und die Addition.txt Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 13-12-2017
durchgeführt von Kay (15-12-2017 20:50:52)
Gestartet von C:\Users\Kay\Desktop
Windows 10 Pro Version 1703 15063.786 (X64) (2017-04-13 17:36:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1888364831-2858631773-2981139133-500 - Administrator - Disabled)
Alexa (S-1-5-21-1888364831-2858631773-2981139133-1013 - Limited - Enabled)
DefaultAccount (S-1-5-21-1888364831-2858631773-2981139133-503 - Limited - Disabled)
Gast (S-1-5-21-1888364831-2858631773-2981139133-501 - Limited - Disabled)
Kay (S-1-5-21-1888364831-2858631773-2981139133-1001 - Administrator - Enabled) => C:\Users\Kay
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Alcor Micro Generic Hub Filter Driver (HKLM-x32\...\{B482AA4C-921E-4427-BE77-7BAA684854B8}) (Version: 2.0.11.0 - Alcor Micro Corp.) Hidden
Alcor Micro Generic Hub Filter Driver (HKLM-x32\...\AmUHubftr) (Version: 2.0.11.0 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{99D7329A-44AA-4D40-AA8D-0F5783C38B76}) (Version: 20.26.3317.04170 - Alcor Micro Corp.) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Uplay Install 22) (Version: - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft)
Apowersoft Smartphone Manager Version 2.8.8 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.8.8 - APOWERSOFT LIMITED)
Application Profiles (HKLM-x32\...\{BDD5363B-04E3-F4F4-35D1-8B9B93743C81}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
AquaLot 2.0 (HKLM-x32\...\AquaLot 2 Professional_is1) (Version: - Digital Lake GbR)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
cCloud (HKLM\...\{CF6C1B06-4F86-4C41-BD21-9E40500006B5}) (Version: 3.0.8.84 - COMODO)
Cisco WebEx Meetings (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Curse Client (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Discord (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Discord) (Version: 0.0.299 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DxO Optics Pro 7 (HKLM\...\{64579E10-6249-4BB1-B1D1-8EF55042DB45}) (Version: 7.5.5 - DxO Labs)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS MobiSaver (HKLM-x32\...\EaseUS MobiSaver_is1) (Version: - EaseUS)
EaseUS Partition Master 11.10 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
easytranscript (HKLM-x32\...\{DA2D76CD-1B1F-424A-BBF2-8CE61294A888}) (Version: 2.50.7 - e-werkzeug)
EVE Isk per Hour (HKLM-x32\...\{7A37BE74-5767-407A-8145-098EF7DA02FB}) (Version: 3.3 - EVE IPH)
EVE Online (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\{413c30c3-07d7-447d-9807-94e432269299}) (Version: 1.0.0 - CCP)
EVE Online (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\{73a38ebe-e3a3-4dae-9667-ff4167547056}) (Version: 1.0.0 - CCP)
EVE Online (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\{aca62ac7-3b0b-4020-ae4a-34e6b57914ec}) (Version: 1.0.0 - CCP)
EVE Online (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\{f9e59b47-4921-42c4-9054-8fb447d3a747}) (Version: 1.0.0 - CCP)
EVE Windowed Mode Helper 3.3.1 (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\EVE Windowed Mode Helper) (Version: 3.3.1 - Pharago)
EveHQ (HKLM-x32\...\EveHQ) (Version: - )
EVEMon (HKLM-x32\...\EVEMon) (Version: 3.0.3 - EVEMon Development Team)
Evernus (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\{f1d3952e-5750-4442-9a17-9ef6b41d7139}) (Version: 2.13 - Evernus)
f4transkript (HKLM-x32\...\f4transkript) (Version: - audiotranskription.de)
ffdshow x64 v1.3.4533 [2014-09-29] (HKLM\...\ffdshow64_is1) (Version: 1.3.4533.0 - )
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.1.5.807 - Digital Wave Ltd)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.108 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{5C519C69-AC39-40D0-9FF3-1F3FEE4640B2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Hilfe (HKLM-x32\...\{6767CCD2-B939-4542-BF08-015B5496D4EC}) (Version: 30.0.0 - Hewlett Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_10.0.26.0396) (Version: 10.0.26.0396 - Intel Corporation)
Intel® RealSense™ SDK Runtime Gold (x86): Core (HKLM-x32\...\{4BAB7070-1D73-11E6-8844-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Core: Calibration (HKLM-x32\...\{676C639E-1D73-11E6-BF2F-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): User Segmentation (HKLM-x32\...\{51040000-1D73-11E6-A45D-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{B45FABE7-D101-4D99-A671-E16DA40AF7F0}) (Version: 3.0.86.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{B578C85A-A84C-4230-A177-C5B2AF565B8C}) (Version: 3.0.17.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8730.2127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24218 (HKLM-x32\...\{1daf126f-944e-4189-bb8d-9b2e1a116d3c}) (Version: 14.0.24218.2 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 de)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mumble 1.2.19 (HKLM-x32\...\{4D99DEC0-BDEE-4E79-8ED0-2905081FF30A}) (Version: 1.2.19 - Thorvald Natvig)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA 3D Vision Treiber 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Grafiktreiber 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
O&O Defrag 2000 Freeware Edition (HKLM-x32\...\{E86E5246-AA7E-11D4-88C9-00105ADBE398}) (Version: - )
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
Opera Stable 49.0.2725.47 (HKLM-x32\...\Opera 49.0.2725.47) (Version: 49.0.2725.47 - Opera Software)
Oracle VM VirtualBox 5.1.20 (HKLM\...\{CD6E345E-ECBC-4F98-BB28-276ACBBCD4DE}) (Version: 5.1.20 - Oracle Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF24 Creator 8.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.1 - Tracker Software Products Ltd)
PhotoME Beta-Release (HKLM-x32\...\PhotoME Beta-Release_is1) (Version: 0.8ß2 - Jens Duttke)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PRTG Network Monitor (HKLM-x32\...\{5EC294B8-98F8-4C20-BE73-F11A04295CA5}_is1) (Version: 17 - Paessler AG)
pyfa version 1.32.0 (YC119.9 1.3) (HKLM-x32\...\{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 1.32.0 (YC119.9 1.3) - pyfa)
Python 2.7.13 (64-bit) (HKLM\...\{4A656C6C-D24A-473F-9747-3A8D00907A04}) (Version: 2.7.13150 - Python Software Foundation)
Python 2.7.13 (HKLM-x32\...\{4A656C6C-D24A-473F-9747-3A8D00907A03}) (Version: 2.7.13150 - Python Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7959 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SiSoftware Sandra Lite Platinum (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2596}_is1) (Version: 24.18.2017.4 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Smart Data Recovery v5.0 (HKLM-x32\...\Smart Data Recovery_is1) (Version: 5.0 - Smart PC Solutions)
Smart Technology Volume Tracker 7.0.46.0 (HKLM\...\{BAE210D2-5153-4B4C-BBF4-AF3F26F861BC}) (Version: 7.0.46.0 - Mad Catz)
Snip (HKLM-x32\...\{DE935EF7-6CE4-471E-9C73-0AE1A2E7D0D6}) (Version: 0.1.5119.0 - Microsoft) Hidden
Snip (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\{525d439e-e22a-4221-8fd1-25b845fe0038}) (Version: 0.1.5119.0 - Microsoft Corporation)
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.4.0 - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Spotify) (Version: 1.0.66.478.g1296534d - Spotify AB)
Stardock Fences 3 (HKLM-x32\...\Stardock Fences 3) (Version: 3.05 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Switch Audio-Converter (HKLM-x32\...\Switch) (Version: 5.26 - NCH Software)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.3 - Tweaking.com)
Uplay (HKLM-x32\...\Uplay) (Version: 38.0.1 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\WhatsApp) (Version: 0.2.5093 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WISO Mein Geld 365 Professional (HKLM-x32\...\{36C0BA39-2207-4146-BD4E-3146DF7B9147}) (Version: 21.0.0.0 - Buhl Data Service GmbH) Hidden
WISO Mein Geld 365 Professional (HKLM-x32\...\WISO Mein Geld 365 Professional) (Version: - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2018 (HKLM-x32\...\{30CD24F2-66C6-4AC8-9C12-FA2D616B1C3F}) (Version: 25.00.1359 - Buhl Data Service GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Kay\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Kay\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Kay\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Kay\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Kay\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Kay\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Kay\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Kay\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Kay\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{d7bc212a-7450-4662-af41-ecd405b3e386}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kay\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => d:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] ()
ContextMenuHandlers1: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers2: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers3: [FG_CTX] -> {B3026062-4D7E-3601-9A6B-622CEAC3FC5C} => -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock)
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Keine Datei
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Keine Datei
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Keine Datei
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-10] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {011B42D3-DFDF-4C79-BC17-EF6717F44986} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA => C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {13896B67-0FCD-42C2-A928-DC02BAFFFCAD} - System32\Tasks\{6644215F-D573-4448-B8E2-12B972183707} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\pandasecuritytb\uninstall.exe"
Task: {187B46F7-A8B8-4F63-94EF-393FD2B00E9E} - System32\Tasks\{70F927D6-EBE1-457D-A298-444941E8E902} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Kay\Desktop\Galaxy S3 - Mini\SAMSUNG_USB_Driver_for_Mobile_Phones.exe" -d "C:\Users\Kay\Desktop\Galaxy S3 - Mini"
Task: {1D2E8BE4-15AF-45C9-B1BB-8AE269980BD5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {21C0B3BB-E4A8-4835-A062-5A9082DD6657} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {262C2D0D-990C-4A39-8A1A-7FCECDA34A8D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {29873A18-0AE9-4F1F-9176-22D865A3DD6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-25] (Google Inc.)
Task: {2A75BA30-B7E1-4EBC-946E-8A78139A6A83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {2ECDE3D1-17B5-4C78-83A3-961EBC1858CD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {2F19BF84-ECD9-489B-B717-18E7D00AD177} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => rundll32.exe url.dll,OpenURL e:\e67415113b809610ca462725cd5d34\ipoint\Setup64\Files\1031\Deu.rtf
Task: {30F520F0-ECDE-4773-8DF4-791D3E820289} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-22] (Dropbox, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {371AD943-ACC9-49C9-A79E-8FC81009F008} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-12-15] (Microsoft Corporation)
Task: {3AF644C2-3E4D-4A96-8523-77213AB94E38} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core => C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {46E72B3D-B29F-47E8-9273-71C641D7D92E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {4E7AE044-C1FE-4BB3-88E2-4E2E44ED5E19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core1d2584ba96a6d8e => C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {53F8794E-726C-4A97-9BB8-347ECDC5CB94} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {5A73AB7F-ABDA-4DEA-ACE4-066E9E744A0C} - System32\Tasks\{A8A0A7FB-B363-4CBD-91B8-947FA6EA8EAA} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Kay\Downloads\k30v106.EXE -d C:\Users\Kay\Downloads
Task: {5B1D083A-556E-457F-91C5-C5BD96A36A87} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-15] (Microsoft Corporation)
Task: {5C962AAE-235B-4695-B47C-ADC13554A58D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core1d1e909fd310c38 => C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {6617A51E-F3A1-41B1-9503-A9BF766B632C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA1d2584ba96e8c84 => C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {6625470D-DEF0-4382-BFF7-9C0064886C30} - System32\Tasks\Opera scheduled Autoupdate 1510950239 => C:\Program Files\Opera\launcher.exe [2017-11-23] (Opera Software)
Task: {6AC6BF6F-1263-4C84-9915-BB5908DFF71D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-07] (Microsoft Corporation)
Task: {73DAE438-3423-4E38-9C79-079AC0FB5C8B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-12-15] (Microsoft Corporation)
Task: {74C77775-AF05-488C-9660-4E0B511E1E00} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com)
Task: {80D8E580-68BC-478E-BAD4-06C36CD4DBAE} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe
Task: {8770FCDE-04D5-439D-AF84-EAC65EE75272} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {8945ED64-40DD-436D-9BBB-CFDC3E08FD36} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {94B3BADB-0E74-46F1-9B46-E43788144642} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {96261FF9-FFDF-4638-8297-D7F6E9BB4208} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA1d1e909fd409d8d => C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9ABF69B7-6E21-4FBE-A448-CFD73E6FC963} - System32\Tasks\{B4166901-0BCE-4DB5-9228-DF2E0E6A54F0} => C:\WINDOWS\system32\pcalua.exe -a E:\TYPO3_4.7.7\typo3start.exe -d e:\TYPO3_4.7.7
Task: {A70A3EBE-8F90-4E67-AEF9-EE04E40CC2A2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-13] (Microsoft Corporation)
Task: {C1858719-5869-483C-AF95-62D4ECB02087} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-15] (Microsoft Corporation)
Task: {D2B9CD88-07DF-4973-9528-CE348A854D38} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-07] (Microsoft Corporation)
Task: {E18984A1-5A1E-490A-A44F-ABD5DCC69332} - System32\Tasks\{70F4BB8E-DF69-4214-A82D-13742A7694BD} => C:\WINDOWS\system32\pcalua.exe -a E:\typo3-winstall-6.0.0rc2\typo3start.exe -d E:\typo3-winstall-6.0.0rc2
Task: {E50A83C6-22D9-46C6-8EDE-F7B65D25B88E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {E52C04F3-0641-4907-8F29-A02D3A7352F6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-22] (Dropbox, Inc.)
Task: {F69B0CAC-FA91-412E-91B9-F30457385EFB} - System32\Tasks\S-1-5-21-1888364831-2858631773-2981139133-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-11-02] (Microsoft Corporation)
Task: {F6FDE532-F25A-40C7-AAAF-B33AF91282B9} - System32\Tasks\{2B43B2A3-A783-4ECE-BEF2-BEE44272E399} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Kay\Desktop\Galaxy3 Mini - Android Update\SAMSUNG_USB_Driver (1)\SAMSUNG_USB_Driver_for_Mobile_Phones.exe" -d "C:\Users\Kay\Desktop\Galaxy3 Mini - Android Update\SAMSUNG_USB_Driver (1)"
Task: {FFAB897B-B8D9-4600-BDCB-95181DEDDD56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-25] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core.job => C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core1d1e909fd310c38.job => C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA.job => C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA1d1e909fd409d8d.job => C:\Users\Kay\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Kay\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-05-27 20:25 - 2014-09-03 12:53 - 001508032 _____ () C:\Program Files\COMODO\COMMON\LIBEAY32.dll
2016-05-27 20:25 - 2014-09-03 12:53 - 000338112 _____ () C:\Program Files\COMODO\COMMON\SSLEAY32.dll
2017-09-23 15:34 - 2017-10-06 23:40 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-23 15:34 - 2017-10-06 23:40 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-06-13 20:33 - 2017-06-13 20:33 - 000062424 _____ () d:\program files (x86)\stardock\fences\SdCrashReporter64.dll
2017-03-18 21:59 - 2017-03-20 05:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-12 17:42 - 2017-12-12 17:42 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-12 17:42 - 2017-12-12 17:42 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-12-12 17:42 - 2017-12-12 17:42 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-12 17:42 - 2017-12-12 17:42 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
2017-12-12 17:42 - 2017-12-12 17:42 - 000671744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-12-15 13:06 - 2017-12-14 03:49 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\libglesv2.dll
2017-12-15 13:06 - 2017-12-14 03:49 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\libegl.dll
2017-07-31 21:46 - 2017-08-01 09:57 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2017-07-31 21:46 - 2017-08-01 09:57 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2017-07-31 21:46 - 2017-08-01 09:57 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2017-07-31 21:46 - 2017-08-01 09:57 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-05-09 21:57 - 2016-05-09 21:57 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-05-14 16:00 - 2017-05-09 14:04 - 000184408 _____ () C:\Program Files (x86)\PRTG Network Monitor\paelibssh.dll
2017-05-14 16:00 - 2017-05-09 14:04 - 000470104 _____ () C:\Program Files (x86)\PRTG Network Monitor\ssh.dll
2017-12-15 20:45 - 2017-05-09 14:04 - 000781912 _____ () C:\Program Files (x86)\PRTG Network Monitor\dlltemp\snmp1.dll
2017-12-12 17:40 - 2017-12-11 10:54 - 001893880 _____ () C:\Users\Kay\AppData\Local\Discord\app-0.0.299\ffmpeg.dll
2017-12-12 17:40 - 2017-12-12 17:40 - 001886712 _____ () \\?\C:\Users\Kay\AppData\Roaming\discord\0.0.299\modules\discord_toaster\discord_toaster.node
2017-12-12 17:40 - 2017-12-11 10:54 - 001938424 _____ () C:\Users\Kay\AppData\Local\Discord\app-0.0.299\libglesv2.dll
2017-12-12 17:40 - 2017-12-11 10:54 - 000095736 _____ () C:\Users\Kay\AppData\Local\Discord\app-0.0.299\libegl.dll
2017-12-12 17:40 - 2017-12-12 17:40 - 009802232 _____ () \\?\C:\Users\Kay\AppData\Roaming\discord\0.0.299\modules\discord_voice\discord_voice.node
2017-12-12 17:40 - 2017-12-12 17:40 - 001505784 _____ () \\?\C:\Users\Kay\AppData\Roaming\discord\0.0.299\modules\discord_utils\discord_utils.node
2017-12-12 17:40 - 2017-12-12 17:40 - 000513016 _____ () \\?\C:\Users\Kay\AppData\Roaming\discord\0.0.299\modules\discord_erlpack\discord_erlpack.node
2017-12-12 17:40 - 2017-12-12 17:40 - 002662904 _____ () \\?\C:\Users\Kay\AppData\Roaming\discord\0.0.299\modules\discord_rpc\discord_rpc.node
2017-12-12 17:40 - 2017-12-12 17:40 - 001517048 _____ () \\?\C:\Users\Kay\AppData\Roaming\discord\0.0.299\modules\discord_game_utils\discord_game_utils.node
2017-12-12 17:40 - 2017-12-12 17:40 - 002749944 _____ () \\?\C:\Users\Kay\AppData\Roaming\discord\0.0.299\modules\discord_contact_import\discord_contact_import.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2017-02-17 18:53 - 000000853 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "Install LastPass IE RunOnce.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Install LastPass FF RunOnce.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVBg_DTS"
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run: => "IntelliPoint"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "ThrustTSR"
HKLM\...\StartupApproved\Run32: => "WISO Mein Geld 2015 Professional .NET"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Google+ Auto Backup"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Ubuntu One Icon"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Ubuntu One"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "WEB.DE Application {sync-000021}"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "HP Photosmart Plus B210 series (NET)"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "HP ENVY 4500 series (NET)"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Snip"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "COS"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [UDP Query User{E9743B36-CD53-430D-96AE-74471CE85651}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7628C5AD-8194-441B-B9DC-F32D6DE0B4CA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{465CF6FF-ADA1-4DEB-BB8F-36FE90CDDE20}D:\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{506DCBB8-4D5E-4CEA-AFA1-51370541BDAF}D:\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{62022F66-5AF5-4632-A086-808D7A6B9A93}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{1C741D1C-911D-4147-9DE2-734B17648ECD}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{142573AF-A151-470F-A742-927026C88B08}D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [TCP Query User{8A2A49B7-6BF7-4280-B51E-079E4BDDD7BF}D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{A27481B2-E8C3-44F3-ACEC-C19CC5C5B4C5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{15F626F4-A459-4240-BCC8-1072B37F7A3D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{6801709A-1C7B-424D-AEE8-8AAC3F37D03C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{35B20594-3D00-49D8-A06C-2EED278F3BAD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [UDP Query User{566ECE00-AFC1-4055-B7B2-69C0CAD7C909}C:\users\kay\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kay\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{022A967F-A76E-4B98-AE5D-744FFEDE0896}C:\users\kay\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kay\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FBADD0D9-E494-4416-B943-808FD79B798C}C:\users\kay\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kay\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C1CCCB11-AD22-444C-BF2E-7E979A850018}C:\users\kay\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kay\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8A180392-3095-448A-96F2-A143FFE5757F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1EC7A711-F42B-4210-870B-024782AF9F3B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8006DBB5-D7D8-432C-8BAC-560E0172C620}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{96570EFD-7085-4EC8-ABFA-455C2A8042DD}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [UDP Query User{6FC91E72-80A4-4050-BA28-6A87EBA0CFEA}D:\program files (x86)\pyfa\pyfa.exe] => (Allow) D:\program files (x86)\pyfa\pyfa.exe
FirewallRules: [TCP Query User{9438415E-878C-4D02-B672-1E5071530CDE}D:\program files (x86)\pyfa\pyfa.exe] => (Allow) D:\program files (x86)\pyfa\pyfa.exe
FirewallRules: [UDP Query User{77B96FA8-C9F2-4A33-914F-1B6A46E8DA60}C:\program files (x86)\pyfa\pyfa.exe] => (Allow) C:\program files (x86)\pyfa\pyfa.exe
FirewallRules: [TCP Query User{AEDF5F08-8EB9-4080-B834-7335089C5310}C:\program files (x86)\pyfa\pyfa.exe] => (Allow) C:\program files (x86)\pyfa\pyfa.exe
FirewallRules: [UDP Query User{A7F0EF84-7748-4808-875F-82DF50C8DECB}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{EB8BE8DC-A250-49E8-B41D-D95E65FE0EC6}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{94CBA179-EA08-4495-9A5C-6F9CFE3234E0}D:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) D:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [TCP Query User{B07285F2-0A4B-48F0-9FD9-97589513F2D5}D:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) D:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [UDP Query User{A8F556B2-B777-4F95-B917-1DC56AB73BE6}D:\pyfa\pyfa.exe] => (Allow) D:\pyfa\pyfa.exe
FirewallRules: [TCP Query User{95F3CC61-0EBA-406B-90DD-FE3A6D696BB4}D:\pyfa\pyfa.exe] => (Allow) D:\pyfa\pyfa.exe
FirewallRules: [{BECD8F3C-5DEE-4D97-8AF5-CF961CEAD1F9}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A74CB249-0A39-4424-8995-3A07DCB9CA32}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C7F651F8-A9B7-439B-A701-B3055A901FE0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{55813F14-6658-46C2-B4BF-B39ECE3E60B4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5902580F-206D-4823-AA7A-285FD4C38639}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{80D10AD7-D43E-462B-9A31-C3C8CF2A8252}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{0630AAF4-A4E2-4CF2-B384-78E70F6DD035}D:\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe] => (Allow) D:\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe
FirewallRules: [TCP Query User{DEEC502A-C853-42D6-BD8F-BA8917D5B08C}D:\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe] => (Allow) D:\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe
FirewallRules: [UDP Query User{D5564BAB-F2BD-4CE7-BC92-EC6C9F432FD9}D:\starcraft ii\versions\base38215\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [TCP Query User{20CDDD64-66F1-40A3-9C69-1E3027E80C89}D:\starcraft ii\versions\base38215\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [UDP Query User{08325EA3-3DD0-4F44-AFE0-F315AF99F63C}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{2E27A0A6-C79E-4F67-B840-CFFD33BDEE69}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe
FirewallRules: [{CB382714-0FD4-48CA-A995-2DDAAB363B85}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{CE4E737F-DCCC-4BD7-940B-DBF2B672B9E0}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [UDP Query User{3FA17935-22AA-43DF-ABD1-9632AF5A250B}D:\totalcmd\totalcmd.exe] => (Allow) D:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{E9776974-2E0F-4969-B950-57713F7A2550}D:\totalcmd\totalcmd.exe] => (Allow) D:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{00AF6728-F0B0-4052-AE5F-8B3077E3FC0C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3C7AE69E-2733-4B32-86AE-9547DC1ADB4C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BE9AE20E-9FF2-43C6-B1D5-B9D9F47469F4}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2D215BD9-891E-4FA9-8DC3-65A0D9668FF4}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F0D2E862-1A47-4408-AF35-5F27AAC4DC22}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{2AA1DFD6-312E-4DD9-B109-C20E0ECCA36A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{EDCDA70B-DF1A-48F3-BD4E-B9F2853EDF8E}D:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) D:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [UDP Query User{E6EE7A41-8A78-4ABD-80E9-3FA2D53AF160}D:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) D:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [{7C6A2AAD-7F73-44E4-8E0C-F996237331A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BE376B36-920A-4902-82BE-6CF699D14293}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8E4C68F3-525B-491B-9D9A-273394BFC787}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{E00CD392-19D4-434B-A05F-84142498B2F2}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{71C511BF-12BB-4651-9031-6688F51B8BF9}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{390EC187-5C6C-4A45-8FEA-AAEA00AF3977}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{4D23AC9C-24EF-4146-B952-3A1065E63EC7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3D1DE240-0821-41A5-B028-7F55E3D43906}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{767917D7-DC42-4B63-B01E-44195DA16C3C}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{FDBEA3A4-5B6A-4A48-BB4B-16D2C151F6C3}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [{D4F35366-C0FC-46B5-B8CB-C58C62ADC9AB}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{15DCE531-C554-493A-8C97-A4C1BD8620DF}] => (Allow) LPort=5357
FirewallRules: [{043C7667-FAA6-48A2-8481-BF1BBD92B5CF}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{41DBCFAE-C169-43D6-A4EB-95A324649911}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D544697E-988C-4887-88E5-0575D7EFE2A1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{496BF1E2-2E42-4F42-8903-4EF82BC7F59A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{6F73C257-5BFD-4E2A-8FE4-2E56473412D8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{D0EF67F9-E322-49FF-A37F-C835CAC1AAEB}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe
FirewallRules: [{000B6242-C3CB-41E3-B77B-606BA5E9D35E}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe
FirewallRules: [{3DBF5675-F94D-44F9-A434-9BB1D79A05BA}] => (Allow) E:\Eigene Musik\MediaMonkey\MediaMonkey.exe
FirewallRules: [TCP Query User{F88B17C0-C988-418F-8D4A-3FD8508F3216}D:\eve\launcher\loglite.exe] => (Allow) D:\eve\launcher\loglite.exe
FirewallRules: [UDP Query User{7B150F78-39F3-4832-B927-692E111A35E0}D:\eve\launcher\loglite.exe] => (Allow) D:\eve\launcher\loglite.exe
FirewallRules: [TCP Query User{CEFB8BA4-C836-43DF-968C-E11380D487C8}D:\program files (x86)\ccp\tq\bin\exefile.exe] => (Allow) D:\program files (x86)\ccp\tq\bin\exefile.exe
FirewallRules: [UDP Query User{05493C7E-9A4B-4A74-8F23-85C531A2B187}D:\program files (x86)\ccp\tq\bin\exefile.exe] => (Allow) D:\program files (x86)\ccp\tq\bin\exefile.exe
FirewallRules: [{1DEBD7A0-67DA-44B8-992F-365DE25C3C6C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Double Action\bin\hammer.exe
FirewallRules: [{D3A6EB96-B272-436E-B251-1026A1978A51}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Double Action\bin\hammer.exe
FirewallRules: [TCP Query User{0CAECF93-FC8F-4D8B-9786-B16D8F606B50}D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{7E52D35D-BB2F-45AE-8C4E-723EE9008A08}D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{D37C9717-A079-4E53-AA5A-C11267F5CBD6}D:\program files\telestream\gameshow\gameshow.exe] => (Allow) D:\program files\telestream\gameshow\gameshow.exe
FirewallRules: [UDP Query User{75857E8C-934D-48AD-B91F-7129DB676A4C}D:\program files\telestream\gameshow\gameshow.exe] => (Allow) D:\program files\telestream\gameshow\gameshow.exe
FirewallRules: [{FC8D3ADD-0BCF-4CCF-AD70-897AE3A40439}] => (Allow) C:\Program Files (x86)\PRTG Network Monitor\64 bit\PRTG Server.exe
FirewallRules: [{8DB6587D-6A36-45E3-8CF3-190FE1C21B76}] => (Allow) C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe
FirewallRules: [{B9C37EC5-6249-48D8-9423-AD7E3394CE07}] => (Allow) C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe
FirewallRules: [{D659DDA2-5CD1-4ACD-A674-BFF93E96C2C4}] => (Allow) C:\Program Files (x86)\PRTG Network Monitor\PRTG Administrator.exe
FirewallRules: [TCP Query User{028CA3A0-6A0B-4A21-BF7E-8D66BB89ABD2}C:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) C:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{D1E6D588-CF48-45F9-89B2-9A88D48AD7D5}C:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) C:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{D42F116E-BB13-47B4-BD4B-1F1110F40830}D:\eve\tq\bin\exefile.exe] => (Allow) D:\eve\tq\bin\exefile.exe
FirewallRules: [UDP Query User{E812CDAE-D526-443E-9368-47581DA666B9}D:\eve\tq\bin\exefile.exe] => (Allow) D:\eve\tq\bin\exefile.exe
FirewallRules: [{497B6DE7-A0DD-4AC2-BE2C-A8D82F4CCF08}] => (Allow) e:\Program Files\SiSoftware\SiSoftware Sandra Lite Platinum\RpcAgentSrv.exe
FirewallRules: [{CB38A3AC-BB6B-4924-9591-98212485DD57}] => (Allow) E:\Program Files\SiSoftware\SiSoftware Sandra Lite Platinum\WNt600x64\RpcSandraSrv.exe
FirewallRules: [TCP Query User{78DCB0FC-DE28-41B0-914A-3AFDFCC306FC}D:\eve\launcher\loglite.exe] => (Allow) D:\eve\launcher\loglite.exe
FirewallRules: [UDP Query User{C70207D1-0031-447C-A65C-52FF8124118B}D:\eve\launcher\loglite.exe] => (Allow) D:\eve\launcher\loglite.exe
FirewallRules: [TCP Query User{87A93DCF-F660-4BDC-AD8E-12AC8F3C0385}D:\eve\tq\bin\exefile.exe] => (Allow) D:\eve\tq\bin\exefile.exe
FirewallRules: [UDP Query User{AEBD18B6-0D99-430C-B6F3-A367508E3945}D:\eve\tq\bin\exefile.exe] => (Allow) D:\eve\tq\bin\exefile.exe
FirewallRules: [{57AC671E-DDD4-40EB-8C40-F6DC5D60485C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{75B0BEF7-0188-4495-A66D-6408BA07D85B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{800A5D52-12D6-422A-91CF-5072777706B4}D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{C773E3AD-BEAE-4433-957E-96219A406216}D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{6181A8C5-4BAF-4F03-88DC-38E689DB6A75}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B1A87D0D-80E5-42D3-8C6D-6F6EAED8C123}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{075EDF35-48EF-441F-9E61-025A6C4EAFCD}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [TCP Query User{24AC7D14-EAAF-4554-AB69-7460D2D70DA3}D:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) D:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe
FirewallRules: [UDP Query User{040CA2BC-37EA-42BE-9A91-CAA13F739F78}D:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) D:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe
FirewallRules: [TCP Query User{5AE7FF79-6549-44D8-A379-BBDFF59EA8D8}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{9B6FD3C7-9185-44F7-8CE4-31555CF7EA0E}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{063909FC-4AA7-454E-81F4-561C98297321}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{20FAAFCE-D34A-43BE-82AD-206269D9D648}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{FC7D2EC8-A72D-4F6E-BF4A-445C477A7AE9}D:\program files\telestream\gameshow\gameshow.exe] => (Allow) D:\program files\telestream\gameshow\gameshow.exe
FirewallRules: [UDP Query User{446F6FBE-CB56-4196-8EA8-A6FCDB634338}D:\program files\telestream\gameshow\gameshow.exe] => (Allow) D:\program files\telestream\gameshow\gameshow.exe
FirewallRules: [{AD81AFAB-B2CA-4FD0-B7C0-2EEF1728815A}] => (Allow) d:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{EE52BCA4-E8CB-4DF1-856F-E8AC3E81F946}] => (Allow) C:\Program Files\Opera\49.0.2725.39\opera.exe
FirewallRules: [{698584DC-4A9E-440E-9A99-5565DC596143}] => (Allow) C:\Program Files\Opera\49.0.2725.47\opera.exe
FirewallRules: [{863E26C7-A852-43D7-ADB9-05E3B7571339}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{1B22593E-3080-4E35-8E8C-F7640306B3AA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{6D41D007-338C-4EAF-90F9-196460384C39}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{A6706D08-7B08-4ACA-92F9-28E9C237A3F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/15/2017 06:04:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Name des fehlerhaften Moduls: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000425c6
ID des fehlerhaften Prozesses: 0x928
Startzeit der fehlerhaften Anwendung: 0x01d375b3a4ec0a7e
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\atieclxx.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\atieclxx.exe
Berichtskennung: 2c801508-b3a5-4e5a-a9f3-3396b9fb8515
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/15/2017 01:20:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Name des fehlerhaften Moduls: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000425c6
ID des fehlerhaften Prozesses: 0x2ed0
Startzeit der fehlerhaften Anwendung: 0x01d3751fdb292f0b
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\atieclxx.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\atieclxx.exe
Berichtskennung: 0c0b73d9-5e97-47f0-aa0a-5db95d0209c9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/15/2017 01:15:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "G:\Program Files (x86)\Audacity\audacity.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Error: (12/14/2017 10:09:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Name des fehlerhaften Moduls: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000425c6
ID des fehlerhaften Prozesses: 0x930
Startzeit der fehlerhaften Anwendung: 0x01d3751ccc158458
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\atieclxx.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\atieclxx.exe
Berichtskennung: 31e3191f-848d-4f2b-9545-a8b8a20a009a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/14/2017 07:36:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Name des fehlerhaften Moduls: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000425c6
ID des fehlerhaften Prozesses: 0x1b54
Startzeit der fehlerhaften Anwendung: 0x01d374ed5a3b7736
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\atieclxx.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\atieclxx.exe
Berichtskennung: ee0a8ec3-d756-4cc0-8b53-140c4908b6dc
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/14/2017 04:41:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "G:\Program Files (x86)\Audacity\audacity.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Error: (12/13/2017 10:54:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Name des fehlerhaften Moduls: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000425c6
ID des fehlerhaften Prozesses: 0x2c9c
Startzeit der fehlerhaften Anwendung: 0x01d3742d384ff929
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\atieclxx.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\atieclxx.exe
Berichtskennung: fc9eccff-c220-4df6-943f-f17b1514b80f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/13/2017 10:45:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Kay\OneDrive\z\Download\Sicherheit\esetsmartinstaller_enu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Error: (12/13/2017 10:29:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/13/2017 05:12:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Name des fehlerhaften Moduls: atieclxx.exe, Version: 6.14.11.1199, Zeitstempel: 0x563a76a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000425c6
ID des fehlerhaften Prozesses: 0x37a8
Startzeit der fehlerhaften Anwendung: 0x01d3738e0f3cce56
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\atieclxx.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\atieclxx.exe
Berichtskennung: a386d6a4-17cc-440c-86e9-dce4f75f5fdc
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (12/15/2017 08:45:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/15/2017 08:45:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/15/2017 04:52:47 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/15/2017 04:01:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/15/2017 04:01:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/15/2017 03:47:36 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
Error: (12/15/2017 03:47:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (12/15/2017 03:47:26 PM) (Source: Microsoft-Windows-Hyper-V-Hypervisor) (EventID: 41) (User: NT-AUTORITÄT)
Description: Hypervisor launch failed; Either VMX not present or not enabled in BIOS.
Error: (12/15/2017 03:47:26 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 124) (User: NT-AUTORITÄT)
Description: 03225747456
Error: (12/15/2017 03:46:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-12-14 17:07:01.531
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-12-14 17:07:01.278
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-12-09 13:16:29.391
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-12-09 13:15:57.929
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-12-09 13:15:57.689
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-12-09 13:11:08.232
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-12-09 13:10:36.594
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-12-09 13:10:36.339
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-12-07 16:21:59.599
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-12-07 16:21:59.596
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 8159.15 MB
Verfügbarer physikalischer RAM: 4683.93 MB
Summe virtueller Speicher: 9439.15 MB
Verfügbarer virtueller Speicher: 5448.95 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:74.79 GB) (Free:3.06 GB) NTFS
Drive d: (Win) (Fixed) (Total:270.45 GB) (Free:91.26 GB) NTFS
Drive e: (Elements) (Fixed) (Total:465.64 GB) (Free:133.11 GB) FAT32
Drive g: (Volume) (Fixed) (Total:36 GB) (Free:35.69 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 000AB2A8)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BDD4B8D6)
Partition 1: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=83)
========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 8D399BC0)
Partition 1: (Active) - (Size=465.8 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
Gruß
verrant |
Lesestoff:
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
SecurityCheck und: