| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Beim Anklicken von Webseiten lande ich hier:https://ad2.adfarm1.adition.com.....Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
09.08.2016, 05:51
| #7 |
 |  Beim Anklicken von Webseiten lande ich hier:https://ad2.adfarm1.adition.com.....Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-08-2016
durchgeführt von Liana (2016-08-08 23:34:49)
Gestartet von C:\Users\Liana\Downloads
Windows 10 Home Version 1511 (X64) (2016-01-18 10:20:11)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2607946208-1710773517-2996334467-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2607946208-1710773517-2996334467-503 - Limited - Disabled)
Gast (S-1-5-21-2607946208-1710773517-2996334467-501 - Limited - Disabled)
Liana (S-1-5-21-2607946208-1710773517-2996334467-1000 - Administrator - Enabled) => C:\Users\Liana
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\Amazon Kindle) (Version: - Amazon)
Anker Precision Laser Gaming Mouse version 1.3 (HKLM-x32\...\{F9A7ED2C-34E1-4A96-9A25-B022C23C3361}_is1) (Version: 1.3 - ANKER Technology)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon Auto Update Service (HKLM-x32\...\Auto Update Service) (Version: 1.1.2.18 - Canon Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.9.0.8 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.8.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.9.0.6 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.9 (HKLM-x32\...\DPP) (Version: 3.9.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.9.0.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.8.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.9.0.1 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.6.0.15 - Canon Inc.)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.22 - CLIQZ.com)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Curse Client - 1 (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Duden Korrektor PLUS (HKLM-x32\...\InstallShield_{541E5E15-7186-4395-9593-16D02765FF27}) (Version: 5.00.1507.00 - Duden)
Duden Korrektor PLUS (x32 Version: 5.00.1507.00 - Duden) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Code:
ATTFilter HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series - Grundlegende Software für das Gerät (HKLM\...\{4F396B08-301D-4E53-A372-95A7E93ABD04}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Hilfe (HKLM-x32\...\{640A03B3-4E6B-4440-A350-E6A8D6348F12}) (Version: 27.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.44.5 - HTC)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MoneyManagerEX 1.2.6 (HKLM\...\{2C48DC11-E113-4912-8AFC-366D1918101E}_is1) (Version: 1.2.6 - Money Manager EX)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.3 - )
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5919 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office-Bibliothek (HKLM-x32\...\{5C81B189-5456-40C4-9313-7FE6FA6DD64C}) (Version: 5.00.3 - Bibliographisches Institut & F.A. Brockhaus AG)
Office-Bibliothek 4.0 (HKLM-x32\...\{54971F17-9D16-4D43-95D6-3A86E3D20EDB}) (Version: - )
paint.net (HKLM\...\{DD393E4D-76FA-4CCD-84F3-CD9D75C14862}) (Version: 4.0.10 - dotPDN LLC)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 12.0 - PlotSoft LLC)
Code:
ATTFilter Prey Anti-Theft (x32 Version: 1.5.1 - Prey, Inc.) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Secure Banking (HKLM\...\{2088356A-A860-4619-B6DC-F6785AEBBBF7}) (Version: 2.0.5 - Machinecode Technologies)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Snip (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\{525d439e-e22a-4221-8fd1-25b845fe0038}) (Version: 0.1.5119.0 - Microsoft Corporation)
Snip (x32 Version: 0.1.5119.0 - Microsoft) Hidden
Spotify (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Studie zur Verbesserung von HP Photosmart 5520 series Produkten (HKLM\...\{B99F865A-3ECB-4E65-B6CF-9C60EE0273A3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Vivaldi (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\Vivaldi) (Version: 1.2.490.43 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Logs Client (4.2) (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\World of Logs Client (4.2)) (Version: - Digibites Technology)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2607946208-1710773517-2996334467-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-BEC05B4FA4C2}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2607946208-1710773517-2996334467-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Liana\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2607946208-1710773517-2996334467-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {023491F0-C6C2-4A30-8A9F-4D9C6D8F9BC7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {0B768455-5B60-4647-A472-AAB4D8153BBE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {1239E97F-CA31-4788-8BB4-09FCBD79D395} - System32\Tasks\AdobeAAMUpdater-1.0-Liana-PC-Liana => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {1745D19D-72EE-42AD-8859-8CC680452B37} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-02] (Dropbox, Inc.)
Task: {2644E2F4-780C-4E5E-8CC1-F4262A885F2F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {2922DF01-B1FD-42E3-9E76-3326AD8AD83B} - System32\Tasks\HP AR Program Upload - 3166a5ed839b41759d632f813a339460828abd1816e6403fa938d19a5ea79a8d => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {296043C0-CA5F-44B8-ACD0-4F804E129C1C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {2E0F8E29-1803-4749-B244-E3C336D053A2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3011A954-EAFB-43DC-9866-C5E394760951} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {3CDB8798-C8E2-4CC2-9066-4D8519C10A07} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3F76B104-5FC6-4AFA-BFFC-DC75C9117412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-13] (Microsoft Corporation)
Task: {3F98CD0E-B254-461F-9E86-05F478AF5182} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {4C263984-284E-4F5E-AA97-0CF4EDF19237} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {4F971C59-3824-4C70-93AE-443567513304} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {5871A5D7-1BB2-473A-B2BA-006BEABDAB8E} - System32\Tasks\{6ED89F80-9A75-48E8-B27B-7DB11D0EE809} => pcalua.exe -a "C:\Users\Liana\Downloads\World of Warcraft Beta Setup.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {5BFAF5E5-A60E-468F-A50E-E67BE6A571C9} - System32\Tasks\HP AR Program Upload - 939f4ef4f9934177a0b6cec8d502039fa033a5ac679b4dcd9664778617130eed => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {5D22513F-B5A6-4196-AC74-D8F7A396EA71} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {660BE0A1-51C6-4165-9381-5FC854E7531D} - System32\Tasks\{E977FFF5-B2A6-4FF0-8B82-D0702D64BBE0} => pcalua.exe -a D:\monsetup.exe -d D:\
Task: {67DD0A51-CC73-46E2-987A-F1A1C1AA974C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6A7C2F31-23D9-4D52-BAC0-318703BA87F4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {78F2269F-5B6D-4483-84F8-1AEA48BD7C94} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Code:
ATTFilter Task: {7997C3C6-3411-4D63-B131-F54F965A85DF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7F6D130E-E371-4980-8E97-ACBDE9EEE1D5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {82065998-1554-4CE5-9E3A-0721AD27A171} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {84CCE790-22E4-44B8-B05C-F3E3C695E35B} - System32\Tasks\{7BFC8EF1-3725-47B1-897F-E902CB5724A0} => pcalua.exe -a C:\Users\Liana\Downloads\PTR-Installer-de_DE.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {860C2724-08AB-404F-8A30-16028F8F65B8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {8E5C09D5-E207-4037-B045-6C23479F1271} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {900C9A82-9AEE-4D7F-B88A-FE3897F44A65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {948E4B06-87F6-4584-9087-87D27916B697} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {9523DC85-CB93-4791-BB5E-537F4C12C021} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {97DE7683-894F-4426-B870-BA565923B0C8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {9AB62A7E-E7BE-4D2A-9E8D-CD8BE88EDDA3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {A63DCA93-01C0-4576-A63C-22EEB994AEEA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A6992871-CB55-4C8F-8BC6-DD29CCFC2EF5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-02] (Dropbox, Inc.)
Task: {B56D2644-09EB-4BAE-8152-6279EFE490CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {B6B14AC9-EC4E-462E-AD0D-79F5A3DD451F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B74DE6AE-4299-4346-A6F2-E68065C605A1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C46FD7D6-F4BD-4165-9B2E-10FADDD373B5} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D48869DF-A0EF-4E28-8901-33CB2BABC729} - System32\Tasks\{F69AD41C-A163-4D4D-859B-253CF2E24E63} => pcalua.exe -a I:\schaufeln\DTLite4356-0091.exe -d I:\schaufeln
Task: {D5450C05-ED72-4B94-B7D4-0A25A313DB3E} - System32\Tasks\{A745AAB3-8CBA-41F4-B6B4-A3BFAF574BA5} => pcalua.exe -a I:\schaufeln\cfw_installer_x86.exe -d I:\schaufeln
Task: {D723A5E3-7DF1-4C28-9C8A-5295CB7D1276} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {DDB7B550-655B-4351-8383-442760BD552A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DF6E8B1D-AA94-4118-818F-E2A611180DE0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {E97934FB-B1A3-49E7-8DDF-10293A53AEC6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {EE77E5BB-E676-4C2E-8CAB-16D9458AE0F1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {F49E47CA-33CC-436F-9DC9-2B2CE028C737} - System32\Tasks\HP AR Program Upload - 5bfcba80e17b4e8894f57c7894d53685102b09be283544feb1796125d3e6453c => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {F736E093-C0C2-41C0-BC7B-2755BAC7C6F5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {FC21B027-44BD-4DA9-B5F1-6B51DF039F07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {FC471D86-EDCD-4DE1-91F0-5F3FFD78B185} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {FCF4B1A4-0EFD-4BC2-83C2-97E66F03E112} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE034EFF-D64B-4EAF-B9C5-7E2BC263BA75} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {FE0ED52B-FA13-4411-83D3-6096BFE9EEF2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {FF1007E9-A5BD-49E9-B3F8-25F23FE970BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-05 17:33 - 2016-05-25 12:53 - 00191688 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2016-03-03 12:25 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-01-28 10:46 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-10 12:28 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-03 12:25 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2016-04-10 12:28 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-10 12:28 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-10 12:28 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-28 10:46 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-18 11:49 - 2016-03-08 08:42 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-13 09:17 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 09:17 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-14 08:54 - 2016-05-14 08:54 - 00959168 _____ () C:\Users\Liana\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2011-06-19 14:41 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2016-01-18 17:00 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 09:18 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 09:19 - 2016-07-01 05:49 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-07-13 09:17 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 09:16 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 09:17 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 09:17 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-08 13:34 - 2014-01-10 12:08 - 03353600 _____ () C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe
Code:
ATTFilter 2016-04-20 06:13 - 2016-04-20 06:13 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-03 07:57 - 2016-06-03 07:58 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-03 07:57 - 2016-06-03 07:58 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 07:57 - 2016-06-03 07:58 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-04 09:24 - 2016-03-04 09:24 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-28 07:32 - 2016-06-28 07:32 - 03790336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-15 10:06 - 2015-12-15 10:06 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-04-10 12:27 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-10 12:27 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-08-01 10:10 - 2016-08-01 10:10 - 01482728 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7730\Battle.net Helper.exe
2014-03-12 20:35 - 2016-07-26 23:29 - 16814568 _____ () C:\Heart\Hearthstone\Hearthstone.exe
2014-11-03 12:04 - 2014-11-03 12:04 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-03-19 17:16 - 2015-03-19 17:16 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-11-03 12:06 - 2014-11-03 12:06 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-11-03 12:07 - 2014-11-03 12:07 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-04-14 12:11 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-08 13:34 - 2011-01-27 00:53 - 00028160 _____ () C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\uiHook.dll
2015-12-12 12:01 - 2016-06-30 04:25 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-08-05 21:11 - 2016-06-30 04:25 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-08-05 21:11 - 2016-06-30 04:26 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-08-05 21:11 - 2016-06-30 04:25 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 12:01 - 2016-06-30 04:25 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 12:01 - 2016-06-30 04:25 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 12:01 - 2016-08-01 23:27 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 12:01 - 2016-06-30 04:25 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-08-05 21:11 - 2016-08-01 23:26 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 12:01 - 2016-06-30 04:26 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-08-05 21:11 - 2016-08-01 23:26 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-08-05 21:11 - 2016-08-01 23:26 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-05 21:11 - 2016-06-30 04:25 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-08-05 21:11 - 2016-06-30 04:27 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 12:01 - 2016-08-01 23:27 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-08-05 21:11 - 2016-08-01 23:26 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-02-11 00:59 - 2016-08-01 23:27 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-11 00:59 - 2016-08-01 23:27 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-11 00:59 - 2016-08-01 23:27 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2015-12-12 12:01 - 2016-06-30 04:25 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-08-05 21:11 - 2016-06-30 04:26 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-08-05 21:11 - 2016-08-01 23:26 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 12:01 - 2016-08-01 23:27 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-11 00:59 - 2016-08-01 23:27 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-08-05 21:11 - 2016-06-30 04:28 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-08-05 21:11 - 2016-08-01 23:27 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-08-05 21:11 - 2016-08-01 23:17 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-08-05 21:11 - 2016-08-01 23:27 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-08-05 21:11 - 2016-08-01 23:27 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 12:01 - 2016-06-30 04:26 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 03929392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 01972016 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2015-12-12 12:01 - 2016-06-30 04:27 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
Code:
ATTFilter 2016-04-16 08:54 - 2016-08-01 23:27 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00168248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-08-05 21:11 - 2016-08-01 23:27 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-08-05 21:11 - 2016-06-30 04:29 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-08-05 21:11 - 2016-06-30 04:29 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-10-02 12:32 - 2016-06-30 04:31 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-04-20 06:13 - 2016-04-20 06:13 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-20 06:13 - 2016-04-20 06:13 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO3064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434709.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434725.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434752.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434788.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435012.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435286.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435330.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434709.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434725.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434752.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434788.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435012.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435286.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435330.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvhdagenco64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\powertracker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dhRichClient3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rdpendp_winip.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sqlite36_engine.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\LGBusEnum.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Desktop\mbam-setup-2.1.6.1022.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Desktop\mbam-setup-2.1.6.1022.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Desktop\video_2016-02-18T17.19.03.mp4:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Liana\Downloads\1.bild(3).pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\1.bild(3).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\112013_Lactrase_Flyer.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\112013_Lactrase_Flyer.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\2.bild.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\2.bild.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\54cfa192ab906.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\54cfa192ab906.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Anleitung Löschen von illegalen Kopien.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\Anleitung Löschen von illegalen Kopien.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Auswertung_Umfrage_Honorar_Montsegur.pdf:$CmdZnID [26]
Code:
ATTFilter AlternateDataStreams: C:\Users\Liana\Downloads\ConvertHelper3Setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\ConvertHelper3Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Cruenta.xlsx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Der_Albenstern.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\DriverToolkitInstaller(1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\DriverToolkitInstaller(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\DriverToolkitInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\DriverToolkitInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\EOSCameraInfo.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\EOSCameraInfo.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\LGS_8.57.145_x64_Logitech(1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\LGS_8.57.145_x64_Logitech(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\LGS_8.57.145_x64_Logitech.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\LGS_8.57.145_x64_Logitech.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\MediaCreationToolx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\MediaCreationToolx64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\noscript-2.6.9.21.xpi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\noscript-2.6.9.21.xpi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\OriginThinSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\OriginThinSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_23-01-2015_1139.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_23-01-2015_1139.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_27-01-2015_1038(1).pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_27-01-2015_1038(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_27-01-2015_1038.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_27-01-2015_1038.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Setup.x64.en-us_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Windows 10 Final 64 Bit - CHIP-Installer.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Liana\Downloads\Windows 10 Final 64 Bit - CHIP-Installer.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Wochenende Köln 1.-3-05-2015 081.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\Wochenende Köln 1.-3-05-2015 081.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_0news-1751121550 [2302]
AlternateDataStreams: C:\Users\Liana\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_1messages-431041656 [2302]
AlternateDataStreams: C:\Users\Liana\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_2events-250898981 [2302]
AlternateDataStreams: C:\Users\Liana\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_3friends-215113587 [2302]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-04-30 16:36 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Liana\Pictures\hintergrundbilder\Neuer Ordner\2.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk => C:\Windows\pss\Install LastPass FF RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk => C:\Windows\pss\Install LastPass IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Liana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Liana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
Code:
ATTFilter MSCONFIG\startupfolder: C:^Users^Liana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Duden Korrektor SysTray => C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe" Minimum
MSCONFIG\startupreg: PrivDogService => "C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Liana\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "Snip"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "Spotify"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{A3878B4D-52BE-4068-B093-C1FFA92336ED}] => (Allow) C:\Users\Liana\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{E3DD6E6A-65D2-4E26-B013-62D53C479B8F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F6276481-84B7-467C-8260-664F2F6C387E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8F1A536-F02D-430D-8793-D8810EBD4D79}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{93B1FEDE-C895-4371-B363-063F17A5333D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D3F3596-1CC6-4B6C-AA8F-BFC3071376AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{55EF7BFF-5291-4BF2-B1C7-8FB7F9222760}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{BD8E4744-F53F-4E4E-BF99-5BD030F4A079}C:\heart\hearthstone\hearthstone.exe] => (Allow) C:\heart\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{40E63FC6-902D-401B-89B7-1E191F6EA185}C:\heart\hearthstone\hearthstone.exe] => (Allow) C:\heart\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{6975DEC6-4F82-40C1-8DEB-DC1A67558EBA}C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{35AB72F1-5947-44A0-B404-06483F92C83F}C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{769C9DC7-D3AE-4A87-AFAD-37B642CD4DF9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{B3503E1C-AD26-4E82-B287-C1F6437E2215}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4E557A62-CC01-4C65-8BE2-DF7F79CC1D9A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{76FFB8B9-3331-4342-ABA0-18E99CE2058D}] => (Allow) LPort=2869
FirewallRules: [{09635DF5-C93A-483A-BD1C-9997484D0F13}] => (Allow) LPort=1900
FirewallRules: [{9A6C817E-D8AF-4EEF-B24A-B3E527AC831F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4E976658-42C0-4A76-8187-CD0648B1B89B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{FFD70BD4-D448-4271-8264-5318EA7C0BE8}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe
FirewallRules: [{836E4D1A-40BF-4817-B174-92493E83894F}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe
FirewallRules: [{20A343AC-4380-41E4-A3B7-21233B975F01}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{F2860D19-9592-4013-8A85-0927DDC4DB1F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{3963BBA1-DB5F-4305-9269-209497D457F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{46D7A2E0-B822-4864-81F5-7971BD55FD56}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{155C212A-C497-4F10-AED9-BBA767D5161A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{C13CE478-13E4-4C68-8C73-5A4B6A779D88}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{9FEBB38B-7E44-4D19-A2D6-F9492CF88957}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{0ADC4081-4CB2-4D92-B08D-DB479552E0FC}] => (Allow) LPort=51001
FirewallRules: [{BB313BF0-BD4E-44BA-867F-523E065664FB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{36BFCA4B-4273-4B85-9765-1973484A4603}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{548C1B4A-D291-405C-AF06-5449B20940FB}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
Code:
ATTFilter MSCONFIG\startupfolder: C:^Users^Liana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Duden Korrektor SysTray => C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe" Minimum
MSCONFIG\startupreg: PrivDogService => "C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Liana\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "Snip"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "Spotify"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{A3878B4D-52BE-4068-B093-C1FFA92336ED}] => (Allow) C:\Users\Liana\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{E3DD6E6A-65D2-4E26-B013-62D53C479B8F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F6276481-84B7-467C-8260-664F2F6C387E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8F1A536-F02D-430D-8793-D8810EBD4D79}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{93B1FEDE-C895-4371-B363-063F17A5333D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D3F3596-1CC6-4B6C-AA8F-BFC3071376AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{55EF7BFF-5291-4BF2-B1C7-8FB7F9222760}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{BD8E4744-F53F-4E4E-BF99-5BD030F4A079}C:\heart\hearthstone\hearthstone.exe] => (Allow) C:\heart\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{40E63FC6-902D-401B-89B7-1E191F6EA185}C:\heart\hearthstone\hearthstone.exe] => (Allow) C:\heart\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{6975DEC6-4F82-40C1-8DEB-DC1A67558EBA}C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{35AB72F1-5947-44A0-B404-06483F92C83F}C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{769C9DC7-D3AE-4A87-AFAD-37B642CD4DF9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{B3503E1C-AD26-4E82-B287-C1F6437E2215}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4E557A62-CC01-4C65-8BE2-DF7F79CC1D9A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{76FFB8B9-3331-4342-ABA0-18E99CE2058D}] => (Allow) LPort=2869
FirewallRules: [{09635DF5-C93A-483A-BD1C-9997484D0F13}] => (Allow) LPort=1900
FirewallRules: [{9A6C817E-D8AF-4EEF-B24A-B3E527AC831F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4E976658-42C0-4A76-8187-CD0648B1B89B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{FFD70BD4-D448-4271-8264-5318EA7C0BE8}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe
FirewallRules: [{836E4D1A-40BF-4817-B174-92493E83894F}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe
FirewallRules: [{20A343AC-4380-41E4-A3B7-21233B975F01}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{F2860D19-9592-4013-8A85-0927DDC4DB1F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{3963BBA1-DB5F-4305-9269-209497D457F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{46D7A2E0-B822-4864-81F5-7971BD55FD56}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{155C212A-C497-4F10-AED9-BBA767D5161A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{C13CE478-13E4-4C68-8C73-5A4B6A779D88}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{9FEBB38B-7E44-4D19-A2D6-F9492CF88957}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{0ADC4081-4CB2-4D92-B08D-DB479552E0FC}] => (Allow) LPort=51001
FirewallRules: [{BB313BF0-BD4E-44BA-867F-523E065664FB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{36BFCA4B-4273-4B85-9765-1973484A4603}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{548C1B4A-D291-405C-AF06-5449B20940FB}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{7BADE8AA-A5E5-4607-81D1-54E366567538}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{098DAC5B-334A-496D-B2A7-8FDB28ED88BC}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{15C192B7-CE44-4D4F-8B15-9CE3108B9DB1}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{5E638A09-B6C4-4CA6-B885-F19EC0D61192}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{CA0E8C1B-7C45-48D9-B1E5-6ED32A58BAAC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F4E7013-AF66-4F94-A275-D646435E7889}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2817663A-5EF9-4EE9-93C2-7003FD35219D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4E5258E4-B41B-434E-90DC-245708CDD1AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{ED08E737-F7F0-4F55-A9E8-7A76C33F4110}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1E70122B-9FD9-41C2-A841-45BFF10370E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5C75EAD3-1119-4B04-A355-9CB2619A3D66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{4B5F3A9A-9874-4DCD-A13F-B6F4A6440CF4}C:\program files\moneymanagerex\bin\mmex.exe] => (Block) C:\program files\moneymanagerex\bin\mmex.exe
FirewallRules: [UDP Query User{856E52DD-EBDD-4C75-A8E2-0615A05C4D09}C:\program files\moneymanagerex\bin\mmex.exe] => (Block) C:\program files\moneymanagerex\bin\mmex.exe
FirewallRules: [TCP Query User{3A526872-0B56-43C4-870D-52EC344929B3}C:\heart\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe] => (Allow) C:\heart\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3C5F385A-04C6-4A33-9DB9-91315FD92583}C:\heart\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe] => (Allow) C:\heart\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe
FirewallRules: [{45634BDF-44C1-4D32-9F7D-405AB5A8D31C}] => (Allow) C:\Windows\Prey\versions\1.6.1\bin\node.exe
FirewallRules: [{C98766DC-8816-4712-88F8-C739CB128E68}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{15B7992F-11CA-4F12-81FB-0205A97D2BD1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
22-07-2016 00:03:22 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
29-07-2016 21:59:12 Geplanter Prüfpunkt
08-08-2016 13:29:29 paint.net v4.0.10
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Code:
ATTFilter Applikationsfehler:
==================
Error: (08/08/2016 01:46:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10625
Error: (08/08/2016 01:46:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10625
Error: (08/08/2016 01:46:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/08/2016 01:46:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9453
Error: (08/08/2016 01:46:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9453
Error: (08/08/2016 01:46:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/08/2016 01:46:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8297
Error: (08/08/2016 01:46:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8297
Error: (08/08/2016 01:46:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/08/2016 01:46:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7125
Systemfehler:
=============
Error: (08/08/2016 06:08:05 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/08/2016 03:09:39 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/08/2016 01:46:51 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/08/2016 08:04:17 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (08/08/2016 01:01:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1274c70e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/07/2016 11:19:54 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/07/2016 10:01:43 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/07/2016 07:06:34 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/07/2016 04:30:24 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/07/2016 02:45:09 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
CodeIntegrity:
===================================
Date: 2016-07-15 00:05:55.001
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 12:02:09.436
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 05:40:07.580
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-18 08:38:57.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Code:
ATTFilter Date: 2016-06-16 07:36:57.391
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-30 18:20:46.954
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-30 18:20:46.674
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-30 13:17:30.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-29 13:03:28.164
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-29 13:03:27.637
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8168.86 MB
Verfügbarer physikalischer RAM: 5109.27 MB
Summe virtueller Speicher: 16360.86 MB
Verfügbarer virtueller Speicher: 12577.31 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:372.72 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F89CB482)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
==================== Ende von Addition.txt ============================
Tialda |
| Themen zu Beim Anklicken von Webseiten lande ich hier:https://ad2.adfarm1.adition.com..... |
| .html, anklicken, erneut, hoffe, https, klicke, klicken, leer, problem, webseite, webseiten |
Baum-Darstellung