0x1d0c wanarp - ok
14:29:28.0872 0x1d0c wanarpv6 - ok
14:29:28.0872 0x1d0c WAS - ok
14:29:28.0919 0x1d0c wbengine - ok
14:29:28.0966 0x1d0c WbioSrvc - ok
14:29:28.0997 0x1d0c wcifs - ok
14:29:29.0013 0x1d0c Wcmsvc - ok
14:29:29.0044 0x1d0c wcncsvc - ok
14:29:29.0060 0x1d0c wcnfs - ok
14:29:29.0060 0x1d0c WdBoot - ok
14:29:29.0091 0x1d0c Wdf01000 - ok
14:29:29.0107 0x1d0c WdFilter - ok
14:29:29.0122 0x1d0c WdiServiceHost - ok
14:29:29.0122 0x1d0c WdiSystemHost - ok
14:29:29.0154 0x1d0c wdiwifi - ok
14:29:29.0154 0x1d0c WdNisDrv - ok
14:29:29.0185 0x1d0c WdNisSvc - ok
14:29:29.0200 0x1d0c WebClient - ok
14:29:29.0200 0x1d0c Wecsvc - ok
14:29:29.0232 0x1d0c WEPHOSTSVC - ok
14:29:29.0247 0x1d0c wercplsupport - ok
14:29:29.0263 0x1d0c WerSvc - ok
14:29:29.0263 0x1d0c WFPLWFS - ok
14:29:29.0279 0x1d0c WiaRpc - ok
14:29:29.0294 0x1d0c WIMMount - ok
14:29:29.0310 0x1d0c WinDefend - ok
14:29:29.0341 0x1d0c WindowsTrustedRT - ok
14:29:29.0341 0x1d0c WindowsTrustedRTProxy - ok
14:29:29.0357 0x1d0c WinHttpAutoProxySvc - ok
14:29:29.0404 0x1d0c WinMad - ok
14:29:29.0560 0x1d0c Winmgmt - ok
14:29:29.0591 0x1d0c WinRM - ok
14:29:29.0638 0x1d0c WINUSB - ok
14:29:29.0654 0x1d0c WinVerbs - ok
14:29:29.0700 0x1d0c wisvc - ok
14:29:29.0732 0x1d0c WlanSvc - ok
14:29:29.0825 0x1d0c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:29:29.0841 0x1d0c wlcrasvc - ok
14:29:29.0857 0x1d0c wlidsvc - ok
14:29:29.0872 0x1d0c WmiAcpi - ok
14:29:29.0888 0x1d0c wmiApSrv - ok
14:29:29.0935 0x1d0c WMPNetworkSvc - ok
14:29:29.0966 0x1d0c Wof - ok
14:29:29.0997 0x1d0c workfolderssvc - ok
14:29:30.0060 0x1d0c WPDBusEnum - ok
14:29:30.0107 0x1d0c WpdUpFltr - ok
14:29:30.0169 0x1d0c WpnService - ok
14:29:30.0169 0x1d0c WpnUserService - ok
14:29:30.0200 0x1d0c ws2ifsl - ok
14:29:30.0216 0x1d0c wscsvc - ok
14:29:30.0232 0x1d0c WSearch - ok
14:29:30.0263 0x1d0c wuauserv - ok
14:29:30.0279 0x1d0c WudfPf - ok
14:29:30.0294 0x1d0c WUDFRd - ok
14:29:30.0310 0x1d0c wudfsvc - ok
14:29:30.0325 0x1d0c WUDFWpdFs - ok
14:29:30.0325 0x1d0c WUDFWpdMtp - ok
14:29:30.0341 0x1d0c WwanSvc - ok
14:29:30.0388 0x1d0c XblAuthManager - ok
14:29:30.0435 0x1d0c XblGameSave - ok
14:29:30.0450 0x1d0c xboxgip - ok
14:29:30.0466 0x1d0c XboxNetApiSvc - ok
14:29:30.0497 0x1d0c xinputhid - ok
14:29:30.0513 0x1d0c ================ Scan global ===============================
14:29:30.0622 0x1d0c [ Global ] - ok
14:29:30.0622 0x1d0c ================ Scan MBR ==================================
14:29:30.0638 0x1d0c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:29:35.0060 0x1d0c \Device\Harddisk0\DR0 - ok
14:29:35.0060 0x1d0c ================ Scan VBR ==================================
14:29:35.0076 0x1d0c [ 47C5968E092978007A35FC2326201E56 ] \Device\Harddisk0\DR0\Partition1
14:29:35.0091 0x1d0c \Device\Harddisk0\DR0\Partition1 - ok
14:29:35.0107 0x1d0c [ FBB31BCC55EC8AD4565F0A069B16CF78 ] \Device\Harddisk0\DR0\Partition2
14:29:35.0138 0x1d0c \Device\Harddisk0\DR0\Partition2 - ok
14:29:35.0138 0x1d0c ================ Scan generic autorun ======================
14:29:35.0138 0x1d0c ETDCtrl - ok
14:29:35.0482 0x1d0c [ A3F0187B2B6402168E65BE6688002041, 695A220D95D072F311E68AC9A629A73EBFE9FF922E82CB31A8AA58DF3645E477 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
14:29:35.0513 0x1d0c avgnt - ok
14:29:35.0576 0x1d0c [ 36828A828CEAA19A0FEA14C8723DC60C, 005627B96A08AC88BE3813DCB73228D8668A8270021D824FFC5EEA26C29027FA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
14:29:35.0591 0x1d0c Avira SystrayStartTrigger - ok
14:29:36.0295 0x1d0c OneDriveSetup - ok
14:29:36.0295 0x1d0c OneDriveSetup - ok
14:29:36.0295 0x1d0c OneDriveSetup - ok
14:29:36.0357 0x1d0c WAB Migrate - ok
14:29:36.0357 0x1d0c OneDriveSetup - ok
14:29:36.0357 0x1d0c WAB Migrate - ok
14:29:36.0357 0x1d0c OneDriveSetup - ok
14:29:36.0357 0x1d0c WAB Migrate - ok
14:29:36.0357 0x1d0c Waiting for KSN requests completion. In queue: 2
14:29:37.0373 0x1d0c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\WindowsSecurityCenter.exe ( 15.0.29.31 ), 0x41000 ( enabled : updated )
14:29:37.0435 0x1d0c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x62100 ( disabled : updated )
14:29:37.0466 0x1d0c Win FW state via NFP2: enabled ( trusted )
14:29:37.0623 0x1d0c ============================================================
14:29:37.0623 0x1d0c Scan finished
14:29:37.0623 0x1d0c ============================================================
14:29:37.0623 0x1a5c Detected object count: 0
14:29:37.0623 0x1a5c Actual detected object count: 0
|
|
24.08.2017, 15:27
| #4 | |
| /// TB-Ausbilder | Quickshare von linkury Servus, bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. |
|
24.08.2017, 16:00
| #5 |
| | Quickshare von linkuryFRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von Pflügl (Administrator) auf PFLÜGL-PC (24-08-2017 16:44:15)
Gestartet von C:\Users\Pflügl\Desktop
Geladene Profile: Pflügl (Verfügbare Profile: Pflügl & nathalie & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-08-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2013-12-26]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk [2017-08-24]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{75ff37bc-f35e-4fd1-8f72-5840205e2664}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
URLSearchHook: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 - (Kein Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - Keine Datei
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM-x32 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^YYA^de&si=flvrunner&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&ind=2013072811&n=77fd0dab&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {3E5C233F-F334-43B2-87BA-0B102B44359D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {609F3A36-D7A7-45F3-B223-E2F3E96CC3B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {6CB0C3DC-BCBD-4D81-9DD0-96BD1A294EE9} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {95ED1396-3F7D-478C-AD6A-B97A247F1AD6} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a4ae2de500000000000074de2b60baf1&r=947
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_403bc9d4f41241b69d0dd74ec0d909d6_39_1006_20130621_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {E10C5AE2-82EC-4B63-9AAB-2DD26A68FE3F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default [2017-08-24]
FF user.js: detected! => C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js [2013-11-17]
FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nca6gzm3.default -> Sweetpacks Search
FF Homepage: Mozilla\Firefox\Profiles\nca6gzm3.default -> www.google.de
FF Extension: (Avira Browser Safety) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\abs@avira.com.xpi [2017-08-03]
FF Extension: (Adblock Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Tab Mix Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-05-18]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-24] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-02] <==== ACHTUNG
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR Profile: C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-04-01]
CHR Extension: (Google Wallet) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-01]
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Pflügl\AppData\Local\Smartbar/Application\1Extension.crx <nicht gefunden>
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [604216 2017-02-01] (REINER SCT)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.)
S3 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-23] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [173784 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-31] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\WINDOWS\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
Error(1) reading file: "C:\Users\Pflügl\Desktop\www.bildkontakte.de - einfach einen Partner finden profil klaus g.j.c. div."
2017-08-24 16:44 - 2017-08-24 16:44 - 000022003 _____ C:\Users\Pflügl\Desktop\FRST.txt
2017-08-24 15:33 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-08-24 15:32 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-08-24 15:32 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-08-24 15:32 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-08-24 15:00 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-24 15:00 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-24 15:00 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-24 15:00 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-24 15:00 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-24 15:00 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-24 15:00 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-24 15:00 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-24 15:00 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-24 15:00 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-24 15:00 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-24 15:00 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-24 15:00 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-24 15:00 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-24 15:00 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-24 15:00 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-24 15:00 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-24 15:00 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-24 15:00 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-24 15:00 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-24 15:00 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-24 15:00 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-24 15:00 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-24 15:00 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-24 15:00 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-24 15:00 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-24 15:00 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-24 15:00 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-24 15:00 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-24 15:00 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-24 15:00 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-24 15:00 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-24 15:00 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-24 15:00 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-24 14:59 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-24 14:59 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-24 14:59 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-24 14:59 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-24 14:59 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-24 14:59 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-24 14:59 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-24 14:59 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-24 14:59 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-24 14:59 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-24 14:59 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-24 14:59 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-24 14:59 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-24 14:59 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-24 14:59 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-24 14:59 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-24 14:59 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-24 14:59 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-24 14:59 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-24 14:59 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-24 14:59 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-24 14:59 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-24 14:59 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-24 14:59 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-24 14:59 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-24 14:59 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-24 14:59 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-24 14:59 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-24 14:59 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-24 14:59 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-24 14:59 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-24 14:59 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-24 14:59 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-24 14:59 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-24 14:59 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-24 14:59 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-24 14:59 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-24 14:59 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-24 14:59 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-24 14:59 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-24 14:59 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-24 14:59 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-24 14:59 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-24 14:59 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-24 14:59 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-24 14:59 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-24 14:59 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-24 14:59 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-24 14:59 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-24 14:59 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-24 14:59 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-24 14:59 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-24 14:59 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-24 14:59 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-24 14:59 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-24 14:59 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-24 14:59 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-24 14:59 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-24 14:59 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-24 14:59 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-24 14:58 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-24 14:58 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-24 14:58 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-24 14:58 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-24 14:58 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-24 14:58 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-24 14:58 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-24 14:58 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-24 14:58 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-24 14:58 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-24 14:58 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-24 14:58 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-24 14:58 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-24 14:58 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-24 14:58 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-24 14:58 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-24 14:58 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-24 14:58 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-24 14:58 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-24 14:58 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-24 14:58 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-24 14:58 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-24 14:58 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-24 14:58 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-24 14:58 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-24 14:58 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-24 14:58 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-24 14:58 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-24 14:58 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-24 14:57 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-24 14:57 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-24 14:57 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-24 14:57 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-24 14:57 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-24 14:57 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-24 14:57 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-24 14:57 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-24 14:57 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-24 14:57 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-24 14:57 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-24 14:57 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-24 14:57 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-24 14:57 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-24 14:57 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-24 14:57 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-24 14:57 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-24 14:57 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-24 14:57 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-24 14:57 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-24 14:57 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-24 14:57 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-24 14:57 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-24 14:57 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-24 14:57 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-24 14:57 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-24 14:57 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-24 14:57 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-24 14:57 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-24 14:57 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-24 14:56 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-24 14:56 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-24 14:56 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-24 14:56 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-24 14:56 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-24 14:56 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-24 14:56 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-24 14:56 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-24 14:56 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-24 14:56 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-24 14:56 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-24 14:56 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-24 14:56 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-24 14:56 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-24 14:56 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-24 14:56 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-24 14:56 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-24 14:56 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-24 14:56 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-24 14:56 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-24 14:56 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-24 14:56 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-24 14:56 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-24 14:56 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-24 14:56 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-24 14:56 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-24 14:56 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-24 14:56 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-24 14:56 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-24 14:56 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-24 14:56 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-24 14:56 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-24 14:56 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-24 14:56 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-24 14:56 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-24 14:56 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-24 14:56 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-24 14:56 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-24 14:56 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-24 14:56 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-24 14:56 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-24 14:56 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-24 14:56 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-24 14:56 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-24 14:56 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-24 14:56 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-24 14:56 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-24 14:56 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-24 14:56 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-24 14:56 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-24 14:56 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-24 14:56 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-24 14:56 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-24 14:56 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-24 14:56 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-24 14:56 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-24 14:56 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-24 14:56 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-24 14:56 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-24 14:56 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-24 14:56 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-24 14:56 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-24 14:56 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-24 14:56 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-24 14:56 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-24 14:56 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-24 14:56 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-24 14:56 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-24 14:56 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-24 14:56 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-24 14:56 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-24 14:56 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-24 14:56 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-24 14:56 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-24 14:56 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-24 14:56 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-24 14:56 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-24 14:56 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-24 14:56 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-24 14:56 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-24 14:56 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-24 14:56 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-24 14:56 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-24 14:56 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-24 14:56 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-24 14:56 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-24 14:56 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-24 14:56 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-24 14:56 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-24 14:56 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-24 14:56 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-24 14:56 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-24 14:56 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-24 14:56 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-24 14:56 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-24 14:56 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-24 14:56 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-24 14:56 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-24 14:56 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-24 14:56 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-24 14:28 - 2017-08-24 14:49 - 000075224 _____ C:\TDSSKiller.3.1.0.15_24.08.2017_14.28.31_log.txt
2017-08-24 14:26 - 2017-08-24 14:27 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Pflügl\Desktop\tdsskiller.exe
2017-08-24 14:12 - 2017-08-24 16:44 - 000000000 ____D C:\FRST
2017-08-24 14:10 - 2017-08-24 14:19 - 000000000 ____D C:\Users\lol12
2017-08-24 14:08 - 2017-08-24 14:11 - 002395648 _____ (Farbar) C:\Users\Pflügl\Desktop\FRST64.exe
2017-08-24 12:44 - 2017-08-24 12:44 - 005763072 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-08-24 16:46 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-24 16:43 - 2017-01-11 00:38 - 002612032 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-24 16:43 - 2016-07-17 00:51 - 001074420 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-24 16:43 - 2016-07-17 00:51 - 000261042 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-24 16:41 - 2017-01-11 00:40 - 000000000 ____D C:\Users\Pflügl
2017-08-24 16:41 - 2016-12-11 22:08 - 000000000 ____D C:\Users\Pflügl\AppData\LocalLow\Mozilla
2017-08-24 16:40 - 2017-01-11 00:34 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-24 16:40 - 2015-08-03 09:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-24 16:37 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-24 16:35 - 2017-01-11 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-24 16:35 - 2017-01-11 00:29 - 000389616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-24 16:07 - 2016-07-16 08:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-24 15:54 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-24 15:49 - 2017-01-11 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-24 15:32 - 2013-08-14 21:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-24 15:24 - 2012-02-03 19:00 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-24 15:14 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-24 14:28 - 2015-04-01 19:00 - 000000000 ____D C:\Users\Pflügl\Downloads\Firefox
2017-08-24 14:28 - 2012-08-07 07:55 - 000000000 ____D C:\Users\Pflügl\AppData\Local\CrashDumps
2017-08-24 13:52 - 2015-04-01 17:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-24 13:14 - 2011-08-11 13:30 - 000000000 ____D C:\Program Files (x86)\CyberLink
2017-08-24 13:14 - 2011-08-11 12:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-24 12:44 - 2013-12-26 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-11 19:08 - 2016-07-29 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-11 19:03 - 2015-04-01 18:29 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-08-11 19:03 - 2015-04-01 18:29 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-08-03 08:52 - 2009-07-14 04:34 - 000000669 _____ C:\WINDOWS\win.ini
2017-07-31 17:14 - 2016-07-16 13:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:14 - 2016-07-16 13:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-02-02 19:44 - 2013-07-28 17:17 - 000194952 _____ () C:\Program Files (x86)\8hres.dll
2014-02-02 19:44 - 2013-07-28 17:17 - 000712264 _____ (MindSpark) C:\Program Files (x86)\8hUninstall Allin1Convert.dll
2015-05-17 22:42 - 2015-05-17 22:42 - 006420480 _____ () C:\Program Files (x86)\GUTA86F.tmp
2013-09-13 19:54 - 2013-09-13 19:54 - 000017740 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.dat
2013-09-13 19:54 - 2013-09-13 19:54 - 000013844 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.msg
2014-02-03 12:09 - 2014-07-18 23:20 - 000000106 _____ () C:\Users\Pflügl\AppData\Roaming\WB.CFG
2016-07-15 14:04 - 2016-07-15 14:04 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-01-11 00:33 - 2017-01-11 00:33 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\AlexaNSISPlugin.6676.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-08-24 15:16
==================== Ende von FRST.txt ============================
|
|
24.08.2017, 16:00
| #6 |
| | Quickshare von linkury FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Pflügl (24-08-2017 16:48:08)
Gestartet von C:\Users\Pflügl\Desktop
Windows 10 Home Version 1607 (X64) (2017-01-11 11:18:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1664608947-3428569484-2814311379-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1664608947-3428569484-2814311379-503 - Limited - Disabled)
Gast (S-1-5-21-1664608947-3428569484-2814311379-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1664608947-3428569484-2814311379-1003 - Limited - Enabled)
nathalie (S-1-5-21-1664608947-3428569484-2814311379-1005 - Administrator - Enabled) => C:\Users\nathalie.Pflügl-PC
Pflügl (S-1-5-21-1664608947-3428569484-2814311379-1001 - Administrator - Enabled) => C:\Users\Pflügl
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.29.32 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.6.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Collector's Edition 251 (HKLM-x32\...\Collector's Edition 251) (Version: - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.3.5 - REINER SCT)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{25175695-4B20-4298-9F34-C2C57CD277B3}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{DF37555F-0259-43DA-B60C-47106FA14AA3}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.7.22.13 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.1.5.4 - ) <==== ACHTUNG
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
LUXOR 5th Passage (HKLM-x32\...\LUXOR 5th Passage) (Version: 1.1.0.0 - MumboJumbo)
LUXOR Amun Rising HD (HKLM-x32\...\LUXOR Amun Rising HD) (Version: 1.1.0.0 - MumboJumbo)
LUXOR HD (HKLM-x32\...\LUXOR HD) (Version: 1.1.0.0 - MumboJumbo)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3503 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0811.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Packard Bell)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickShare (HKLM-x32\...\{AF860F85-54A3-4A28-879B-BF9E6E325776}) (Version: 1.6.1.952 - Linkury Inc.) <==== ACHTUNG
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rommé 1 (HKLM-x32\...\Rommé 1) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{C559DE9F-9451-49E5-9176-316E36192409}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
TuneUp Utilities Language Pack (de-DE) (HKLM-x32\...\{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}) (Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Video Web Camera (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3503 - Packard Bell)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinFunktion Mathematik plus 20 (HKLM-x32\...\{CDBA97DF-63B9-44E7-B900-92E8165260C0}) (Version: 1.00.0000 - bhv Publishing GmbH)
Woodcutter Simulator 2011 (HKLM-x32\...\Woodcutter Simulator 2011) (Version: - )
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => -> Keine Datei
ShellIconOverlayIdentifiers: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => -> Keine Datei
ShellIconOverlayIdentifiers: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [04MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => -> Keine Datei
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01BB4D1B-818C-42A0-8B4B-F0BE210EEA30} - System32\Tasks\{03604C09-673A-46D7-91D0-CA6847E45206} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {020DD405-A394-493E-A0CB-B783EBD3F509} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {043089C6-8ECC-41BA-8C31-9D399E684526} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {04DDA79F-A03A-4D1D-92C9-818DDB94FB9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {06B82B36-C8DB-4E88-8657-3141B92BD458} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08482869-7638-449B-A5EA-666DC75E2230} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0B7079CF-6583-4042-A382-32A46A0A17F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BAF5FB1-CE07-4410-810F-D2A94D3999DC} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {0E4E0451-2A7E-4E1D-AB7D-C88EE1D220ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {102215A6-16FA-4986-8E15-553FDA45B53F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {10A5FE77-F8C1-47C8-BE1B-C5428967A6D8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {10ED276C-DD72-4CA8-BCF2-D376268DDEE7} - System32\Tasks\{033A4D70-36D7-46FA-9F7D-A9996B7334EF} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {115C02AF-C7DF-4330-A688-E92B8C8CC4C5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1927C3E0-3CC2-4151-8F7F-F8296774A57D} - System32\Tasks\hpUrlLauncher.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\utils\hpUrlLauncher.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {2802C96A-F077-4A17-8011-3294DAF7C369} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {29CDB149-4C4B-477B-9755-08A513679DEB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C9B83-785F-431C-85BF-97D2AA0F4D8C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3E1954-1BC7-40A1-8F0D-5AA94B0302B1} - System32\Tasks\{EB5F7CC8-1425-4DAB-BF0A-DB808FA16761} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {302E1C0A-0A15-44AD-BA44-1786E28CB20C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3151EB25-0E8A-4AE8-992F-BD36A730A79B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3163DEF0-BC1D-47B8-9AF8-DBCF9E8556D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {35F823C9-B2FC-4792-B8D9-3464229D5382} - System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3B1331CB-2787-440D-B754-4090BED944E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3B14775C-29A3-477E-9E6C-E263967BD99C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3B31208C-629E-4B92-AA6A-7C9FC6883795} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {45D9E40C-1CC9-4A5B-ACA5-97ED713ACF04} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {499F3997-E54C-421E-B526-5F6648D49F51} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AA2C224-1479-45B5-8AE5-605F6BB9EED8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4ADD35B4-9050-421C-9098-0EEB76AC112D} - System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {4BBE6D73-6050-437A-80DE-B8233F98BEF5} - System32\Tasks\{1C26DB06-23AC-4B07-B041-48C78A9D1CBD} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {4C2AED65-E5A5-41F8-BCAD-92EF44FF8907} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Pflügl\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {4D3D5094-88FE-4CE0-A91C-2113C2000A42} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-24] (Adobe Systems Incorporated)
Task: {4E44E590-0AAA-4A64-A753-17B70F4280EF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} - System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {5814C7F6-0FFE-44A5-835F-803CF84A9A24} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A8A4A0D-86EE-43C6-8E78-1417869112A8} - System32\Tasks\{A7B29540-1879-4028-B3B8-C127971DA397} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {5F7202B8-6B43-46D4-B496-BD78C43A044A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {628EDDD5-1054-40F0-852F-29C1C5048AB7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {64FCA12B-117D-4AF7-A494-268A560BFF01} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EDF7077-E62B-4942-82AF-20B5A2C43BC4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {722FEC1C-89F5-444A-9226-EE14DBE764E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {75FE8499-D9D8-43D7-9340-6CCCD29A37DE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7755D443-2648-4B89-9EA8-EAF190163556} - System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => C:\Windows\system32\pcalua.exe -a C:\Users\Pflügl\AppData\Roaming\Allmyapps\Allmyapps.exe -c uninstall
Task: {778EF4BA-BFC7-480A-9270-1825B71C55A5} - System32\Tasks\{9DF84523-FD29-4C9E-82DD-775A63EB0FB1} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {800860D9-C124-49BC-93CC-1985C6E97327} - System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {818D08B0-AB79-40A5-9AF8-7C65320AE798} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {83CFBC6A-B820-4018-B988-7BBCBA3EF8DE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85639F17-6779-492C-90D3-2A04C81EAF20} - System32\Tasks\{25B82541-8571-45E6-83AB-4AF95DABF24A} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {8569E4D6-C467-4B53-9C7B-6D6D3A207AEC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AD0768E-4A9E-494C-951A-8D6B0158C676} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8E3C62E9-BB57-4328-BD78-3F42CAE4DE4A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {8EE3DC86-4A70-4349-9AA9-F0203D291B72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {90D8AB43-209E-4370-BAD1-D5259AB7396C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {950A73AF-EF0A-4F16-814B-2894C2203ABB} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe start BrowserDefendert <==== ACHTUNG
Task: {9D8EF176-E6FB-4931-8DB6-99D24652A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A2F0F64E-16E2-4DE3-BD2C-5E63E84C7090} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A421C8AC-59B4-4306-A012-784EB2DEA81A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A6716755-233F-4A56-A111-02A2D4DD0A9B} - System32\Tasks\{0E5B43A1-4CBC-49B7-B663-FC61E5FBB58F} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {A72A0967-0AB3-4972-A197-0DCFCC791D8F} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-Pflügl => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {ABF8455B-5FDC-4FBF-A21F-B8E4F38DE2E2} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-nathalie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {B18AA8C6-1B5E-4934-8263-757AA676496E} - System32\Tasks\{F9402AE5-ACC8-4BA8-9E7E-0375A8F72E09} => C:\Windows\system32\pcalua.exe -a F:\install_flash_player_active_x.exe -d F:\
Task: {B278D98E-6409-45E9-8A49-416935FC9A9B} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {B6F48632-6D52-4C8A-AFF3-9899AB8B5AE7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B85D8103-15F1-4054-9C89-21D9B559D123} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {BFB32430-75BB-4606-BD31-CE87342D524F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {C7A4899A-F1FE-4A82-808D-6CFAE45C319E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFB1136A-F1BC-4634-9CBF-A999C7B3A3C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {D627BDDD-E3F7-4578-9963-518C3686B0C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {D718E290-E157-4664-A9F3-8B04A0A02DC8} - System32\Tasks\{9711830A-13DD-481F-A336-AA3C7885661B} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D71B6264-3754-414A-BF96-9E2E2E614FF8} - System32\Tasks\{B0CE2170-76B6-4422-A267-413ED3F67B11} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D84A16D9-413C-46C6-9768-09EF6339DF29} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {DCAF2E5C-9386-4622-BD13-B534BB0F78A3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {DD91A8EB-DA59-473D-969E-320501B67A7F} - System32\Tasks\{D81F541F-3DE9-4EC6-9DAE-1BF798040AC6} => C:\Windows\system32\pcalua.exe -a "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)\NeoGamma Installer by Wii-Homebrew.exe" -d "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)"
Task: {E8CFFA40-C104-4B30-BD9D-1B3420B5D4C4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB64C26B-0806-4248-8678-D6FE1375A527} - System32\Tasks\{463E93F0-2199-42B9-8D18-DBD746D676A9} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {EC056EB6-2863-4CE6-94AB-5748B2D8EDCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F1C99E32-F492-4038-BD10-731DA69C2968} - System32\Tasks\{1A9F0B80-4630-434D-A4D3-C672A48987F2} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {F2E1695E-1F6E-4122-BB8F-98AF48FAC07A} - \DealPlyUpdate -> Keine Datei <==== ACHTUNG
Task: {F44EBEAB-A6B2-4B21-96BA-E4465EF19E75} - System32\Tasks\{966A14DB-D34B-4A06-BC26-743C4C42F131} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {F518F3A1-B8F3-401C-A21C-3FA1BCF4A3A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F70666D8-716B-49F8-B3AD-5CC32FAEE9E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {FB3379A3-B190-40F2-A65D-03A35D445AD9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Pflügl\Desktop\eBay.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-13 22:48 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-11 18:04 - 2016-12-29 15:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-01-11 00:07 - 2017-01-11 00:07 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 12:02 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 12:03 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-24 14:56 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-24 14:56 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-24 14:56 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-17 12:03 - 2017-03-04 08:04 - 000114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2017-03-17 12:03 - 2017-03-04 08:04 - 000115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2017-03-17 12:03 - 2017-03-04 08:04 - 000522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 000040448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000813056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000963584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000249344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000572416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000403968 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000183296 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000288256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2017-08-24 15:10 - 2017-08-24 15:12 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 15:10 - 2017-08-24 15:12 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 15:10 - 2017-08-24 15:12 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 15:10 - 2017-08-24 15:12 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-08-03 08:53 - 2017-08-03 08:53 - 000054272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 003774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile: <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile: <==== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Control Panel\Desktop\\Wallpaper -> c:\users\pflügl\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{ceedc30e-03f3-4223-aeb0-1bb4c000d5a6}.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{6764BC9A-AB39-4504-8F82-9BDA992F3446}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [UDP Query User{823B4211-7E40-4248-98CF-BE85E7AC7085}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{53EC6C2E-FAAC-4F66-9EF9-3520406A6913}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4692755E-2E62-439A-8D1C-8A1EE34316D0}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{12F65F9D-A5BE-4325-98C7-E6278A2CDE17}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [{B1908BEA-AD44-41F3-B7FB-8639558AB54D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0E349DC-E761-452A-A9C8-FF5372646FE2}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{09B2A8BF-15F4-49C1-AB92-DCD9C3EF35D3}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{4B4D1B33-47F8-4FA5-A55A-5984420C7F87}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{B617C342-BBB7-4B32-B821-505EAAB675BB}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{A06D5442-904C-441E-BBFB-D978E61202D3}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{DA1C4275-AAF6-4019-9F46-4E7BF1F14776}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{1C8A7C60-770C-4F71-AF74-DFB5A766E952}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{B85F5BC9-5B59-4EBA-A6C2-7BA604913A9A}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{02AF66E7-A9F6-45F0-89FE-093EA2A1B1D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{565DC845-DF99-4033-9771-B3277CA0BA27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6535CE99-10FD-4752-A321-1CFA1864D1D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{A1A6D11E-B062-466A-9269-32740E3A90C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D6417DF7-A14F-414F-906E-771A3732508C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CB0909D1-9148-41EF-A181-315C3D60A4BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6A09E45E-391E-4FAF-966C-BAF4700D2641}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
==================== Wiederherstellungspunkte =========================
09-07-2017 11:34:16 Windows Update
13-07-2017 23:18:01 Windows Update
13-07-2017 23:19:20 Windows Update
03-08-2017 08:48:12 Windows Update
24-08-2017 15:19:23 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/24/2017 03:24:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Pflügl-PC)
Description: Das Paket „Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (08/24/2017 03:21:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/24/2017 02:27:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: {E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe, Version: 3.1.0.15, Zeitstempel: 0x58f5cf94
Name des fehlerhaften Moduls: {E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe, Version: 3.1.0.15, Zeitstempel: 0x58f5cf94
Ausnahmecode: 0x40000015
Fehleroffset: 0x0014376c
ID des fehlerhaften Prozesses: 0x1f58
Startzeit der fehlerhaften Anwendung: 0x01d31cd4509c1b30
Pfad der fehlerhaften Anwendung: C:\Users\PFLGL~1\AppData\Local\Temp\{3F148F86-334A-484B-8CFE-C9212706ABA4}\{E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe
Pfad des fehlerhaften Moduls: C:\Users\PFLGL~1\AppData\Local\Temp\{3F148F86-334A-484B-8CFE-C9212706ABA4}\{E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe
Berichtskennung: 587d6b27-b42b-4b44-852b-83217d664be8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/24/2017 01:11:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (08/24/2017 01:09:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/24/2017 12:48:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1316.Das angegebene Konto ist bereits vorhanden.
Error: (08/24/2017 12:43:33 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.
Error: (08/24/2017 12:43:33 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.
Error: (08/11/2017 06:55:50 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.
Error: (08/03/2017 08:48:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (08/24/2017 04:43:55 PM) (Source: DCOM) (EventID: 10016) (User: Pflügl-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Pflügl-PC\Pflügl" (SID: S-1-5-21-1664608947-3428569484-2814311379-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/24/2017 04:42:59 PM) (Source: DCOM) (EventID: 10016) (User: Pflügl-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Pflügl-PC\Pflügl" (SID: S-1-5-21-1664608947-3428569484-2814311379-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/24/2017 04:40:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_1983b8" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (08/24/2017 04:35:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (08/24/2017 01:58:32 PM) (Source: DCOM) (EventID: 10016) (User: Pflügl-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Pflügl-PC\Pflügl" (SID: S-1-5-21-1664608947-3428569484-2814311379-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/24/2017 01:56:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_5733f" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (08/24/2017 01:53:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetPipeActivator" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (08/24/2017 01:53:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.
Error: (08/24/2017 01:53:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira.ServiceHost erreicht.
Error: (08/24/2017 01:53:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 1164.22 MB
Summe virtueller Speicher: 7915.86 MB
Verfügbarer virtueller Speicher: 4238.95 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:678.54 GB) (Free:594.54 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 8397C1BA)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=678.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter 16:54:01.0758 0x0820 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
16:54:04.0743 0x0820 ============================================================
16:54:04.0743 0x0820 Current date / time: 2017/08/24 16:54:04.0743
16:54:04.0743 0x0820 SystemInfo:
16:54:04.0758 0x0820
16:54:04.0758 0x0820 OS Version: 10.0.14393 ServicePack: 0.0
16:54:04.0758 0x0820 Product type: Workstation
16:54:04.0758 0x0820 ComputerName: PFLÜGL-PC
16:54:04.0758 0x0820 UserName: Pflügl
16:54:04.0758 0x0820 Windows directory: C:\WINDOWS
16:54:04.0758 0x0820 System windows directory: C:\WINDOWS
16:54:04.0758 0x0820 Running under WOW64
16:54:04.0758 0x0820 Processor architecture: Intel x64
16:54:04.0758 0x0820 Number of processors: 4
16:54:04.0758 0x0820 Page size: 0x1000
16:54:04.0758 0x0820 Boot type: Normal boot
16:54:04.0758 0x0820 CodeIntegrityOptions = 0x00000001
16:54:04.0758 0x0820 ============================================================
16:54:06.0493 0x0820 KLMD registered as C:\WINDOWS\system32\drivers\60026162.sys
16:54:06.0493 0x0820 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1593, osProperties = 0x19
16:54:06.0758 0x0820 System UUID: {87F4E558-BE4F-298E-ECB8-1DA4EEBA9E42}
16:54:08.0180 0x0820 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:54:08.0259 0x0820 ============================================================
16:54:08.0259 0x0820 \Device\Harddisk0\DR0:
16:54:08.0305 0x0820 MBR partitions:
16:54:08.0305 0x0820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
16:54:08.0305 0x0820 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x54D13000
16:54:08.0305 0x0820 ============================================================
16:54:08.0477 0x0820 C: <-> \Device\Harddisk0\DR0\Partition2
16:54:08.0477 0x0820 ============================================================
16:54:08.0477 0x0820 Initialize success
16:54:08.0477 0x0820 ============================================================
16:54:11.0071 0x1e84 ============================================================
16:54:11.0071 0x1e84 Scan started
16:54:11.0071 0x1e84 Mode: Manual;
16:54:11.0071 0x1e84 ============================================================
16:54:11.0071 0x1e84 KSN ping started
16:54:11.0352 0x1e84 KSN ping finished: true
16:54:23.0931 0x1e84 ================ Scan system memory ========================
16:54:23.0931 0x1e84 System memory - ok
16:54:23.0931 0x1e84 ================ Scan services =============================
16:54:24.0650 0x1e84 1394ohci - ok
16:54:24.0681 0x1e84 3ware - ok
16:54:24.0697 0x1e84 ACPI - ok
16:54:24.0713 0x1e84 AcpiDev - ok
16:54:24.0728 0x1e84 acpiex - ok
16:54:24.0744 0x1e84 acpipagr - ok
16:54:24.0806 0x1e84 AcpiPmi - ok
16:54:24.0838 0x1e84 acpitime - ok
16:54:24.0994 0x1e84 [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
16:54:25.0009 0x1e84 AdobeActiveFileMonitor9.0 - ok
16:54:25.0213 0x1e84 [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:54:25.0228 0x1e84 AdobeARMservice - ok
16:54:26.0041 0x1e84 [ C52B8980692CACB057742C450D734149, BB2D7034592B6EBBECE5A73FB625E1352FD59972620523022CABA68EE00B7B98 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:54:26.0088 0x1e84 AdobeFlashPlayerUpdateSvc - ok
16:54:26.0119 0x1e84 ADP80XX - ok
16:54:26.0150 0x1e84 AFD - ok
16:54:26.0181 0x1e84 ahcache - ok
16:54:26.0197 0x1e84 AJRouter - ok
16:54:26.0228 0x1e84 ALG - ok
16:54:26.0259 0x1e84 AmdK8 - ok
16:54:26.0275 0x1e84 AmdPPM - ok
16:54:26.0275 0x1e84 amdsata - ok
16:54:26.0291 0x1e84 amdsbs - ok
16:54:26.0291 0x1e84 amdxata - ok
16:54:26.0525 0x1e84 [ 0ACC38DF0CFF151C63AD6F6F35C55D0C, E77574F3FBF50FA6935D79AB2282971FBA5FC52FD626797CDFEA50889DFEAE2B ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
16:54:26.0556 0x1e84 AntiVirMailService - ok
16:54:26.0681 0x1e84 [ 22B27C504A06096CDF3D5D0D46893EA0, 587B1A8AD24526A300563EACB0157099AA5CC3F2208534C91698758364EBE0AE ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:54:26.0744 0x1e84 AntiVirSchedulerService - ok
16:54:26.0885 0x1e84 [ 22B27C504A06096CDF3D5D0D46893EA0, 587B1A8AD24526A300563EACB0157099AA5CC3F2208534C91698758364EBE0AE ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:54:26.0900 0x1e84 AntiVirService - ok
16:54:27.0197 0x1e84 [ 8D2DD42AA98E1BD156FB59B320C0C613, 8711ECB09D420B3A3CA81F9326B23E9ED38D3D39CBDA332E59770DAA3E8A6CD3 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:54:27.0228 0x1e84 AntiVirWebService - ok
16:54:27.0322 0x1e84 AppHostSvc - ok
16:54:27.0353 0x1e84 AppID - ok
16:54:27.0416 0x1e84 AppIDSvc - ok
16:54:27.0478 0x1e84 Appinfo - ok
16:54:27.0525 0x1e84 applockerfltr - ok
16:54:27.0603 0x1e84 AppReadiness - ok
16:54:27.0635 0x1e84 AppXSvc - ok
16:54:27.0650 0x1e84 arcsas - ok
16:54:27.0900 0x1e84 aspnet_state - ok
16:54:27.0978 0x1e84 AsyncMac - ok
16:54:28.0041 0x1e84 atapi - ok
16:54:28.0166 0x1e84 athr - ok
16:54:28.0213 0x1e84 AudioEndpointBuilder - ok
16:54:28.0244 0x1e84 Audiosrv - ok
16:54:28.0291 0x1e84 [ 4621EA3385170B087A03F3C90E276B4A, 1513802CF844B1B7A70C820AEF732EDA432D44CD8726560D95F05EB5CA556CD7 ] avdevprot C:\WINDOWS\system32\DRIVERS\avdevprot.sys
16:54:28.0291 0x1e84 avdevprot - ok
16:54:28.0400 0x1e84 [ 6FA5F3EA4F088EEECC5519A8C92ACC6D, 197BEFF6AFCA9A4E9C8504DCA4D039D497E05288ABC0927F3521425A14B3DAF9 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:54:28.0400 0x1e84 avgntflt - ok
16:54:28.0510 0x1e84 [ C320148D031EA49D210C6DDEC4405EE3, 5DF6A142F399A2BAA1F3708A92F284BB2905229A1E9D438275BF04C918DBE1A3 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:54:28.0510 0x1e84 avipbb - ok
16:54:28.0635 0x1e84 [ 899C706D9C5A829BEA290CD02A95B07C, 40121149932C76E2377386D4C286E1C0CE5AE382515C8DE391B68A0E77478B28 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
16:54:28.0666 0x1e84 Avira.ServiceHost - ok
16:54:28.0697 0x1e84 [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
16:54:28.0697 0x1e84 avkmgr - ok
16:54:28.0713 0x1e84 [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
16:54:28.0713 0x1e84 avnetflt - ok
16:54:28.0744 0x1e84 AxInstSV - ok
16:54:28.0760 0x1e84 b06bdrv - ok
16:54:28.0806 0x1e84 [ 0630C8915B747E88E825CE7F73B66A5D, E9B465EE23487B59B1C906B04F9235B0BFBF254C1760E2462A7D1D7FE1655088 ] b57xdbd C:\WINDOWS\System32\drivers\b57xdbd.sys
16:54:28.0806 0x1e84 b57xdbd - ok
16:54:28.0885 0x1e84 [ CA8457E528E13B38F8DC3B86B6BA4C6B, 532E48BBBA806608EBEFE10A94DCE2BFE8918D8DD6DEF6871F44FEEDA51238B8 ] b57xdmp C:\WINDOWS\System32\drivers\b57xdmp.sys
16:54:28.0900 0x1e84 b57xdmp - ok
16:54:28.0931 0x1e84 BasicDisplay - ok
16:54:29.0010 0x1e84 BasicRender - ok
16:54:29.0041 0x1e84 bcmfn - ok
16:54:29.0056 0x1e84 bcmfn2 - ok
16:54:29.0072 0x1e84 BDESVC - ok
16:54:29.0088 0x1e84 Beep - ok
16:54:29.0135 0x1e84 BFE - ok
16:54:29.0150 0x1e84 BITS - ok
16:54:29.0166 0x1e84 bowser - ok
16:54:29.0197 0x1e84 BrokerInfrastructure - ok
16:54:29.0213 0x1e84 Browser - ok
16:54:29.0291 0x1e84 [ 0E9B28782D0E5DE7C25207432B791B33, FE33E3B27BEED03922DB2565DECC0E12F8CD586B5060EE4A1A87FF99EEC77B22 ] bScsiMSa C:\WINDOWS\System32\drivers\bScsiMSa.sys
16:54:29.0307 0x1e84 bScsiMSa - ok
16:54:29.0353 0x1e84 [ 59CA958CBB12C3344A22D33D3582F4C0, 29F06D9B507703D6F4DA28230E067340FC11B63DDEB5C113E6F991C4EC87FB7A ] bScsiSDa C:\WINDOWS\System32\drivers\bScsiSDa.sys
16:54:29.0369 0x1e84 bScsiSDa - ok
16:54:29.0416 0x1e84 BthAvrcpTg - ok
16:54:29.0432 0x1e84 BthHFEnum - ok
16:54:29.0447 0x1e84 bthhfhid - ok
16:54:29.0494 0x1e84 BthHFSrv - ok
16:54:29.0494 0x1e84 BTHMODEM - ok
16:54:29.0510 0x1e84 bthserv - ok
16:54:29.0557 0x1e84 buttonconverter - ok
16:54:29.0572 0x1e84 CapImg - ok
16:54:29.0619 0x1e84 cdfs - ok
16:54:29.0650 0x1e84 CDPSvc - ok
16:54:29.0666 0x1e84 CDPUserSvc - ok
16:54:29.0728 0x1e84 cdrom - ok
16:54:29.0744 0x1e84 CertPropSvc - ok
16:54:29.0791 0x1e84 cht4iscsi - ok
16:54:29.0807 0x1e84 cht4vbd - ok
16:54:29.0869 0x1e84 circlass - ok
16:54:30.0228 0x1e84 [ E6C13708EC768ABE89BC45F7F12F49DB, 713C2FC2DF6EC3E79871A639686FE0358A564927D696EB2ED9AB5EDEAA9D47D2 ] cjpcsc C:\WINDOWS\SysWOW64\cjpcsc.exe
16:54:30.0260 0x1e84 cjpcsc - ok
16:54:30.0275 0x1e84 [ E3B86AB029D1C523981C3476DE859521, F787284359F6322DB7135FCDFD3DA3EFD92FBBB95F3DC5C9D77B881A8351B080 ] cjusb C:\WINDOWS\system32\DRIVERS\cjusb.sys
16:54:30.0275 0x1e84 cjusb - ok
16:54:30.0307 0x1e84 CLFS - ok
16:54:30.0353 0x1e84 ClipSVC - ok
16:54:30.0400 0x1e84 clreg - ok
16:54:30.0541 0x1e84 CmBatt - ok
16:54:30.0572 0x1e84 CNG - ok
16:54:30.0588 0x1e84 cnghwassist - ok
16:54:30.0869 0x1e84 CompositeBus - ok
16:54:30.0869 0x1e84 COMSysApp - ok
16:54:30.0900 0x1e84 condrv - ok
16:54:30.0963 0x1e84 CoreMessagingRegistrar - ok
16:54:31.0447 0x1e84 [ 5D19617245C798A0EED86D4D36B8C6E8, 90AB9125B1A56134489E81CE5AEE1F2C7005BE505E52603B1A884A2B8C3C4735 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:54:31.0463 0x1e84 cphs - ok
16:54:31.0494 0x1e84 CryptSvc - ok
16:54:31.0525 0x1e84 dam - ok
16:54:31.0557 0x1e84 DcomLaunch - ok
16:54:31.0572 0x1e84 DcpSvc - ok
16:54:31.0604 0x1e84 defragsvc - ok
16:54:31.0635 0x1e84 DeviceAssociationService - ok
16:54:31.0666 0x1e84 DeviceInstall - ok
16:54:31.0697 0x1e84 DevQueryBroker - ok
16:54:31.0713 0x1e84 Dfsc - ok
16:54:31.0775 0x1e84 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
16:54:31.0775 0x1e84 dg_ssudbus - ok
16:54:31.0838 0x1e84 Dhcp - ok
16:54:31.0932 0x1e84 diagnosticshub.standardcollector.service - ok
16:54:31.0947 0x1e84 DiagTrack - ok
16:54:32.0025 0x1e84 disk - ok
16:54:32.0119 0x1e84 DmEnrollmentSvc - ok
16:54:32.0166 0x1e84 dmvsc - ok
16:54:32.0244 0x1e84 dmwappushservice - ok
16:54:32.0291 0x1e84 Dnscache - ok
16:54:32.0322 0x1e84 dot3svc - ok
16:54:32.0338 0x1e84 DPS - ok
16:54:32.0338 0x1e84 drmkaud - ok
16:54:32.0525 0x1e84 [ 9DD3A22F804697606C2B7FF9E912FF6B, BBE2FC0D554030BA9E3A96CC4A360D61DBCCAA1D81BD7547809F29A3AF0B3A25 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
16:54:32.0541 0x1e84 DsiWMIService - ok
16:54:32.0604 0x1e84 DsmSvc - ok
16:54:32.0619 0x1e84 DsSvc - ok
16:54:32.0650 0x1e84 DXGKrnl - ok
16:54:32.0666 0x1e84 EapHost - ok
16:54:32.0697 0x1e84 ebdrv - ok
16:54:32.0729 0x1e84 EFS - ok
16:54:32.0775 0x1e84 EhStorClass - ok
16:54:32.0807 0x1e84 EhStorTcgDrv - ok
16:54:32.0838 0x1e84 embeddedmode - ok
16:54:32.0854 0x1e84 EntAppSvc - ok
16:54:33.0104 0x1e84 [ 48425C93B6F36529707206E4FA680CF3, 328BD59DEDFAD359EF79CCFBC2AD3E9C95657EC616AE0611F5EFEB34B810692A ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
16:54:33.0150 0x1e84 ePowerSvc - ok
16:54:33.0197 0x1e84 ErrDev - ok
16:54:33.0338 0x1e84 [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
16:54:33.0385 0x1e84 ETD - ok
16:54:33.0510 0x1e84 [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService C:\Program Files\Elantech\ETDService.exe
16:54:33.0510 0x1e84 ETDService - ok
16:54:33.0541 0x1e84 EventSystem - ok
16:54:33.0541 0x1e84 exfat - ok
16:54:33.0572 0x1e84 fastfat - ok
16:54:33.0588 0x1e84 Fax - ok
16:54:33.0619 0x1e84 fdc - ok
16:54:33.0635 0x1e84 fdPHost - ok
16:54:33.0635 0x1e84 FDResPub - ok
16:54:33.0666 0x1e84 fhsvc - ok
16:54:33.0713 0x1e84 FileCrypt - ok
16:54:33.0713 0x1e84 FileInfo - ok
16:54:33.0744 0x1e84 Filetrace - ok
16:54:33.0744 0x1e84 flpydisk - ok
16:54:33.0760 0x1e84 FltMgr - ok
16:54:33.0791 0x1e84 FontCache - ok
16:54:34.0010 0x1e84 FontCache3.0.0.0 - ok
16:54:34.0057 0x1e84 FrameServer - ok
16:54:34.0088 0x1e84 FsDepends - ok
16:54:34.0088 0x1e84 Fs_Rec - ok
16:54:34.0119 0x1e84 fvevol - ok
16:54:34.0166 0x1e84 gencounter - ok
16:54:34.0197 0x1e84 genericusbfn - ok
16:54:34.0229 0x1e84 GPIOClx0101 - ok
16:54:34.0276 0x1e84 gpsvc - ok
16:54:34.0291 0x1e84 GpuEnergyDrv - ok
16:54:34.0322 0x1e84 HDAudBus - ok
16:54:34.0322 0x1e84 HidBatt - ok
16:54:34.0322 0x1e84 HidBth - ok
16:54:34.0354 0x1e84 hidi2c - ok
16:54:34.0354 0x1e84 hidinterrupt - ok
16:54:34.0385 0x1e84 HidIr - ok
16:54:34.0401 0x1e84 hidserv - ok
16:54:34.0432 0x1e84 HidUsb - ok
16:54:34.0447 0x1e84 HomeGroupListener - ok
16:54:34.0463 0x1e84 HomeGroupProvider - ok
16:54:34.0510 0x1e84 HpSAMD - ok
16:54:34.0619 0x1e84 [ EA0047216B112D4E2B38ECF6F9D769AC, 92250C8CBE4373716FF777A929AC0D88181660BA94B0BB656EFA1BF448D858C8 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
16:54:34.0635 0x1e84 HPSupportSolutionsFrameworkService - ok
16:54:34.0651 0x1e84 HTTP - ok
16:54:34.0682 0x1e84 HvHost - ok
16:54:34.0729 0x1e84 hvservice - ok
16:54:34.0744 0x1e84 hwpolicy - ok
16:54:34.0776 0x1e84 hyperkbd - ok
16:54:34.0791 0x1e84 i8042prt - ok
16:54:34.0807 0x1e84 iagpio - ok
16:54:34.0807 0x1e84 iai2c - ok
16:54:34.0822 0x1e84 iaLPSS2i_GPIO2 - ok
16:54:34.0822 0x1e84 iaLPSS2i_I2C - ok
16:54:34.0838 0x1e84 iaLPSSi_GPIO - ok
16:54:34.0838 0x1e84 iaLPSSi_I2C - ok
16:54:34.0854 0x1e84 iaStorAV - ok
16:54:34.0854 0x1e84 iaStorV - ok
16:54:34.0869 0x1e84 ibbus - ok
16:54:34.0916 0x1e84 icssvc - ok
16:54:36.0104 0x1e84 [ 226EAECA4F21F899E3F0C95297678A0B, DC18AAE3F1505C9BECB75218F4CCCD8DC6E1C6258EDA9A57B57028246EF346FA ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:54:36.0197 0x1e84 igfx - ok
16:54:36.0260 0x1e84 IKEEXT - ok
16:54:36.0276 0x1e84 IndirectKmd - ok
16:54:36.0635 0x1e84 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:54:36.0791 0x1e84 IntcAzAudAddService - ok
16:54:36.0838 0x1e84 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:54:36.0838 0x1e84 IntcDAud - ok
16:54:36.0854 0x1e84 intelide - ok
16:54:36.0869 0x1e84 intelpep - ok
16:54:36.0901 0x1e84 intelppm - ok
16:54:36.0916 0x1e84 iorate - ok
16:54:36.0916 0x1e84 IpFilterDriver - ok
16:54:36.0963 0x1e84 iphlpsvc - ok
16:54:36.0979 0x1e84 IPMIDRV - ok
16:54:37.0010 0x1e84 IPNAT - ok
16:54:37.0010 0x1e84 irda - ok
16:54:37.0010 0x1e84 IRENUM - ok
16:54:37.0041 0x1e84 irmon - ok
16:54:37.0104 0x1e84 isapnp - ok
16:54:37.0135 0x1e84 iScsiPrt - ok
16:54:37.0166 0x1e84 k57nd60a - ok
16:54:37.0244 0x1e84 kbdclass - ok
16:54:37.0291 0x1e84 kbdhid - ok
16:54:37.0385 0x1e84 kdnic - ok
16:54:37.0385 0x1e84 KeyIso - ok
16:54:37.0432 0x1e84 KSecDD - ok
16:54:37.0448 0x1e84 KSecPkg - ok
16:54:37.0463 0x1e84 ksthunk - ok
16:54:37.0479 0x1e84 KtmRm - ok
16:54:37.0494 0x1e84 LanmanServer - ok
16:54:37.0494 0x1e84 LanmanWorkstation - ok
16:54:37.0666 0x1e84 [ D186AAAE72691136BDE00BBB41F48D12, C64885A726C0642C92BC4993667696DFEC8D284C20872D58E49786EE280A01ED ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:54:37.0698 0x1e84 LBTServ - ok
16:54:37.0713 0x1e84 lfsvc - ok
16:54:37.0823 0x1e84 [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
16:54:37.0838 0x1e84 LHidFilt - ok
16:54:37.0869 0x1e84 LicenseManager - ok
16:54:38.0061 0x1e84 [ B705C7097F9A0EC941D02DCE7C7D426C, 1A137BEA25BF7BA1EF190212CD6E556B53293D6388E9F7E790BF53F641F3CF89 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
16:54:38.0106 0x1e84 Live Updater Service - ok
16:54:38.0134 0x1e84 lltdio - ok
16:54:38.0166 0x1e84 lltdsvc - ok
16:54:38.0195 0x1e84 lmhosts - ok
16:54:38.0311 0x1e84 [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
16:54:38.0311 0x1e84 LMouFilt - ok
16:54:38.0561 0x1e84 [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:54:38.0593 0x1e84 LMS - ok
16:54:38.0655 0x1e84 LSI_SAS - ok
16:54:38.0671 0x1e84 LSI_SAS2i - ok
16:54:38.0671 0x1e84 LSI_SAS3i - ok
16:54:38.0686 0x1e84 LSI_SSS - ok
16:54:38.0702 0x1e84 LSM - ok
16:54:38.0718 0x1e84 luafv - ok
16:54:38.0780 0x1e84 MapsBroker - ok
16:54:38.0827 0x1e84 megasas - ok
16:54:38.0890 0x1e84 megasas2i - ok
16:54:38.0905 0x1e84 megasr - ok
16:54:38.0968 0x1e84 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
16:54:38.0983 0x1e84 MEIx64 - ok
16:54:39.0030 0x1e84 MessagingService - ok
16:54:39.0265 0x1e84 Microsoft SharePoint Workspace Audit Service - ok
16:54:39.0280 0x1e84 mlx4_bus - ok
16:54:39.0311 0x1e84 MMCSS - ok
16:54:39.0327 0x1e84 Modem - ok
16:54:39.0358 0x1e84 monitor - ok
16:54:39.0405 0x1e84 mouclass - ok
16:54:39.0405 0x1e84 mouhid - ok
16:54:39.0405 0x1e84 mountmgr - ok
16:54:39.0483 0x1e84 [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:54:39.0499 0x1e84 MozillaMaintenance - ok
16:54:39.0499 0x1e84 mpsdrv - ok
16:54:39.0530 0x1e84 MpsSvc - ok
16:54:39.0577 0x1e84 MQAC - ok
16:54:39.0593 0x1e84 MRxDAV - ok
16:54:39.0624 0x1e84 mrxsmb - ok
16:54:39.0640 0x1e84 mrxsmb10 - ok
16:54:39.0671 0x1e84 mrxsmb20 - ok
16:54:39.0702 0x1e84 MsBridge - ok
16:54:39.0749 0x1e84 MSDTC - ok
16:54:39.0749 0x1e84 Msfs - ok
16:54:39.0780 0x1e84 msgpiowin32 - ok
16:54:39.0843 0x1e84 mshidkmdf - ok
16:54:39.0874 0x1e84 mshidumdf - ok
16:54:39.0890 0x1e84 msisadrv - ok
16:54:39.0952 0x1e84 MSiSCSI - ok
16:54:39.0968 0x1e84 msiserver - ok
16:54:39.0983 0x1e84 MSKSSRV - ok
16:54:39.0999 0x1e84 MsLldp - ok
16:54:40.0030 0x1e84 MSMQ - ok
16:54:40.0046 0x1e84 MSPCLOCK - ok
16:54:40.0061 0x1e84 MSPQM - ok
16:54:40.0077 0x1e84 MsRPC - ok
16:54:40.0093 0x1e84 mssmbios - ok
16:54:40.0108 0x1e84 MSTEE - ok
16:54:40.0124 0x1e84 MTConfig - ok
16:54:40.0171 0x1e84 Mup - ok
16:54:40.0186 0x1e84 mvumis - ok
16:54:40.0202 0x1e84 NativeWifiP - ok
16:54:40.0421 0x1e84 [ 13AA2130F2A104DD775EAD0F0EE5417B, EBA07599FC2D10750CE6372EA6BA94EDDAFFF732223A1135F1971B958A6B57A2 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
16:54:40.0452 0x1e84 NAUpdate - ok
16:54:40.0468 0x1e84 NcaSvc - ok
16:54:40.0483 0x1e84 NcbService - ok
16:54:40.0483 0x1e84 NcdAutoSetup - ok
16:54:40.0530 0x1e84 ndfltr - ok
16:54:40.0546 0x1e84 NDIS - ok
16:54:40.0561 0x1e84 NdisCap - ok
16:54:40.0608 0x1e84 NdisImPlatform - ok
16:54:40.0624 0x1e84 NdisTapi - ok
16:54:40.0640 0x1e84 Ndisuio - ok
16:54:40.0671 0x1e84 NdisVirtualBus - ok
16:54:40.0718 0x1e84 NdisWan - ok
16:54:40.0718 0x1e84 ndiswanlegacy - ok
16:54:40.0733 0x1e84 ndproxy - ok
16:54:40.0733 0x1e84 Ndu - ok
16:54:40.0812 0x1e84 NetAdapterCx - ok
16:54:40.0843 0x1e84 NetBIOS - ok
16:54:40.0843 0x1e84 NetBT - ok
16:54:40.0858 0x1e84 Netlogon - ok
16:54:40.0890 0x1e84 Netman - ok
16:54:41.0124 0x1e84 NetMsmqActivator - ok
16:54:41.0124 0x1e84 NetPipeActivator - ok
16:54:41.0171 0x1e84 netprofm - ok
16:54:41.0218 0x1e84 NetSetupSvc - ok
16:54:41.0218 0x1e84 NetTcpActivator - ok
16:54:41.0218 0x1e84 NetTcpPortSharing - ok
16:54:41.0280 0x1e84 NgcCtnrSvc - ok
16:54:41.0280 0x1e84 NgcSvc - ok
16:54:41.0312 0x1e84 NlaSvc - ok
16:54:41.0343 0x1e84 Npfs - ok
16:54:41.0374 0x1e84 npsvctrig - ok
16:54:41.0405 0x1e84 nsi - ok
16:54:41.0421 0x1e84 nsiproxy - ok
16:54:41.0437 0x1e84 NTFS - ok
16:54:41.0452 0x1e84 Null - ok
16:54:41.0671 0x1e84 [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
16:54:41.0687 0x1e84 NvContainerLocalSystem - ok
16:54:41.0749 0x1e84 [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
16:54:41.0765 0x1e84 NvContainerNetworkService - ok
16:54:44.0234 0x1e84 [ 88F3EEDD47473E7206C0A049AE96A0F7, 3A02CF546993270E3DE2715F1065A4832CC1F2C6CCB62D87DDB939C423EF1EA1 ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys
16:54:44.0468 0x1e84 nvlddmkm - ok
16:54:44.0515 0x1e84 [ 63718B0FF94E14B883650DA9CD7DBED9, 37BA4B85E677E041277051B476A640E8FA270B423B5D41874050AAAE91619AFE ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
16:54:44.0515 0x1e84 nvpciflt - ok
16:54:44.0593 0x1e84 nvraid - ok
16:54:44.0593 0x1e84 nvstor - ok
16:54:44.0655 0x1e84 [ 05FECCB901276013D16A42AD4CFCE24B, 281E2F23E5C820FA670E908EA1798F3FA062C4DD37B16DF73CE13E58B6F3C56E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:54:44.0671 0x1e84 NvStreamKms - ok
16:54:44.0812 0x1e84 [ 40B216E2D52371BC377C892FE83E63E9, AFD5466C86F0B0B54BE9AE6EF172D1B8F1F828C867FDA91CDD4E0A805D6EF71E ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
16:54:44.0827 0x1e84 NvTelemetryContainer - ok
16:54:44.0874 0x1e84 [ FC7835536FA1EA57B2996B6340A08D1B, D2CF883103316E747C11D10121C65742D748FC79BF7E3665A648FF5586AADA0A ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
16:54:44.0874 0x1e84 nvvad_WaveExtensible - ok
16:54:44.0905 0x1e84 [ 848DD3F4E7346B03F380AEA9A50F829B, F8B6E6F88619E9F0A7CB8039B4AC8765796857F634CCC73A1EC9768D16517F75 ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
16:54:44.0905 0x1e84 nvvhci - ok
16:54:44.0968 0x1e84 OneSyncSvc - ok
16:54:45.0140 0x1e84 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:54:45.0140 0x1e84 ose - ok
16:54:45.0874 0x1e84 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:54:45.0952 0x1e84 osppsvc - ok
16:54:45.0984 0x1e84 p2pimsvc - ok
16:54:46.0031 0x1e84 p2psvc - ok
16:54:46.0062 0x1e84 Parport - ok
16:54:46.0093 0x1e84 partmgr - ok
16:54:46.0124 0x1e84 PcaSvc - ok
16:54:46.0156 0x1e84 pci - ok
16:54:46.0171 0x1e84 pciide - ok
16:54:46.0202 0x1e84 pcmcia - ok
16:54:46.0218 0x1e84 pcw - ok
16:54:46.0234 0x1e84 pdc - ok
16:54:46.0265 0x1e84 PEAUTH - ok
16:54:46.0312 0x1e84 percsas2i - ok
16:54:46.0343 0x1e84 percsas3i - ok
16:54:46.0827 0x1e84 PerfHost - ok
16:54:46.0843 0x1e84 PhoneSvc - ok
16:54:46.0906 0x1e84 PimIndexMaintenanceSvc - ok
16:54:46.0937 0x1e84 pla - ok
16:54:46.0968 0x1e84 PlugPlay - ok
16:54:46.0984 0x1e84 PNRPAutoReg - ok
16:54:46.0984 0x1e84 PNRPsvc - ok
16:54:47.0015 0x1e84 PolicyAgent - ok
16:54:47.0015 0x1e84 Power - ok
16:54:47.0031 0x1e84 PptpMiniport - ok
16:54:47.0390 0x1e84 [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:54:47.0452 0x1e84 PrintNotify - ok
16:54:47.0577 0x1e84 Processor - ok
16:54:47.0609 0x1e84 ProfSvc - ok
16:54:47.0640 0x1e84 Psched - ok
16:54:47.0687 0x1e84 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys
16:54:47.0687 0x1e84 PxHlpa64 - ok
16:54:47.0718 0x1e84 QWAVE - ok
16:54:47.0749 0x1e84 QWAVEdrv - ok
16:54:47.0781 0x1e84 RasAcd - ok
16:54:47.0859 0x1e84 RasAgileVpn - ok
16:54:47.0890 0x1e84 RasAuto - ok
16:54:47.0906 0x1e84 Rasl2tp - ok
16:54:47.0937 0x1e84 RasMan - ok
16:54:47.0937 0x1e84 RasPppoe - ok
16:54:47.0937 0x1e84 RasSstp - ok
16:54:47.0952 0x1e84 rdbss - ok
16:54:47.0984 0x1e84 rdpbus - ok
16:54:47.0999 0x1e84 RDPDR - ok
16:54:48.0046 0x1e84 RdpVideoMiniport - ok
16:54:48.0078 0x1e84 rdyboost - ok
16:54:48.0093 0x1e84 ReFSv1 - ok
16:54:48.0124 0x1e84 RemoteAccess - ok
16:54:48.0156 0x1e84 RemoteRegistry - ok
16:54:48.0187 0x1e84 RetailDemo - ok
16:54:48.0249 0x1e84 RmSvc - ok
16:54:48.0281 0x1e84 RpcEptMapper - ok
16:54:48.0296 0x1e84 RpcLocator - ok
16:54:48.0328 0x1e84 RpcSs - ok
16:54:48.0343 0x1e84 rspndr - ok
16:54:48.0390 0x1e84 s3cap - ok
16:54:48.0468 0x1e84 SamSs - ok
16:54:48.0531 0x1e84 sbp2port - ok
16:54:48.0593 0x1e84 SCardSvr - ok
16:54:48.0624 0x1e84 ScDeviceEnum - ok
16:54:48.0671 0x1e84 scfilter - ok
16:54:48.0687 0x1e84 Schedule - ok
16:54:48.0703 0x1e84 scmbus - ok
16:54:48.0749 0x1e84 scmdisk0101 - ok
16:54:48.0796 0x1e84 SCPolicySvc - ok
16:54:48.0828 0x1e84 sdbus - ok
16:54:48.0874 0x1e84 SDRSVC - ok
16:54:48.0906 0x1e84 sdstor - ok
16:54:48.0921 0x1e84 seclogon - ok
16:54:48.0953 0x1e84 SENS - ok
16:54:49.0015 0x1e84 SensorDataService - ok
16:54:49.0046 0x1e84 SensorService - ok
16:54:49.0046 0x1e84 SensrSvc - ok
16:54:49.0093 0x1e84 SerCx - ok
16:54:49.0093 0x1e84 SerCx2 - ok
16:54:49.0140 0x1e84 Serenum - ok
16:54:49.0140 0x1e84 Serial - ok
16:54:49.0156 0x1e84 sermouse - ok
16:54:49.0187 0x1e84 SessionEnv - ok
16:54:49.0203 0x1e84 sfloppy - ok
16:54:49.0234 0x1e84 SharedAccess - ok
16:54:49.0281 0x1e84 ShellHWDetection - ok
16:54:49.0312 0x1e84 shpamsvc - ok
16:54:49.0359 0x1e84 SiSRaid2 - ok
16:54:49.0359 0x1e84 SiSRaid4 - ok
16:54:49.0437 0x1e84 smphost - ok
16:54:49.0468 0x1e84 SmsRouter - ok
16:54:49.0531 0x1e84 SNMPTRAP - ok
16:54:49.0578 0x1e84 spaceport - ok
16:54:49.0593 0x1e84 SpbCx - ok
16:54:49.0624 0x1e84 Spooler - ok
16:54:49.0656 0x1e84 sppsvc - ok
16:54:49.0671 0x1e84 srv - ok
16:54:49.0687 0x1e84 srv2 - ok
16:54:49.0734 0x1e84 srvnet - ok
16:54:49.0749 0x1e84 SSDPSRV - ok
16:54:49.0796 0x1e84 SstpSvc - ok
16:54:49.0859 0x1e84 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
16:54:49.0859 0x1e84 ssudmdm - ok
16:54:49.0937 0x1e84 StateRepository - ok
16:54:50.0031 0x1e84 stexstor - ok
16:54:50.0093 0x1e84 stisvc - ok
16:54:50.0109 0x1e84 storahci - ok
16:54:50.0124 0x1e84 storflt - ok
16:54:50.0124 0x1e84 stornvme - ok
16:54:50.0124 0x1e84 storqosflt - ok
16:54:50.0156 0x1e84 StorSvc - ok
16:54:50.0156 0x1e84 storufs - ok
16:54:50.0171 0x1e84 storvsc - ok
16:54:50.0187 0x1e84 svsvc - ok
16:54:50.0218 0x1e84 swenum - ok
16:54:50.0234 0x1e84 swprv - ok
16:54:50.0265 0x1e84 Synth3dVsc - ok
16:54:50.0296 0x1e84 SysMain - ok
16:54:50.0312 0x1e84 SystemEventsBroker - ok
16:54:50.0343 0x1e84 TabletInputService - ok
16:54:50.0359 0x1e84 TapiSrv - ok
16:54:50.0390 0x1e84 Tcpip - ok
16:54:50.0390 0x1e84 Tcpip6 - ok
16:54:50.0421 0x1e84 tcpipreg - ok
16:54:50.0421 0x1e84 tdx - ok
16:54:50.0453 0x1e84 terminpt - ok
16:54:50.0484 0x1e84 TermService - ok
16:54:50.0546 0x1e84 Themes - ok
16:54:50.0562 0x1e84 TieringEngineService - ok
16:54:50.0625 0x1e84 tiledatamodelsvc - ok
16:54:50.0640 0x1e84 TimeBrokerSvc - ok
16:54:50.0656 0x1e84 TPM - ok
16:54:50.0703 0x1e84 TrkWks - ok
16:54:50.0796 0x1e84 TrustedInstaller - ok
16:54:50.0796 0x1e84 tsusbflt - ok
16:54:50.0828 0x1e84 TsUsbGD - ok
16:54:50.0843 0x1e84 tunnel - ok
16:54:50.0890 0x1e84 [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB C:\WINDOWS\system32\DRIVERS\TurboB.sys
16:54:50.0890 0x1e84 TurboB - ok
16:54:51.0046 0x1e84 [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:54:51.0046 0x1e84 TurboBoost - ok
16:54:51.0109 0x1e84 tzautoupdate - ok
16:54:51.0140 0x1e84 UASPStor - ok
16:54:51.0140 0x1e84 UcmCx0101 - ok
16:54:51.0218 0x1e84 UcmTcpciCx0101 - ok
16:54:51.0218 0x1e84 UcmUcsi - ok
16:54:51.0328 0x1e84 Ucx01000 - ok
16:54:51.0328 0x1e84 UdeCx - ok
16:54:51.0343 0x1e84 udfs - ok
16:54:51.0375 0x1e84 UEFI - ok
16:54:51.0406 0x1e84 Ufx01000 - ok
16:54:51.0406 0x1e84 UfxChipidea - ok
16:54:51.0421 0x1e84 ufxsynopsys - ok
16:54:51.0468 0x1e84 UI0Detect - ok
16:54:51.0484 0x1e84 umbus - ok
16:54:51.0500 0x1e84 UmPass - ok
16:54:51.0531 0x1e84 UmRdpService - ok
16:54:51.0562 0x1e84 UnistoreSvc - ok
16:54:52.0015 0x1e84 [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:54:52.0062 0x1e84 UNS - ok
16:54:52.0078 0x1e84 upnphost - ok
16:54:52.0093 0x1e84 UrsChipidea - ok
16:54:52.0109 0x1e84 UrsCx01000 - ok
16:54:52.0125 0x1e84 UrsSynopsys - ok
16:54:52.0140 0x1e84 usbccgp - ok
16:54:52.0187 0x1e84 usbcir - ok
16:54:52.0203 0x1e84 usbehci - ok
16:54:52.0218 0x1e84 usbhub - ok
16:54:52.0234 0x1e84 USBHUB3 - ok
16:54:52.0250 0x1e84 usbohci - ok
16:54:52.0265 0x1e84 usbprint - ok
16:54:52.0328 0x1e84 [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:54:52.0328 0x1e84 usbscan - ok
16:54:52.0343 0x1e84 usbser - ok
16:54:52.0375 0x1e84 USBSTOR - ok
16:54:52.0437 0x1e84 usbuhci - ok
16:54:52.0453 0x1e84 usbvideo - ok
16:54:52.0484 0x1e84 USBXHCI - ok
16:54:52.0546 0x1e84 UserDataSvc - ok
16:54:52.0593 0x1e84 UserManager - ok
16:54:52.0609 0x1e84 UsoSvc - ok
16:54:52.0609 0x1e84 VaultSvc - ok
16:54:52.0625 0x1e84 vdrvroot - ok
16:54:52.0656 0x1e84 vds - ok
16:54:52.0671 0x1e84 VerifierExt - ok
16:54:52.0687 0x1e84 vhdmp - ok
16:54:52.0718 0x1e84 vhf - ok
16:54:52.0765 0x1e84 vmbus - ok
16:54:52.0781 0x1e84 VMBusHID - ok
16:54:52.0812 0x1e84 vmgid - ok
16:54:52.0843 0x1e84 vmicguestinterface - ok
16:54:52.0843 0x1e84 vmicheartbeat - ok
16:54:52.0859 0x1e84 vmickvpexchange - ok
16:54:52.0890 0x1e84 vmicrdv - ok
16:54:52.0890 0x1e84 vmicshutdown - ok
16:54:52.0890 0x1e84 vmictimesync - ok
16:54:52.0906 0x1e84 vmicvmsession - ok
16:54:52.0906 0x1e84 vmicvss - ok
16:54:52.0937 0x1e84 volmgr - ok
16:54:52.0937 0x1e84 volmgrx - ok
16:54:52.0953 0x1e84 volsnap - ok
16:54:52.0968 0x1e84 volume - ok
16:54:52.0984 0x1e84 vpci - ok
16:54:53.0015 0x1e84 vsmraid - ok
16:54:53.0015 0x1e84 VSS - ok
16:54:53.0015 0x1e84 VSTXRAID - ok
16:54:53.0078 0x1e84 vwifibus - ok
16:54:53.0093 0x1e84 vwififlt - ok
16:54:53.0093 0x1e84 vwifimp - ok
16:54:53.0109 0x1e84 W32Time - ok
16:54:53.0172 0x1e84 w3logsvc - ok
16:54:53.0234 0x1e84 W3SVC - ok
16:54:53.0234 0x1e84 WacomPen - ok
16:54:53.0265 0x1e84 WalletService - ok
16:54:53.0265 0x1e84 wanarp - ok
16:54:53.0281 0x1e84 wanarpv6 - ok
16:54:53.0281 0x1e84 WAS - ok
16:54:53.0312 0x1e84 wbengine - ok
16:54:53.0343 0x1e84 WbioSrvc - ok
16:54:53.0375 0x1e84 wcifs - ok
16:54:53.0406 0x1e84 Wcmsvc - ok
16:54:53.0422 0x1e84 wcncsvc - ok
16:54:53.0453 0x1e84 wcnfs - ok
16:54:53.0468 0x1e84 WdBoot - ok
16:54:53.0500 0x1e84 Wdf01000 - ok
16:54:53.0515 0x1e84 WdFilter - ok
16:54:53.0531 0x1e84 WdiServiceHost - ok
16:54:53.0531 0x1e84 WdiSystemHost - ok
16:54:53.0547 0x1e84 wdiwifi - ok
16:54:53.0547 0x1e84 WdNisDrv - ok
16:54:53.0593 0x1e84 WdNisSvc - ok
16:54:53.0609 0x1e84 WebClient - ok
16:54:53.0625 0x1e84 Wecsvc - ok
16:54:53.0656 0x1e84 WEPHOSTSVC - ok
16:54:53.0687 0x1e84 wercplsupport - ok
16:54:53.0718 0x1e84 WerSvc - ok
16:54:53.0750 0x1e84 WFPLWFS - ok
16:54:53.0781 0x1e84 WiaRpc - ok
16:54:53.0812 0x1e84 WIMMount - ok
16:54:53.0812 0x1e84 WinDefend - ok
16:54:53.0875 0x1e84 WindowsTrustedRT - ok
16:54:53.0890 0x1e84 WindowsTrustedRTProxy - ok
16:54:53.0922 0x1e84 WinHttpAutoProxySvc - ok
16:54:53.0953 0x1e84 WinMad - ok
16:54:54.0109 0x1e84 Winmgmt - ok
16:54:54.0140 0x1e84 WinRM - ok
16:54:54.0218 0x1e84 WINUSB - ok
16:54:54.0234 0x1e84 WinVerbs - ok
16:54:54.0281 0x1e84 wisvc - ok
16:54:54.0312 0x1e84 WlanSvc - ok
16:54:54.0406 0x1e84 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:54:54.0406 0x1e84 wlcrasvc - ok
16:54:54.0437 0x1e84 wlidsvc - ok
16:54:54.0468 0x1e84 WmiAcpi - ok
16:54:54.0484 0x1e84 wmiApSrv - ok
16:54:54.0531 0x1e84 WMPNetworkSvc - ok
16:54:54.0547 0x1e84 Wof - ok
16:54:54.0593 0x1e84 workfolderssvc - ok
16:54:54.0625 0x1e84 WPDBusEnum - ok
16:54:54.0703 0x1e84 WpdUpFltr - ok
16:54:54.0734 0x1e84 WpnService - ok
16:54:54.0734 0x1e84 WpnUserService - ok
16:54:54.0765 0x1e84 ws2ifsl - ok
16:54:54.0797 0x1e84 wscsvc - ok
16:54:54.0797 0x1e84 WSearch - ok
16:54:54.0812 0x1e84 wuauserv - ok
16:54:54.0843 0x1e84 WudfPf - ok
16:54:54.0843 0x1e84 WUDFRd - ok
16:54:54.0875 0x1e84 wudfsvc - ok
16:54:54.0875 0x1e84 WUDFWpdFs - ok
16:54:54.0875 0x1e84 WUDFWpdMtp - ok
16:54:54.0906 0x1e84 WwanSvc - ok
16:54:54.0953 0x1e84 XblAuthManager - ok
16:54:55.0015 0x1e84 XblGameSave - ok
16:54:55.0031 0x1e84 xboxgip - ok
16:54:55.0062 0x1e84 XboxNetApiSvc - ok
16:54:55.0125 0x1e84 xinputhid - ok
16:54:55.0125 0x1e84 ================ Scan global ===============================
16:54:55.0234 0x1e84 [ Global ] - ok
16:54:55.0234 0x1e84 ================ Scan MBR ==================================
16:54:55.0250 0x1e84 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:54:56.0453 0x1e84 \Device\Harddisk0\DR0 - ok
16:54:56.0453 0x1e84 ================ Scan VBR ==================================
16:54:56.0484 0x1e84 [ 47C5968E092978007A35FC2326201E56 ] \Device\Harddisk0\DR0\Partition1
16:54:56.0484 0x1e84 \Device\Harddisk0\DR0\Partition1 - ok
16:54:56.0484 0x1e84 [ FBB31BCC55EC8AD4565F0A069B16CF78 ] \Device\Harddisk0\DR0\Partition2
16:54:56.0484 0x1e84 \Device\Harddisk0\DR0\Partition2 - ok
16:54:56.0484 0x1e84 ================ Scan generic autorun ======================
16:54:56.0484 0x1e84 ETDCtrl - ok
16:54:56.0781 0x1e84 [ A3F0187B2B6402168E65BE6688002041, 695A220D95D072F311E68AC9A629A73EBFE9FF922E82CB31A8AA58DF3645E477 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:54:56.0797 0x1e84 avgnt - ok
16:54:56.0906 0x1e84 [ 36828A828CEAA19A0FEA14C8723DC60C, 005627B96A08AC88BE3813DCB73228D8668A8270021D824FFC5EEA26C29027FA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
16:54:56.0906 0x1e84 Avira SystrayStartTrigger - ok
16:54:57.0594 0x1e84 OneDriveSetup - ok
16:54:57.0594 0x1e84 OneDriveSetup - ok
16:54:57.0594 0x1e84 OneDriveSetup - ok
16:54:57.0656 0x1e84 WAB Migrate - ok
16:54:57.0656 0x1e84 OneDriveSetup - ok
16:54:57.0656 0x1e84 WAB Migrate - ok
16:54:57.0656 0x1e84 OneDriveSetup - ok
16:54:57.0656 0x1e84 WAB Migrate - ok
16:54:57.0656 0x1e84 Waiting for KSN requests completion. In queue: 29
16:54:58.0672 0x1e84 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\WindowsSecurityCenter.exe ( 15.0.29.31 ), 0x41000 ( enabled : updated )
16:54:58.0719 0x1e84 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x62100 ( disabled : updated )
16:54:58.0766 0x1e84 Win FW state via NFP2: enabled ( trusted )
16:54:58.0922 0x1e84 ============================================================
16:54:58.0922 0x1e84 Scan finished
16:54:58.0922 0x1e84 ============================================================
16:54:58.0922 0x1614 Detected object count: 0
16:54:58.0922 0x1614 Actual detected object count: 0
|
|
24.08.2017, 20:51
| #7 |
| /// TB-Ausbilder | Quickshare von linkury Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
24.08.2017, 22:18
| #8 |
| | Quickshare von linkury SCHRITT 1 Code:
ATTFilter # AdwCleaner 7.0.1.0 - Logfile created on Thu Aug 24 21:02:38 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 08-22-2017.4
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Legacy, C:\Windows\System32\ARFC
PUP.Optional.Legacy, C:\Windows\SysWOW64\ARFC
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\DesktopIconForAmazon
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\dvdvideosoftiehelpers
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Local\iLivid
PUP.Optional.Legacy, C:\Windows\System32\jmdp
PUP.Optional.Legacy, C:\Windows\SysWOW64\jmdp
PUP.Optional.Legacy, C:\Windows\SysNative\ljkb
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\OCS
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Local\VirtualStore\Program Files (x86)\Search Results Toolbar
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\LocalLow\SimplyTech
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\SimplyTech
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\Tlapia
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\Toolbar4
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\Windows Net Data
PUP.Optional.Legacy, C:\Windows\System32\WNLT
PUP.Optional.Legacy, C:\Windows\SysWOW64\WNLT
PUP.Optional.Legacy, C:\Windows\SysNative\tprb
PUP.Optional.Legacy, C:\Users\Gast\AppData\Local\Allin1Convert_8h
PUP.Optional.Legacy, C:\Users\Gast\AppData\LocalLow\Allin1Convert_8h
PUP.Optional.Ask, C:\ProgramData\Ask
PUP.Optional.Ask, C:\Users\All Users\Ask
PUP.Optional.SaveSense, C:\Users\Gast\AppData\Local\SaveSense
PUP.Optional.SaveSense, C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive
PUP.Optional.SaveSense, C:\Users\All Users\SaveSenseLive
PUP.Optional.SaveSense, C:\Users\Gast\AppData\Local\SaveSenseLive
PUP.Optional.Iminent, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Iminent
Adware.Yontoo, C:\ProgramData\Tarma Installer
Adware.Yontoo, C:\Users\All Users\Tarma Installer
Rogue.ForcedExtension, C:\ProgramData\apn
Rogue.ForcedExtension, C:\Users\All Users\apn
Rogue.ForcedExtension, C:\Users\Pflügl\AppData\Local\apn
PUP.Optional.InboxToolBar, C:\Users\Pflügl\AppData\LocalLow\Inbox Toolbar
PUP.Optional.SpecialSavings, C:\Users\Pflügl\AppData\Roaming\SpecialSavings
PUP.Optional.DriverTurbo, C:\Users\Pflügl\AppData\Roaming\DriverTurbo
PUP.Optional.OpenCandy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\OpenCandy
PUP.Optional.SofTonicAssistant, C:\Users\Pflügl\AppData\LocalLow\Softonic
PUP.Optional.SofTonicAssistant, C:\Users\Pflügl\AppData\Roaming\Softonic
Trojan.Agent, C:\Users\Gast\AppData\LocalLow\iac
PUP.Optional.DNSErrorHelper, C:\ProgramData\DNSErrorHelper
PUP.Optional.DNSErrorHelper, C:\Users\All Users\DNSErrorHelper
PUP.Optional.SysTweak, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Systweak
PUP.Optional.AllMyApps, C:\ProgramData\Allmyapps
PUP.Optional.AllMyApps, C:\Users\All Users\Allmyapps
PUP.Optional.AllMyApps, C:\Users\Pflügl\AppData\Roaming\Allmyapps
PUP.Optional.SmartBar, C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\Smartbar
PUP.Optional.SmartBar, C:\Users\Pflügl\AppData\LocalLow\Smartbar
PUP.Optional.DownloadGuide, C:\Users\Pflügl\AppData\Local\DownloadGuide
PUP.Optional.MySearchDial, C:\Users\Gast\AppData\Local\Mysearchdial
PUP.Optional.IoloSC, C:\Program Files (x86)\iolo\System Checkup
PUP.Optional.FoxTab, C:\Users\Pflügl\AppData\Roaming\FoxTab
PUP.Optional.BrowserUpdater, C:\Program Files (x86)\Browser Updater
PUP.Adware.Heuristic, C:\Program Files (x86)\8hUninstall Allin1Convert.dll
PUP.Adware.Heuristic, C:\Users\Gast\AppData\Local\Allin1Convert_8h
***** [ Files ] *****
PUP.Optional.Legacy, C:\Windows\launcher.exe
PUP.Optional.Legacy, C:\Windows\SysNative\dmwu.exe
PUP.Optional.Legacy, C:\Users\Pflügl\Desktop\eBay.lnk
PUP.Optional.Legacy, C:\END
PUP.Optional.Legacy, C:\Windows\SysNative\ImHttpComm.dll
PUP.Optional.Legacy, C:\Users\Gast\AppData\Local\mysearchdial-speeddial.crx
PUP.Optional.Legacy, C:\Users\Gast\AppData\LocalLow\SkwConfig.bin
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\SkwConfig.bin
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\LocalLow\SkwConfig.bin
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\MyStart Search.xml
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\MyStart.xml
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\bprotector_extensions.sqlite
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\bprotector_prefs.js
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\ask-search.xml
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\invalidprefs.js
PUP.Optional.Ask, C:\Users\Pflügl\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml
PUP.Optional.WatchDogPCCleaner, C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Cleaner.lnk
PUP.Optional.MySearchDial, C:\Users\Gast\Desktop\MySearchDial.url
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
PUP.Optional.Legacy, C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
PUP.Optional.Legacy, C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
PUP.Optional.Legacy, C:\Users\Pflügl\Desktop\eBay.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
PUP.Optional.Legacy, C:\Users\Pflügl\Desktop\eBay.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
***** [ Tasks ] *****
PUP.Optional.Legacy, DealPlyUpdate
PUP.Optional.BrowserDefender.AppFlsh, BrowserDefendert
***** [ Registry ] *****
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F0E349DC-E761-452A-A9C8-FF5372646FE2}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {09B2A8BF-15F4-49C1-AB92-DCD9C3EF35D3}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4B4D1B33-47F8-4FA5-A55A-5984420C7F87}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B617C342-BBB7-4B32-B821-505EAAB675BB}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A06D5442-904C-441E-BBFB-D978E61202D3}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DA1C4275-AAF6-4019-9F46-4E7BF1F14776}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1C8A7C60-770C-4F71-AF74-DFB5A766E952}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B85F5BC9-5B59-4EBA-A6C2-7BA604913A9A}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\distromatic
PUP.Optional.Legacy, [Key] - HKCU\Software\distromatic
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\ImInstaller
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\ImInstaller
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\ImInstaller
PUP.Optional.Legacy, [Key] - HKCU\Software\ImInstaller
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AppDataLow\Software\SIMPLYTECH
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\Software\SIMPLYTECH
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\WNLT
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\WNLT
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\WNLT
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\WNLT
PUP.Optional.Legacy, [Key] - HKCU\Software\WNLT
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AF860F85-54A3-4A28-879B-BF9E6E325776}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Alexa Internet
PUP.Optional.Legacy, [Key] - HKCU\Software\Alexa Internet
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BABSOLUTION
PUP.Optional.Legacy, [Key] - HKCU\Software\BABSOLUTION
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\InstalledThirdPartyPrograms
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\InstalledThirdPartyPrograms
PUP.Optional.Legacy, [Key] - HKCU\Software\InstalledThirdPartyPrograms
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Tarma Installer
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AppDataLow\Software\simplytech
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\Software\simplytech
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | {D4027C7F-154A-4066-A1AD-4243D8127440}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | {EEE6C35B-6118-11DC-9C72-001320C79847}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {98889811-442D-49DD-99D7-DC866BE87DBC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\CLSID\{A0359AE6-F410-4425-A975-684AAB785ABD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {58124A0B-DC32-4180-9BFF-E0E21AE34026}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{9B6B03F1-16CF-4491-BBBB-E872802DD717}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | {C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | {41564952-412D-5637-4300-7A786E7484D7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | Babylon Client
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | DriverTurbo
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | BackgroundHost.exe
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD | BackgroundHost.exe
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\CLASSES\b
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | DisableAddonLoadTimePerformanceNotifications
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
PUP.Optional.SweetIM, [Key] - HKLM\SOFTWARE\SweetIM
PUP.Optional.SweetIM, [Key] - HKU\.DEFAULT\Software\SweetIM
PUP.Optional.SweetIM, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\SweetIM
PUP.Optional.SweetIM, [Key] - HKU\S-1-5-18\Software\SweetIM
PUP.Optional.SweetIM, [Key] - HKCU\Software\SweetIM
PUP.Optional.Iminent, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {977AE9CC-AF83-45E8-9E03-E2798216E2D5}
PUP.Optional.IBUpdater, [Key] - HKU\.DEFAULT\Software\IBUpdaterService
PUP.Optional.IBUpdater, [Key] - HKU\S-1-5-18\Software\IBUpdaterService
PUP.Optional.SofTonicAssistant, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Softonic
PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Softonic
PUP.Optional.ProtectedSearch, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\ProtectedSearch
PUP.Optional.ProtectedSearch, [Key] - HKCU\Software\ProtectedSearch
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ Firefox (and derivatives) ] *****
Plugin found: YouTube Unblocker - www.unblocker.yt
***** [ Chromium (and derivatives) ] *****
SearchProvider found: MyStart - mystart.incredibar.com
SearchProvider found: MyStart - mystart.incredibar.com/
Plugin found: SweetPacks Chrome Extension -
Plugin found: MySearchDial -
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
Code:
ATTFilter # AdwCleaner 7.0.1.0 - Logfile created on Thu Aug 24 21:11:59 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Windows\System32\ARFC
Deleted: C:\Windows\SysWOW64\ARFC
Deleted: C:\Users\Pflügl\AppData\Roaming\DesktopIconForAmazon
Deleted: C:\Users\Pflügl\AppData\Roaming\dvdvideosoftiehelpers
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Local\iLivid
Deleted: C:\Windows\System32\jmdp
Deleted: C:\Windows\SysWOW64\jmdp
Deleted: C:\Windows\SysNative\ljkb
Deleted: C:\Users\Pflügl\AppData\Roaming\OCS
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Local\VirtualStore\Program Files (x86)\Search Results Toolbar
Deleted: C:\Users\Pflügl\AppData\LocalLow\SimplyTech
Deleted: C:\Users\Pflügl\AppData\Roaming\SimplyTech
Deleted: C:\Users\Pflügl\AppData\Roaming\Tlapia
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\Toolbar4
Deleted: C:\Users\Pflügl\AppData\Roaming\Windows Net Data
Deleted: C:\Windows\System32\WNLT
Deleted: C:\Windows\SysWOW64\WNLT
Deleted: C:\Windows\SysNative\tprb
Deleted: C:\Users\Gast\AppData\Local\Allin1Convert_8h
Deleted: C:\Users\Gast\AppData\LocalLow\Allin1Convert_8h
Deleted: C:\ProgramData\Ask
Deleted: C:\Users\All Users\Ask
Deleted: C:\Users\Gast\AppData\Local\SaveSense
Deleted: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Deleted: C:\ProgramData\SaveSenseLive
Deleted: C:\Users\All Users\SaveSenseLive
Deleted: C:\Users\Gast\AppData\Local\SaveSenseLive
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Iminent
Deleted: C:\ProgramData\Tarma Installer
Deleted: C:\Users\All Users\Tarma Installer
Deleted: C:\ProgramData\apn
Deleted: C:\Users\All Users\apn
Deleted: C:\Users\Pflügl\AppData\Local\apn
Deleted: C:\Users\Pflügl\AppData\LocalLow\Inbox Toolbar
Deleted: C:\Users\Pflügl\AppData\Roaming\SpecialSavings
Deleted: C:\Users\Pflügl\AppData\Roaming\DriverTurbo
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\OpenCandy
Deleted: C:\Users\Pflügl\AppData\LocalLow\Softonic
Deleted: C:\Users\Pflügl\AppData\Roaming\Softonic
Deleted: C:\Users\Gast\AppData\LocalLow\iac
Deleted: C:\ProgramData\DNSErrorHelper
Deleted: C:\Users\All Users\DNSErrorHelper
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Systweak
Deleted: C:\ProgramData\Allmyapps
Deleted: C:\Users\All Users\Allmyapps
Deleted: C:\Users\Pflügl\AppData\Roaming\Allmyapps
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\Smartbar
Deleted: C:\Users\Pflügl\AppData\LocalLow\Smartbar
Deleted: C:\Users\Pflügl\AppData\Local\DownloadGuide
Deleted: C:\Users\Gast\AppData\Local\Mysearchdial
Deleted: C:\Program Files (x86)\iolo\System Checkup
Deleted: C:\Users\Pflügl\AppData\Roaming\FoxTab
Deleted: C:\Program Files (x86)\Browser Updater
Deleted: C:\Program Files (x86)\8hUninstall Allin1Convert.dll
Deleted: C:\Users\Gast\AppData\Local\Allin1Convert_8h
***** [ Files ] *****
Deleted: C:\Windows\\launcher.exe
Deleted: C:\Windows\SysNative\dmwu.exe
Deleted: C:\Users\Pflügl\Desktop\eBay.lnk
Deleted: C:\END
Deleted: C:\Windows\SysNative\ImHttpComm.dll
Deleted: C:\Users\Gast\AppData\Local\mysearchdial-speeddial.crx
Deleted: C:\Users\Gast\AppData\LocalLow\SkwConfig.bin
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\SkwConfig.bin
Deleted: C:\Users\Pflügl\AppData\LocalLow\SkwConfig.bin
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\MyStart Search.xml
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\MyStart.xml
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\bprotector_extensions.sqlite
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\bprotector_prefs.js
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\ask-search.xml
Deleted: C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\invalidprefs.js
Deleted: C:\Users\Pflügl\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml
Deleted: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Cleaner.lnk
Deleted: C:\Users\Gast\Desktop\MySearchDial.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
Cleaned: C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
Cleaned: C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
Cleaned: C:\Users\Pflügl\Desktop\eBay.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
Cleaned: C:\Users\Pflügl\Desktop\eBay.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
Cleaned: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
Cleaned: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
***** [ Tasks ] *****
Deleted: DealPlyUpdate
Deleted: BrowserDefendert
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F0E349DC-E761-452A-A9C8-FF5372646FE2}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{09B2A8BF-15F4-49C1-AB92-DCD9C3EF35D3}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4B4D1B33-47F8-4FA5-A55A-5984420C7F87}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B617C342-BBB7-4B32-B821-505EAAB675BB}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A06D5442-904C-441E-BBFB-D978E61202D3}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DA1C4275-AAF6-4019-9F46-4E7BF1F14776}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1C8A7C60-770C-4F71-AF74-DFB5A766E952}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B85F5BC9-5B59-4EBA-A6C2-7BA604913A9A}
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\distromatic
Deleted: [Key] - HKCU\Software\distromatic
Deleted: [Key] - HKU\.DEFAULT\Software\ImInstaller
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\ImInstaller
Deleted: [Key] - HKU\S-1-5-18\Software\ImInstaller
Deleted: [Key] - HKCU\Software\ImInstaller
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AppDataLow\Software\SIMPLYTECH
Deleted: [Key] - HKCU\Software\AppDataLow\Software\SIMPLYTECH
Deleted: [Key] - HKLM\SOFTWARE\WNLT
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Deleted: [Key] - HKU\.DEFAULT\Software\WNLT
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\WNLT
Deleted: [Key] - HKU\S-1-5-18\Software\WNLT
Deleted: [Key] - HKCU\Software\WNLT
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AF860F85-54A3-4A28-879B-BF9E6E325776}
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Alexa Internet
Deleted: [Key] - HKCU\Software\Alexa Internet
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BABSOLUTION
Deleted: [Key] - HKCU\Software\BABSOLUTION
Deleted: [Key] - HKLM\SOFTWARE\InstalledThirdPartyPrograms
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\InstalledThirdPartyPrograms
Deleted: [Key] - HKCU\Software\InstalledThirdPartyPrograms
Deleted: [Key] - HKLM\SOFTWARE\Tarma Installer
Deleted: [Key] - HKLM\SOFTWARE\Yahoo\Companion
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AppDataLow\Software\simplytech
Deleted: [Key] - HKCU\Software\AppDataLow\Software\simplytech
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Deleted: [Key] - HKCU\Software\Classes\CLSID\{A0359AE6-F410-4425-A975-684AAB785ABD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9B6B03F1-16CF-4491-BBBB-E872802DD717}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{41564952-412D-5637-4300-7A786E7484D7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Babylon Client
Deleted: [Value] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DriverTurbo
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\b
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext|DisableAddonLoadTimePerformanceNotifications
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted: [Key] - HKLM\SOFTWARE\SweetIM
Deleted: [Key] - HKU\.DEFAULT\Software\SweetIM
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\SweetIM
Deleted: [Key] - HKU\S-1-5-18\Software\SweetIM
Deleted: [Key] - HKCU\Software\SweetIM
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Deleted: [Key] - HKU\.DEFAULT\Software\IBUpdaterService
Deleted: [Key] - HKU\S-1-5-18\Software\IBUpdaterService
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Softonic
Deleted: [Key] - HKCU\Software\Softonic
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\ProtectedSearch
Deleted: [Key] - HKCU\Software\ProtectedSearch
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ Firefox (and derivatives) ] *****
Plugin deleted: YouTube Unblocker - www.unblocker.yt
***** [ Chromium (and derivatives) ] *****
Plugin deleted: SweetPacks Chrome Extension -
Plugin deleted: MySearchDial -
SearchProvider deleted: MyStart - mystart.incredibar.com
SearchProvider deleted: MyStart - mystart.incredibar.com/
*************************
::Tracing keys deleted
::Winsock settings cleared
::Image File Execution Options%s keys deleted
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [24688 B] - [2017/8/24 21:2:38]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
|
|
24.08.2017, 22:52
| #9 |
| | Quickshare von linkury SCHRITT 2 Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 24.08.17
Scan-Zeit: 23:21
Protokolldatei: 214949d6-8912-11e7-b5ef-dc0ea102cdc0.json
Administrator: Ja
-Softwaredaten-
Version: 3.2.2.2018
Komponentenversion: 1.0.186
Version des Aktualisierungspakets: 1.0.2653
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 14393.1593)
CPU: x64
Dateisystem: NTFS
Benutzer: Pfl\u00c3\u00bcgl-PC\Pfl\u00c3\u00bcgl
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 515790
Erkannte Bedrohungen: 487
In die Quarantäne verschobene Bedrohungen: 487
Abgelaufene Zeit: 17 Min., 48 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 82
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\esrv.BabylonESrvc.1, In Quarantäne, [6388], [235656],1.0.2653
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}, In Quarantäne, [6388], [235656],1.0.2653
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}, In Quarantäne, [6388], [235656],1.0.2653
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\esrv.BabylonESrvc, In Quarantäne, [6388], [235656],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\Allin1Convert_8h, Löschen bei Neustart, [259], [240418],1.0.2653
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\AskPartnerNetwork, Löschen bei Neustart, [8877], [186876],1.0.2653
PUP.Optional.InstallCore, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\InstallCore, Löschen bei Neustart, [2], [239563],1.0.2653
PUP.Optional.MySearchDial, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\mysearchdial, Löschen bei Neustart, [1555], [241078],1.0.2653
PUP.Optional.SaveSense, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\SaveSense, Löschen bei Neustart, [1486], [242563],1.0.2653
PUP.Optional.SaveSense, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\SaveSenseLive, Löschen bei Neustart, [1486], [242564],1.0.2653
PUP.Optional.SweetIM, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\SweetIM, Löschen bei Neustart, [1160], [243758],1.0.2653
PUP.Optional.AmazonTB, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, Löschen bei Neustart, [9867], [235409],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, Löschen bei Neustart, [259], [240422],1.0.2653
PUP.Optional.SmartBar, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\amfclgbdpgndipgoegfpkkgobahigbcl, In Quarantäne, [1572], [231096],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{13AC3A56-4B9D-4F5C-99E6-A3A46174BC6B}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2AB3D872-B14D-4016-8FF2-ACA48055DA2A}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5F98DD07-A56D-41F4-B5AB-1BFFEF9CC2A6}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5FDB1F52-69CC-4D73-A965-9CB9432F8779}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{883348F7-331B-4B69-BC27-B24DFFDB76E8}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9922E137-61FB-4D6A-A195-AD924F649CBD}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A50D6AE9-158A-40D8-A4C3-63D68113E7C0}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9B0964E-F8AA-4E6A-B1E4-AFACA0ED48D9}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BD764411-4CD0-44A1-8062-D8D8DA1D8775}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C9F07FA1-E867-4D0C-9F52-60B46F1C44B1}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2AA6726-A019-4B94-AE16-452311B6AD53}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9C4654E-5687-42A8-8579-C1437AAA2185}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DE51DFE9-D984-467F-8AAB-E44917E3B75C}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DEBBFF41-E4B1-4943-AE69-43D81A783F9E}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E022C11E-8C40-48E6-81B9-6D75446F2811}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E670E5DC-208C-4057-95C3-1D96B834BBB4}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA0D4DD8-951D-4D94-80A9-2C2676473377}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA1EA972-CA55-45F8-A6CA-6FB9848E3859}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EADFECF4-85ED-40DA-A7AE-C43871B6F3F3}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB07AF29-B56F-46B4-8F93-71EF8D1444F4}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F1012B0A-9D2A-4629-8262-1A24923DF064}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.MySearchDial, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, Löschen bei Neustart, [1555], [241075],1.0.2653
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [9611], [233310],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75B4241F-171E-44A3-BF44-23613B6E3E03}, Löschen bei Neustart, [516], [245523],1.0.2653
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75B4241F-171E-44A3-BF44-23613B6E3E03}, In Quarantäne, [516], [245523],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}, In Quarantäne, [516], [245523],1.0.2653
PUP.Optional.SofTonic, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{95ED1396-3F7D-478C-AD6A-B97A247F1AD6}, In Quarantäne, [3262], [243270],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Allin1Convert_8h, In Quarantäne, [259], [240418],1.0.2653
PUP.Optional.BabylonToolBar, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\BabylonToolbar, In Quarantäne, [6388], [235657],1.0.2653
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jcdgjdiieiljkfkdcloehkohchhpekkn, In Quarantäne, [1160], [243759],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, In Quarantäne, [259], [240422],1.0.2653
PUP.Optional.SearchResults, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, Löschen bei Neustart, [10131], [184971],1.0.2653
PUP.Optional.InstallBrain, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\WNLT, Löschen bei Neustart, [396], [239558],1.0.2653
PUP.Optional.Babylon, HKLM\SOFTWARE\WOW6432NODE\BabylonToolbar, In Quarantäne, [1727], [235651],1.0.2653
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\SweetIM, In Quarantäne, [1160], [243762],1.0.2653
PUP.Optional.DealPly, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, In Quarantäne, [207], [237621],1.0.2653
PUP.Optional.BProtector, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Löschen bei Neustart, [4000], [235981],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\Allin1Convert_8h, Löschen bei Neustart, [259], [240418],1.0.2653
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\AskPartnerNetwork, Löschen bei Neustart, [8877], [186876],1.0.2653
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\DataMngr_Toolbar, Löschen bei Neustart, [8871], [253613],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\Iminent, Löschen bei Neustart, [3065], [239410],1.0.2653
PUP.Optional.SweetIM, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\SweetIM, Löschen bei Neustart, [1160], [243758],1.0.2653
PUP.Optional.SysTweak, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\Systweak, Löschen bei Neustart, [238], [327156],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, Löschen bei Neustart, [259], [240422],1.0.2653
PUP.Optional.IoloSC, HKLM\SOFTWARE\WOW6432NODE\IOLO\System Checkup, In Quarantäne, [2066], [349242],1.0.2653
PUP.Optional.SmartBar, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AE07101B-46D4-4A98-AF68-0333EA26E113}, Löschen bei Neustart, [1572], [189776],1.0.2653
PUP.Optional.SmartBar, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AE07101B-46D4-4A98-AF68-0333EA26E113}, Löschen bei Neustart, [1572], [189776],1.0.2653
PUP.Optional.SmartBar, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AE07101B-46D4-4A98-AF68-0333EA26E113}, Löschen bei Neustart, [1572], [189776],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, Löschen bei Neustart, [3065], [168094],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, Löschen bei Neustart, [3065], [168094],1.0.2653
PUP.Optional.InboxToolBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, In Quarantäne, [10002], [168102],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, Löschen bei Neustart, [516], [306571],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, Löschen bei Neustart, [516], [306571],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{58124A0B-DC32-4180-9BFF-E0E21AE34026}, Löschen bei Neustart, [3065], [168091],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{58124A0B-DC32-4180-9BFF-E0E21AE34026}, Löschen bei Neustart, [3065], [168091],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35B-6118-11DC-9C72-001320C79847}, Löschen bei Neustart, [1026], [168894],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35B-6118-11DC-9C72-001320C79847}, Löschen bei Neustart, [1026], [168894],1.0.2653
PUP.Optional.InboxToolBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, In Quarantäne, [10002], [168103],1.0.2653
PUP.Optional.MySearchDial, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Löschen bei Neustart, [1555], [168579],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35C-6118-11DC-9C72-001320C79847}, Löschen bei Neustart, [1026], [161093],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35C-6118-11DC-9C72-001320C79847}, Löschen bei Neustart, [1026], [161093],1.0.2653
PUP.Optional.QuickShare, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Löschen bei Neustart, [3387], [168682],1.0.2653
PUP.Optional.QuickShare, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Löschen bei Neustart, [3387], [168682],1.0.2653
PUP.Optional.QuickShare, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Löschen bei Neustart, [3387], [168682],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, Löschen bei Neustart, [3065], [168095],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, Löschen bei Neustart, [3065], [168095],1.0.2653
PUP.Optional.DealPly, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}, In Quarantäne, [207], [167880],1.0.2653
Registrierungswert: 52
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{13AC3A56-4B9D-4F5C-99E6-A3A46174BC6B}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2AB3D872-B14D-4016-8FF2-ACA48055DA2A}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5F98DD07-A56D-41F4-B5AB-1BFFEF9CC2A6}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5FDB1F52-69CC-4D73-A965-9CB9432F8779}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{883348F7-331B-4B69-BC27-B24DFFDB76E8}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9922E137-61FB-4D6A-A195-AD924F649CBD}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A50D6AE9-158A-40D8-A4C3-63D68113E7C0}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9B0964E-F8AA-4E6A-B1E4-AFACA0ED48D9}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BD764411-4CD0-44A1-8062-D8D8DA1D8775}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C9F07FA1-E867-4D0C-9F52-60B46F1C44B1}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2AA6726-A019-4B94-AE16-452311B6AD53}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9C4654E-5687-42A8-8579-C1437AAA2185}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DE51DFE9-D984-467F-8AAB-E44917E3B75C}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DEBBFF41-E4B1-4943-AE69-43D81A783F9E}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E022C11E-8C40-48E6-81B9-6D75446F2811}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E670E5DC-208C-4057-95C3-1D96B834BBB4}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA0D4DD8-951D-4D94-80A9-2C2676473377}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA1EA972-CA55-45F8-A6CA-6FB9848E3859}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EADFECF4-85ED-40DA-A7AE-C43871B6F3F3}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB07AF29-B56F-46B4-8F93-71EF8D1444F4}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F1012B0A-9D2A-4629-8262-1A24923DF064}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, In Quarantäne, [9611], [233310],1.0.2653
PUP.Optional.Babylon, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FAVICONURL, In Quarantäne, [1727], [235650],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|DISPLAYNAME, In Quarantäne, [516], [245523],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|SUGGESTIONSURL_JSON, In Quarantäne, [516], [245522],1.0.2653
PUP.Optional.SofTonic, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{95ED1396-3F7D-478C-AD6A-B97A247F1AD6}|URL, In Quarantäne, [3262], [243270],1.0.2653
PUP.Optional.SofTonic, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{95ED1396-3F7D-478C-AD6A-B97A247F1AD6}|FAVICONURL, In Quarantäne, [3262], [243270],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|DISPLAYNAME, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|FAVICONURL, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|DISPLAYNAME, In Quarantäne, [516], [245523],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|FAVICONURLFALLBACK, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|URL, In Quarantäne, [516], [245522],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|TOPRESULTURL, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|TOPRESULTURLFALLBACK, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|URL, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.SearchResults, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|URL, In Quarantäne, [10131], [184971],1.0.2653
PUP.Optional.InstallBrain, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\WNLT|URL, In Quarantäne, [396], [239558],1.0.2653
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, [8871], [-1],0.0.0
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, [8871], [-1],0.0.0
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|DISPLAYNAME, In Quarantäne, [516], [245525],1.0.2653
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|URL, In Quarantäne, [516], [245524],1.0.2653
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|SUGGESTIONSURL_JSON, In Quarantäne, [516], [245524],1.0.2653
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{AE07101B-46D4-4A98-AF68-0333EA26E113}, In Quarantäne, [1572], [189776],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, In Quarantäne, [3065], [168094],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [516], [306571],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EEE6C35B-6118-11DC-9C72-001320C79847}, In Quarantäne, [1026], [168894],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [516], [306571],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, In Quarantäne, [3065], [168094],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{CD1A63BA-A08C-431B-9A34-F240AADC728D}, In Quarantäne, [259], [169956],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{CD1A63BA-A08C-431B-9A34-F240AADC728D}, In Quarantäne, [259], [169956],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4}, In Quarantäne, [259], [169955],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EEE6C35B-6118-11DC-9C72-001320C79847}, In Quarantäne, [1026], [168894],1.0.2653
Registrierungsdaten: 5
PUP.Optional.SnapDo, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Ersetzt, [6619], [293027],1.0.2653
Hijack.StartPage, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Ersetzt, [1816], [292742],1.0.2653
PUP.Optional.Babylon, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|BPROTECTOR START PAGE, Ersetzt, [1727], [293037],1.0.2653
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Ersetzt, [13272], [292819],1.0.2653
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Ersetzt, [13272], [292819],1.0.2653
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 66
PUP.Optional.Delta.ShrtCln, C:\USERS\PFLüGL\APPDATA\LOCALLOW\DELTA\DELTA, In Quarantäne, [9611], [175031],1.0.2653
PUP.Optional.Babylon, C:\Users\Pflügl\AppData\LocalLow\BabylonToolbar\BabylonToolbar, In Quarantäne, [1727], [175554],1.0.2653
PUP.Optional.Babylon, C:\USERS\PFLüGL\APPDATA\LOCALLOW\BABYLONTOOLBAR, In Quarantäne, [1727], [175554],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\favorites, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\info, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\resources, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\browser\misc, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\browser, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\pt_BR, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ar, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\de, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\en, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\es, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\fr, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\he, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\it, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ja, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\nl, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\pl, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ru, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\tr, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\icons, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\USERS\GAST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PFLPHAOOAPBGPEAKOHLGGBPIDPPPGDFF, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.SweetIM, C:\USERS\PFLüGL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTERNAL EXTENSIONS\{EEE6C373-6118-11DC-9C72-001320C79847}, In Quarantäne, [1160], [243753],1.0.2653
PUP.Optional.SweetPacks, C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\SweetPacksToolbarData\logs, In Quarantäne, [1026], [179951],1.0.2653
PUP.Optional.SweetPacks, C:\USERS\PFLüGL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NCA6GZM3.DEFAULT\SWEETPACKSTOOLBARDATA, In Quarantäne, [1026], [179951],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\USERS\GAST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OGCCGBMABAPHCAKPICLGCNMCNIMHOKCJ, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.IoloSC, C:\PROGRAMDATA\IOLO\SCU, In Quarantäne, [2066], [349238],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\pt-br, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zh-cn, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\eng, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\da, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\de, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\nl, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\no, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ru, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\sv, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\es, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fi, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fr, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\it, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ja, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\components, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\plugins, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\chrome, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\USERS\NATHALIE.PFLüGL-PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UG6GJRUZ.DEFAULT\EXTENSIONS\{AA9CC3FA-A5E4-449B-AAB5-1EBDBC7314EE}, In Quarantäne, [11807], [302037],1.0.2653
Datei: 282
PUP.Optional.BProtector, C:\USERS\PFLüGL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\BPROTECTORPREFERENCES, In Quarantäne, [4000], [235980],1.0.2653
PUP.Optional.BProtector, C:\USERS\NATHALIE.PFLüGL-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\BPROTECTORPREFERENCES, In Quarantäne, [4000], [235980],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\browser\misc\screenshot.inject.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\browser\background.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\browser\background.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_de.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_en_gb.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_en_us.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_fr.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_he.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_it.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_pt_br.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_ru.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_tr.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\angular.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\crypto-js.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery-2.1.0.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery.autocomplete.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery.balloon.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery.fittext.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery.Jcrop.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery.simplecolorpicker.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\mustache.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\string.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\underscore-min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\gallery.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\gallery.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\newtab.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\newtab.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\review.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\review.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\foundation.min.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\indicator.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\Jcrop.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\jquery.autocomplete.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\jquery.Jcrop.min.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\jquery.simplecolorpicker.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\normalize.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\arrow-gallery-cat-selected.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\arrow.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\emptyArea.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\gallery.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\gallery_templates.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\icon-gallery-search.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\not_available_32.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\plus.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\icons\128.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\icons\16.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\icons\48.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\buttons.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\footer.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\header.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\list.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\newtab.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\search.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\themes.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\arab_tile.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\batthern_@2X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\bo_play_pattern_@2X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\dark_wood_@2X.jpg, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\diagonal_striped_brick.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\escheresque_ste_@2X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\gold_scale.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\purty_wood_@2X.jpg, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\readme.txt, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\starring_@2X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\weave_@2X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\wild_oliva_@2X.jpg, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\woven.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-layout.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\ajax-loader-2.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\ajax-loader-bar.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\ajax-loader-medium.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\ajax-loader-small.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\ajax-loader.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\arrow-footer.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\arrow-header.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\attachment.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\close-bar2.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\close.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\edit-button.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-apps-dark.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-apps.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-chrome.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-close.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-contents-light.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-contents.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-edit.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-plus-dark.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-plus.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-right.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-search.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-settings.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-theme.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\menu_v.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\menu_v_white.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\provider.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\x-button.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\resources\groups.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\resources\list.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\resources\menu.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\activetabs.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\favorites.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\layout.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\modal-fav-add.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\modal-fav-edit.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\modal-fav-group.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\readitlater.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\recentlyclosed.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\theme.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\webapps.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\bookmarks.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\download.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\downloads.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\downloas.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\extensions.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\history.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\settings.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\trash.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\favorites\empty.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\favorites\error.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\favorites\shadow.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\info\contactus.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\info\facebook.ico, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\info\rateus.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\info\twitter.ico, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\activetabs.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\favorites.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\layout.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\modal-fav-add.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\modal-fav-edit.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\modal-fav-group.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\readitlater.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\readitlater_content.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\readitlater_menu.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\recentlyclosed.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\theme.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\webapps.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\webapps_contextmenu.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\cat_1.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\cat_2.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\cat_3.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\cat_4.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\cat_5.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\rating-star.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\review.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ar\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\de\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\en\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\es\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\fr\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\he\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\it\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ja\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\nl\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\pl\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\pt_BR\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ru\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\tr\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\manifest.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.BProtector, C:\USERS\NATHALIE.PFLüGL-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\BPROTECTOR WEB DATA, In Quarantäne, [4000], [235979],1.0.2653
PUP.Optional.SweetIM, C:\USERS\PFLüGL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTERNAL EXTENSIONS\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx, In Quarantäne, [1160], [243753],1.0.2653
PUP.Optional.BProtector, C:\USERS\PFLüGL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\BPROTECTOR WEB DATA, In Quarantäne, [4000], [235979],1.0.2653
PUP.Optional.NewTab, C:\USERS\PFLüGL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NEWTAB.CRX, In Quarantäne, [11472], [241199],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\128.png, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\19.png, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\48.png, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\background.html, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\flavour.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\keys.json, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\logger.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\main.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\manifest.json, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\newtab.html, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\newtab.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\popup.html, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\popup.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\simapp.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\toolbar.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.MySpeedDial, C:\USERS\GAST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage, In Quarantäne, [8836], [241090],1.0.2653
PUP.Optional.MySpeedDial, C:\USERS\GAST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage-journal, In Quarantäne, [8836], [241090],1.0.2653
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\config.dll, In Quarantäne, [2066], [349238],1.0.2653
PUP.Optional.SysTweak, C:\USERS\PFLüGL\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\ADVANCED DISK RECOVERY.LNK, In Quarantäne, [238], [338871],1.0.2653
PUP.Optional.SysTweak, C:\PROGRAM FILES (X86)\ADVANCED DISK RECOVERY\ENG\CHECKUPDATE.INI, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\eng\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\eng\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\eng\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\da\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\da\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\da\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\da\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\de\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\de\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\de\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\de\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\nl\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\nl\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\nl\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\nl\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\no\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\no\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\no\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\no\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\pt-br\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\pt-br\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\pt-br\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\pt-br\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ru\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ru\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ru\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ru\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\sv\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\sv\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\sv\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\sv\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zh-cn\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zh-cn\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zh-cn\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zh-cn\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\es\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\es\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\es\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\es\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fi\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fi\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fi\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fi\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fr\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fr\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fr\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fr\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\it\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\it\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\it\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\it\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ja\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ja\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ja\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ja\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ADRDLL.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ADRHelper.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\adrsys.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\AdvancedDiskRecovery.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ASEng.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\AsInvoker.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\asohtm.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\asores.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\CheckUpdate.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Downloader.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Microsoft.VC90.ATL.manifest, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Microsoft.VC90.CRT.manifest, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Microsoft.VC90.MFC.manifest, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Microsoft.VC90.MFCLOC.manifest, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Network.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\RequireAdministrator.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\unins000.dat, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\unins000.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\unrar.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\XceedZip.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\xmllite.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zlibwapi.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\HighestAvailable.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\KillADRProcesses.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.MySearchDial, C:\USERS\GAST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\SECURE PREFERENCES, Ersetzt, [1555], [302892],1.0.2653
PUP.Optional.CrossRider, C:\USERS\PFLüGL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NCA6GZM3.DEFAULT\PREFS.JS, Ersetzt, [219], [301531],1.0.2653
PUP.Optional.SweetPacks, C:\USERS\PFLüGL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NCA6GZM3.DEFAULT\PREFS.JS, Ersetzt, [1026], [301675],1.0.2653
PUP.Optional.Widdit, C:\USERS\NATHALIE.PFLüGL-PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UG6GJRUZ.DEFAULT\EXTENSIONS\{AA9CC3FA-A5E4-449B-AAB5-1EBDBC7314EE}\INSTALL.RDF, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\chrome\HomeTab_3580.jar, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\components\wtb_complete.js, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\plugins\npwiddit.dll, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\chrome.manifest, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\HomeTab_3580.sqlite, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\install.js, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\pop.htm, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.MindSpark, C:\PROGRAM FILES (X86)\8HRES.DLL, In Quarantäne, [259], [301125],1.0.2653
PUP.Optional.Ilivid, C:\USERS\NATHALIE.PFLüGL-PC\DOWNLOADS\ILIVIDSETUP.EXE, In Quarantäne, [3186], [56018],1.0.2653
PUP.Optional.MindSpark, C:\USERS\PFLüGL\DOWNLOADS\ALLIN1CONVERT.EXE, In Quarantäne, [259], [301125],1.0.2653
PUP.Optional.BundleInstaller, C:\USERS\PFLüGL\DOWNLOADS\PASSWDFINDER-WINDOWS-DOWNLOADER.EXE, In Quarantäne, [20], [76335],1.0.2653
PUP.Optional.SofTonic, C:\USERS\PFLüGL\PICTURES\SOFTONICDOWNLOADER_FUER_ABIWORD.EXE, In Quarantäne, [3262], [8262],1.0.2653
PUP.Optional.SnapDo, C:\WINDOWS\INSTALLER\1CD3C.MSI, In Quarantäne, [6619], [77242],1.0.2653
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
24.08.2017, 22:57
| #10 |
| | Quickshare von linkuryFRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von Pflügl (Administrator) auf PFLÜGL-PC (24-08-2017 23:52:49)
Gestartet von C:\Users\Pflügl\Desktop
Geladene Profile: Pflügl & (Verfügbare Profile: Pflügl & nathalie & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1561_none_7ef6e89821f9a6be\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-08-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234525649\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234821568\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2013-12-26]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk [2017-08-24]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{75ff37bc-f35e-4fd1-8f72-5840205e2664}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {3E5C233F-F334-43B2-87BA-0B102B44359D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {609F3A36-D7A7-45F3-B223-E2F3E96CC3B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {6CB0C3DC-BCBD-4D81-9DD0-96BD1A294EE9} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_403bc9d4f41241b69d0dd74ec0d909d6_39_1006_20130621_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {E10C5AE2-82EC-4B63-9AAB-2DD26A68FE3F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {3E5C233F-F334-43B2-87BA-0B102B44359D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {609F3A36-D7A7-45F3-B223-E2F3E96CC3B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {6CB0C3DC-BCBD-4D81-9DD0-96BD1A294EE9} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_403bc9d4f41241b69d0dd74ec0d909d6_39_1006_20130621_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {E10C5AE2-82EC-4B63-9AAB-2DD26A68FE3F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {3E5C233F-F334-43B2-87BA-0B102B44359D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {609F3A36-D7A7-45F3-B223-E2F3E96CC3B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {6CB0C3DC-BCBD-4D81-9DD0-96BD1A294EE9} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_403bc9d4f41241b69d0dd74ec0d909d6_39_1006_20130621_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {E10C5AE2-82EC-4B63-9AAB-2DD26A68FE3F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> {5809E9FB-C152-4D28-81C3-952F25687BAA} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> {5D4A600E-90EA-4D1A-AFF5-2BDB3E27FD0E} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> {7894D067-3C4C-42E1-A6E1-03F025D8106E} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> {E042A6EC-FF89-4E6D-8C51-57DE7A7113C1} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> {5809E9FB-C152-4D28-81C3-952F25687BAA} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> {5D4A600E-90EA-4D1A-AFF5-2BDB3E27FD0E} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> {7894D067-3C4C-42E1-A6E1-03F025D8106E} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> {E042A6EC-FF89-4E6D-8C51-57DE7A7113C1} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default [2017-08-24]
FF user.js: detected! => C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js [2013-11-17]
FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nca6gzm3.default -> Sweetpacks Search
FF Homepage: Mozilla\Firefox\Profiles\nca6gzm3.default -> www.google.de
FF Extension: (Avira Browser Safety) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\abs@avira.com.xpi [2017-08-03]
FF Extension: (Adblock Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Tab Mix Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-05-18]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-24] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-02] <==== ACHTUNG
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR Profile: C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default [2017-08-24]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-04-01]
CHR Extension: (Google Wallet) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-01]
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-08-11] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [389312 2017-08-02] (Avira Operations GmbH & Co. KG)
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [604216 2017-02-01] (REINER SCT)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.)
S3 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-23] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [173784 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-31] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\WINDOWS\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-21] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-08-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-08-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-24] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253888 2017-08-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-08-24] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
Error(1) reading file: "C:\Users\Pflügl\Desktop\www.bildkontakte.de - einfach einen Partner finden profil klaus g.j.c. div."
2017-08-24 23:50 - 2017-08-24 23:50 - 000092579 _____ C:\Users\Pflügl\Desktop\mbam.txt.txt
2017-08-24 23:06 - 2017-08-24 23:46 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-08-24 23:06 - 2017-08-24 23:46 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-08-24 23:06 - 2017-08-24 23:46 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-08-24 23:06 - 2017-08-24 23:45 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-24 23:06 - 2017-08-24 23:06 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-08-24 23:05 - 2017-08-24 23:05 - 000001924 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-08-24 23:05 - 2017-08-24 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-08-24 23:05 - 2017-08-24 23:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-24 23:05 - 2017-08-24 23:05 - 000000000 ____D C:\Program Files\Malwarebytes
2017-08-24 23:05 - 2017-08-21 07:20 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-08-24 22:59 - 2017-08-24 23:17 - 000000000 ____D C:\AdwCleaner
2017-08-24 22:58 - 2017-08-24 22:59 - 008185288 _____ (Malwarebytes) C:\Users\Pflügl\Desktop\adwcleaner_7.0.1.0.exe
2017-08-24 16:54 - 2017-08-24 17:00 - 000075392 _____ C:\TDSSKiller.3.1.0.15_24.08.2017_16.54.01_log.txt
2017-08-24 16:44 - 2017-08-24 23:53 - 000033261 _____ C:\Users\Pflügl\Desktop\FRST.txt
2017-08-24 15:33 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-08-24 15:32 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-08-24 15:32 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-08-24 15:32 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-08-24 15:00 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-24 15:00 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-24 15:00 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-24 15:00 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-24 15:00 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-24 15:00 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-24 15:00 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-24 15:00 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-24 15:00 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-24 15:00 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-24 15:00 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-24 15:00 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-24 15:00 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-24 15:00 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-24 15:00 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-24 15:00 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-24 15:00 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-24 15:00 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-24 15:00 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-24 15:00 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-24 15:00 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-24 15:00 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-24 15:00 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-24 15:00 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-24 15:00 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-24 15:00 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-24 15:00 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-24 15:00 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-24 15:00 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-24 15:00 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-24 15:00 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-24 15:00 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-24 15:00 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-24 15:00 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-24 14:59 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-24 14:59 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-24 14:59 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-24 14:59 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-24 14:59 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-24 14:59 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-24 14:59 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-24 14:59 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-24 14:59 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-24 14:59 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-24 14:59 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-24 14:59 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-24 14:59 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-24 14:59 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-24 14:59 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-24 14:59 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-24 14:59 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-24 14:59 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-24 14:59 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-24 14:59 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-24 14:59 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-24 14:59 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-24 14:59 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-24 14:59 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-24 14:59 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-24 14:59 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-24 14:59 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-24 14:59 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-24 14:59 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-24 14:59 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-24 14:59 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-24 14:59 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-24 14:59 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-24 14:59 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-24 14:59 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-24 14:59 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-24 14:59 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-24 14:59 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-24 14:59 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-24 14:59 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-24 14:59 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-24 14:59 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-24 14:59 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-24 14:59 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-24 14:59 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-24 14:59 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-24 14:59 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-24 14:59 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-24 14:59 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-24 14:59 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-24 14:59 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-24 14:59 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-24 14:59 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-24 14:59 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-24 14:59 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-24 14:59 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-24 14:59 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-24 14:59 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-24 14:59 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-24 14:59 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-24 14:58 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-24 14:58 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-24 14:58 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-24 14:58 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-24 14:58 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-24 14:58 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-24 14:58 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-24 14:58 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-24 14:58 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-24 14:58 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-24 14:58 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-24 14:58 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-24 14:58 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-24 14:58 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-24 14:58 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-24 14:58 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-24 14:58 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-24 14:58 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-24 14:58 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-24 14:58 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-24 14:58 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-24 14:58 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-24 14:58 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-24 14:58 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-24 14:58 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-24 14:58 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-24 14:58 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-24 14:58 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-24 14:58 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-24 14:57 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-24 14:57 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-24 14:57 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-24 14:57 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-24 14:57 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-24 14:57 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-24 14:57 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-24 14:57 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-24 14:57 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-24 14:57 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-24 14:57 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-24 14:57 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-24 14:57 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-24 14:57 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-24 14:57 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-24 14:57 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-24 14:57 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-24 14:57 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-24 14:57 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-24 14:57 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-24 14:57 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-24 14:57 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-24 14:57 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-24 14:57 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-24 14:57 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-24 14:57 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-24 14:57 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-24 14:57 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-24 14:57 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-24 14:57 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-24 14:56 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-24 14:56 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-24 14:56 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-24 14:56 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-24 14:56 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-24 14:56 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-24 14:56 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-24 14:56 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-24 14:56 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-24 14:56 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-24 14:56 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-24 14:56 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-24 14:56 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-24 14:56 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-24 14:56 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-24 14:56 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-24 14:56 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-24 14:56 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-24 14:56 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-24 14:56 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-24 14:56 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-24 14:56 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-24 14:56 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-24 14:56 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-24 14:56 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-24 14:56 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-24 14:56 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-24 14:56 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-24 14:56 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-24 14:56 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-24 14:56 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-24 14:56 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-24 14:56 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-24 14:56 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-24 14:56 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-24 14:56 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-24 14:56 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-24 14:56 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-24 14:56 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-24 14:56 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-24 14:56 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-24 14:56 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-24 14:56 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-24 14:56 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-24 14:56 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-24 14:56 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-24 14:56 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-24 14:56 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-24 14:56 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-24 14:56 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-24 14:56 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-24 14:56 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-24 14:56 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-24 14:56 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-24 14:56 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-24 14:56 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-24 14:56 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-24 14:56 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-24 14:56 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-24 14:56 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-24 14:56 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-24 14:56 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-24 14:56 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-24 14:56 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-24 14:56 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-24 14:56 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-24 14:56 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-24 14:56 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-24 14:56 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-24 14:56 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-24 14:56 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-24 14:56 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-24 14:56 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-24 14:56 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-24 14:56 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-24 14:56 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-24 14:56 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-24 14:56 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-24 14:56 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-24 14:56 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-24 14:56 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-24 14:56 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-24 14:56 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-24 14:56 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-24 14:56 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-24 14:56 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-24 14:56 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-24 14:56 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-24 14:56 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-24 14:56 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-24 14:56 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-24 14:56 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-24 14:56 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-24 14:56 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-24 14:56 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-24 14:56 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-24 14:56 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-24 14:56 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-24 14:56 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-24 14:56 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-24 14:26 - 2017-08-24 14:27 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Pflügl\Desktop\tdsskiller.exe
2017-08-24 14:12 - 2017-08-24 23:52 - 000000000 ____D C:\FRST
2017-08-24 14:10 - 2017-08-24 14:19 - 000000000 ____D C:\Users\lol12
2017-08-24 14:08 - 2017-08-24 14:11 - 002395648 _____ (Farbar) C:\Users\Pflügl\Desktop\FRST64.exe
2017-08-24 12:44 - 2017-08-24 12:44 - 005763072 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-08-24 23:49 - 2017-01-11 00:34 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-24 23:47 - 2016-12-11 22:08 - 000000000 ____D C:\Users\Pflügl\AppData\LocalLow\Mozilla
2017-08-24 23:44 - 2017-01-11 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-24 23:43 - 2016-07-16 08:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-24 23:42 - 2014-02-03 12:26 - 000000000 ____D C:\Program Files (x86)\Advanced Disk Recovery
2017-08-24 23:41 - 2013-06-06 21:13 - 000000000 ____D C:\ProgramData\iolo
2017-08-24 23:39 - 2017-01-11 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-24 23:39 - 2013-07-15 18:29 - 000000000 ____D C:\Users\Pflügl\AppData\LocalLow\Delta
2017-08-24 23:11 - 2015-10-30 09:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-08-24 23:11 - 2013-06-06 21:13 - 000000000 ____D C:\Program Files (x86)\iolo
2017-08-24 23:05 - 2015-04-01 19:00 - 000000000 ____D C:\Users\Pflügl\Downloads\Firefox
2017-08-24 20:42 - 2017-01-11 00:40 - 000000000 ____D C:\Users\Pflügl
2017-08-24 20:34 - 2013-11-06 23:43 - 008118144 _____ (WiseCleaner.com ) C:\Users\Pflügl\Downloads\WiseCare365_2.86.exe
2017-08-24 20:31 - 2012-01-25 21:22 - 000000908 _____ C:\Users\Pflügl\Desktop\Downloads.lnk
2017-08-24 19:48 - 2017-01-11 00:38 - 002643162 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-24 19:48 - 2016-07-17 00:51 - 001091362 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-24 19:48 - 2016-07-17 00:51 - 000265778 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-24 19:45 - 2016-07-31 16:24 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-24 19:45 - 2016-07-29 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-24 16:46 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-24 16:40 - 2015-08-03 09:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-24 16:37 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-24 16:35 - 2017-01-11 00:29 - 000389616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-24 15:54 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-24 15:32 - 2013-08-14 21:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-24 15:24 - 2012-02-03 19:00 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-24 15:14 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-24 14:28 - 2012-08-07 07:55 - 000000000 ____D C:\Users\Pflügl\AppData\Local\CrashDumps
2017-08-24 13:52 - 2015-04-01 17:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-24 13:14 - 2011-08-11 13:30 - 000000000 ____D C:\Program Files (x86)\CyberLink
2017-08-24 13:14 - 2011-08-11 12:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-24 12:44 - 2013-12-26 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-11 19:03 - 2015-04-01 18:29 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-08-11 19:03 - 2015-04-01 18:29 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-08-03 08:52 - 2009-07-14 04:34 - 000000669 _____ C:\WINDOWS\win.ini
2017-07-31 17:14 - 2016-07-16 13:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:14 - 2016-07-16 13:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-17 22:42 - 2015-05-17 22:42 - 006420480 _____ () C:\Program Files (x86)\GUTA86F.tmp
2013-09-13 19:54 - 2013-09-13 19:54 - 000017740 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.dat
2013-09-13 19:54 - 2013-09-13 19:54 - 000013844 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.msg
2014-02-03 12:09 - 2014-07-18 23:20 - 000000106 _____ () C:\Users\Pflügl\AppData\Roaming\WB.CFG
2016-07-15 14:04 - 2016-07-15 14:04 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-01-11 00:33 - 2017-01-11 00:33 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\AlexaNSISPlugin.6676.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-08-24 15:16
==================== Ende von FRST.txt ============================
|
|
24.08.2017, 22:58
| #11 |
| | Quickshare von linkury FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Pflügl (24-08-2017 23:54:25)
Gestartet von C:\Users\Pflügl\Desktop
Windows 10 Home Version 1607 (X64) (2017-01-11 11:18:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1664608947-3428569484-2814311379-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1664608947-3428569484-2814311379-503 - Limited - Disabled)
Gast (S-1-5-21-1664608947-3428569484-2814311379-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1664608947-3428569484-2814311379-1003 - Limited - Enabled)
nathalie (S-1-5-21-1664608947-3428569484-2814311379-1005 - Administrator - Enabled) => C:\Users\nathalie.Pflügl-PC
Pflügl (S-1-5-21-1664608947-3428569484-2814311379-1001 - Administrator - Enabled) => C:\Users\Pflügl
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.29.32 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{7990b9d3-2da3-4eef-bf20-73a05086fd12}) (Version: 1.2.92.32157 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{E972AE5C-71B3-4D35-8193-BC4CC2F1FA20}) (Version: 1.2.92.32157 - Avira Operations GmbH & Co. KG) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.6.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Collector's Edition 251 (HKLM-x32\...\Collector's Edition 251) (Version: - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.3.5 - REINER SCT)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{25175695-4B20-4298-9F34-C2C57CD277B3}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{DF37555F-0259-43DA-B60C-47106FA14AA3}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.7.22.13 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
LUXOR 5th Passage (HKLM-x32\...\LUXOR 5th Passage) (Version: 1.1.0.0 - MumboJumbo)
LUXOR Amun Rising HD (HKLM-x32\...\LUXOR Amun Rising HD) (Version: 1.1.0.0 - MumboJumbo)
LUXOR HD (HKLM-x32\...\LUXOR HD) (Version: 1.1.0.0 - MumboJumbo)
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mysearchdial (HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\...\mysearchdial) (Version: - Mysearchdial) <==== ACHTUNG
Mysearchdial (HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\...\mysearchdial) (Version: - Mysearchdial) <==== ACHTUNG
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3503 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0811.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rommé 1 (HKLM-x32\...\Rommé 1) (Version: - )
SaveSense (HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\...\SaveSense) (Version: 6.4.0.0 - SaveSense)
SaveSense (HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\...\SaveSense) (Version: 6.4.0.0 - SaveSense)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{C559DE9F-9451-49E5-9176-316E36192409}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
TuneUp Utilities Language Pack (de-DE) (HKLM-x32\...\{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}) (Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Video Web Camera (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3503 - Packard Bell)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinFunktion Mathematik plus 20 (HKLM-x32\...\{CDBA97DF-63B9-44E7-B900-92E8165260C0}) (Version: 1.00.0000 - bhv Publishing GmbH)
Woodcutter Simulator 2011 (HKLM-x32\...\Woodcutter Simulator 2011) (Version: - )
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => -> Keine Datei
ShellIconOverlayIdentifiers: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => -> Keine Datei
ShellIconOverlayIdentifiers: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [04MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => -> Keine Datei
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01BB4D1B-818C-42A0-8B4B-F0BE210EEA30} - System32\Tasks\{03604C09-673A-46D7-91D0-CA6847E45206} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {020DD405-A394-493E-A0CB-B783EBD3F509} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {043089C6-8ECC-41BA-8C31-9D399E684526} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {04DDA79F-A03A-4D1D-92C9-818DDB94FB9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {06B82B36-C8DB-4E88-8657-3141B92BD458} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08482869-7638-449B-A5EA-666DC75E2230} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0B7079CF-6583-4042-A382-32A46A0A17F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BAF5FB1-CE07-4410-810F-D2A94D3999DC} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {0E4E0451-2A7E-4E1D-AB7D-C88EE1D220ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {102215A6-16FA-4986-8E15-553FDA45B53F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {10A5FE77-F8C1-47C8-BE1B-C5428967A6D8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {10ED276C-DD72-4CA8-BCF2-D376268DDEE7} - System32\Tasks\{033A4D70-36D7-46FA-9F7D-A9996B7334EF} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {115C02AF-C7DF-4330-A688-E92B8C8CC4C5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1927C3E0-3CC2-4151-8F7F-F8296774A57D} - System32\Tasks\hpUrlLauncher.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\utils\hpUrlLauncher.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {2802C96A-F077-4A17-8011-3294DAF7C369} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {29CDB149-4C4B-477B-9755-08A513679DEB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C9B83-785F-431C-85BF-97D2AA0F4D8C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3E1954-1BC7-40A1-8F0D-5AA94B0302B1} - System32\Tasks\{EB5F7CC8-1425-4DAB-BF0A-DB808FA16761} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {302E1C0A-0A15-44AD-BA44-1786E28CB20C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3151EB25-0E8A-4AE8-992F-BD36A730A79B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3163DEF0-BC1D-47B8-9AF8-DBCF9E8556D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {35F823C9-B2FC-4792-B8D9-3464229D5382} - System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3B1331CB-2787-440D-B754-4090BED944E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3B14775C-29A3-477E-9E6C-E263967BD99C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3B31208C-629E-4B92-AA6A-7C9FC6883795} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {45D9E40C-1CC9-4A5B-ACA5-97ED713ACF04} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {499F3997-E54C-421E-B526-5F6648D49F51} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AA2C224-1479-45B5-8AE5-605F6BB9EED8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4ADD35B4-9050-421C-9098-0EEB76AC112D} - System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {4BBE6D73-6050-437A-80DE-B8233F98BEF5} - System32\Tasks\{1C26DB06-23AC-4B07-B041-48C78A9D1CBD} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {4C2AED65-E5A5-41F8-BCAD-92EF44FF8907} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Pflügl\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {4D3D5094-88FE-4CE0-A91C-2113C2000A42} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-24] (Adobe Systems Incorporated)
Task: {4E44E590-0AAA-4A64-A753-17B70F4280EF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} - System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {5814C7F6-0FFE-44A5-835F-803CF84A9A24} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A8A4A0D-86EE-43C6-8E78-1417869112A8} - System32\Tasks\{A7B29540-1879-4028-B3B8-C127971DA397} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {5F7202B8-6B43-46D4-B496-BD78C43A044A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {628EDDD5-1054-40F0-852F-29C1C5048AB7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {64FCA12B-117D-4AF7-A494-268A560BFF01} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EDF7077-E62B-4942-82AF-20B5A2C43BC4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {722FEC1C-89F5-444A-9226-EE14DBE764E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {75FE8499-D9D8-43D7-9340-6CCCD29A37DE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7755D443-2648-4B89-9EA8-EAF190163556} - System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => C:\Windows\system32\pcalua.exe -a C:\Users\Pflügl\AppData\Roaming\Allmyapps\Allmyapps.exe -c uninstall
Task: {778EF4BA-BFC7-480A-9270-1825B71C55A5} - System32\Tasks\{9DF84523-FD29-4C9E-82DD-775A63EB0FB1} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {800860D9-C124-49BC-93CC-1985C6E97327} - System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {818D08B0-AB79-40A5-9AF8-7C65320AE798} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {83CFBC6A-B820-4018-B988-7BBCBA3EF8DE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85639F17-6779-492C-90D3-2A04C81EAF20} - System32\Tasks\{25B82541-8571-45E6-83AB-4AF95DABF24A} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {8569E4D6-C467-4B53-9C7B-6D6D3A207AEC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AD0768E-4A9E-494C-951A-8D6B0158C676} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8E3C62E9-BB57-4328-BD78-3F42CAE4DE4A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {8EE3DC86-4A70-4349-9AA9-F0203D291B72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {90D8AB43-209E-4370-BAD1-D5259AB7396C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {9D8EF176-E6FB-4931-8DB6-99D24652A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A2F0F64E-16E2-4DE3-BD2C-5E63E84C7090} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A421C8AC-59B4-4306-A012-784EB2DEA81A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A6716755-233F-4A56-A111-02A2D4DD0A9B} - System32\Tasks\{0E5B43A1-4CBC-49B7-B663-FC61E5FBB58F} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {A72A0967-0AB3-4972-A197-0DCFCC791D8F} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-Pflügl => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {ABF8455B-5FDC-4FBF-A21F-B8E4F38DE2E2} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-nathalie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {B18AA8C6-1B5E-4934-8263-757AA676496E} - System32\Tasks\{F9402AE5-ACC8-4BA8-9E7E-0375A8F72E09} => C:\Windows\system32\pcalua.exe -a F:\install_flash_player_active_x.exe -d F:\
Task: {B278D98E-6409-45E9-8A49-416935FC9A9B} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {B6F48632-6D52-4C8A-AFF3-9899AB8B5AE7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B85D8103-15F1-4054-9C89-21D9B559D123} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {BFB32430-75BB-4606-BD31-CE87342D524F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {C7A4899A-F1FE-4A82-808D-6CFAE45C319E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFB1136A-F1BC-4634-9CBF-A999C7B3A3C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {D627BDDD-E3F7-4578-9963-518C3686B0C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {D718E290-E157-4664-A9F3-8B04A0A02DC8} - System32\Tasks\{9711830A-13DD-481F-A336-AA3C7885661B} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D71B6264-3754-414A-BF96-9E2E2E614FF8} - System32\Tasks\{B0CE2170-76B6-4422-A267-413ED3F67B11} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D84A16D9-413C-46C6-9768-09EF6339DF29} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {DCAF2E5C-9386-4622-BD13-B534BB0F78A3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {DD91A8EB-DA59-473D-969E-320501B67A7F} - System32\Tasks\{D81F541F-3DE9-4EC6-9DAE-1BF798040AC6} => C:\Windows\system32\pcalua.exe -a "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)\NeoGamma Installer by Wii-Homebrew.exe" -d "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)"
Task: {E8CFFA40-C104-4B30-BD9D-1B3420B5D4C4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB64C26B-0806-4248-8678-D6FE1375A527} - System32\Tasks\{463E93F0-2199-42B9-8D18-DBD746D676A9} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {EC056EB6-2863-4CE6-94AB-5748B2D8EDCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F1C99E32-F492-4038-BD10-731DA69C2968} - System32\Tasks\{1A9F0B80-4630-434D-A4D3-C672A48987F2} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {F44EBEAB-A6B2-4B21-96BA-E4465EF19E75} - System32\Tasks\{966A14DB-D34B-4A06-BC26-743C4C42F131} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {F518F3A1-B8F3-401C-A21C-3FA1BCF4A3A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F70666D8-716B-49F8-B3AD-5CC32FAEE9E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {FB3379A3-B190-40F2-A65D-03A35D445AD9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-13 22:48 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-11 18:04 - 2016-12-29 15:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-08-24 23:05 - 2017-08-21 07:20 - 002264520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-01-11 00:07 - 2017-01-11 00:07 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 12:02 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 12:03 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-24 14:56 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-24 14:56 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-24 14:56 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-08-24 15:10 - 2017-08-24 15:12 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 15:10 - 2017-08-24 15:12 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 15:10 - 2017-08-24 15:12 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 15:10 - 2017-08-24 15:12 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 003774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-11 17:24 - 2017-02-23 16:30 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-01-11 17:24 - 2017-02-23 16:30 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile: <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile: <==== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234518383\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234818646\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519243\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234818943\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Control Panel\Desktop\\Wallpaper -> c:\users\pflügl\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{ceedc30e-03f3-4223-aeb0-1bb4c000d5a6}.jpg
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\Control Panel\Desktop\\Wallpaper -> c:\users\pflügl\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{ceedc30e-03f3-4223-aeb0-1bb4c000d5a6}.jpg
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\Control Panel\Desktop\\Wallpaper -> c:\users\pflügl\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{ceedc30e-03f3-4223-aeb0-1bb4c000d5a6}.jpg
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234525649\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234821568\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
03-08-2017 08:48:12 Windows Update
24-08-2017 15:19:23 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/24/2017 11:47:13 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.
Error: (08/24/2017 11:47:04 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{95CABCC9-BC57-4C12-B8DF-BA193232AA01}" wurde abgelehnt.
Error: (08/24/2017 08:30:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Pflügl-PC)
Description: Das Paket „Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (08/24/2017 04:52:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pflügl-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/24/2017 04:52:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Pflügl-PC)
Description: Das Paket „Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (08/24/2017 03:24:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Pflügl-PC)
Description: Das Paket „Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (08/24/2017 03:21:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/24/2017 02:27:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: {E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe, Version: 3.1.0.15, Zeitstempel: 0x58f5cf94
Name des fehlerhaften Moduls: {E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe, Version: 3.1.0.15, Zeitstempel: 0x58f5cf94
Ausnahmecode: 0x40000015
Fehleroffset: 0x0014376c
ID des fehlerhaften Prozesses: 0x1f58
Startzeit der fehlerhaften Anwendung: 0x01d31cd4509c1b30
Pfad der fehlerhaften Anwendung: C:\Users\PFLGL~1\AppData\Local\Temp\{3F148F86-334A-484B-8CFE-C9212706ABA4}\{E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe
Pfad des fehlerhaften Moduls: C:\Users\PFLGL~1\AppData\Local\Temp\{3F148F86-334A-484B-8CFE-C9212706ABA4}\{E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe
Berichtskennung: 587d6b27-b42b-4b44-852b-83217d664be8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/24/2017 01:11:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (08/24/2017 01:09:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (08/24/2017 11:46:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_41694" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (08/24/2017 11:45:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetMsmqActivator" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (08/24/2017 11:45:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetMsmqActivator erreicht.
Error: (08/24/2017 11:45:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetPipeActivator" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (08/24/2017 11:45:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.
Error: (08/24/2017 11:45:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira.ServiceHost erreicht.
Error: (08/24/2017 11:45:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/24/2017 11:45:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/24/2017 11:44:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (08/24/2017 11:43:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMService erreicht.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 1796.33 MB
Summe virtueller Speicher: 7915.86 MB
Verfügbarer virtueller Speicher: 5605.79 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:678.54 GB) (Free:596.99 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 8397C1BA)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=678.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
25.08.2017, 11:06
| #12 |
| /// TB-Ausbilder | Quickshare von linkury Servus, Schritt 1
Schritt 2 Bitte setze deine Brower wie folgt zurück: IE ::: Setze folgendermassen den Internet Explorer zurück:
EDGE ::: Edge zurücksetzen FF ::: Firefox zurücksetzen CHR::: Chrome zurücksetzen OPR:: Opera zurücksetzen Schritt 3 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
25.08.2017, 11:11
| #13 |
| | Quickshare von linkury Hallo Matthias Ich fahre heute in den Urlaub und komme am 5. September wieder Ich werde mich also erst dann wieder melden.:-) Danke für die Hilfe und bis dann:-) |
|
25.08.2017, 12:36
| #14 | |
| /// TB-Ausbilder | Quickshare von linkuryZitat:
 Bis 8. September lasse ich das Thema offen. Wenn du bis dahin nicht angwortest, lösche ich es aus meinen Abos.  Geändert von M-K-D-B (26.08.2017 um 09:39 Uhr) |
|
06.09.2017, 17:29
| #15 |
| | Quickshare von linkury Hallo Matthias ich hoffe du konntest deinen Urlaub genießen :-) Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Pflügl (06-09-2017 14:53:48) Run:1
Gestartet von C:\Users\Pflügl\Desktop
Geladene Profile: Pflügl (Verfügbare Profile: Pflügl & nathalie & Gast & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} - Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} - Keine Datei
FF user.js: detected! => C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js [2013-11-17]
FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nca6gzm3.default -> Sweetpacks Search
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-02] <==== ACHTUNG
CHR NewTab: Default -> Active:"chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx <nicht gefunden>
C:\Windows\SysWOW64\mjcm
C:\Users\Public\AlexaNSISPlugin.6676.dll
Task: {08482869-7638-449B-A5EA-666DC75E2230} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2802C96A-F077-4A17-8011-3294DAF7C369} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3B1331CB-2787-440D-B754-4090BED944E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3B14775C-29A3-477E-9E6C-E263967BD99C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {35F823C9-B2FC-4792-B8D9-3464229D5382} - System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {4ADD35B4-9050-421C-9098-0EEB76AC112D} - System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} - System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {5F7202B8-6B43-46D4-B496-BD78C43A044A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {722FEC1C-89F5-444A-9226-EE14DBE764E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7755D443-2648-4B89-9EA8-EAF190163556} - System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => C:\Windows\system32\pcalua.exe -a C:\Users\Pflügl\AppData\Roaming\Allmyapps\Allmyapps.exe -c uninstall
Task: {800860D9-C124-49BC-93CC-1985C6E97327} - System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {8AD0768E-4A9E-494C-951A-8D6B0158C676} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {D84A16D9-413C-46C6-9768-09EF6339DF29} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {DCAF2E5C-9386-4622-BD13-B534BB0F78A3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile: <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile: <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps Update"
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Schlüssel erfolgreich entfernt
HKLM\Software\Classes\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Schlüssel nicht gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Wert erfolgreich entfernt
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Schlüssel nicht gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} - Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} - Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js => erfolgreich verschoben
FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385 => nicht gefunden
Firefox SelectedSearchEngine erfolgreich entfernt
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ocr@babylon.com => Wert erfolgreich entfernt
C:\Program Files (x86)\mozilla firefox\firefox.cfg => erfolgreich verschoben
Chrome NewTab => erfolgreich entfernt
Chrome DefaultSearchURL => erfolgreich entfernt
Chrome DefaultSearchKeyword => erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj => Schlüssel erfolgreich entfernt
"C:\Windows\SysWOW64\mjcm" => nicht gefunden.
C:\Users\Public\AlexaNSISPlugin.6676.dll => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08482869-7638-449B-A5EA-666DC75E2230} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08482869-7638-449B-A5EA-666DC75E2230} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2802C96A-F077-4A17-8011-3294DAF7C369} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2802C96A-F077-4A17-8011-3294DAF7C369} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B1331CB-2787-440D-B754-4090BED944E1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B1331CB-2787-440D-B754-4090BED944E1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B14775C-29A3-477E-9E6C-E263967BD99C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B14775C-29A3-477E-9E6C-E263967BD99C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35F823C9-B2FC-4792-B8D9-3464229D5382} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35F823C9-B2FC-4792-B8D9-3464229D5382} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4ADD35B4-9050-421C-9098-0EEB76AC112D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ADD35B4-9050-421C-9098-0EEB76AC112D} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{178387A7-AFF9-488C-B358-FF663010DCB9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F7202B8-6B43-46D4-B496-BD78C43A044A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F7202B8-6B43-46D4-B496-BD78C43A044A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{722FEC1C-89F5-444A-9226-EE14DBE764E4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{722FEC1C-89F5-444A-9226-EE14DBE764E4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7755D443-2648-4B89-9EA8-EAF190163556} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7755D443-2648-4B89-9EA8-EAF190163556} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5B827C0-690F-459F-9390-EDD753E6FB01} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{800860D9-C124-49BC-93CC-1985C6E97327} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{800860D9-C124-49BC-93CC-1985C6E97327} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AD0768E-4A9E-494C-951A-8D6B0158C676} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AD0768E-4A9E-494C-951A-8D6B0158C676} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D84A16D9-413C-46C6-9768-09EF6339DF29} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D84A16D9-413C-46C6-9768-09EF6339DF29} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCAF2E5C-9386-4622-BD13-B534BB0F78A3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCAF2E5C-9386-4622-BD13-B534BB0F78A3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Allmyapps => Wert erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Allmyapps => Wert nicht gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Allmyapps Update => Wert erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Allmyapps Update => Wert nicht gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps" => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps Update" => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps" => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps Update" => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
========= dir "%ProgramFiles%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: A4AE-2DE5
Verzeichnis von C:\Program Files
24.08.2017 23:05 <DIR> .
24.08.2017 23:05 <DIR> ..
25.01.2012 21:21 <DIR> Accessory Store
11.01.2017 16:56 <DIR> Babylon
26.12.2013 21:13 <DIR> Broadcom
11.01.2017 00:45 <DIR> Common Files
03.08.2015 07:58 <DIR> DVD Maker
11.01.2017 22:17 <DIR> Elantech
06.11.2013 23:54 <DIR> Google
15.07.2016 14:04 <DIR> HP
27.01.2016 12:48 <DIR> Intel
20.03.2017 15:31 <DIR> Internet Explorer
26.12.2013 21:07 <DIR> Logitech
24.08.2017 23:05 <DIR> Malwarebytes
11.01.2017 00:45 <DIR> Microsoft Games
04.12.2013 18:05 <DIR> Microsoft Office
02.07.2017 22:24 <DIR> Microsoft Silverlight
10.01.2017 23:46 <DIR> MSBuild
07.04.2017 16:49 <DIR> NVIDIA Corporation
11.10.2011 19:02 <DIR> Packard Bell
11.01.2017 00:33 <DIR> Realtek
10.01.2017 23:46 <DIR> Reference Assemblies
09.07.2017 11:37 <DIR> UNP
24.08.2017 16:01 <DIR> Windows Defender
11.08.2011 13:13 <DIR> Windows Live
24.08.2017 16:01 <DIR> Windows Mail
11.01.2017 00:11 <DIR> Windows Media Player
16.07.2016 13:47 <DIR> Windows Multimedia Platform
11.01.2017 13:04 <DIR> Windows NT
24.08.2017 16:01 <DIR> Windows Photo Viewer
16.07.2016 13:47 <DIR> Windows Portable Devices
16.07.2016 13:47 <DIR> WindowsPowerShell
0 Datei(en), 0 Bytes
32 Verzeichnis(se), 639.807.406.080 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: A4AE-2DE5
Verzeichnis von C:\Program Files (x86)
24.08.2017 23:42 <DIR> .
24.08.2017 23:42 <DIR> ..
16.02.2014 22:33 <DIR> Adobe
24.08.2017 23:42 <DIR> Advanced Disk Recovery
09.12.2013 00:35 <DIR> Amazon
26.12.2013 21:14 <DIR> Atheros
31.07.2016 16:25 <DIR> Avira
20.08.2013 21:42 <DIR> bhv
07.10.2014 21:26 <DIR> City Interactive
11.01.2017 00:45 <DIR> Common Files
13.09.2013 19:54 <DIR> concept design
24.08.2017 13:14 <DIR> CyberLink
11.01.2015 22:18 <DIR> DeutschlandsKartenspiele
31.03.2017 16:13 <DIR> eGames
13.09.2013 19:54 <DIR> FRANZIS
11.01.2017 16:59 <DIR> Google
29.08.2015 19:54 <DIR> GUM8F34.tmp
02.02.2016 21:11 <DIR> GUM9C80.tmp
17.05.2015 22:42 <DIR> GUMA86E.tmp
17.05.2015 22:42 6.420.480 GUTA86F.tmp
15.07.2016 13:58 <DIR> Hewlett-Packard
15.07.2016 14:05 <DIR> HP
15.07.2016 14:05 <DIR> HP Photo Creations
20.02.2015 21:11 <DIR> HPH-Software
27.01.2016 12:48 <DIR> Intel
20.03.2017 15:31 <DIR> Internet Explorer
24.08.2017 23:11 <DIR> iolo
04.11.2014 20:58 <DIR> Java
14.04.2015 16:25 <DIR> Jewel Legends - Magical Kingdom
22.11.2013 21:40 <DIR> LAN Speed Test
11.10.2011 18:39 <DIR> Launch Manager
06.08.2012 08:18 <DIR> LibreOffice 3
07.10.2012 19:46 <DIR> LibreOffice 3.5
06.11.2013 23:21 <DIR> Microsoft
04.12.2013 18:04 <DIR> Microsoft Analysis Services
12.11.2014 22:23 <DIR> Microsoft ASP.NET
04.12.2013 18:07 <DIR> Microsoft Office
26.09.2013 08:35 <DIR> Microsoft Research
02.07.2017 22:24 <DIR> Microsoft Silverlight
04.12.2013 18:07 <DIR> Microsoft SQL Server Compact Edition
04.12.2013 18:07 <DIR> Microsoft Sync Framework
04.12.2013 18:07 <DIR> Microsoft Synchronization Services
04.12.2013 18:05 <DIR> Microsoft Visual Studio 8
11.01.2017 00:45 <DIR> Microsoft.NET
06.09.2017 14:54 <DIR> Mozilla Firefox
24.08.2017 13:52 <DIR> Mozilla Maintenance Service
11.01.2017 00:56 <DIR> MSBuild
15.11.2012 19:56 <DIR> MSECache
28.01.2012 01:07 <DIR> MSXML 4.0
20.08.2013 22:08 <DIR> MumboJumbo
24.06.2013 21:30 <DIR> MyHeritage
03.07.2014 17:36 <DIR> MyMenu
11.08.2011 13:24 <DIR> Nero
07.04.2017 16:49 <DIR> NVIDIA Corporation
20.08.2012 00:44 <DIR> OLYMPUS
06.11.2013 23:34 <DIR> OpenOffice.org 3
11.08.2011 13:33 <DIR> Packard Bell
07.05.2013 20:44 <DIR> Philips
11.10.2011 18:45 <DIR> Realtek
10.01.2017 23:46 <DIR> Reference Assemblies
31.03.2017 14:05 <DIR> REINER SCT
08.11.2014 22:54 <DIR> Romm‚ 1
26.12.2013 21:37 <DIR> S.A.D
07.11.2012 21:02 <DIR> Samsung
06.08.2012 08:01 <DIR> Secunia
11.10.2011 18:53 <DIR> Social Networks
31.03.2015 23:57 <DIR> Spiele fuer Win8
11.08.2011 13:28 <DIR> SymSilent
30.09.2012 07:04 <DIR> TraXEx
11.10.2011 19:02 <DIR> Video Web Camera
15.11.2012 21:12 <DIR> VideoLAN
17.02.2017 21:56 <DIR> VulkanRT
24.08.2017 16:01 <DIR> Windows Defender
11.08.2011 13:19 <DIR> Windows Live
20.03.2017 15:31 <DIR> Windows Mail
11.01.2017 00:11 <DIR> Windows Media Player
16.07.2016 13:47 <DIR> Windows Multimedia Platform
16.07.2016 13:47 <DIR> Windows NT
24.08.2017 16:01 <DIR> Windows Photo Viewer
16.07.2016 13:47 <DIR> Windows Portable Devices
16.07.2016 13:47 <DIR> WindowsPowerShell
23.03.2016 21:59 <DIR> Woodcutter Simulator 2011
07.01.2016 19:08 <DIR> XMedia Recode
1 Datei(en), 6.420.480 Bytes
82 Verzeichnis(se), 639.807.344.640 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: A4AE-2DE5
Verzeichnis von C:\ProgramData
27.04.2014 20:49 <DIR> Adobe
15.07.2016 14:04 57 Ament.ini
13.03.2016 22:15 <DIR> Apple
14.08.2012 07:20 <DIR> Apple Computer
31.07.2016 16:25 <DIR> Avira
11.08.2011 13:11 <DIR> CLSK
16.07.2016 13:47 <DIR> Comms
16.08.2012 08:41 <DIR> COMPUTERBILD-Abzockschutz Premium
26.01.2012 00:20 <DIR> CyberLink
06.06.2013 21:09 <DIR> DesktopIcons
08.07.2014 17:47 <DIR> DriverGenius
07.07.2012 12:29 <DIR> FloodLightGames
31.07.2016 16:39 <DIR> Hewlett-Packard
06.12.2012 14:08 <DIR> HP
15.07.2016 14:05 <DIR> HP Photo Creations
20.02.2015 21:11 <DIR> HPH-Software
03.11.2013 23:06 <DIR> install_clap
11.10.2011 18:33 <DIR> Intel
24.08.2017 23:41 <DIR> iolo
26.12.2013 21:09 <DIR> Logishrd
26.12.2013 21:09 <DIR> Logitech
24.08.2017 23:05 <DIR> Malwarebytes
26.01.2012 22:29 <DIR> McAfee
03.08.2017 08:53 <DIR> Microsoft Help
11.01.2017 16:36 <DIR> Microsoft OneDrive
06.08.2012 10:02 <DIR> Mozilla
16.10.2013 18:25 <DIR> MumboJumbo
11.08.2011 13:24 <DIR> Nero
04.08.2012 12:14 <DIR> Norton
11.08.2011 13:28 <DIR> NortonInstaller
06.09.2017 14:54 <DIR> NVIDIA
07.04.2017 16:51 <DIR> NVIDIA Corporation
25.01.2012 21:22 <DIR> oem
04.11.2014 20:58 <DIR> Oracle
06.10.2014 18:38 <DIR> Origin
24.08.2017 19:45 <DIR> Package Cache
11.08.2011 13:12 <DIR> Packard Bell
26.12.2013 20:14 <DIR> Qualcomm Atheros
11.01.2017 00:56 <DIR> regid.1986-12.com.adobe
11.01.2017 00:53 <DIR> regid.1991-06.com.microsoft
31.03.2017 14:05 <DIR> REINER SCT
07.11.2012 21:01 <DIR> Samsung
24.12.2014 19:08 <DIR> Skype
16.07.2016 13:47 <DIR> SoftwareDistribution
03.02.2012 21:57 <DIR> Sun
13.06.2012 17:13 <DIR> Temp
11.01.2017 16:55 <DIR> TuneUp Software
11.01.2017 13:40 <DIR> USOPrivate
11.01.2017 13:40 <DIR> USOShared
14.02.2012 00:21 <DIR> VirtualizedApplications
15.07.2016 14:05 <DIR> Visan
11.07.2012 16:33 <DIR> Wild Tangent
23.01.2014 23:34 <DIR> WildTangent
1 Datei(en), 57 Bytes
52 Verzeichnis(se), 639.807.209.472 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: A4AE-2DE5
Verzeichnis von C:\Users\Pflgl\AppData\Roaming
24.08.2017 23:11 <DIR> .
24.08.2017 23:11 <DIR> ..
29.09.2012 10:56 <DIR> Abelssoft
07.11.2013 00:37 <DIR> Absolute Romm‚
24.11.2015 10:28 <DIR> Adobe
16.08.2012 04:29 <DIR> Apple Computer
08.04.2015 17:50 <DIR> Avira
04.02.2014 18:25 <DIR> Birdie Shoot 2
04.09.2013 04:27 <DIR> chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
13.09.2013 19:56 <DIR> concept design
26.01.2012 00:20 <DIR> CyberLink
04.02.2014 19:53 <DIR> Dr. Brain Nonogram
04.02.2014 18:00 <DIR> Dr. Tool Logiktrainer
15.11.2012 21:14 <DIR> dvdcss
21.05.2014 01:24 <DIR> DVDVideoSoft
13.09.2013 19:56 <DIR> Franzis
02.07.2017 23:02 <DIR> Hewlett-Packard
14.12.2016 12:49 <DIR> HpUpdate
25.01.2012 21:22 <DIR> Identities
07.05.2013 20:43 <DIR> InstallShield
26.12.2013 20:13 <DIR> Intel Corporation
26.12.2013 21:09 <DIR> Leadertech
04.08.2012 10:25 <DIR> LibreOffice
26.12.2013 21:07 <DIR> Logishrd
26.12.2013 21:09 <DIR> Logitech
11.10.2011 18:58 <DIR> Macromedia
28.03.2013 10:12 <DIR> Maxthon3
21.11.2010 09:16 <DIR> Media Center Programs
15.10.2013 19:55 <DIR> Media Player Classic
14.04.2015 16:25 <DIR> Mind Elevator Games
26.01.2012 22:13 <DIR> Mozilla
28.08.2013 20:51 <DIR> MumboJumbo
26.08.2015 22:10 <DIR> Nero
13.02.2012 17:07 <DIR> OpenOffice.org
25.09.2013 17:05 <DIR> Opera
11.01.2017 16:54 <DIR> PhotoScape
20.07.2013 22:45 <DIR> SAD-Office-Vorlagen
20.07.2013 22:42 <DIR> SAD-Shared
30.08.2016 22:40 <DIR> Skype
22.02.2012 18:37 <DIR> SNS
02.09.2013 10:04 <DIR> SoftGrid Client
27.05.2014 21:21 <DIR> The Legend Of Egypt
22.11.2013 21:40 <DIR> Totusoft
13.02.2012 17:19 <DIR> TP
21.07.2013 18:59 <DIR> TuneUp Software
13.09.2013 19:54 17.740 unins000.dat
13.09.2013 19:54 13.844 unins000.msg
17.12.2016 22:23 <DIR> vlc
18.07.2014 23:20 106 WB.CFG
09.03.2013 14:57 <DIR> WebCompiler2
23.01.2014 23:34 <DIR> WildTangent
17.09.2012 09:30 <DIR> Windows Live Writer
27.09.2012 03:53 <DIR> WinRAR
07.01.2016 19:27 <DIR> XMedia Recode
3 Datei(en), 31.690 Bytes
51 Verzeichnis(se), 639.807.152.128 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: A4AE-2DE5
Verzeichnis von C:\Users\Pflgl\AppData\Local
24.08.2017 23:11 <DIR> .
24.08.2017 23:11 <DIR> ..
29.09.2012 10:56 <DIR> Abelssoft
27.01.2016 21:25 <DIR> ActiveSync
03.05.2017 20:25 <DIR> Adobe
16.02.2014 22:34 <DIR> Adobe_Systems_Incorporate
23.03.2013 22:25 <DIR> Amazon
14.08.2012 07:19 <DIR> Apple
14.08.2012 07:21 <DIR> Apple Computer
15.08.2012 19:30 <DIR> Apps
14.09.2013 21:51 <DIR> avgchrome
11.01.2017 17:25 <DIR> CEF
11.01.2017 17:25 <DIR> Chromium
05.08.2015 22:28 <DIR> Comms
24.08.2017 14:28 <DIR> CrashDumps
03.02.2014 12:27 <DIR> CrashRpt
01.05.2014 15:59 <DIR> Cyberlink
07.05.2017 23:54 <DIR> Diagnostics
14.10.2013 17:59 <DIR> Downloaded Installations
31.08.2016 18:45 <DIR> ElevatedDiagnostics
30.12.2014 18:36 126.832 GDIPFONTCACHEV1.DAT
01.04.2015 17:47 <DIR> Google
06.06.2015 00:02 <DIR> GWX
15.07.2016 14:00 <DIR> Hewlett-Packard
06.12.2012 13:32 <DIR> HP
06.08.2012 08:53 <DIR> Macromedia
11.01.2017 22:04 <DIR> Microsoft
09.06.2012 01:33 <DIR> Microsoft Help
20.04.2016 12:06 <DIR> MicrosoftEdge
26.09.2013 08:39 <DIR> Microsoft_Research
27.10.2013 09:41 <DIR> Mozilla
20.08.2013 22:09 <DIR> MumboJumbo
06.12.2012 17:46 <DIR> Nero_AG
03.08.2015 10:39 <DIR> NetworkTiles
11.01.2017 17:31 <DIR> NVIDIA
12.01.2017 19:55 <DIR> NVIDIA Corporation
20.07.2012 23:00 <DIR> OLYMPUS
11.05.2017 19:32 <DIR> Packages
21.06.2013 18:28 <DIR> Programs
03.08.2015 10:19 <DIR> Publishers
06.08.2012 08:01 <DIR> Secunia PSI
13.02.2012 17:19 <DIR> SoftGrid Client
23.04.2015 22:53 <DIR> SWDS
06.09.2017 14:54 <DIR> Temp
03.02.2014 22:34 <DIR> TempDIR
03.08.2015 10:18 <DIR> TileDataLayer
09.07.2017 11:45 <DIR> UNP
22.09.2013 18:20 <DIR> VirtualStore
06.10.2014 00:04 <DIR> Windows Live
06.04.2013 16:46 <DIR> Windows Live Writer
02.02.2012 02:04 <DIR> {01628B2C-FB9A-467D-8466-047FB7A66D07}
09.09.2016 11:52 <DIR> {0A7781E6-9833-459D-B77F-F0B73D3F0ACA}
20.07.2012 23:10 <DIR> {0AAD0657-44A6-40EA-A26F-520F44A69132}
02.03.2013 20:21 <DIR> {0F0F3318-BE9E-41B5-94D3-CD2C6415FA3B}
16.09.2012 09:17 <DIR> {1347F0F8-23A3-4D1C-84DC-6AE2D882C1B9}
05.09.2012 05:32 <DIR> {1431BE7B-A40C-476C-A7A0-CA9F78D619AC}
20.07.2012 21:55 <DIR> {1ACF9E8C-63F5-43E4-8505-F3DAA33C2114}
08.02.2016 21:16 <DIR> {26FC1506-1ACE-4F98-9C2F-CC1B3878E8F2}
03.04.2016 11:26 <DIR> {2A19937B-1979-4DDA-A384-432286E8439E}
01.06.2016 11:16 <DIR> {2B98E61D-6780-441A-A2F0-36A3CE939500}
29.01.2013 22:25 <DIR> {2EA348EB-15D3-43B4-93F2-E036FF7E7483}
11.09.2016 12:17 <DIR> {2F9F1539-5723-4F8A-9407-E07D66B09281}
16.01.2013 22:21 <DIR> {329D67ED-A66F-4E5E-A6A9-44B42C31958D}
28.12.2014 18:59 <DIR> {33025E21-82AD-4D75-A277-DFD5FDCA4607}
17.09.2012 09:30 <DIR> {3441B3C1-B57D-4C41-A58C-B7F28962E120}
04.02.2012 18:56 <DIR> {38C56E93-4932-49BB-A46A-D8422157D130}
05.08.2015 23:02 <DIR> {39923D35-538C-4E18-8E8A-635BD147CE89}
22.07.2012 00:49 <DIR> {3AE150ED-F499-494B-B607-73C3A964E02B}
31.08.2012 17:58 <DIR> {3D747B48-D9C9-4C15-B5A6-AF8DDD274ECB}
21.07.2012 00:42 <DIR> {3DE01258-3A3D-4A5C-9390-00AEE985689D}
01.07.2016 11:56 <DIR> {430C2BBF-C37C-49F1-B317-92366084A328}
05.08.2012 10:53 <DIR> {4A4C62C6-86D6-4667-8F2B-3FE9E4B0E6F2}
20.07.2012 21:34 <DIR> {50823A4B-B54C-4816-9203-01E8C5CDDA9B}
06.04.2013 16:25 <DIR> {539A51AC-1DE1-4F29-9BA4-3059FB4CBEC3}
21.09.2012 09:58 <DIR> {5860283C-5324-4AD9-B849-C4ACBFBB22B2}
13.03.2016 22:06 <DIR> {5A17D495-9267-4B7B-A7FA-8C2C065AE112}
05.08.2012 11:01 <DIR> {5CAE4ED5-162C-4C4B-9DD0-A2AC6BCE33DB}
11.05.2016 22:22 <DIR> {5D04E2AE-B780-440D-93CE-EEF624C2962C}
19.09.2012 06:18 <DIR> {60084747-9278-468B-8C30-BC6AFB2F0090}
01.09.2012 19:04 <DIR> {64706D49-232C-4A41-B680-71CFBBBE8A65}
20.06.2012 02:22 <DIR> {652BE9A5-FA0B-4BAB-82C0-B02D7BDF8D8E}
16.08.2012 18:46 <DIR> {6D72F2CE-6BD4-4065-AA13-A842434514E4}
21.01.2013 19:18 <DIR> {73C4C812-6816-4D1D-AFED-822B19581A36}
11.03.2013 12:29 <DIR> {7860A353-6685-4376-BE44-9F6F12494811}
07.10.2012 16:57 <DIR> {7F078D1A-B003-442C-BE66-59F682093F3B}
08.06.2016 22:30 <DIR> {831F4407-6A5F-4C1A-8EAB-8ADAD86F76CF}
05.08.2012 10:48 <DIR> {85E68664-6B36-41C7-B7F4-993C36A1A43E}
20.07.2012 23:09 <DIR> {89563F5A-C50E-462B-BA9A-39112BA3AA08}
02.02.2012 02:03 <DIR> {8A220DD2-189C-464E-A09B-D18CAD743DE6}
22.07.2012 02:39 <DIR> {8A5C3E48-300E-40CD-B27E-0E722870E645}
27.09.2012 04:02 <DIR> {9C2BF2BF-04D9-420F-AE78-768A6712987C}
22.07.2012 00:47 <DIR> {9CADA1E3-5B48-401A-8DAA-07BF8A902297}
04.02.2012 18:56 <DIR> {9D041E83-A431-47D9-A329-5E852A088637}
20.07.2012 22:27 <DIR> {9EF5012F-32F4-42E4-8B43-EBBE5152FAE0}
30.05.2013 16:49 <DIR> {A1E5E119-AB1F-486D-A625-05A0FFD63810}
20.07.2012 23:10 <DIR> {A5584890-092D-4DC7-8C89-B2D802576581}
21.02.2013 22:27 <DIR> {A62DAE46-1AA8-4E5B-82F8-D03D61221AD3}
01.09.2016 00:42 <DIR> {B86B0B90-93E4-46FE-B095-7F56F68A540F}
03.09.2012 22:11 <DIR> {C3868DC7-CF27-43C3-BF71-F6AED4A67635}
03.04.2016 23:30 <DIR> {C713F4EC-EA48-497D-9BBC-B10A10B208AE}
01.07.2016 11:54 <DIR> {CB0A53AD-B3F3-4F50-A38B-1C606431DA22}
21.10.2016 10:52 <DIR> {D2FA332A-6759-4B1F-A1D8-79C8D1F5712D}
02.04.2013 05:46 <DIR> {D60A7ADC-CC47-4FDC-98E4-0F83D1B0A95C}
14.06.2016 12:19 <DIR> {DA971D9C-89ED-4C58-B4F3-015EED6E9311}
03.02.2016 22:23 <DIR> {E084CCF6-3885-40C7-9593-A36D797F5ACC}
02.02.2012 02:03 <DIR> {E0DF5867-2F33-446F-9389-8080B53AD766}
20.07.2012 21:36 <DIR> {EB9C46E3-A6D7-4B0E-B5AE-09A7AA502B92}
28.09.2012 18:31 <DIR> {F75238AA-82F3-4BEC-AE05-87EDD742CC16}
16.08.2012 18:43 <DIR> {FDA26DB6-4872-45E0-A020-95F24150F61B}
20.07.2012 21:39 <DIR> {FDF15750-0CD7-49D3-9682-571A44CB46EE}
1 Datei(en), 126.832 Bytes
109 Verzeichnis(se), 639.807.078.400 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: A4AE-2DE5
Verzeichnis von C:\Program Files (x86)\Common Files
11.01.2017 00:45 <DIR> .
11.01.2017 00:45 <DIR> ..
16.01.2013 23:14 <DIR> Adobe
20.10.2014 12:40 <DIR> Adobe AIR
14.05.2014 21:48 <DIR> DESIGNER
27.12.2013 05:20 <DIR> InstallShield
27.12.2013 05:20 <DIR> Intel
26.12.2013 20:13 <DIR> Intel Corporation
26.12.2013 21:09 <DIR> LogiShrd
11.01.2017 00:45 <DIR> Microsoft Shared
11.08.2011 13:24 <DIR> Nero
11.10.2011 18:46 <DIR> postureAgent
11.10.2011 18:59 <DIR> PX Storage Engine
16.07.2016 13:47 <DIR> Services
11.10.2011 18:53 <DIR> Sonic Shared
11.01.2017 00:45 <DIR> SpeechEngines
04.08.2012 12:13 <DIR> Symantec Shared
12.04.2017 23:10 <DIR> System
11.08.2011 13:13 <DIR> Windows Live
23.03.2016 10:53 <DIR> Wise Installation Wizard
0 Datei(en), 0 Bytes
20 Verzeichnis(se), 639.807.021.056 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: A4AE-2DE5
Verzeichnis von C:\Program Files\Common Files
11.01.2017 00:45 <DIR> .
11.01.2017 00:45 <DIR> ..
27.12.2013 05:20 <DIR> Intel
26.12.2013 21:08 <DIR> LogiShrd
11.01.2017 00:45 <DIR> microsoft shared
16.07.2016 13:47 <DIR> Services
11.01.2017 00:45 <DIR> SpeechEngines
24.08.2017 16:01 <DIR> System
0 Datei(en), 0 Bytes
8 Verzeichnis(se), 639.806.967.808 Bytes frei
========= Ende von CMD: =========
========= dir "%UserProfile%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: A4AE-2DE5
Verzeichnis von C:\Users\Pflgl
24.08.2017 20:42 <DIR> .
24.08.2017 20:42 <DIR> ..
24.08.2017 16:40 <DIR> Contacts
06.09.2017 14:53 <DIR> Desktop
27.08.2017 19:59 <DIR> Documents
24.08.2017 23:42 <DIR> Downloads
24.08.2017 16:40 <DIR> Favorites
26.12.2013 20:11 <DIR> Intel
24.08.2017 16:40 <DIR> Links
23.04.2016 19:30 <DIR> Mozilla
24.08.2017 16:40 <DIR> Music
11.01.2017 16:59 <DIR> OneDrive
27.08.2017 21:58 <DIR> Pictures
24.08.2017 16:40 <DIR> Saved Games
24.08.2017 16:40 <DIR> Searches
20.07.2012 17:09 3.098.066 Studioline_Regensburg 016.jpg
29.01.2013 22:43 <DIR> Tracing
06.09.2017 14:41 <DIR> Videos
1 Datei(en), 3.098.066 Bytes
17 Verzeichnis(se), 639.806.889.984 Bytes frei
========= Ende von CMD: =========
========= dir "C:\" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: A4AE-2DE5
Verzeichnis von C:\
27.10.2015 22:01 <DIR> $SysReset
05.09.2017 09:55 <DIR> AdwCleaner
04.12.2013 20:36 <DIR> book
07.11.2007 08:00 17.734 eula.1028.txt
28.12.2007 00:24 15.428 eula.1031.txt
07.11.2007 08:00 10.134 eula.1033.txt
07.11.2007 08:00 17.734 eula.1036.txt
07.11.2007 08:00 17.734 eula.1040.txt
07.11.2007 08:00 118 eula.1041.txt
07.11.2007 08:00 17.734 eula.1042.txt
07.11.2007 08:00 17.734 eula.2052.txt
07.11.2007 08:00 17.734 eula.3082.txt
06.09.2017 14:55 <DIR> FRST
28.12.2007 00:24 1.110 globdata.ini
10.01.2017 23:46 <DIR> inetpub
28.12.2007 00:24 562.688 install.exe
28.12.2007 00:24 843 install.ini
07.11.2007 08:03 76.304 install.res.1028.dll
28.12.2007 00:37 96.272 install.res.1031.dll
07.11.2007 08:03 91.152 install.res.1033.dll
07.11.2007 08:03 97.296 install.res.1036.dll
07.11.2007 08:03 95.248 install.res.1040.dll
07.11.2007 08:03 81.424 install.res.1041.dll
07.11.2007 08:03 79.888 install.res.1042.dll
07.11.2007 08:03 75.792 install.res.2052.dll
07.11.2007 08:03 96.272 install.res.3082.dll
11.01.2017 00:32 <DIR> Intel
16.05.2013 21:51 <DIR> output
16.07.2016 13:47 <DIR> PerfLogs
24.08.2017 23:05 <DIR> Program Files
24.08.2017 23:42 <DIR> Program Files (x86)
15.10.2013 19:50 287 SetSearchAndHomepageInBrowserLog.txt
24.08.2017 17:00 75.392 TDSSKiller.3.1.0.15_24.08.2017_16.54.01_log.txt
17.02.2017 21:56 <DIR> temp
24.08.2017 14:10 <DIR> Users
28.12.2007 00:24 5.686 vcredist.bmp
28.12.2007 00:48 1.442.522 VC_RED.cab
28.12.2007 00:51 234.496 VC_RED.MSI
24.08.2017 23:55 <DIR> Windows
26.01.2017 21:15 <DIR> Windows.old
26 Datei(en), 3.244.756 Bytes
14 Verzeichnis(se), 639.806.701.568 Bytes frei
========= Ende von CMD: =========
================== ExportKey: ===================
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]
=== Ende von ExportKey ===
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 289374849 B
Java, Flash, Steam htmlcache => 681 B
Windows/system/drivers => 40982847 B
Edge => 19453 B
Chrome => 8526401 B
Firefox => 275151966 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 72420 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 1830696 B
NetworkService => 4360 B
Pflügl => 328570444 B
nathalie.Pflügl-PC => 527951 B
Gast => 544953 B
DefaultAppPool => 39250 B
RecycleBin => 29236615 B
EmptyTemp: => 929.8 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 14:57:14 ====
Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 16:28 on 06/09/2017 by Pflügl
Administrator - Elevation successful
========== regfind ==========
Searching for "iLivid"
No data found.
Searching for "jmdp"
No data found.
Searching for "ljkb"
No data found.
Searching for "Search Results"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\OpenContainingFolderHiddenList]
"Start menu search results for Control Panel"="::{26EE0668-A00A-44D7-9371-BEB064C98683}\0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\OpenContainingFolderHiddenList]
"Start menu search results for Control Panel"="::{26EE0668-A00A-44D7-9371-BEB064C98683}\0"
Searching for "SimplyTech"
No data found.
Searching for "Windows Net Data"
No data found.
Searching for "Toolbar4"
No data found.
Searching for "WNLT"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\WNLT]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\WNLT]
Searching for "tprb"
No data found.
Searching for "Allin1Convert"
No data found.
Searching for "SaveSense"
No data found.
Searching for "Iminent"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"iexplore homepages"="hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&si=flvrunner hxxp://search.iminent.com/?appid=418165f6-4c64-49cd-8d32-1d41005c1070 hxxp://google.de/ hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"firefox homepages"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944 hxxp://search.iminent.com/?appId=418165f6-4c64-49cd-8d32-1d41005c1070&ref=homepage hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"iexplore homepages"="hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&si=flvrunner hxxp://www.firetab.org/?type=ds3nt hxxp://search.iminent.com/?appid=418165f6-4c64-49cd-8d32-1d41005c1070 hxxp://www.firetab.org/?type=ds3hp hxxp://google.de/ hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"firefox homepages"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944 hxxp://search.iminent.com/?appId=418165f6-4c64-49cd-8d32-1d41005c1070&ref=homepage hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\TBSB01620\Toolbar]
"toolbar_version"="IMinent Toolbar 1.0.256"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\54e17962_0]
@="{0.0.0.00000000}.{313a4c54-825e-4e86-b563-414128ed714b}|\Device\HarddiskVolume3\Users\Pflügl\Desktop\IminentSetup_2-KFRPtAWP-1_.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"iexplore homepages"="hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&si=flvrunner hxxp://search.iminent.com/?appid=418165f6-4c64-49cd-8d32-1d41005c1070 hxxp://google.de/ hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"firefox homepages"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944 hxxp://search.iminent.com/?appId=418165f6-4c64-49cd-8d32-1d41005c1070&ref=homepage hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"iexplore homepages"="hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&si=flvrunner hxxp://www.firetab.org/?type=ds3nt hxxp://search.iminent.com/?appid=418165f6-4c64-49cd-8d32-1d41005c1070 hxxp://www.firetab.org/?type=ds3hp hxxp://google.de/ hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"firefox homepages"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944 hxxp://search.iminent.com/?appId=418165f6-4c64-49cd-8d32-1d41005c1070&ref=homepage hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\TBSB01620\Toolbar]
"toolbar_version"="IMinent Toolbar 1.0.256"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\54e17962_0]
@="{0.0.0.00000000}.{313a4c54-825e-4e86-b563-414128ed714b}|\Device\HarddiskVolume3\Users\Pflügl\Desktop\IminentSetup_2-KFRPtAWP-1_.exe%b{00000000-0000-0000-0000-000000000000}"
Searching for "Tarma Installer"
No data found.
Searching for "Inbox Toolbar"
No data found.
Searching for "SpecialSavings"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\specialsavings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B22160E7-B239-4dfd-942D-C0032C4FBEF0}]
"AppPath"="C:\Program Files (x86)\specialsavings"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\specialsavings]
Searching for "DriverTurbo"
No data found.
Searching for "OpenCandy"
No data found.
Searching for "Softonic"
No data found.
Searching for "DNSErrorHelper"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\DNSErrorHelper]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\DNSErrorHelper]
Searching for "Systweak"
No data found.
Searching for "Allmyapps"
No data found.
Searching for "Smartbar"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\58F068FA3A4582A478B9FBE9E6237567\SourceList]
"LastUsedSource"="n;1;C:\Users\Pflügl\AppData\Local\Temp\Smartbar\d6e4d9fa-e316-4a0b-a6cf-253169a3bcb8\"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\58F068FA3A4582A478B9FBE9E6237567\SourceList\Net]
"1"="C:\Users\Pflügl\AppData\Local\Temp\Smartbar\d6e4d9fa-e316-4a0b-a6cf-253169a3bcb8\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\016A7206F164D5243BE66200904CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\016A7206F164D5243BE662E09C4CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\0B394BFA95E9CAE4FBB27DB664DCBD0E]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\0B51AA2BED003754EB928BEF1B2E8A42]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\0B6A7206F164D5243BE662E09C4CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\116A7206F164D5243BE662E09C4CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\216A7206F164D5243BE66288984CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\216A7206F164D5243BE662E09C4CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\2E35213FD461DD045869F4E01B62B2BE]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\33592FD0CF5A7AA4A8F106EB69B9A0D7]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\40623894481B5D040B0F8C26B6D7A878]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\43F238B8E12237E46A4AFF0CB31E2ECC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\4CD231EF64D076744824027B43D7B1AD]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\55D0E21DCD38B8E40BA0517C0D9CCCE0]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\649A52D257CA5DB4EAAE8BA9EB23E467]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\93D6CC2FC9612424E87EB7375E2FC46C]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB73868888]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB73D61A81]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB73D68A18]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB73D68A82]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB73D6BA21]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB88D68A82]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A81EB88D68A81]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\A143CF598A8430D4BB0E71700E8C09C5]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\A805D820868346044B5BDD92EB6CA6C3]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\A9AB3AEAE939E984293B9178134BD540]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\BBB8D37874E1A0946834CDB33A9FC4C5]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\C4FE6082BC8553B4B91EC0FE408D71DA]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\CA86D8ADF7525524299E35592473F71A]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\CA86D8ADF7525524299E35592473F72A]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\CA86D8ADF7525524299E35592473F73A]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\D0386F2D6FEAFBC45BFCAFE158BF5064]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\D40B7F324393F624DACA80C397004DA1]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\DF0B7F324F93FE24DBCA80C397004DF2]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E13864C95DCE91247A4435FFDA762754]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E2647758E1ED7134F8C4259CC51A2AA8]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E5ADE64D843807D4997A4AFC96B78EF1]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E5ADE64D843807D4997A4AFC96B78EF2]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E5ADE64D843807D4997A4AFC96B78EF3]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E5ADE64D843807D4997A4AFC96B78EF4]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E5ADE64D843807D4997A4AFC96B78EF5]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Products\58F068FA3A4582A478B9FBE9E6237567\InstallProperties]
"InstallSource"="C:\Users\Pflügl\AppData\Local\Temp\Smartbar\d6e4d9fa-e316-4a0b-a6cf-253169a3bcb8\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Environment]
"Path"="C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Internet Explorer;C:\Users\Pflügl\AppData\Local\Smartbar\Application\;C:\Program Files (x86)\Internet Explorer;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment]
"Path"="C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Internet Explorer;C:\Users\Pflügl\AppData\Local\Smartbar\Application\;C:\Program Files (x86)\Internet Explorer;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Installer\Products\58F068FA3A4582A478B9FBE9E6237567\SourceList]
"LastUsedSource"="n;1;C:\Users\Pflügl\AppData\Local\Temp\Smartbar\d6e4d9fa-e316-4a0b-a6cf-253169a3bcb8\"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Installer\Products\58F068FA3A4582A478B9FBE9E6237567\SourceList\Net]
"1"="C:\Users\Pflügl\AppData\Local\Temp\Smartbar\d6e4d9fa-e316-4a0b-a6cf-253169a3bcb8\"
Searching for "Mysearchdial"
No data found.
Searching for "FoxTab"
No data found.
Searching for "Browser Updater"
No data found.
Searching for "MyStart Search"
No data found.
Searching for "ask-search"
No data found.
Searching for "bprotector"
No data found.
Searching for "MySearchDial"
No data found.
Searching for "BrowserDefendert"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]
"serviceName"="BrowserDefendert"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]
"serviceName"="BrowserDefendert"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]
"serviceName"="BrowserDefendert"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]
"serviceName"="BrowserDefendert"
Searching for "DealPly"
No data found.
Searching for "omiga-plus"
No data found.
Searching for "distromatic"
No data found.
Searching for "SweetIM"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\SweetIM]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\SweetIM]
Searching for "ProtectedSearch"
No data found.
Searching for "incredibar"
No data found.
Searching for "Babylon"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"chrome search engines"="Search the web (Babylon) Delta Search Amazon Web"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"SpXmlFN"="babylon.xml"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"chrome search engines"="Search the web (Babylon) Delta Search Amazon Wikipedia (de) Search Google golsearch.com Web"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"SpXmlFN"="babylon.xml"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"prdct"="BabylonToolbar"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"prtnrid"="BabylonToolbar"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"tlbrsrchurl"="http%3A%2F%2Fsearch%2Ebabylon%2Ecom%2F%3Fbabsrc%3DTB%5Fdef%26mntrId%3Da4ae2de500000000000074de2b60baf1%26q%3D"
[HKEY_CURRENT_USER\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\Instl]
"InstallDir"="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\BabylonHelper.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd\CurVer]
@="Babylon.dskBnd.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\AppID\BabylonHelper.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\AppID\BabylonHelper.EXE]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"chrome search engines"="Search the web (Babylon) Delta Search Amazon Web"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"SpXmlFN"="babylon.xml"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"chrome search engines"="Search the web (Babylon) Delta Search Amazon Wikipedia (de) Search Google golsearch.com Web"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"SpXmlFN"="babylon.xml"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"prdct"="BabylonToolbar"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"prtnrid"="BabylonToolbar"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"tlbrsrchurl"="http%3A%2F%2Fsearch%2Ebabylon%2Ecom%2F%3Fbabsrc%3DTB%5Fdef%26mntrId%3Da4ae2de500000000000074de2b60baf1%26q%3D"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\Instl]
"InstallDir"="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\Instl]
"InstallDir"="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2"
Searching for "AskPartnerNetwork"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AskPartnerNetwork]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AskPartnerNetwork]
Searching for "InstallCore"
No data found.
Searching for "Advanced Disk Recovery"
No data found.
-= EOF =-
|
|
| Themen zu Quickshare von linkury |
| avira, deinstallations, gefunde, gemerkt, google, googlen, handel, hierbei, installiere, installieren, kästchen, laptop, linkury, löschen, meinem, namens, programm, quickshare, spuren, super, systems, systemsteuerung, typische, verbannen, virus, würde |
Linear-Darstellung
