| |
| |||||||
Log-Analyse und Auswertung: Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.11.2016, 23:37
| #2 |
 |  n Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. Teil 2 Addition.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-11-2016
durchgeführt von nc-be_000 (06-11-2016 23:26:54)
Gestartet von C:\Downloads
Windows 10 Pro Version 1607 (X64) (2016-08-13 17:26:52)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2909243537-4192776109-3153355720-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2909243537-4192776109-3153355720-503 - Limited - Disabled)
Gast (S-1-5-21-2909243537-4192776109-3153355720-501 - Limited - Disabled)
nc-be_000 (S-1-5-21-2909243537-4192776109-3153355720-1001 - Administrator - Enabled) => C:\Users\nc-be_000
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
3DMark (HKLM-x32\...\{66847f67-7331-422f-bc6c-d961c453d7df}) (Version: 1.5.884.0 - Futuremark)
3DMark (Version: 1.5.884.0 - Futuremark) Hidden
4500_G510nz_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Aces High III (remove only) (HKLM-x32\...\Aces High III) (Version: Version 0.09 Patch 1 - Hitech Creations, Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AIVIA GHOST (HKLM-x32\...\{4E711815-5F4E-47F2-B1E1-C0B43A8D57F3}) (Version: 1.06.0000 - GIGABYTE)
Android USB Driver (HKLM-x32\...\Z5 Android USB Driver_is1) (Version: - )
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.4.6.0 - SlySoft)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Compatibility Toolkit (Version: 10.1.14393.0 - Microsoft) Hidden
Appman Sequencer on amd64 (Version: 10.1.14393.0 - Microsoft) Hidden
ASRock XFast RAM v2.0.29 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Assessments on Client (x32 Version: 10.1.14393.0 - Microsoft) Hidden
AusweisApp2 (HKLM-x32\...\{1C785E05-CFC7-43BE-9A52-9FB39C180CB8}) (Version: 1.2.2 - Governikus GmbH & Co. KG)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1436 - Bitdefender)
Bitdefender Internet Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.28.1478 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BQ Handset USB Driver 1.0 (HKLM-x32\...\USB Driver_is1) (Version: - )
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
COMPUTER BILD Spionage-Stopper für Windows 10 (HKLM-x32\...\{F9565211-5480-408D-BC7C-1FE7B8366ACE}_is1) (Version: 1.0.0.1 - pXc-coding.com)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID CPU-Z OC Formula 1.76 (HKLM\...\CPUID CPU-Z OC Formula_is1) (Version: 1.76 - CPUID, Inc.)
CrystalDiskInfo 6.1.12 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
CrystalDiskMark 3.0.3a (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3a - Crystal Dew World)
Dacia Media Nav Toolbox (HKLM-x32\...\Dacia Media Nav Toolbox) (Version: 3.18.4.502485 - NNG Llc.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Digital Camera Enhancer 1.3 (HKLM-x32\...\Digital Camera Enhancer 1.3_is1) (Version: - )
Discord (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Driver Fusion (HKLM-x32\...\Driver Fusion) (Version: 3.3.0.0 - Treexy)
Dropbox (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Dropbox) (Version: 13.4.21 - Dropbox, Inc.)
Elevated Installer (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Elite Dangerous Launcher version 0.4.5499.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.5499.0 - Frontier Developments)
Elite Dangerous Market Connector (HKLM-x32\...\{374DFE82-C865-4AFD-B69A-1ABC16C9AD08}) (Version: 2.2.2.0 - Marginal)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FaceFilter v3.02 SE (HKLM-x32\...\{6020758E-57A9-41E3-AF20-8EE311EA6156}) (Version: 3.02.2713.1 - Reallusion Inc.)
Fallout 4 (HKLM\...\Steam App 377160) (Version: - Bethesda Game Studios)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fractured Space (HKLM\...\Steam App 310380) (Version: - Edge Case Games Ltd.)
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Futuremark SystemInfo (HKLM-x32\...\{79659071-4B68-4EC8-833C-49C97B68FCD0}) (Version: 4.36.512.0 - Futuremark)
Garmin Express (HKLM-x32\...\{d74c733b-9216-49f5-ae3a-14bf3a3d66f5}) (Version: 4.2.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Glamour Strip Poker Video Edition 1.1 (HKLM-x32\...\Glamour Strip Poker Video Edition_is1) (Version: - )
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoogleClean (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510n-z 14.0 Rel. 6 (HKLM\...\{6B9B2E57-D988-4258-8A2C-6F3657A600BD}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HWiNFO64 Version 5.34 (HKLM\...\HWiNFO64_is1) (Version: 5.34 - Martin Malík - REALiX)
IL-2 Sturmovik Battle of Stalingrad (HKLM-x32\...\{66F649A9-0FA2-487E-BC0D-894BD7E89D5E}_is1) (Version: - 1C Game Studios)
Imaging And Configuration Designer (x32 Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Designer (x32 Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Tools Support (x32 Version: 10.1.14393.0 - Microsoft) Hidden
Inno3D TunelT OverClock Utility version V6.0.0.1 (HKLM-x32\...\Inno3D TunelT OverClock Utility_is1) (Version: V6.0.0.1 - )
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.14393.0 - Microsoft) Hidden
K-Lite Codec Pack 10.3.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.5 - )
LAV Filters 0.61.2 (HKLM-x32\...\lavfilters_is1) (Version: 0.61.2 - Hendrik Leppkes)
LibreOffice 5.1.0.3 (HKLM-x32\...\{2F75F86D-8362-4F49-9536-D87DCBF6ABAE}) (Version: 5.1.0.3 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.29 - PasswdFinder)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6CE5BAE9-D3CA-4B99-891A-1DC6C118A5FC}) (Version: - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: - )
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: - )
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: - )
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: - )
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: - )
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23829 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23829 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23829 (HKLM-x32\...\{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23829 (HKLM-x32\...\{8BE670DF-EA47-3A15-88CC-00FFCA1FFA12}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\{B0A5A6EE-F8BA-48B1-BB32-BAC17E96C2B4}) (Version: 2.0.50728 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 de)) (Version: 45.4.0 - Mozilla)
Mp3tag v2.63 (HKLM-x32\...\Mp3tag) (Version: v2.63 - Florian Heidenreich)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NaturalPoint USB Drivers x64 (HKLM\...\{533773B8-9AC1-4C0F-A2BF-57466A45C6F5}) (Version: 2.70.0000 - NaturalPoint)
Network Print Monitor for Windows (HKLM-x32\...\Network Print Monitor) (Version: - )
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.1 - Black Tree Gaming)
Null-modem emulator (com0com) (HKLM-x32\...\com0com) (Version: 2.2.2.0 - Vyacheslav Frolov)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Paint Shop Pro 5.03 CD (HKLM-x32\...\Paint Shop Pro 5.03) (Version: - )
Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Backup and Recovery™ 16 (HKLM\...\{DADAA9CF-36B6-11E6-B0B5-005056C00008}) (Version: 10.28.101 - Paragon Software)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Passbild-Generator v4.0a (HKLM-x32\...\Passbild-Generator_is1) (Version: - Passbild-Generator)
PC-WELT-Windows-Service-Center 5.0 (HKLM\...\{E2D3B526-5BB7-4BC7-B8F9-8BE11F0FF978}}_is1) (Version: - IDG Tech Media GmbH)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PNY Drive Utility (HKLM-x32\...\{6C87713B-BB39-4B18-9BE6-C87CBDB66371}) (Version: 1.0.3 - PNY Technologies)
QuickGamma 4.0.0.2 (HKLM-x32\...\QuickGamma_is1) (Version: 4.0.0.2 - Eberhard Werle)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.7.107.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recovery Media Builder™ (HKLM\...\{EC1AB719-E98B-532C-95D4-381FB69F5CD2}) (Version: 1.00.0000 - Paragon Software)
Registry Cleaner (HKLM-x32\...\Registry Cleaner_is1) (Version: 1.3 - Abelssoft)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
ROCCAT Power-Grid Version 0.461 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.461 - ROCCAT GmbH)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Schirmfoto (HKLM-x32\...\Schirmfoto_is1) (Version: 2014 - Abelssoft)
SCL011 Contactless Reader (HKLM-x32\...\{101A21B2-E102-4F64-A7FA-CEF7182D0E2D}) (Version: 1.01 - SCM Microsystems)
Serif DrawPlus X6 (HKLM\...\{8A8AB2D3-53DE-4A65-8D35-68A09AA1AD7A}) (Version: 13.0.3.26 - Serif (Europe) Ltd)
Serif PhotoPlus X7 (HKLM\...\{7B7344AA-B8E3-4A86-B499-517B7E2F6CB3}) (Version: 17.0.3.023 - Serif (Europe) Ltd)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.4.0 - )
SSD Fresh 2016 (HKLM-x32\...\{71149886-0AA3-4F31-81F9-CC90EA0D55EF}_is1) (Version: 5.0 - Abelssoft)
Star Citizen Launcher (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.44c - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
tax 2016 (HKLM-x32\...\{30E85B0C-57D8-4ECE-814B-264550A92FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Toolkit Documentation (x32 Version: 10.1.14393.0 - Microsoft) Hidden
TrackIR 5 (HKLM-x32\...\{c1ef3d1e-986d-400c-966a-8bdb6149fe02}) (Version: 5.4.1.0000 - NaturalPoint)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 6.0a - TrueCrypt Foundation)
UEV Tools on amd64 (Version: 10.1.14393.0 - Microsoft) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USBGrabberDrv (HKLM-x32\...\{E34CEAA5-9537-4CCB-A54F-DB0D8F15EA80}) (Version: 1.00.0000 - NEWMI)
User State Migration Tool (x32 Version: 10.1.14393.0 - Microsoft) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
vReveal 3 (HKLM-x32\...\vReveal 3) (Version: - MotionDSP)
VSDC Free Video Editor Version 4.0.1.475 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 4.0.1.475 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WPT Redistributables (x32 Version: 10.1.14393.0 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.14393.0 - Microsoft) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0047DB09-E400-4C2C-A90F-FB117171778D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {01A5FC92-AEE1-4421-A1B7-235A6135C836} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {04453E0A-84AA-4638-B539-32804810967B} - System32\Tasks\{0AECFAC2-CC14-4D55-BA2E-BFA970DFD241} => pcalua.exe -a "F:\G940_lights_1.1_by_MikkOwl\G940 Lights v1.1 by MikkOwl\G940 Lights v1.1 by MikkOwl.exe" -d "F:\G940_lights_1.1_by_MikkOwl\G940 Lights v1.1 by MikkOwl"
Task: {069035FF-1DC4-4E01-B424-97599DC08959} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {125CFFFC-4D7D-4AC0-8A8D-8A7F919D9A4A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-10-25] ()
Task: {131CD8D7-F098-413E-85EE-85BA39CBF701} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {21CB5035-8224-49FF-AA1E-052E370046B8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3076D751-E142-4B8C-BB14-DE7FB5F5F0C3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {31363D01-DBD7-4879-BECF-5D74E810D195} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {32B52A04-2D05-4742-9430-5D8CA0207933} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {34176780-9572-4CDE-90F8-9CC0CFB4C8A2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C5A0D04-64DE-4B93-9BFB-90641383FAC7} - System32\Tasks\{BEA97B43-5EBE-4758-BEB7-3C70031BB286} => pcalua.exe -a K:\SETUP.EXE -d K:\
Task: {3CF78C17-6B4B-4AEC-A7AA-CBD25073558B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {3EAC6888-1ED8-41E0-AD84-CACE3A4FD558} - System32\Tasks\{83E16EA3-ABAF-4FF5-8F6A-3D155AD08978} => pcalua.exe -a "C:\Windows\PokerGirls - LostGirls3-HD\uninstall.exe" -c "/U:C:\Program Files (x86)\PokerGirls.v.2\opponents\GirlsNextDoor2-HD\irunin.xml"
Task: {3EFE40E3-5E14-4D62-A235-088814720A14} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {40682253-1F5D-4DE4-837D-DB25795D70B5} - System32\Tasks\{8C3F4BEB-F4F5-47C8-87FD-C251D401B24A} => pcalua.exe -a "C:\Windows\PokerGirls Video Strip Poker v3\uninstall.exe" -c "/U:C:\Program Files (x86)\PokerGirls.v.2\irunin.xml"
Task: {476F64E4-D9E4-4A43-8D1E-4C273550D215} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {4DA22A8D-6500-4319-9CB1-183E790830E1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {4FBA0300-5DC6-4147-851E-5FFBE115913D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001Core1d238679d87fdf3 => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {5081C2A5-A109-40CC-B8BA-B79A68C9A49A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-18] (Google Inc.)
Task: {5B8B2D8F-2381-4548-ACC1-067857FD7744} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {61046984-C92A-488A-82C5-B154AA45E4D7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {6B51F5AC-A696-4354-8486-2516CCC6A7C6} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe
Task: {7345DBD8-B3D8-458A-BE5B-5B6C219C4432} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {82398961-46D1-45A6-AD3F-A01688F37F67} - System32\Tasks\{2D1A843A-803E-4F12-8FE2-095A4CF87C97} => pcalua.exe -a "C:\Windows\PokerGirls - DemoGirl-HD\uninstall.exe" -c "/U:C:\Program Files (x86)\PokerGirls.v.2\opponents\DemoGirl-HD\irunin.xml"
Task: {82429630-8B50-45DC-A412-B6F75634A4DF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {88173574-02D3-4720-8200-3F45337313BB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9C6968AF-18F1-4A5F-814A-085711E83FDE} - System32\Tasks\Schnellstart => Rundll32.exe powrprof.dll,SetSuspendState Hibernate
Task: {A1DB3F7C-5B9A-4EE5-A424-06141F51CD2B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001UA1d238679d8a6055 => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {ABE1C068-5705-4F18-BA17-83CAB04A4D3C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {B215EFB5-A8F4-4E7C-8F4A-F889D90A7AE5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-28] (Adobe Systems Incorporated)
Task: {B6F4960C-1F96-4096-99BD-758B84491F31} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {B84110B2-6B73-4869-9EF4-932A8EE6485F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-18] (Google Inc.)
Task: {C4FEEA47-E498-4F45-8389-F5DB8FA34D3B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E0B5E71A-DF79-44E6-820A-FDB3AAC83C0E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EDEEA298-8D2D-410A-A215-681DFE3EEA08} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {FAF419D8-0F61-4605-BEEC-76CB785FEA67} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001Core1d238679d87fdf3.job => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2909243537-4192776109-3153355720-1001UA1d238679d8a6055.job => C:\Users\nc-be_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\nc-be_000\Documents\PC-WELT\pcwServiceCenter_2016\pcwServiceCenter_2016\Tools\pcwWinXMenuManager\64-Bit\Backup.original\Group5\02 - Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://start.qone8.com/?type=sc&ts=1398159831&from=smt&uid=TOSHIBAXDT01ACA200_X3SHT9LGSXXX3SHT9LGSX
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-04 07:51 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-06 00:36 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-11-06 00:36 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2016-11-06 00:36 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2016-11-06 00:36 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2016-11-06 00:36 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2016-09-16 07:34 - 2016-09-30 05:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-16 07:34 - 2016-09-30 05:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-16 07:35 - 2016-09-30 05:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-08-16 22:30 - 2013-11-18 10:44 - 00585416 _____ () C:\Program Files (x86)\Android_USB_Driver_Z\Bin\MonServiceUDisk.exe
2016-09-16 11:42 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-04 07:51 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-13 18:28 - 2016-08-13 18:28 - 00959168 _____ () C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-15 19:40 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-11 21:20 - 2016-10-05 10:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-28 15:46 - 2016-10-15 04:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-28 15:46 - 2016-10-15 04:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-28 15:46 - 2016-10-15 04:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-30 16:51 - 2016-08-30 16:51 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-30 16:51 - 2016-08-30 16:51 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-30 16:51 - 2016-08-30 16:51 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-01-06 20:43 - 2016-01-06 20:43 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-01-06 20:43 - 2016-01-06 20:43 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-09-18 15:41 - 2012-09-18 15:41 - 00191488 _____ () C:\Users\nc-be_000\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe
2016-11-06 00:58 - 2016-11-06 00:58 - 00521112 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\intermsec.dll
2016-11-06 00:36 - 2016-04-05 16:31 - 00159232 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\ui\ltr\intermsec.ui
2016-11-06 00:36 - 2016-05-12 17:48 - 00032256 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\intermsec.txtui
2016-11-06 00:36 - 2016-05-12 17:48 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\bdaphconp.txtui
2016-11-06 00:58 - 2016-11-06 00:58 - 00061392 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bddpsp.dll
2016-10-25 11:36 - 2016-10-25 11:36 - 00073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2016-10-17 11:15 - 2016-08-31 18:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-17 11:21 - 2016-08-31 18:55 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-17 11:21 - 2016-08-31 18:55 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-17 11:21 - 2016-08-31 18:55 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-09-16 07:34 - 2016-09-29 18:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-16 07:34 - 2016-09-29 18:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-16 07:34 - 2016-09-29 18:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-19 09:21 - 2016-09-30 05:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-22 14:45 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [146]
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [248]
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9 [362]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\facebook.com -> hxxps://staticxx.facebook.com
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\facebook.net -> hxxps://connect.facebook.net
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\fbcdn.net -> hxxps://static.xx.fbcdn.net
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\google-analytics.com -> hxxps://www.google-analytics.com
IE trusted site: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\paragon-software.com -> hxxps://bo4-fe.paragon-software.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-11-06 23:12 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Piplay"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "NBKeyScan"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "Tilt"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\StartupFolder: => "DesktopVideoPlayer.lnk"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\...\StartupApproved\Run: => "Uninstall C:\Users\nc-be_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AE6C659B-9C22-4EF4-B91C-F97048754A0D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{6B9B2E57-D988-4258-8A2C-6F3657A600BD}\setup\hpznui40.exe
FirewallRules: [{39D238F3-BA73-4B8D-86FE-18876CD2BCE1}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{E9D044A3-259F-417B-9724-C49D476BD27B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{AC6C63BB-A5E5-4F5A-AC34-0D855550CAFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{19030A2A-E0E7-43C6-99BB-CBDF2A581A79}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{28934A3E-E97F-4071-A17F-2C61ECEDD839}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{BFBB2BD9-58A6-4281-A373-F8F4C071AC77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{7BC9AEB6-445E-49A5-A890-CFEB55F3CDEE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{556315F3-3A89-4266-B381-757222C0F1F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5DC24A07-F98B-4DB7-85D6-52F4B4F13840}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{2E806F86-7015-4C45-AE1C-822E5F78C4ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DADECCC1-28A0-4622-BB54-E8C2B808A625}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{408D8040-F157-4009-88E0-8453880C41D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{C3AF2C30-3537-44D9-A044-32BE7551B6F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4D5655E4-8DE4-43A4-8E83-9FEB300AE5C4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{2322A395-9B52-4E43-9A80-9E6F36522C40}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{75ADD192-CE1D-464B-A7E4-52D25E0577F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{000807E8-706F-4348-ABBA-E8ADA73E1D59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [UDP Query User{98906EB1-BB28-4779-863A-6A902FEE8F26}F:\program files (x86)\survarium\game\binaries\x86\survarium.exe] => (Allow) F:\program files (x86)\survarium\game\binaries\x86\survarium.exe
FirewallRules: [TCP Query User{2FBCAE20-E7B1-45C5-A146-BA845C86237B}F:\program files (x86)\survarium\game\binaries\x86\survarium.exe] => (Allow) F:\program files (x86)\survarium\game\binaries\x86\survarium.exe
FirewallRules: [UDP Query User{F3386FFA-F5E6-4076-922B-ABA6314586B6}F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [TCP Query User{474B055D-5F85-4534-BD00-7BC2968F878E}F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [{76F55B24-B467-4AB7-94D4-701245DF3691}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{88906E6C-9549-4D69-81C1-E1263E98C383}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{57327234-4496-4FBD-B8E4-6A763A08CA49}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{4DDC699A-A716-4BD7-B9F5-AC4695DDC747}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{59E10A62-1449-4940-852B-6FF142BD18FF}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{681EC210-4504-4494-91FF-C8200080D495}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{C4A3EC6B-89FF-440E-BF59-0C30AD0E8057}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{A35DA6C4-E80E-45AE-AE04-22B3929D6C5B}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [{86CF56DF-4D51-4AE5-93BA-4224ED8AA093}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [UDP Query User{93734F32-8C0A-42D1-B62F-4A606528B9D5}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{D5C65DA4-EECC-4DD4-91A6-7AA84D96B34D}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{D30904E8-FCC4-4983-A0BE-D3DC792CB7E2}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{CD8FF397-62E0-47E1-B36D-D4D137423BD8}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{6F7D13CB-B5A6-49AE-9FB3-BAD9F1DB04ED}C:\program files (x86)\edmarketconnector\edmarketconnector.exe] => (Allow) C:\program files (x86)\edmarketconnector\edmarketconnector.exe
FirewallRules: [TCP Query User{95857AA5-B264-42BD-B03C-BDE60BF7BFAB}C:\program files (x86)\edmarketconnector\edmarketconnector.exe] => (Allow) C:\program files (x86)\edmarketconnector\edmarketconnector.exe
FirewallRules: [{4D7ACAAD-9A81-47ED-8992-D6C48E7BF595}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{FB04A857-443D-487D-8F5E-E5B54773DFF3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{C8B530B7-3A85-497B-8080-A436E68E85AB}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{1DBFBF35-ACF0-445F-B9A3-E15176F0EF38}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{2CA43E2A-6790-41F0-AF08-F8E580CE7E2B}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{6A341E16-241F-4D7C-A374-1BAD64136CF9}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{233A25E0-488B-47CC-A7E8-D82B37D7F095}] => (Allow) D:\Games\World_of_Tanks\WOTLauncher.exe
FirewallRules: [{E15E27B9-299E-43BB-BB2E-FA6343C44FB1}] => (Allow) D:\Games\World_of_Tanks\WOTLauncher.exe
FirewallRules: [{AC78B970-4479-449F-867E-D53A241D1C58}] => (Allow) K:\fsetup.exe
FirewallRules: [{B25BE4D3-7960-4BF0-848C-0BB7C5593772}] => (Allow) K:\fsetup.exe
FirewallRules: [{95D39A74-BBC9-4206-A384-EE60B414CD20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E45B2A7E-C363-4DD9-A4BF-D27B995AF4DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EC0FC526-69C3-4280-96B3-C3B818A9D52A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC24BEB1-C840-4F4A-ADB3-4A9271789BC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{960E656E-3944-48AC-B329-772BAFCB2FE9}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{7F2D7F63-F40B-4F34-8BB1-DA4F8C3E5628}] => (Allow) F:\Program Files (x86)\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{0764916E-B3C2-46A1-90CB-ACFD6897CC34}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{151C647C-94AB-4448-A393-EE837E09ACC7}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{8CFD4370-00E6-4EDF-9CA3-535B40B2AE55}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{8412CD0C-6464-46AA-84E8-678E9D7BAB03}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{5267BC9D-0E2B-43A8-8D8A-371093D5CB55}] => (Allow) F:\Program Files (x86)\Survarium\temp\survarium_launcher.exe
FirewallRules: [UDP Query User{5E8889CF-4140-4F8A-8A24-D567CCAD5589}D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [TCP Query User{794F5AF2-E311-47A5-A378-4D2556910A19}D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) D:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{D5850BDD-396A-4C31-8B0E-0CF356858821}F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [TCP Query User{E9B98FAF-293C-4F03-A421-34DBC6967E79}F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) F:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [UDP Query User{B57A4FCA-07D4-4834-8543-938C197D9443}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe
FirewallRules: [TCP Query User{8E041B79-F618-4C93-BF86-A114F8B738AD}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe
FirewallRules: [UDP Query User{0DEA9964-A719-488B-BEE2-06374E077363}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe
FirewallRules: [TCP Query User{E6288314-AD24-4C60-9008-BA9A8827B033}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe
FirewallRules: [{12BB10E0-1453-461C-923B-ADEBDEEC448E}] => (Allow) C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3369A231-4E3E-4B00-9F04-F1FC134910A7}] => (Allow) C:\Users\nc-be_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A5501480-27EE-43F3-A7FD-F14C19B1E3D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B521A10-9C90-4767-A5E1-85E7874974B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB0A91F2-72F2-4D57-8CA0-912C9CF07138}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{42EF87EE-A4C8-4856-978F-D662B226EAC2}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{FDF952CF-5890-40B6-950F-81DFF651C938}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{8DDECFED-D00A-43B9-8CFC-7817C06B7BD3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{B8E59A75-C4C6-4438-8B41-9A343F7E1136}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{B55735BD-D987-49A8-82FF-BAD589E4939F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{C09EACAC-C352-47BA-8A00-FAE7D3154A0A}] => (Allow) LPort=1900
FirewallRules: [{FA31A1DE-CDDE-4196-AD01-AFDEB894C244}] => (Allow) LPort=2869
FirewallRules: [{57BE9907-5536-47D2-8D7E-BFA79A5B4526}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{05D7FFA3-E0E6-480A-846F-9045E9EEF0C9}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\IL-2 Sturmovik Cliffs of Dover\Launcher.exe
FirewallRules: [{E7247C92-F9DA-4B9D-A5AC-3B1FC0C48AF3}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\IL-2 Sturmovik Cliffs of Dover\Launcher.exe
FirewallRules: [{6AB19740-F0EC-42B9-A4D4-67C2D7286C0E}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D4400AAC-BA51-497A-8CD9-F75B0A20568B}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{355E7556-05C5-4D9F-B0F8-C16E1CFC5AB1}] => (Block) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [{90500F81-B705-48AB-AB8F-8FBE6E5E61D7}] => (Block) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [UDP Query User{9A58EBC4-CD8F-4BE7-BAC6-85C3E54DA5FF}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [TCP Query User{DD4EB6CA-88F8-411E-A3C5-093667EB689D}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.2.2\AusweisApp2.exe
FirewallRules: [{A213B923-CA6F-401E-82F0-0E34402AEFCA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8B34EAE-8DAB-4497-9658-F16BA6D99080}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2A46827-E6D3-4326-BA58-A1615457D9FF}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{1C4A4442-440F-4ADE-BFC0-D63786A84F0C}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{3524F0A9-6F7E-4A6C-B6A3-2BFF7B71F686}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{124894AE-D52E-45BB-8782-040810F01B22}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{89BA1B81-C263-4620-8977-310C88B55A30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0A276127-2D54-4BAD-9CC5-1DD08A379D6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{F3237A89-850D-478A-A0B5-0DE1575AE1F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{17761D45-6795-4446-8EED-CB351594D6EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{64803FFB-FC94-4667-B9E6-5969D6D94CF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F41279A-CC24-488B-A2DF-4445A75523A8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8E6DAE37-9665-4F69-A01F-65A386455AF2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D4250D0A-0117-40BF-8506-7EED949D06A5}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{6B82F515-CB4F-4A02-B226-11350078987F}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [TCP Query User{D413E93E-8D02-4130-8F18-FA627B4466DE}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{6652D262-56CB-49A2-A3ED-66DDAA0485B9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
==================== Wiederherstellungspunkte =========================
27-10-2016 22:22:32 Installed Elite Dangerous Market Connector
29-10-2016 23:27:02 Installed Elite Dangerous Market Connector
02-11-2016 19:20:21 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
02-11-2016 19:20:27 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
03-11-2016 08:18:27 chip 1-click download service wurde entfernt.
03-11-2016 08:18:49 Removed Cuttermaran 1.70
05-11-2016 08:58:13 Garmin Express
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/06/2016 08:47:06 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 3056. Meldungs-ID: [0x2509].
Systemfehler:
=============
Error: (11/06/2016 09:12:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/06/2016 09:12:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "UI0Detect" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
Error: (11/06/2016 09:12:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/06/2016 09:12:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/06/2016 09:12:47 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (11/06/2016 09:12:47 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (11/06/2016 09:12:46 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "SPVVEngine" ist von folgendem Dienst abhängig: SPVDPort. Dieser Dienst ist möglicherweise nicht installiert.
CodeIntegrity:
===================================
Date: 2016-09-21 20:19:43.421
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 16337.71 MB
Verfügbarer physikalischer RAM: 13547.73 MB
Summe virtueller Speicher: 18769.71 MB
Verfügbarer virtueller Speicher: 15848.05 MB
==================== Laufwerke ================================
Drive c: (DISK1_C) (Fixed) (Total:223.13 GB) (Free:149.06 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (DISK2_D) (Fixed) (Total:467.46 GB) (Free:225.96 GB) NTFS
Drive e: (DISK2_E) (Fixed) (Total:464.04 GB) (Free:384.4 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (DISK3_F) (Fixed) (Total:223.57 GB) (Free:77.69 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 223.6 GB) (Disk ID: 903CC57B)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 223.6 GB) (Disk ID: 4EFA3136)
Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2F8692B5)
Partition 1: (Not Active) - (Size=467.5 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=464 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Adware Cleaner Code:
ATTFilter # AdwCleaner v6.030 - Logfile created 06/11/2016 at 10:07:27
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-05.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : nc-be_000 - THOMASPC
# Running from : C:\Downloads\adwcleaner_6.030.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Folder Found: C:\Users\nc-be_000\AppData\Roaming\Browser-Security
***** [ Files ] *****
File Found: C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\extensions\firefox@browser-security.de.xpi
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
No malicious task found.
***** [ Registry ] *****
Key Found: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Software\Brothersoft
Key Found: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Software\PRODUCTSETUP
Key Found: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Software\csastats
Key Found: HKCU\Software\Brothersoft
Key Found: HKCU\Software\PRODUCTSETUP
Key Found: HKCU\Software\csastats
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser-Security
Key Found: [x64] HKCU\Software\Brothersoft
Key Found: [x64] HKCU\Software\PRODUCTSETUP
Key Found: [x64] HKCU\Software\csastats
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Value Found: HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
***** [ Web browsers ] *****
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [8647 Bytes] - [01/11/2015 13:42:45]
C:\AdwCleaner\AdwCleaner[S1].txt - [8590 Bytes] - [01/11/2015 13:40:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [2448 Bytes] - [06/11/2016 10:07:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2521 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 06.11.2016 Suchlaufzeit: 09:58 Protokolldatei: Anti Malware.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.11.06.04 Rootkit-Datenbank: v2016.10.31.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: nc-be_000 Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 407364 Abgelaufene Zeit: 5 Min., 35 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 3 PUP.Optional.Vondos, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Browser-Security, Keine Aktion durch Benutzer, [c64614a93c5e05312191bf5c53b28d73], PUP.Optional.InstallCore, HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\SOFTWARE\csastats, Keine Aktion durch Benutzer, [96769b22ebaf5dd988b402f88d764eb2], PUP.Optional.ProductSetup, HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\SOFTWARE\PRODUCTSETUP, Keine Aktion durch Benutzer, [06069c2147531e18198b357bdd26659b], Registrierungswerte: 2 PUP.Optional.DownloadProtect, HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|safe_urls768, "C:\Users\nc-be_000\AppData\Roaming\Browser-Security\s768.exe", Keine Aktion durch Benutzer, [a963bffee0ba3afc3964cd450df8649c] PUP.Optional.ProductSetup, HKU\S-1-5-21-2909243537-4192776109-3153355720-1001\SOFTWARE\PRODUCTSETUP|tb, 0K2Y1J1E2T1S2X0X0Z1S1N1C2S1G, Keine Aktion durch Benutzer, [06069c2147531e18198b357bdd26659b] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 2 PUP.Optional.BrowserSecurity, C:\Users\nc-be_000\AppData\Roaming\Browser-Security, Keine Aktion durch Benutzer, [1cf0a617435793a3a29f2c962bd7dc24], PUP.Optional.DesktopTool, C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache\DesktopToolMini_global__4_, In Quarantäne, [b656e7d60595fb3b4052873fa2603dc3], Dateien: 7 PUP.Optional.Vondos, C:\Users\nc-be_000\AppData\Roaming\Browser-Security\uninstall.exe, Keine Aktion durch Benutzer, [c64614a93c5e05312191bf5c53b28d73], PUP.Optional.FusionCore, C:\Downloads\FreeYouTubeToMP3Converter_4.1.28.831_d.exe, Keine Aktion durch Benutzer, [9d6ff1cce3b777bf5a1942ceb74e7b85], PUP.Optional.BrowserSecurity, C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\extensions\FIREFOX@BROWSER-SECURITY.DE.XPI, Keine Aktion durch Benutzer, [57b5a31a2d6dd95d6b76c4ffa06308f8], PUP.Optional.BrowserSecurity, C:\Users\nc-be_000\AppData\Roaming\Browser-Security\data, Keine Aktion durch Benutzer, [1cf0a617435793a3a29f2c962bd7dc24], PUP.Optional.BrowserSecurity, C:\Users\nc-be_000\AppData\Roaming\Browser-Security\license.rtf, Keine Aktion durch Benutzer, [1cf0a617435793a3a29f2c962bd7dc24], PUM.Optional.FireFoxSecurityOverride, C:\Users\nc-be_000\AppData\Roaming\Mozilla\Firefox\Profiles\2990bsgg.default\user.js, Keine Aktion durch Benutzer, [8785c7f699015fd720d4e5b61ee60df3], PUP.Optional.DesktopTool, C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache\DesktopToolMini_global__4_\6672755256af10d0, In Quarantäne, [b656e7d60595fb3b4052873fa2603dc3], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter <?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="C:\Program Files\Bitdefender\Bitdefender 2016\ondemand.xsl"?>
<ScanSession creator="Bitdefender Internet Security 2016" name="System-Scan" installPath="C:\Program Files\Bitdefender\Bitdefender 2016\" creationDate="Sonntag, 6. November 2016 19:16:26" originalPath="C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1478424301_1_02.xml" >
<ScanSettings
statisticsRefreshInterval="1000"
scanSpeed="1.000000"
lowPriority="0"
enableExclusions="1"
enableTaskExclusions="0"
scanAdware="1"
scanSpyware="1"
scanApplications="1"
scanDialers="1"
scanKeyloggers="1"
scanFiles="1"
scanAllFiles="1"
scanProgramsOnly="0"
useCustomPrograms="0"
customPrograms=""
scanUserDefined="0"
scanPacked="1"
scanArchives="1"
useSmartScan="1"
scanEmails="1"
scanRootkits="0"
scanAllRootkits="1"
scanBoot="1"
scanMemory="1"
scanRegistry="1"
quickScan="1"
quickScanMemory="0"
quickScanAutoruns="0"
quickScanPlugins="1"
scanCookies="1"
shutdownAfter="0"
passwordPrompt="0"
onlyAllowedActions="1"
deepArchiveScan="1"
maxArchiveLevel="15"
maxArchiveSize="0"
infectedAction1="3"
infectedAction2="7"
suspectAction1="7"
suspectAction2="1"
rootkitAction="3"
userDefinedExtensions=""
scanPua="-1"
>
<ScanPaths>
<path>C:\</path>
<path>D:\</path>
<path>E:\</path>
<path>F:\</path>
</ScanPaths>
<ExcludedPaths>
</ExcludedPaths>
<ExcludedExtensions>
</ExcludedExtensions>
</ScanSettings>
<EngineSummary
totalSignatures="7552077"
/>
<ScanSummary
scannedArchives="1237"
scannedPacked="414"
startTime="1478424301"
duration="11060391"
>
<TypeSummary type="1"
scanned="34"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="4"
scanned="0"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="0"
scanned="5812420"
infected="2"
suspicious="0"
disinfected="0"
deleted="2"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="5"
scanned="0"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="2"
scanned="7233"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="3"
scanned="5022"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="6"
scanned="0"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
</ScanSummary>
<ScanDetails>
<UnresolvedDetails>
</UnresolvedDetails>
<ResolvedDetails>
<Item type="0" objectType="0" path="C:\Users\nc-be_000\AppData\Roaming\Thunderbird\Profiles\8ba7qkeq.default\Mail\Local Folders\Trash=>(message 47)=>[Subject: Re: Quotation for November][Date: Thu, 3 Nov 2016 20:45:22 +0600]=>Purchase order #01123 forNovember 2016.zip=>Purchase order #01123 for November 2016.exe" threatType="0" threatName="Trojan.Zmutzy.32" action="5" allActions="3 7 1 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="0" path="C:\Users\nc-be_000\AppData\Roaming\Thunderbird\Profiles\8ba7qkeq.default\Mail\Local Folders\Inbox=>(message 123)=>[Subject: Re: Quotation for November][Date: Thu, 3 Nov 2016 20:45:22 +0600]=>Purchase order #01123 forNovember 2016.zip=>Purchase order #01123 for November 2016.exe" threatType="0" threatName="Trojan.Zmutzy.32" action="5" allActions="3 7 1 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
</ResolvedDetails>
<IgnoredDetails>
</IgnoredDetails>
<QuickScanDetails>
</QuickScanDetails>
<NotScannedDetails
skipped="78528"
ioerrors="1"
archiveBombs="0"
passwordProtected="84"
>
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>tab2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>arrow1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt51.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt33.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt21.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\Treiber\ASRock Z77Pro4-M\PW_XFastUSB(v3.02.38).rar" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt42.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="E:\pagefile.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>glyph4.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt11.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>arrow2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt52.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>glyph5.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt12.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bck1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bck2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>preview.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt31.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>glyph6.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt13.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>checkbox2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt21.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>checkbox3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt22.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>sprite1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>checkbox4.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt41.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt23.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt32.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>glyph7.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt61.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt43.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt53.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>bt62.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>checkbox1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>default.skn" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>defbtn1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>main.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>defbtn2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>defbtn3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>glyph1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>glyph2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>glyph3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>sprite1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>tab1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP334\A0514370.exe=>wise0023=>tab2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt51.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt33.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>arrow1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt52.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>arrow2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bck1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bck2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt11.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt12.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt31.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt13.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt22.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt41.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt23.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt32.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt42.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt61.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt43.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt53.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>bt62.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>checkbox1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>checkbox2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>checkbox3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>checkbox4.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>default.skn" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>defbtn1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>defbtn2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>defbtn3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>glyph1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>glyph2.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>glyph3.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>glyph4.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>glyph5.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>glyph6.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>glyph7.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>main.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>preview.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="D:\System Volume Information\_restore{56032469-4EFB-4346-AD1F-382729516EEB}\RP328\A0483687.exe=>wise0023=>tab1.bmp" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Users\nc-be_000\AppData\Local\Abelssoft\.data=>ui.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
</NotScannedDetails>
</ScanDetails>
</ScanSession>
Gruß Tomkin Geändert von Tommkin (06.11.2016 um 23:39 Uhr) Grund: Rechtschreibung |
| Themen zu Rechnet startet plötzlich langsam, unklare Fehlermeldungen in der Ereignisanzeige. |
| administrator, adobe flash player, defender, desktop, explorer, firefox, firewall, flash player, free download, geforce, homepage, installation, langsam, launch, mozilla, node.js, nvcontainer, nvidia, prozesse, realtek, router, rundll, services.exe, software, suche, system, trojaner, usb, windows, windowsapps |
Baum-Darstellung