Hier die Additon.txt Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-10-2017
durchgeführt von ciaN (25-10-2017 17:19:07)
Gestartet von C:\Users\ciaN\Downloads
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-20 09:05:28)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2588828499-552018050-3454161459-500 - Administrator - Disabled)
ciaN (S-1-5-21-2588828499-552018050-3454161459-1000 - Administrator - Enabled) => C:\Users\ciaN
DefaultAccount (S-1-5-21-2588828499-552018050-3454161459-503 - Limited - Disabled)
Gast (S-1-5-21-2588828499-552018050-3454161459-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 388.00 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6452 - CDBurnerXP)
CPUID CPU-Z MSI 1.72.1 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.72.1 - CPUID, Inc.)
CrossFire NA (HKLM-x32\...\CrossFire_is1) (Version: - Z8Games.com)
DAoC Portal (HKLM-x32\...\{EC9359B3-2548-4DB1-B322-6D71A17501F9}) (Version: 2.8.2 - Dawn of Light)
Dark Age of Camelot (HKLM-x32\...\Dark Age of Camelot) (Version: - Electronic Arts)
DayZLauncher version 0.0.2.1 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4E6CFD40DF}_is1) (Version: 0.0.2.1 - Maca134)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Direct3D11 Renderer for Gothic (HKLM-x32\...\Direct3D11 Renderer for Gothic) (Version: X17.4 - Andre Taulien)
Direct3D11 Renderer für Gothic 2 DNDR (HKLM-x32\...\Direct3D11 Renderer für Gothic 2 DNDR) (Version: X14.1 - Andre Taulien)
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
Easy Setting Box (HKLM-x32\...\{7E750925-00C9-4B23-A1E8-BBFC0955CFD8}) (Version: 1.0.00 - Samsung)
Epic Games Launcher (HKLM-x32\...\{8E1A1C2C-1619-4D51-A7D0-CEB24078BB8D}) (Version: 1.1.123.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Freddy's Texture Patch BETA (HKU\S-1-5-21-2588828499-552018050-3454161459-1000\...\Gothic Texture Patch - Freddy) (Version: 0.52 - Fred Metger)
Freddy's Texture Patch BETA (HKU\S-1-5-21-2588828499-552018050-3454161459-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10252017165834078\...\Gothic Texture Patch - Freddy) (Version: 0.52 - Fred Metger)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.82.511 - Digital Wave Ltd)
Free M4a to MP3 Converter 9.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
GameRanger (HKU\S-1-5-21-2588828499-552018050-3454161459-1000\...\GameRanger) (Version: - GameRanger Technologies)
GameRanger (HKU\S-1-5-21-2588828499-552018050-3454161459-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10252017165834078\...\GameRanger) (Version: - GameRanger Technologies)
Genesis version Patch (HKLM-x32\...\{9db86e9a-0b05-4202-a76c-5a795f698408}_is1) (Version: Patch - Pawel D. alias Laplume for Genesis.)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Gothic (HKLM-x32\...\Gothic) (Version: 1.32 - JoWooD Software Productions AG)
Gothic 2 Gold (HKLM-x32\...\{40FE74B5-71A1-4393-A0AB-21D6E1DA5A66}) (Version: 1.0.0 - JoWood)
Gothic and Gothic II fullscreen fixes (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version: - )
Gothic II Breitbildkamera-Patch (HKLM-x32\...\Gothic II Breitbildkamera-Patch) (Version: 0.1 - davied)
GOTHIC1 - Classic - 'System-Paket' (HKLM-x32\...\GOTHIC1 - Classic - 'System-Paket') (Version: 1.6 - World of Gothic RU © 2016)
Gothic-Patch 1.08h (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HP Dropbox Plugin (HKLM-x32\...\{1E18E86D-632C-48B5-962C-B60C2E53A478}) (Version: 36.0.41.58587 - HP)
HP ENVY 4520 series - Grundlegende Software für das Gerät (HKLM\...\{634CB8C9-392E-4DDD-ADD9-4350B5117FA6}) (Version: 40.11.1122.1796 - HP Inc.)
HP ENVY 4520 series Hilfe (HKLM-x32\...\{AC3A5663-59A5-4421-9A4C-7309A4FEC06D}) (Version: 36.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{039DDA62-50CC-4E7F-9D54-7CF032A2D362}) (Version: 36.0.41.58587 - HP)
iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.)
Intel Extreme Tuning Utility (HKLM-x32\...\{46A9FDE7-4EC8-4FB4-A713-8AD3805C7017}) (Version: 6.0.0.14 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{b4b6151d-4959-4ed6-a8ee-8c991f318510}) (Version: 6.0.0.14 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
IsoBuster 3.8 (HKLM-x32\...\IsoBuster_is1) (Version: 3.8 - Smart Projects)
iTunes (HKLM\...\{1441974B-BB94-41EC-AC0F-30D5F5AC54F7}) (Version: 12.7.0.166 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
LethantisLauncher (HKLM-x32\...\{DEE9E474-6E20-4A06-AB3D-B16060786E82}) (Version: 1.26 - Lethantis)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mora's Ausrüstungsplaner (HKLM-x32\...\{8A33CE67-80FB-4469-9ED1-E5D116391F68}_is1) (Version: 1.74 - Mora)
Mozilla Firefox 56.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 de)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.2 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 2.0.0.04 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.009 - MSI)
MSI M-Cloud (HKLM-x32\...\{C2CA9595-A17F-4D28-BD6E-0E30447AF60B}}_is1) (Version: 1.0.0.19 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.09 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.01 - MSI)
NetworkGenie (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.0.0.10 - MSI)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 388.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Grafiktreiber 388.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 4 Create Module (HKLM\...\{373FD974-6F3C-4946-99BA-B9E6E2608DE2}) (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{5FF218A5-86BC-420A-A44A-66EA7C234068}) (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{A8104CED-8954-4311-9894-FC1E0FDE3ACB}) (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF24 Creator 7.8.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge)
Proxy Switcher (HKLM-x32\...\{BD85CEE1-BFBA-4FDB-A0FB-F8FE4938CCB0}) (Version: 3.6.1 - Marco Wiedemeyer)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7534 - Realtek Semiconductor Corp.)
Recovery Toolbox for CD Free 2.2 (HKLM-x32\...\Recovery Toolbox for CD Free_is1) (Version: - Recovery Toolbox, Inc.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP ENVY 4520 series (HKLM\...\{D40CE8B6-DA4E-45B5-8AFE-028947BF24FD}) (Version: 40.11.1122.1796 - HP Inc.)
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.32a4 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
Thunder Master v2.8 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 2.8.2.0 - Palit Microsystems Ltd.)
Uthgard Launcher (HKU\S-1-5-21-2588828499-552018050-3454161459-1000\...\Uthgard Launcher) (Version: 1.00.00.00 - Uthgard)
Uthgard Launcher (HKU\S-1-5-21-2588828499-552018050-3454161459-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10252017165834078\...\Uthgard Launcher) (Version: 1.00.00.00 - Uthgard)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2588828499-552018050-3454161459-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\ciaN\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2588828499-552018050-3454161459-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\ciaN\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2588828499-552018050-3454161459-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\ciaN\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\amd64\FileSyncShell64.dll => Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2015-10-19] (pdfforge GmbH)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-07-14] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-12] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00B1DDB9-3A0D-4CC1-81C0-58186FA0A487} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-10-12] (Microsoft Corporation)
Task: {0126CA1C-E0B1-41D9-80B7-96D05B031804} - System32\Tasks\RtlNetworkGenieVistaStart => C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe [2014-11-19] (Realtek Semiconductor)
Task: {15777521-26B6-47BB-9370-534E4A50DFBB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {1DBEAA13-9DFD-4C15-B912-EA88A78317A8} - System32\Tasks\{3C959858-1A51-4E56-810F-D477C78BD413} => C:\WINDOWS\system32\pcalua.exe -a E:\Gothic\system\GothicMod.exe
Task: {1E858F45-DB4A-4A85-BC7F-44158F7896B4} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {22F82422-4A84-4287-9829-B369CA205372} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {26CB275A-2426-493B-8F70-0DA37908633D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2FF125FD-78E3-47E0-83FB-478DC9FA8E2D} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [2017-04-06] (HP Inc.)
Task: {38F09B19-4355-40E3-AF73-D4A0EF93C56E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {449551B9-E21F-430C-8213-1063904B63EE} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56855126-7884-4D01-8EE8-EC33EC811C07} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59741528-3527-4EA2-8371-5AF7C528EFB9} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {5AE072EC-8D12-4FE0-A7C7-74FFCAB56EB9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {63EF40E2-DF22-416A-BEF8-ACE889615B02} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {65A5C9D6-D317-4035-ABE0-CC3C5E078ED8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {65FDBA2F-9971-45AE-A099-DBFE5DAA0E99} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {67C282AC-093F-43A6-BEF1-BF9091EB7E83} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {68146C05-5A20-4141-82E7-17869F9E3314} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7455EF0D-C249-45E8-AA73-A231B1F93D58} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {75331B71-DA8B-4871-902B-27F96F064FC9} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-05] (Intel Corporation)
Task: {7B7C63E6-51E6-4B27-8A8D-0196345AC9CE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {8914E213-38A1-4C42-9815-A7071AD1D7C2} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-07-14] (Apple Inc.)
Task: {91DB4135-7CA3-4B03-B89E-737F1FECA8CA} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2014-11-27] (Palit Microsystems Ltd.)
Task: {933F5506-4618-4804-B7CC-B6162E1B9646} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {94052A5B-C768-4E12-BC5B-B1DB8ECE7588} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9C5FE233-CFE2-4C24-9557-1D1438C16E89} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {9D9ACDDE-EB21-4067-8944-082D2AF3FD6D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {AB3963A1-0889-4578-AECF-6FFA77338A95} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B5A187AF-185F-442F-BCD2-AFB6A23DFDA4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C11BFEA9-A03B-49FB-844D-3CF35FE491F2} - System32\Tasks\{9719B760-7F88-4817-A4A9-A85C33635584} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.31.0.104/de/abandoninstall?page=tsProgressBar
Task: {C228136E-156E-4DB8-B2CD-670583A599EF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C52B3925-028A-4843-A979-A32C4BC79B57} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {CB230D29-9210-45C7-9580-74F86DE67B16} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {CE2D3428-C469-4438-B095-C2C14DD19A5C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7D7C1DD-CD85-4422-973D-4673DD09B0C1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ECCC0219-5A6B-49AF-B598-30CD4DA0EAEC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ED30A5BB-B2F7-48CF-979F-B4C45DAF4886} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F214C249-B068-48E0-A2B0-08626377B2C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F319F90D-941C-4821-B956-A14A06459CF4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {F9FA4965-DFFF-4450-BFD9-455D4490CAD9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC3B517F-555F-452F-A42E-D72402A587FE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\RtlNetworkGenieVistaStart.job => C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\ciaN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\Gothic\JoWooD Homepage.lnk -> hxxp://www.jowood.co
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-10-25 16:51 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-10-25 16:51 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-28 16:29 - 2017-10-11 03:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-03 09:20 - 2013-12-26 13:35 - 000143872 _____ () C:\Program Files (x86)\Samsung\Easy Setting Box\TitleBarDLL.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-19 18:25 - 2017-10-19 18:25 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-10-19 18:25 - 2017-10-19 18:25 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-19 18:25 - 2017-10-19 18:25 - 025446400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-10-19 18:25 - 2017-10-19 18:25 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-10-19 18:25 - 2017-10-19 18:25 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2015-10-02 22:28 - 2013-10-29 14:49 - 000248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2015-10-02 22:28 - 2013-06-26 17:01 - 000240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2015-10-03 09:20 - 2013-12-26 13:37 - 000594944 _____ () C:\Program Files (x86)\Samsung\Easy Setting Box\EasySettingBox.exe
2015-10-03 09:20 - 2013-12-26 13:35 - 000084480 _____ () C:\Program Files (x86)\Samsung\Easy Setting Box\SmartMouseDll.dll
2015-10-03 09:20 - 2013-12-26 13:36 - 000055808 _____ () C:\Program Files (x86)\Samsung\Easy Setting Box\MGResGer.dll
2015-10-03 09:20 - 2013-12-26 13:36 - 000060928 _____ () C:\Program Files (x86)\Samsung\Easy Setting Box\HookApp.exe
2016-06-28 00:19 - 2016-06-28 00:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-10-13 20:14 - 2016-05-11 16:11 - 000104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-10-13 20:14 - 2016-05-11 16:11 - 000020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-13 20:14 - 2016-05-11 16:11 - 000044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-10-20 15:22 - 2005-07-18 13:43 - 000160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-12-28 16:29 - 2017-10-11 03:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-03 09:20 - 2013-12-26 13:35 - 000066048 _____ () C:\Program Files (x86)\Samsung\Easy Setting Box\TitleBarDLLx86.dll
2015-10-02 21:32 - 2014-04-21 09:09 - 000150528 ____R () C:\Program Files (x86)\MSI\NetworkGenie\gep.dll
2016-12-28 16:29 - 2017-10-11 03:05 - 070805952 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-02 22:28 - 2013-01-15 17:06 - 000061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2015-10-02 22:28 - 2013-11-05 16:31 - 000249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-11-11 13:11 - 000000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10252017165833984\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10252017165834062\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2588828499-552018050-3454161459-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ciaN\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-2588828499-552018050-3454161459-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10252017165834078\Control Panel\Desktop\\Wallpaper -> C:\Users\ciaN\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7077EE6E-5CD8-4315-9325-B569BA3E0DCF}] => (Allow) E:\Steam 2\steamapps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{11B8D17B-B10C-466C-ACDE-EC7366130C71}] => (Allow) E:\Steam 2\steamapps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{56821B4C-DF91-451C-AE0C-750ED4702623}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E4917AA9-EC19-43D5-B273-766C8B275C89}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EA9C460F-E155-4A64-B68C-CE9B2CB21277}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{525635EB-749E-4F45-B55D-218953BBD022}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1FFCA375-E87F-4EDD-A9F0-527B1037C554}] => (Allow) E:\Steam 2\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{06A35039-4E41-41E1-97C9-F423E3DF5EDE}] => (Allow) E:\Steam 2\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{3D19D9CE-C029-4B1E-84E6-DD3253A5D505}] => (Allow) E:\Steam 2\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{FCAD8002-EA8A-46F6-970E-6116A16445AB}] => (Allow) E:\Steam 2\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{FD4F67DE-91F6-4F1B-AAE0-0D27CE2A5C59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B3D7BE65-8A51-48E6-9357-3D57C69C40F3}] => (Allow) E:\Steam 2\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{C0370769-9FCB-4581-8D77-1113384C50FA}] => (Allow) E:\Steam 2\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{963A08B3-E25D-4777-8894-58C83A943CED}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{03A2685C-894B-4843-BE63-812A20061141}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5DDEB024-5FBC-4BC7-9EAF-4A6903F2AE78}] => (Allow) E:\Steam 2\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{7847E611-F699-4516-9812-3769480164F4}] => (Allow) E:\Steam 2\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{1DAACE95-4032-4DBC-BC1C-FD9186F0DC73}] => (Allow) E:\Steam 2\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{A98B54B2-5A03-416D-A642-38BF4D6BA685}] => (Allow) E:\Steam 2\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{01F1A823-C0A0-4BA5-B453-184DCF12D578}] => (Allow) E:\Steam 2\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{0325CE54-53CD-4741-B822-E43ECB538BA3}] => (Allow) E:\Steam 2\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{5769A984-DBA7-4866-ACCA-D3D19E923272}] => (Allow) E:\Steam 2\steamapps\common\Mount and Blade\runme.exe
FirewallRules: [{5CCC0408-7882-4C18-A83D-26F3B19774EA}] => (Allow) E:\Steam 2\steamapps\common\Mount and Blade\runme.exe
FirewallRules: [{AEA9B6F1-0116-4635-B6D1-C4DB999EFA42}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{197BB0DF-CC6A-4F11-8C6D-CC5CB22E21E2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{51EE2B41-A8F6-4457-B6C4-62F24B7FF819}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D2E15102-F62F-41BF-A3C7-21DC528D142E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CA41B5A3-5ACF-4839-A7C9-D874463F4621}] => (Allow) E:\Steam 2\steamapps\common\Metro 2033 Redux\metro.exe
FirewallRules: [{FF225B60-2726-408B-9650-30223289960E}] => (Allow) E:\Steam 2\steamapps\common\Metro 2033 Redux\metro.exe
FirewallRules: [{A5999192-EDA4-4D40-92D3-9E536262B334}] => (Allow) E:\Steam 2\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{892A1FC0-001F-4265-A4C6-58437D280F6A}] => (Allow) E:\Steam 2\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{A94DB815-8A5C-49A6-A175-D46494A174C2}] => (Allow) E:\Steam 2\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{070EB7D3-C51E-4C41-9C80-0A37B3BBDA3F}] => (Allow) E:\Steam 2\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{CADE8E54-2DBB-4856-BDF7-B5177EA5D1D1}] => (Allow) E:\Steam 2\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{152A751C-E6F0-48A6-80BF-465EC87AAA7F}] => (Allow) E:\Steam 2\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{9ACA1310-939C-4A1F-9812-450E06085A95}] => (Allow) E:\Steam 2\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{5155CEED-3623-48B6-B856-1D8F9E0AE1E2}] => (Allow) E:\Steam 2\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{AB2906EE-098E-4CA9-AFD5-815177E69B04}] => (Allow) E:\Steam 2\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{5F246BFE-96BF-4E9A-95D0-B015FE026BB4}] => (Allow) E:\Steam 2\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{DE9A844A-18E4-4B29-967B-E541319D598F}] => (Allow) E:\Steam 2\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{EEA1A649-019F-47C4-8808-B10385CBDB3D}] => (Allow) E:\Steam 2\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{BDD2C6D9-44BC-4C68-8670-45F4AC2CBC46}] => (Allow) E:\Steam 2\steamapps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{CF6DD527-7938-4A1E-8169-390B1DE2D2B5}] => (Allow) E:\Steam 2\steamapps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{7534942C-26DD-43BF-9D38-3111C2027887}] => (Allow) E:\Steam 2\steamapps\common\Spore\runme.exe
FirewallRules: [{FC1FB033-A999-453F-8AD2-E228B8272A15}] => (Allow) E:\Steam 2\steamapps\common\Spore\runme.exe
FirewallRules: [{C54D41DF-4164-4B30-A7C7-226D0FCE4409}] => (Allow) E:\Steam 2\steamapps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{2339B6C7-AA6C-495A-9D7D-FA2F52B160CF}] => (Allow) E:\Steam 2\steamapps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{B8FE964C-E0A8-486B-BC8E-831B24D6AC24}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CC53BB29-F6BE-422D-865F-09603480DA07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7C068611-95E2-489A-9463-E49E3C4BA929}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{3D68A8CF-4850-4F0C-955D-0EA632E8254B}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{5066E6C1-372F-4738-82EA-8255635B2786}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{FED5A0A4-BFDB-4DD8-B49C-BD6DA7CFFBB0}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{D0409D67-0B07-42EE-B3C2-4FDF3796DC82}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{764D3455-B846-4CC1-A117-ABE131977B10}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{938E5802-5AC5-44D3-8486-04B179C1E0D9}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{FDFD714E-5D66-445B-8894-720DD367B89C}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{A53FB020-850E-491A-BF6F-889A8EC93AED}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{26336714-BA88-4020-83FD-CC00CDD5F9F4}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{2376053C-7B5B-4FC1-856F-45EF9F00829E}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{65A4FA5B-E8AF-4FE4-8025-76D2BE526A4A}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{90A09508-F259-4473-A2AB-431D763CDB92}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{822795C8-19A7-4258-BDE9-745788253053}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{ED83A11E-93E8-49F2-B5DE-13C6F4D4CA8D}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{AC140A46-8185-4282-9364-C38B71D78F6C}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{6585BE35-7F54-4F53-9F9B-23F271562EDC}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{A308FCE1-A243-4BAC-897F-7DC27C033617}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{3965921F-47A4-4E73-8459-9AAF04097E17}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{A8F25D50-13E5-4014-87B3-E2C7E28E9AA1}] => (Allow) E:\Steam 2\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{08165F09-191A-4999-A1BF-38E61A071F7C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{46B4D508-3C04-4A60-BF21-4C1E4F6224A8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{981CBEB4-A690-45F9-9012-CE56B807CE00}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{3F25A7F0-1147-40F8-A1DD-01D2EF348A08}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{8F892F93-5923-4E86-A1F9-97E1D672C6BC}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F539CA3D-F463-4A7E-B56A-B4D481276DEC}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{C0B387A6-45DF-417D-A1DB-5FB2960D3E72}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{552E8AB1-BDDB-46B2-A6DB-D75D48700761}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EA39883D-BC75-4FA8-A591-675C5DB68F90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A4ACA692-8D15-478C-A797-3C70DA05408E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{293EA492-9837-464B-8617-A090BDA52ACA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7AD3A00D-D0FE-48D1-B8F0-59F7552C7E34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8E8E8B03-3F1D-4F40-BFFF-A8BD9F1103D0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8B7C8AC4-DFB6-4C4E-AD6D-1B9E24E7656F}] => (Allow) E:\Steam 2\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{A454B810-5802-4E50-8075-8C564EE7AFAE}] => (Allow) E:\Steam 2\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{44E4226F-78D3-49EB-9237-DBEE59049491}] => (Allow) E:\Steam 2\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4FE8EC83-1151-4B33-858B-CD448FEFC61D}] => (Allow) E:\Steam 2\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{CCD44C35-DADA-4DFC-8071-C024929A4489}] => (Allow) E:\Steam 2\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{4D0A9356-D36E-47E1-B757-09F4C4D5E294}] => (Allow) E:\Steam 2\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{82875C93-8157-4DCD-9C16-FC8E89324E1E}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{A119B465-10B2-4157-B473-7FB410BF77A7}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B588B773-8FF3-40B5-B7B8-083BC278B7A5}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{D14FAF15-CE73-42FF-8684-E0DE285A0B77}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{0F333BEF-2BDC-43E2-AF28-F31B406C4166}] => (Allow) E:\Steam 2\steamapps\common\Half-Life\hl.exe
FirewallRules: [{8170F3C3-1769-4FBB-B369-5572B43942DE}] => (Allow) E:\Steam 2\steamapps\common\Half-Life\hl.exe
FirewallRules: [TCP Query User{879D37F6-8853-480F-A18B-CA8799EB7750}C:\users\cian\appdata\local\temp\i1465733456\windows\resource\jre\bin\javaw.exe] => (Block) C:\users\cian\appdata\local\temp\i1465733456\windows\resource\jre\bin\javaw.exe
FirewallRules: [UDP Query User{F33D49F8-9C5E-4696-892A-8AE6E2115C33}C:\users\cian\appdata\local\temp\i1465733456\windows\resource\jre\bin\javaw.exe] => (Block) C:\users\cian\appdata\local\temp\i1465733456\windows\resource\jre\bin\javaw.exe
FirewallRules: [{E3920065-78E7-428F-B71F-E74A7C22C339}] => (Allow) E:\Steam 2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{54B8D4D0-E6B0-4996-859B-CC8C9B4B44BC}] => (Allow) E:\Steam 2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{C0706981-A2FF-45E4-9F00-942912F29DD0}] => (Allow) E:\Steam 2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{4E490530-2661-4004-AD48-3B999DAADDCD}] => (Allow) E:\Steam 2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{6E86086A-6DAC-4A9C-9C5F-31CC6082B331}] => (Allow) E:\Steam 2\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{84412F66-3011-4055-B7B8-A2714CCD7EFB}] => (Allow) E:\Steam 2\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{289FCDE9-7500-4950-828F-285DC77E71D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B650F54C-67CC-42EF-9973-4D36CC31B692}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6DFCE197-3403-4970-BDEA-06EBD62537C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{72B86CAD-D590-4EEB-8366-EC218C7E5832}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E38F9404-FD0E-435A-B561-C57171622DE6}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
FirewallRules: [{444974BD-B1CA-41E8-BB89-C86888C45C11}] => (Allow) LPort=5357
FirewallRules: [{E0BB1EC1-A920-4AFB-99BE-3909C4B517FB}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{47FA0586-6CE1-40C8-BCD4-881062C27B78}] => (Allow) E:\Steam 2\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{FDEDD287-F174-4715-863C-9BF4D70F7D54}] => (Allow) E:\Steam 2\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{B7719616-2408-41F3-A112-0CAD837C4862}] => (Allow) E:\Steam 2\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{AD995219-955A-47AB-BF3F-6B0B117BA7C1}] => (Allow) E:\Steam 2\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{77960ACF-2B4F-46BF-B547-E23390D37A83}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{031ED703-1148-4470-B9A8-9B0AC55D967C}] => (Allow) E:\Steam 2\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{681F44E5-AB05-42B1-BA68-D070472AC464}] => (Allow) E:\Steam 2\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{263F4638-53EE-4B9B-B4D8-649D94629C7C}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{76897C37-8B64-4EC1-A87C-4A5B2BADE358}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{1E7E799C-48C5-49A4-B6D9-8C3884493ADA}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DD3BD663-700B-4AF3-B448-17E19C988AE1}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A814A551-91B7-43AC-9B81-8C6360F4FD56}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3179F21F-E315-4437-B5ED-9C59C92CE613}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9FFB11E0-908A-443D-AD0A-B94493AE6F4E}] => (Allow) E:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{240C9DC9-292E-474D-8FA8-1E28E8B4EA70}] => (Allow) E:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{BD452A48-1EAE-415D-8874-5FC6B0956239}] => (Allow) E:\Steam\steamapps\common\Risen 3\system\Risen3.exe
FirewallRules: [{AB824FAE-80B3-46D1-B012-7306EF4B6AA7}] => (Allow) E:\Steam\steamapps\common\Risen 3\system\Risen3.exe
FirewallRules: [{82F0392C-46A2-4C9E-A93C-C378C836EACE}] => (Allow) E:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{539D9D40-B4F6-4D13-854C-763FC98BE0F5}] => (Allow) E:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{D1CFA7C5-58F2-4028-898C-7250574FA859}] => (Allow) E:\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{1E81F284-A99A-4F38-A75E-63615212E7A8}] => (Allow) E:\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{7D1F91F8-23C9-4E0E-ACEF-729406BAF3E9}] => (Allow) E:\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{EE5163B0-C9E1-4A3E-A582-242422D828F4}] => (Allow) E:\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{C6E1A078-D9C6-4F08-A32A-5C116AC32BC2}] => (Allow) E:\Steam\steamapps\common\Age of Wonders\Launcher.exe
FirewallRules: [{E361C30D-4305-4928-98D4-8EE1882CC017}] => (Allow) E:\Steam\steamapps\common\Age of Wonders\Launcher.exe
FirewallRules: [{9D85AD39-1848-46DC-8426-5B4C2E5D4DC5}] => (Allow) E:\Steam\steamapps\common\Age of Wonders\AoWSetup.exe
FirewallRules: [{468C8F03-E92E-4EE9-8E35-4E4189B9AA76}] => (Allow) E:\Steam\steamapps\common\Age of Wonders\AoWSetup.exe
FirewallRules: [{F1F0031D-0D0A-4B6B-9A7B-3FC9514B6A30}] => (Allow) E:\Steam\steamapps\common\Age of Wonders\AoWEd.exe
FirewallRules: [{761D244E-D5B7-4BF5-8131-386E72BC3A1D}] => (Allow) E:\Steam\steamapps\common\Age of Wonders\AoWEd.exe
FirewallRules: [{41728133-CC4E-4120-8E0C-DACB632DB808}] => (Allow) E:\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{E41A7F66-3D92-4AAF-989A-D653A7C26B1E}] => (Allow) E:\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{9B7C0E64-617B-4FD4-91F0-99482B8236E2}] => (Allow) E:\Steam\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{32ABC2CA-F0C6-4CD8-AB26-C737B8557275}] => (Allow) E:\Steam\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{FCD9F31D-F914-4D08-B2B6-A8D2EC80062C}] => (Allow) E:\Steam\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{534D1CCD-A03C-43E1-AAEA-84516806B15C}] => (Allow) E:\Steam\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{D39A5EF1-10AC-410B-9B2F-1086028C3EF8}] => (Allow) E:\Steam\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{8F614DDB-D526-4298-ABE3-0FBCF939A5F5}] => (Allow) E:\Steam\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{7193BEC4-F21B-4BC3-8F23-87A85810F9C6}] => (Allow) E:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{52E73612-6351-4727-92FE-064AD7612DAD}] => (Allow) E:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{6B1CB73A-1062-4DD2-ACED-504A50B20095}] => (Allow) E:\Steam\steamapps\common\ELEX\system\ELEX.exe
FirewallRules: [{B4FD0B28-7B89-4EE0-9BCF-1C61F54AE39C}] => (Allow) E:\Steam\steamapps\common\ELEX\system\ELEX.exe
FirewallRules: [{3020043B-0132-457B-AA9C-E0DD71215D41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{20C53454-86C1-42B8-B36B-B4C41A26F195}] => (Allow) LPort=24680
==================== Wiederherstellungspunkte =========================
12-10-2017 09:50:12 Windows Update
17-10-2017 20:31:57 Windows Update
25-10-2017 13:23:22 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Trusted Platform Module 2.0
Description: Trusted Platform Module 2.0
Class Guid: {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
Manufacturer: (Standard)
Service: TPM
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/25/2017 05:00:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Live Update.exe, Version: 6.1.9.0, Zeitstempel: 0x56147537
Name des fehlerhaften Moduls: Live Update.exe, Version: 6.1.9.0, Zeitstempel: 0x56147537
Ausnahmecode: 0xc000041d
Fehleroffset: 0x000dd598
ID des fehlerhaften Prozesses: 0x3d94
Startzeit der fehlerhaften Anwendung: 0x01d34da1d07eae25
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\MSI\Live Update\Live Update.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\MSI\Live Update\Live Update.exe
Berichtskennung: e0ef629f-cc5f-4e86-944b-664fbc70ead8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/25/2017 04:59:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Live Update.exe, Version: 6.1.9.0, Zeitstempel: 0x56147537
Name des fehlerhaften Moduls: Live Update.exe, Version: 6.1.9.0, Zeitstempel: 0x56147537
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000dd598
ID des fehlerhaften Prozesses: 0x3d94
Startzeit der fehlerhaften Anwendung: 0x01d34da1d07eae25
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\MSI\Live Update\Live Update.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\MSI\Live Update\Live Update.exe
Berichtskennung: 7d6b1091-d004-45af-b37b-67a888e159ee
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/25/2017 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 6.F.5.2.1.5.C.A.6.C.9.1.5.9.9.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR QmilCh-2.local.
Error: (10/25/2017 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.107:5353 14 6.F.5.2.1.5.C.A.6.C.9.1.5.9.9.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR QmilCh.local.
Error: (10/25/2017 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 107.2.168.192.in-addr.arpa. PTR QmilCh-2.local.
Error: (10/25/2017 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.107:5353 14 107.2.168.192.in-addr.arpa. PTR QmilCh.local.
Error: (10/25/2017 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname QmilCh.local already in use; will try QmilCh-2.local instead
Error: (10/25/2017 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 QmilCh.local. Addr 192.168.2.107
Error: (10/25/2017 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.107:5353 16 QmilCh.local. AAAA 2003:00D5:FBD2:9287:7995:19C6:AC51:25F6
Error: (10/25/2017 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 QmilCh.local. AAAA FE80:0000:0000:0000:7995:19C6:AC51:25F6
Systemfehler:
=============
Error: (10/25/2017 04:58:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WsDrvInst" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (10/25/2017 04:58:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (10/25/2017 04:58:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (10/25/2017 04:58:26 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 34) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für den Leerlauf sind für den logischen Hyper-V-Prozessor "3" aufgrund eines Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (10/25/2017 04:58:26 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 34) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für den Leerlauf sind für den logischen Hyper-V-Prozessor "2" aufgrund eines Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (10/25/2017 04:58:26 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 34) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für den Leerlauf sind für den logischen Hyper-V-Prozessor "1" aufgrund eines Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (10/25/2017 04:58:26 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 34) (User: NT-AUTORITÄT)
Description: Die Energieverwaltungsfeatures für den Leerlauf sind für den logischen Hyper-V-Prozessor "0" aufgrund eines Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (10/25/2017 04:58:23 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
Error: (10/25/2017 04:47:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WsDrvInst" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (10/25/2017 04:47:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
CodeIntegrity:
===================================
Date: 2017-10-25 12:06:12.522
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-25 12:06:12.521
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-07 12:56:24.186
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-07-19 10:04:09.604
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-26 18:12:00.096
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-26 18:12:00.095
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-26 18:09:54.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-26 18:09:54.082
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-20 11:06:08.512
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8134.57 MB
Verfügbarer physikalischer RAM: 4485.86 MB
Summe virtueller Speicher: 16326.57 MB
Verfügbarer virtueller Speicher: 12205.48 MB
==================== Laufwerke ================================
Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT
Drive c: () (Fixed) (Total:148.78 GB) (Free:33.4 GB) NTFS
Drive d: () (Fixed) (Total:83.57 GB) (Free:83 GB) NTFS
Drive e: (Volume) (Fixed) (Total:931.39 GB) (Free:653.32 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: AB1E92D9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=83.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
AdwCleaner Code:
# AdwCleaner 7.0.3.1 - Logfile created on Wed Oct 25 14:46:19 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: chip1click
Deleted: DnsBlockUpdateSvc
***** [ Folders ] *****
Deleted: C:\Users\ciaN\AppData\Roaming\AdvertismentImages
Deleted: C:\Program Files (x86)\Chip Digital GmbH
Deleted: C:\Users\ciaN\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}
Deleted: C:\Windows\\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}
Deleted: C:\Users\ciaN\AppData\Local\DnsBlock
Deleted: C:\Users\ciaN\AppData\Local\DnsBlock
Deleted: C:\WINDOWS\Installer\{1F449249-A725-4AC9-BDE5-C9852BC81B2A}
Deleted: C:\WINDOWS\Installer\{221A7498-970E-48F7-B8C7-B6DB3B11F292}
Deleted: C:\WINDOWS\Installer\{221A7498-970E-48F7-B8C7-B6DB3B11F292}
Deleted: C:\WINDOWS\Installer\{46436CC5-4B4A-4C47-B1C1-6E02856B331C}
Deleted: C:\WINDOWS\Installer\{5D605E6F-6C7C-4F6A-BB82-4C4E70A22BA3}
Deleted: C:\WINDOWS\Installer\{6B3AC58B-CBEA-4ED3-9579-E61EE3DD2FC6}
Deleted: C:\WINDOWS\Installer\{836EFFFA-E2A5-4B78-B344-F2FF06EC7A3A}
Deleted: C:\WINDOWS\Installer\{B625E5B1-4C4A-445C-9F1C-21395BEF57CA}
***** [ Files ] *****
Deleted: C:\END
Deleted: C:\Windows\SysNative\DnsBlockUpdateSvc.exe
Deleted: C:\Windows\System32\dns.block
Deleted: C:\Windows\SysNative\dns.block
Deleted: C:\Windows\SysWOW64\dns.block
Deleted: C:\Windows\System32\dns.block
Deleted: C:\Windows\SysNative\dns.block
Deleted: C:\Windows\SysWOW64\dns.block
Deleted: C:\Windows\SysNative\DnsBlockUpdateSvc.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{E7BF74EE-9106-4113-B216-2F980BA29141}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{1C6F51F8-BCE6-4702-8952-6A8233359FBC}
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPID\DPBHO.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\DPBHO.DLL
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
Deleted: [Key] - HKU\S-1-5-21-2588828499-552018050-3454161459-1000\Software\DownloadProtect
Deleted: [Key] - HKCU\Software\DownloadProtect
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7b5da7f5-de7d-4e00-b330-a2e08e460095}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [5126 B] - [2017/10/25 14:45:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
und zu guter letzt die Malwarebytes log Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 25.10.17
Scan-Zeit: 16:52
Protokolldatei: 2081f1e4-b994-11e7-871b-d8cb8a990271.json
Administrator: Ja
-Softwaredaten-
Version: 3.2.2.2029
Komponentenversion: 1.0.212
Version des Aktualisierungspakets: 1.0.3094
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.674)
CPU: x64
Dateisystem: NTFS
Benutzer: QMILCH\ciaN
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 442399
Erkannte Bedrohungen: 93
In die Quarantäne verschobene Bedrohungen: 93
Abgelaufene Zeit: 2 Min., 44 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 9
PUP.Optional.DownloadProtect.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect.1, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\InprocServer32, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\InprocServer32, In Quarantäne, [1583], [334834],1.0.3094
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [14935], [252393],1.0.3094
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [14935], [252393],1.0.3094
Registrierungswert: 4
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{8CF37D1B-0E89-44A1-9838-8A37C1478B2D}, In Quarantäne, [14107], [237883],1.0.3094
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{8CF37D1B-0E89-44A1-9838-8A37C1478B2D}, In Quarantäne, [14107], [237883],1.0.3094
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, [14935], [252393],1.0.3094
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, [14935], [252393],1.0.3094
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 20
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{1465D1E3-966F-455C-8AEC-307BC5374EB0}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{195E6AB3-A47D-4943-9B3D-2100BD9AE806}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{62F10ABC-685D-4ACC-86A4-5D0BBC85AB7A}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{6B0F519E-71C1-4162-9FBE-414A142B1217}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{0776738A-74F8-4976-92AA-269FF78187B3}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{7156A1C5-D34E-4054-9A82-D8448DD8C556}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{A519D609-FE4B-4BE5-9989-42BE500CF631}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{AFCA374C-B98B-4747-A838-619919959320}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{CBA133F1-A6ED-447A-95C4-CF4F531DA049}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{0EA1E96E-E568-4FFD-8A78-D952819E5108}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{EC983140-E033-40A6-A356-8BC7A4FF8504}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{139724CE-BCFB-4BEC-9579-3FBCC11A0817}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{14544966-295A-4FB9-867E-3057E21694FD}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{20594244-4166-4743-8599-51E032B5D917}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{557810ED-0193-480B-8BD1-96E4C680FE40}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{A6CC31B9-7D59-480F-98DE-30CAFBC58497}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{D2B91799-E41F-49CE-96B3-CEF14FA6A3EA}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{FB8783A8-0751-4ADE-8A5E-20E772676F63}, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.YTUnBlocker, C:\Users\ciaN\AppData\Roaming\Mozilla\Firefox\Profiles\89rdwvq1.default\extension-data\unblocker30__web@unblocker.yt\data, In Quarantäne, [12496], [182475],1.0.3094
PUP.Optional.YTUnBlocker, C:\USERS\CIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\89RDWVQ1.DEFAULT\EXTENSION-DATA\unblocker30__web@unblocker.yt, In Quarantäne, [12496], [182475],1.0.3094
Datei: 60
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{1465D1E3-966F-455C-8AEC-307BC5374EB0}\{968DCC17-2042-4302-A4B5-7D9B5AF67033}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{1465D1E3-966F-455C-8AEC-307BC5374EB0}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{1465D1E3-966F-455C-8AEC-307BC5374EB0}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{195E6AB3-A47D-4943-9B3D-2100BD9AE806}\{8059C62F-8090-46A0-895D-A163ADCC90C1}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{195E6AB3-A47D-4943-9B3D-2100BD9AE806}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{195E6AB3-A47D-4943-9B3D-2100BD9AE806}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{62F10ABC-685D-4ACC-86A4-5D0BBC85AB7A}\{CE30D886-00D3-4871-862F-B5B5228C6957}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{62F10ABC-685D-4ACC-86A4-5D0BBC85AB7A}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{62F10ABC-685D-4ACC-86A4-5D0BBC85AB7A}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{6B0F519E-71C1-4162-9FBE-414A142B1217}\{464E0B1A-F9A6-4639-AAAD-D12245B482E5}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{6B0F519E-71C1-4162-9FBE-414A142B1217}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{6B0F519E-71C1-4162-9FBE-414A142B1217}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{0776738A-74F8-4976-92AA-269FF78187B3}\{D665C845-CEF4-4921-B14A-EDE9B2DEA10A}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{0776738A-74F8-4976-92AA-269FF78187B3}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{0776738A-74F8-4976-92AA-269FF78187B3}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{7156A1C5-D34E-4054-9A82-D8448DD8C556}\{BB0DBDBB-5A83-479C-86AA-19EEFADAE41C}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{7156A1C5-D34E-4054-9A82-D8448DD8C556}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{7156A1C5-D34E-4054-9A82-D8448DD8C556}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{A519D609-FE4B-4BE5-9989-42BE500CF631}\{BB95BDA6-73AE-43CE-B951-D0A57E1FBF75}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{A519D609-FE4B-4BE5-9989-42BE500CF631}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{A519D609-FE4B-4BE5-9989-42BE500CF631}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{AFCA374C-B98B-4747-A838-619919959320}\{E5D1C1AC-9F90-43E6-94E5-32ED191C0A5A}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{AFCA374C-B98B-4747-A838-619919959320}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{AFCA374C-B98B-4747-A838-619919959320}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{CBA133F1-A6ED-447A-95C4-CF4F531DA049}\{0576E922-FA83-482E-8DFB-7C61A2C79538}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{CBA133F1-A6ED-447A-95C4-CF4F531DA049}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{CBA133F1-A6ED-447A-95C4-CF4F531DA049}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{0EA1E96E-E568-4FFD-8A78-D952819E5108}\{592256C5-E498-402E-93D0-844BDA45AE7F}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{0EA1E96E-E568-4FFD-8A78-D952819E5108}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{0EA1E96E-E568-4FFD-8A78-D952819E5108}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{EC983140-E033-40A6-A356-8BC7A4FF8504}\{18A4E73F-D9AF-4468-8D9E-87D30C2FBF31}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{EC983140-E033-40A6-A356-8BC7A4FF8504}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{EC983140-E033-40A6-A356-8BC7A4FF8504}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{139724CE-BCFB-4BEC-9579-3FBCC11A0817}\{08574D68-960A-47ED-A4FB-3769B6319020}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{139724CE-BCFB-4BEC-9579-3FBCC11A0817}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{139724CE-BCFB-4BEC-9579-3FBCC11A0817}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{14544966-295A-4FB9-867E-3057E21694FD}\{0761DFAB-09AE-4718-84F1-0356016FEFAE}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{14544966-295A-4FB9-867E-3057E21694FD}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{14544966-295A-4FB9-867E-3057E21694FD}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{20594244-4166-4743-8599-51E032B5D917}\{9380BC6D-8B5C-4151-A9CD-04EB8836CFF5}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{20594244-4166-4743-8599-51E032B5D917}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{20594244-4166-4743-8599-51E032B5D917}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{557810ED-0193-480B-8BD1-96E4C680FE40}\{584CD152-60CA-4D44-BF8C-D633B58DC3D0}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{557810ED-0193-480B-8BD1-96E4C680FE40}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{557810ED-0193-480B-8BD1-96E4C680FE40}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{A6CC31B9-7D59-480F-98DE-30CAFBC58497}\{92E9E4D9-B209-49E5-9F1C-1DC24C9AFEE9}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{A6CC31B9-7D59-480F-98DE-30CAFBC58497}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{A6CC31B9-7D59-480F-98DE-30CAFBC58497}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{D2B91799-E41F-49CE-96B3-CEF14FA6A3EA}\{636A3C37-F002-4E27-81F3-CF20F7C370EE}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{D2B91799-E41F-49CE-96B3-CEF14FA6A3EA}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{D2B91799-E41F-49CE-96B3-CEF14FA6A3EA}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{FB8783A8-0751-4ADE-8A5E-20E772676F63}\{EE216CDE-9D04-4933-AAC2-8E8CF3373C6B}.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{FB8783A8-0751-4ADE-8A5E-20E772676F63}\config.json, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{FB8783A8-0751-4ADE-8A5E-20E772676F63}\def.bin, In Quarantäne, [1583], [334834],1.0.3094
PUP.Optional.YTUnBlocker, C:\Users\ciaN\AppData\Roaming\Mozilla\Firefox\Profiles\89rdwvq1.default\extension-data\unblocker30__web@unblocker.yt\data\campaign_background.png, In Quarantäne, [12496], [182475],1.0.3094
PUP.Optional.YTUnBlocker, C:\Users\ciaN\AppData\Roaming\Mozilla\Firefox\Profiles\89rdwvq1.default\extension-data\unblocker30__web@unblocker.yt\data\config.json, In Quarantäne, [12496], [182475],1.0.3094
PUP.Optional.YTUnBlocker, C:\Users\ciaN\AppData\Roaming\Mozilla\Firefox\Profiles\89rdwvq1.default\extension-data\unblocker30__web@unblocker.yt\data\proxies.json, In Quarantäne, [12496], [182475],1.0.3094
PUP.Optional.DownloadGuide, C:\USERS\CIAN\DOWNLOADS\FREEAUDIOCONVERTER_CB-DL-MANAGER.EXE, In Quarantäne, [183], [18726],1.0.3094
PUP.Optional.DownloadGuide, C:\USERS\CIAN\DOWNLOADS\VLC-2.2.4-WIN64_CB-DL-MANAGER.EXE, In Quarantäne, [183], [100902],1.0.3094
PUP.Optional.DownloadSponsor, C:\USERS\CIAN\DOWNLOADS\JPG ILLUMINATOR - CHIP-INSTALLER.EXE, In Quarantäne, [521], [413936],1.0.3094
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
|
