Beim Anklicken von Webseiten lande ich hier:https://ad2.adfarm1.adition.com.....

Tialda · 09.08.2016, 17:32

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2016
durchgeführt von Liana (2016-08-09 17:08:07)
Gestartet von C:\Users\Liana\Downloads
Windows 10 Home Version 1511 (X64) (2016-01-18 10:20:11)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2607946208-1710773517-2996334467-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2607946208-1710773517-2996334467-503 - Limited - Disabled)
Gast (S-1-5-21-2607946208-1710773517-2996334467-501 - Limited - Disabled)
Liana (S-1-5-21-2607946208-1710773517-2996334467-1000 - Administrator - Enabled) => C:\Users\Liana

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\Amazon Kindle) (Version:  - Amazon)
Anker Precision Laser Gaming Mouse version 1.3 (HKLM-x32\...\{F9A7ED2C-34E1-4A96-9A25-B022C23C3361}_is1) (Version: 1.3 - ANKER Technology)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon Auto Update Service (HKLM-x32\...\Auto Update Service) (Version: 1.1.2.18 - Canon Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.9.0.8 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.8.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.9.0.6 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.9 (HKLM-x32\...\DPP) (Version: 3.9.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.9.0.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.8.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.9.0.1 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.6.0.15 - Canon Inc.)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.22 - CLIQZ.com)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Curse Client - 1  (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Duden Korrektor PLUS (HKLM-x32\...\InstallShield_{541E5E15-7186-4395-9593-16D02765FF27}) (Version: 5.00.1507.00 - Duden)
Duden Korrektor PLUS (x32 Version: 5.00.1507.00 - Duden) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series - Grundlegende Software für das Gerät (HKLM\...\{4F396B08-301D-4E53-A372-95A7E93ABD04}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Hilfe (HKLM-x32\...\{640A03B3-4E6B-4440-A350-E6A8D6348F12}) (Version: 27.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.44.5 - HTC)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MoneyManagerEX 1.2.6 (HKLM\...\{2C48DC11-E113-4912-8AFC-366D1918101E}_is1) (Version: 1.2.6 - Money Manager EX)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.3 - )
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5919 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office-Bibliothek (HKLM-x32\...\{5C81B189-5456-40C4-9313-7FE6FA6DD64C}) (Version: 5.00.3 - Bibliographisches Institut & F.A. Brockhaus AG)
Office-Bibliothek 4.0 (HKLM-x32\...\{54971F17-9D16-4D43-95D6-3A86E3D20EDB}) (Version:  - )
paint.net (HKLM\...\{DD393E4D-76FA-4CCD-84F3-CD9D75C14862}) (Version: 4.0.10 - dotPDN LLC)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 12.0 - PlotSoft LLC)

Code:

ATTFilter

Prey Anti-Theft (x32 Version: 1.5.1 - Prey, Inc.) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Secure Banking (HKLM\...\{2088356A-A860-4619-B6DC-F6785AEBBBF7}) (Version: 2.0.5 - Machinecode Technologies)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Snip (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\{525d439e-e22a-4221-8fd1-25b845fe0038}) (Version: 0.1.5119.0 - Microsoft Corporation)
Snip (x32 Version: 0.1.5119.0 - Microsoft) Hidden
Spotify (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Studie zur Verbesserung von HP Photosmart 5520 series Produkten (HKLM\...\{B99F865A-3ECB-4E65-B6CF-9C60EE0273A3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Vivaldi (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\Vivaldi) (Version: 1.2.490.43 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Logs Client (4.2) (HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\World of Logs Client (4.2)) (Version:  - Digibites Technology)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2607946208-1710773517-2996334467-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-BEC05B4FA4C2}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2607946208-1710773517-2996334467-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Liana\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2607946208-1710773517-2996334467-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {023491F0-C6C2-4A30-8A9F-4D9C6D8F9BC7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {0B768455-5B60-4647-A472-AAB4D8153BBE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {1239E97F-CA31-4788-8BB4-09FCBD79D395} - System32\Tasks\AdobeAAMUpdater-1.0-Liana-PC-Liana => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {1745D19D-72EE-42AD-8859-8CC680452B37} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-02] (Dropbox, Inc.)
Task: {2644E2F4-780C-4E5E-8CC1-F4262A885F2F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {2922DF01-B1FD-42E3-9E76-3326AD8AD83B} - System32\Tasks\HP AR Program Upload - 3166a5ed839b41759d632f813a339460828abd1816e6403fa938d19a5ea79a8d => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {296043C0-CA5F-44B8-ACD0-4F804E129C1C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {2E0F8E29-1803-4749-B244-E3C336D053A2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3011A954-EAFB-43DC-9866-C5E394760951} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {3CDB8798-C8E2-4CC2-9066-4D8519C10A07} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3F76B104-5FC6-4AFA-BFFC-DC75C9117412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-13] (Microsoft Corporation)
Task: {3F98CD0E-B254-461F-9E86-05F478AF5182} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {4C263984-284E-4F5E-AA97-0CF4EDF19237} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {4F971C59-3824-4C70-93AE-443567513304} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {5871A5D7-1BB2-473A-B2BA-006BEABDAB8E} - System32\Tasks\{6ED89F80-9A75-48E8-B27B-7DB11D0EE809} => pcalua.exe -a "C:\Users\Liana\Downloads\World of Warcraft Beta Setup.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {5BFAF5E5-A60E-468F-A50E-E67BE6A571C9} - System32\Tasks\HP AR Program Upload - 939f4ef4f9934177a0b6cec8d502039fa033a5ac679b4dcd9664778617130eed => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {5D22513F-B5A6-4196-AC74-D8F7A396EA71} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {660BE0A1-51C6-4165-9381-5FC854E7531D} - System32\Tasks\{E977FFF5-B2A6-4FF0-8B82-D0702D64BBE0} => pcalua.exe -a D:\monsetup.exe -d D:\
Task: {67DD0A51-CC73-46E2-987A-F1A1C1AA974C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6A7C2F31-23D9-4D52-BAC0-318703BA87F4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {78F2269F-5B6D-4483-84F8-1AEA48BD7C94} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {7997C3C6-3411-4D63-B131-F54F965A85DF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7F6D130E-E371-4980-8E97-ACBDE9EEE1D5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {82065998-1554-4CE5-9E3A-0721AD27A171} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {84CCE790-22E4-44B8-B05C-F3E3C695E35B} - System32\Tasks\{7BFC8EF1-3725-47B1-897F-E902CB5724A0} => pcalua.exe -a C:\Users\Liana\Downloads\PTR-Installer-de_DE.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {860C2724-08AB-404F-8A30-16028F8F65B8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {8E5C09D5-E207-4037-B045-6C23479F1271} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {900C9A82-9AEE-4D7F-B88A-FE3897F44A65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {948E4B06-87F6-4584-9087-87D27916B697} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {9523DC85-CB93-4791-BB5E-537F4C12C021} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {97DE7683-894F-4426-B870-BA565923B0C8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {9AB62A7E-E7BE-4D2A-9E8D-CD8BE88EDDA3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {A63DCA93-01C0-4576-A63C-22EEB994AEEA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A6992871-CB55-4C8F-8BC6-DD29CCFC2EF5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-02] (Dropbox, Inc.)
Task: {B56D2644-09EB-4BAE-8152-6279EFE490CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {B6B14AC9-EC4E-462E-AD0D-79F5A3DD451F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B74DE6AE-4299-4346-A6F2-E68065C605A1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C46FD7D6-F4BD-4165-9B2E-10FADDD373B5} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D48869DF-A0EF-4E28-8901-33CB2BABC729} - System32\Tasks\{F69AD41C-A163-4D4D-859B-253CF2E24E63} => pcalua.exe -a I:\schaufeln\DTLite4356-0091.exe -d I:\schaufeln
Task: {D5450C05-ED72-4B94-B7D4-0A25A313DB3E} - System32\Tasks\{A745AAB3-8CBA-41F4-B6B4-A3BFAF574BA5} => pcalua.exe -a I:\schaufeln\cfw_installer_x86.exe -d I:\schaufeln
Task: {D723A5E3-7DF1-4C28-9C8A-5295CB7D1276} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {DDB7B550-655B-4351-8383-442760BD552A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DF6E8B1D-AA94-4118-818F-E2A611180DE0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {E97934FB-B1A3-49E7-8DDF-10293A53AEC6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {EE77E5BB-E676-4C2E-8CAB-16D9458AE0F1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {F49E47CA-33CC-436F-9DC9-2B2CE028C737} - System32\Tasks\HP AR Program Upload - 5bfcba80e17b4e8894f57c7894d53685102b09be283544feb1796125d3e6453c => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {F736E093-C0C2-41C0-BC7B-2755BAC7C6F5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {FC21B027-44BD-4DA9-B5F1-6B51DF039F07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {FC471D86-EDCD-4DE1-91F0-5F3FFD78B185} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {FCF4B1A4-0EFD-4BC2-83C2-97E66F03E112} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE034EFF-D64B-4EAF-B9C5-7E2BC263BA75} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {FE0ED52B-FA13-4411-83D3-6096BFE9EEF2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {FF1007E9-A5BD-49E9-B3F8-25F23FE970BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-05 17:33 - 2016-05-25 12:53 - 00191688 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2016-03-03 12:25 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-01-28 10:46 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-10 12:28 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-03 12:25 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2016-04-10 12:28 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-10 12:28 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-10 12:28 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-28 10:46 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-13 09:17 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 09:17 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-14 08:54 - 2016-05-14 08:54 - 00959168 _____ () C:\Users\Liana\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2011-06-19 14:41 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2016-04-20 06:13 - 2016-04-20 06:13 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-18 17:00 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 09:18 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 09:17 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 09:16 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 09:17 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 09:17 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-10 12:27 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-10 12:27 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2014-11-03 12:04 - 2014-11-03 12:04 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-03-19 17:16 - 2015-03-19 17:16 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

Code:

ATTFilter

2014-11-03 12:05 - 2014-11-03 12:05 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-11-03 12:06 - 2014-11-03 12:06 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-11-03 12:07 - 2014-11-03 12:07 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2016-04-20 06:13 - 2016-04-20 06:13 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-20 06:13 - 2016-04-20 06:13 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00141312 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2016-06-30 13:55 - 2016-06-30 13:55 - 05919416 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\AdobePDFMakerX.dll
2016-05-03 16:41 - 2016-05-03 16:41 - 03385856 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2016-05-03 16:41 - 2016-05-03 16:41 - 02099896 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\SendAsLinkX.dll
2016-05-03 16:41 - 2016-05-03 16:41 - 00230912 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\Adobe Send\SendAsLinkX.DEU
2015-11-11 04:41 - 2015-11-11 04:41 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2007-04-15 20:44 - 2007-04-15 20:44 - 00898560 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\libxml2.dll
2007-04-15 20:44 - 2007-04-15 20:44 - 00073728 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\zlib1.dll
2016-08-01 10:10 - 2016-08-01 10:10 - 37247976 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7730\libcef.dll
2016-08-01 10:10 - 2016-08-01 10:10 - 00293040 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7730\ortp.dll
2016-08-01 10:10 - 2016-08-01 10:10 - 06402560 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7730\battle.net.dll
2016-08-01 10:10 - 2016-08-01 10:10 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7730\libEGL.dll
2016-08-01 10:10 - 2016-08-01 10:10 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7730\libGLESv2.dll
2016-08-01 10:10 - 2016-08-01 10:10 - 01482728 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7730\Battle.net Helper.exe
2016-08-01 10:10 - 2016-08-01 10:10 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7730\libglesv2.dll
2016-08-01 10:10 - 2016-08-01 10:10 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7730\libegl.dll
2016-08-01 10:10 - 2016-08-01 10:10 - 00990696 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7730\ffmpegsumo.dll
2014-03-12 20:35 - 2016-07-26 23:29 - 16814568 _____ () C:\Heart\Hearthstone\Hearthstone.exe
2014-03-12 20:35 - 2016-07-26 23:29 - 00030208 _____ () C:\Heart\Hearthstone\Hearthstone_Data\Plugins\PlayErrors32.DLL
2014-08-06 20:04 - 2015-06-24 11:39 - 00014336 _____ () C:\Heart\Hearthstone\Hearthstone_Data\Plugins\W8TouchDLL.DLL

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO3064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434709.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434725.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434752.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434788.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435012.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435286.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435330.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434709.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434725.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434752.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434788.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435012.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435286.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435330.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvhdagenco64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\powertracker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dhRichClient3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rdpendp_winip.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sqlite36_engine.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\LGBusEnum.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Desktop\mbam-setup-2.1.6.1022.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Desktop\mbam-setup-2.1.6.1022.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Desktop\video_2016-02-18T17.19.03.mp4:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Liana\Downloads\1.bild(3).pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\1.bild(3).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\112013_Lactrase_Flyer.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\112013_Lactrase_Flyer.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\2.bild.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\2.bild.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\54cfa192ab906.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\54cfa192ab906.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Anleitung Löschen von illegalen Kopien.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\Anleitung Löschen von illegalen Kopien.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Auswertung_Umfrage_Honorar_Montsegur.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\ConvertHelper3Setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\ConvertHelper3Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Cruenta.xlsx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Der_Albenstern.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\DriverToolkitInstaller(1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\DriverToolkitInstaller(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\DriverToolkitInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\DriverToolkitInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\EOSCameraInfo.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\EOSCameraInfo.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\LGS_8.57.145_x64_Logitech(1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\LGS_8.57.145_x64_Logitech(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\LGS_8.57.145_x64_Logitech.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\LGS_8.57.145_x64_Logitech.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\MediaCreationToolx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\MediaCreationToolx64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\noscript-2.6.9.21.xpi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\noscript-2.6.9.21.xpi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\OriginThinSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\OriginThinSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_23-01-2015_1139.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_23-01-2015_1139.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_27-01-2015_1038(1).pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_27-01-2015_1038(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_27-01-2015_1038.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\PB_Umsatzauskunft_KtoNr0761916206_27-01-2015_1038.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Setup.x64.en-us_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Windows 10 Final 64 Bit - CHIP-Installer.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Liana\Downloads\Windows 10 Final 64 Bit - CHIP-Installer.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\Downloads\Wochenende Köln 1.-3-05-2015 081.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Liana\Downloads\Wochenende Köln 1.-3-05-2015 081.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Liana\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_0news-1751121550 [2302]
AlternateDataStreams: C:\Users\Liana\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_1messages-431041656 [2302]
AlternateDataStreams: C:\Users\Liana\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_2events-250898981 [2302]
AlternateDataStreams: C:\Users\Liana\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_3friends-215113587 [2302]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-04-30 16:36 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Liana\Pictures\hintergrundbilder\Neuer Ordner\2.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

Code:

ATTFilter

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk => C:\Windows\pss\Install LastPass FF RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk => C:\Windows\pss\Install LastPass IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Liana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Liana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Liana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Duden Korrektor SysTray => C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe" Minimum
MSCONFIG\startupreg: PrivDogService => "C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Liana\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "Snip"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-2607946208-1710773517-2996334467-1000\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{A3878B4D-52BE-4068-B093-C1FFA92336ED}] => (Allow) C:\Users\Liana\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{E3DD6E6A-65D2-4E26-B013-62D53C479B8F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F6276481-84B7-467C-8260-664F2F6C387E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8F1A536-F02D-430D-8793-D8810EBD4D79}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{93B1FEDE-C895-4371-B363-063F17A5333D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D3F3596-1CC6-4B6C-AA8F-BFC3071376AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{55EF7BFF-5291-4BF2-B1C7-8FB7F9222760}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{BD8E4744-F53F-4E4E-BF99-5BD030F4A079}C:\heart\hearthstone\hearthstone.exe] => (Allow) C:\heart\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{40E63FC6-902D-401B-89B7-1E191F6EA185}C:\heart\hearthstone\hearthstone.exe] => (Allow) C:\heart\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{6975DEC6-4F82-40C1-8DEB-DC1A67558EBA}C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{35AB72F1-5947-44A0-B404-06483F92C83F}C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\heart\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{769C9DC7-D3AE-4A87-AFAD-37B642CD4DF9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{B3503E1C-AD26-4E82-B287-C1F6437E2215}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4E557A62-CC01-4C65-8BE2-DF7F79CC1D9A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{76FFB8B9-3331-4342-ABA0-18E99CE2058D}] => (Allow) LPort=2869
FirewallRules: [{09635DF5-C93A-483A-BD1C-9997484D0F13}] => (Allow) LPort=1900
FirewallRules: [{9A6C817E-D8AF-4EEF-B24A-B3E527AC831F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4E976658-42C0-4A76-8187-CD0648B1B89B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{FFD70BD4-D448-4271-8264-5318EA7C0BE8}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe
FirewallRules: [{836E4D1A-40BF-4817-B174-92493E83894F}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe
FirewallRules: [{20A343AC-4380-41E4-A3B7-21233B975F01}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{F2860D19-9592-4013-8A85-0927DDC4DB1F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{3963BBA1-DB5F-4305-9269-209497D457F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{46D7A2E0-B822-4864-81F5-7971BD55FD56}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{155C212A-C497-4F10-AED9-BBA767D5161A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{C13CE478-13E4-4C68-8C73-5A4B6A779D88}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{9FEBB38B-7E44-4D19-A2D6-F9492CF88957}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{0ADC4081-4CB2-4D92-B08D-DB479552E0FC}] => (Allow) LPort=51001
FirewallRules: [{BB313BF0-BD4E-44BA-867F-523E065664FB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{36BFCA4B-4273-4B85-9765-1973484A4603}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{548C1B4A-D291-405C-AF06-5449B20940FB}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{7BADE8AA-A5E5-4607-81D1-54E366567538}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{098DAC5B-334A-496D-B2A7-8FDB28ED88BC}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{15C192B7-CE44-4D4F-8B15-9CE3108B9DB1}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{5E638A09-B6C4-4CA6-B885-F19EC0D61192}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{CA0E8C1B-7C45-48D9-B1E5-6ED32A58BAAC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F4E7013-AF66-4F94-A275-D646435E7889}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2817663A-5EF9-4EE9-93C2-7003FD35219D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4E5258E4-B41B-434E-90DC-245708CDD1AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{ED08E737-F7F0-4F55-A9E8-7A76C33F4110}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1E70122B-9FD9-41C2-A841-45BFF10370E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5C75EAD3-1119-4B04-A355-9CB2619A3D66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{4B5F3A9A-9874-4DCD-A13F-B6F4A6440CF4}C:\program files\moneymanagerex\bin\mmex.exe] => (Block) C:\program files\moneymanagerex\bin\mmex.exe
FirewallRules: [UDP Query User{856E52DD-EBDD-4C75-A8E2-0615A05C4D09}C:\program files\moneymanagerex\bin\mmex.exe] => (Block) C:\program files\moneymanagerex\bin\mmex.exe
FirewallRules: [TCP Query User{3A526872-0B56-43C4-870D-52EC344929B3}C:\heart\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe] => (Allow) C:\heart\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3C5F385A-04C6-4A33-9DB9-91315FD92583}C:\heart\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe] => (Allow) C:\heart\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe
FirewallRules: [{45634BDF-44C1-4D32-9F7D-405AB5A8D31C}] => (Allow) C:\Windows\Prey\versions\1.6.1\bin\node.exe
FirewallRules: [{C98766DC-8816-4712-88F8-C739CB128E68}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{15B7992F-11CA-4F12-81FB-0205A97D2BD1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

29-07-2016 21:59:12 Geplanter Prüfpunkt
08-08-2016 13:29:29 paint.net v4.0.10
09-08-2016 14:57:48 JRT Pre-Junkware Removal
09-08-2016 15:27:59 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/09/2016 03:28:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/09/2016 02:58:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/09/2016 02:17:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5156

Error: (08/09/2016 02:17:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5156

Error: (08/09/2016 02:17:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/09/2016 02:17:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3890

Error: (08/09/2016 02:17:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3890

Error: (08/09/2016 02:17:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Code:

ATTFilter

Error: (08/09/2016 02:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2656

Error: (08/09/2016 02:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2656


Systemfehler:
=============
Error: (08/09/2016 03:30:25 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (08/09/2016 02:58:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/09/2016 02:53:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058 = Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (08/09/2016 02:51:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069 = Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.

Error: (08/09/2016 02:51:21 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50 = Die Anforderung wird nicht unterstützt.

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/09/2016 02:51:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1a1d3305" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/09/2016 02:50:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/09/2016 02:50:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/09/2016 02:50:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/09/2016 02:50:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-07-15 00:05:55.001
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-14 12:02:09.436
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-14 05:40:07.580
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-18 08:38:57.772
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 07:36:57.391
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-30 18:20:46.954
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-30 18:20:46.674
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-30 13:17:30.274
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-29 13:03:28.164
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-29 13:03:27.637
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8168.86 MB
Verfügbarer physikalischer RAM: 5081.91 MB
Summe virtueller Speicher: 16360.86 MB
Verfügbarer virtueller Speicher: 12923.7 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:375.6 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F89CB482)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

==================== Ende von Addition.txt ============================

Beim Anklicken von Webseiten lande ich hier:https://ad2.adfarm1.adition.com.....

Plagegeister aller Art und deren Bekämpfung: Beim Anklicken von Webseiten lande ich hier:https://ad2.adfarm1.adition.com.....

Beim Anklicken von Webseiten lande ich hier:https://ad2.adfarm1.adition.com.....

Ähnliche Themen: Beim Anklicken von Webseiten lande ich hier:https://ad2.adfarm1.adition.com.....