Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Quickshare von linkury

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.08.2017, 14:02   #1
Lol12
 
Quickshare von linkury - Standard

Quickshare von linkury



Hallo,

Ich habe in meiner systemsteuerung ein Programm Namens QuickShare vom Herausgeber Linkury Inc. gefunden,
Nach reichlichen Googlen habe ich gemerkt das es sich hierbei um einen Virus handelt.
Als ich es Installieren wollte war kurz das Deinstallations Kästchen da und dann kam der typische Avira Ton und das Kästchen verschwand.

Wäre super wenn mir jemand helfen würde diesen Virus von meinem Laptop zu verbannen und zu löschen und alle Spuren die dieser Virus hinterlassen hat.

Danke im voraus!!

Alt 24.08.2017, 14:03   #2
M-K-D-B
/// TB-Ausbilder
 
Quickshare von linkury - Standard

Quickshare von linkury









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.

  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.

  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!

  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.


  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!

  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!

  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.


  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.

  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 24.08.2017, 14:34   #3
Lol12
 
Quickshare von linkury - Standard

Quickshare von linkury



Hallo Matthias,

ersteinmal DANKE!!! für die schnelle Antwort und die angebotene Hilfe! :-)
Hier die gewünschten Sachen :-)

SCHRITT 1

FRST.txt

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von Pflügl (Administrator) auf PFLÜGL-PC (24-08-2017 14:12:15)
Gestartet von C:\Users\lol12
Geladene Profile: Pflügl (Verfügbare Profile: Pflügl & nathalie & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-08-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2013-12-26]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk [2017-08-24]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{75ff37bc-f35e-4fd1-8f72-5840205e2664}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
URLSearchHook: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 - (Kein Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - Keine Datei
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM-x32 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^YYA^de&si=flvrunner&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&ind=2013072811&n=77fd0dab&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {3E5C233F-F334-43B2-87BA-0B102B44359D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {609F3A36-D7A7-45F3-B223-E2F3E96CC3B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {6CB0C3DC-BCBD-4D81-9DD0-96BD1A294EE9} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {95ED1396-3F7D-478C-AD6A-B97A247F1AD6} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a4ae2de500000000000074de2b60baf1&r=947
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_403bc9d4f41241b69d0dd74ec0d909d6_39_1006_20130621_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {E10C5AE2-82EC-4B63-9AAB-2DD26A68FE3F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default [2017-08-24]
FF user.js: detected! => C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js [2013-11-17]
FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nca6gzm3.default -> Sweetpacks Search
FF Homepage: Mozilla\Firefox\Profiles\nca6gzm3.default -> www.google.de
FF Extension: (Avira Browser Safety) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\abs@avira.com.xpi [2017-08-03]
FF Extension: (Adblock Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Tab Mix Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-05-18]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-24] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-02] <==== ACHTUNG

Chrome: 
=======
CHR DefaultProfile: Default
CHR NewTab: Default ->  Active:"chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR Profile: C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-04-01]
CHR Extension: (Google Wallet) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-01]
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Pflügl\AppData\Local\Smartbar/Application\1Extension.crx <nicht gefunden>
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-08-11] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [604216 2017-02-01] (REINER SCT)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.)
S3 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-23] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [173784 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-31] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\WINDOWS\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

Error(1) reading file: "C:\Users\Pflügl\Desktop\www.bildkontakte.de - einfach einen Partner finden   profil   klaus   g.j.c.   div."
2017-08-24 14:12 - 2017-08-24 14:15 - 000022061 _____ C:\Users\lol12\FRST.txt
2017-08-24 14:12 - 2017-08-24 14:12 - 000000000 ____D C:\FRST
2017-08-24 14:10 - 2017-08-24 14:12 - 000000000 ____D C:\Users\lol12
2017-08-24 14:08 - 2017-08-24 14:11 - 002395648 _____ (Farbar) C:\Users\lol12\FRST64.exe
2017-08-24 12:44 - 2017-08-24 12:44 - 005763072 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-24 14:11 - 2015-04-01 19:00 - 000000000 ____D C:\Users\Pflügl\Downloads\Firefox
2017-08-24 14:06 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-24 14:03 - 2016-12-11 22:08 - 000000000 ____D C:\Users\Pflügl\AppData\LocalLow\Mozilla
2017-08-24 14:00 - 2017-01-11 00:34 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-24 13:56 - 2017-01-11 00:40 - 000000000 ____D C:\Users\Pflügl
2017-08-24 13:56 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-24 13:52 - 2017-01-11 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-24 13:52 - 2017-01-11 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-24 13:52 - 2015-04-01 17:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-24 13:14 - 2011-08-11 13:30 - 000000000 ____D C:\Program Files (x86)\CyberLink
2017-08-24 13:14 - 2011-08-11 12:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-24 12:44 - 2013-12-26 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-11 20:10 - 2016-07-16 08:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-11 19:08 - 2016-07-29 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-11 19:03 - 2015-04-01 18:29 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-08-11 19:03 - 2015-04-01 18:29 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-08-03 08:59 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-03 08:52 - 2009-07-14 04:34 - 000000669 _____ C:\WINDOWS\win.ini
2017-08-03 08:39 - 2017-01-11 00:38 - 002580902 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-03 08:39 - 2016-07-17 00:51 - 001057478 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-03 08:39 - 2016-07-17 00:51 - 000256306 _____ C:\WINDOWS\system32\perfc007.dat

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-02-02 19:44 - 2013-07-28 17:17 - 000194952 _____ () C:\Program Files (x86)\8hres.dll
2014-02-02 19:44 - 2013-07-28 17:17 - 000712264 _____ (MindSpark) C:\Program Files (x86)\8hUninstall Allin1Convert.dll
2015-05-17 22:42 - 2015-05-17 22:42 - 006420480 _____ () C:\Program Files (x86)\GUTA86F.tmp
2013-09-13 19:54 - 2013-09-13 19:54 - 000017740 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.dat
2013-09-13 19:54 - 2013-09-13 19:54 - 000013844 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.msg
2014-02-03 12:09 - 2014-07-18 23:20 - 000000106 _____ () C:\Users\Pflügl\AppData\Roaming\WB.CFG
2016-07-15 14:04 - 2016-07-15 14:04 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-01-11 00:33 - 2017-01-11 00:33 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\lol12\FRST64.exe
C:\Users\Public\AlexaNSISPlugin.6676.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-03 20:38

==================== Ende von FRST.txt ============================
         
--- --- ---


Addition.txt
FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Pflügl (24-08-2017 14:16:09)
Gestartet von C:\Users\lol12
Windows 10 Home Version 1607 (X64) (2017-01-11 11:18:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1664608947-3428569484-2814311379-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1664608947-3428569484-2814311379-503 - Limited - Disabled)
Gast (S-1-5-21-1664608947-3428569484-2814311379-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1664608947-3428569484-2814311379-1003 - Limited - Enabled)
nathalie (S-1-5-21-1664608947-3428569484-2814311379-1005 - Administrator - Enabled) => C:\Users\nathalie.Pflügl-PC
Pflügl (S-1-5-21-1664608947-3428569484-2814311379-1001 - Administrator - Enabled) => C:\Users\Pflügl

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.29.32 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.6.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Collector's Edition 251 (HKLM-x32\...\Collector's Edition 251) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.3.5 - REINER SCT)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{25175695-4B20-4298-9F34-C2C57CD277B3}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{DF37555F-0259-43DA-B60C-47106FA14AA3}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.7.22.13 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.1.5.4 - ) <==== ACHTUNG
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
LUXOR 5th Passage (HKLM-x32\...\LUXOR 5th Passage) (Version: 1.1.0.0 - MumboJumbo)
LUXOR Amun Rising HD (HKLM-x32\...\LUXOR Amun Rising HD) (Version: 1.1.0.0 - MumboJumbo)
LUXOR HD (HKLM-x32\...\LUXOR HD) (Version: 1.1.0.0 - MumboJumbo)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3503 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0811.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Packard Bell)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickShare (HKLM-x32\...\{AF860F85-54A3-4A28-879B-BF9E6E325776}) (Version: 1.6.1.952 - Linkury Inc.) <==== ACHTUNG
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rommé 1 (HKLM-x32\...\Rommé 1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{C559DE9F-9451-49E5-9176-316E36192409}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
TuneUp Utilities Language Pack (de-DE) (HKLM-x32\...\{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}) (Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Video Web Camera (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3503 - Packard Bell)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinFunktion Mathematik plus 20 (HKLM-x32\...\{CDBA97DF-63B9-44E7-B900-92E8165260C0}) (Version: 1.00.0000 - bhv Publishing GmbH)
Woodcutter Simulator 2011 (HKLM-x32\...\Woodcutter Simulator 2011) (Version:  - )
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [04MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  -> Keine Datei
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01BB4D1B-818C-42A0-8B4B-F0BE210EEA30} - System32\Tasks\{03604C09-673A-46D7-91D0-CA6847E45206} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {020DD405-A394-493E-A0CB-B783EBD3F509} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {043089C6-8ECC-41BA-8C31-9D399E684526} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {04DDA79F-A03A-4D1D-92C9-818DDB94FB9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) <==== ACHTUNG
Task: {06B82B36-C8DB-4E88-8657-3141B92BD458} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08482869-7638-449B-A5EA-666DC75E2230} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0B7079CF-6583-4042-A382-32A46A0A17F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BAF5FB1-CE07-4410-810F-D2A94D3999DC} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {0E4E0451-2A7E-4E1D-AB7D-C88EE1D220ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {102215A6-16FA-4986-8E15-553FDA45B53F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {10A5FE77-F8C1-47C8-BE1B-C5428967A6D8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {10ED276C-DD72-4CA8-BCF2-D376268DDEE7} - System32\Tasks\{033A4D70-36D7-46FA-9F7D-A9996B7334EF} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {115C02AF-C7DF-4330-A688-E92B8C8CC4C5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1927C3E0-3CC2-4151-8F7F-F8296774A57D} - System32\Tasks\hpUrlLauncher.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\utils\hpUrlLauncher.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {2802C96A-F077-4A17-8011-3294DAF7C369} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {29CDB149-4C4B-477B-9755-08A513679DEB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C9B83-785F-431C-85BF-97D2AA0F4D8C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3E1954-1BC7-40A1-8F0D-5AA94B0302B1} - System32\Tasks\{EB5F7CC8-1425-4DAB-BF0A-DB808FA16761} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {302E1C0A-0A15-44AD-BA44-1786E28CB20C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3151EB25-0E8A-4AE8-992F-BD36A730A79B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3163DEF0-BC1D-47B8-9AF8-DBCF9E8556D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {35F823C9-B2FC-4792-B8D9-3464229D5382} - System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3B1331CB-2787-440D-B754-4090BED944E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3B14775C-29A3-477E-9E6C-E263967BD99C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3B31208C-629E-4B92-AA6A-7C9FC6883795} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {45D9E40C-1CC9-4A5B-ACA5-97ED713ACF04} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {499F3997-E54C-421E-B526-5F6648D49F51} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AA2C224-1479-45B5-8AE5-605F6BB9EED8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4ADD35B4-9050-421C-9098-0EEB76AC112D} - System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {4BBE6D73-6050-437A-80DE-B8233F98BEF5} - System32\Tasks\{1C26DB06-23AC-4B07-B041-48C78A9D1CBD} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {4C2AED65-E5A5-41F8-BCAD-92EF44FF8907} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Pflügl\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {4D3D5094-88FE-4CE0-A91C-2113C2000A42} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-24] (Adobe Systems Incorporated)
Task: {4E44E590-0AAA-4A64-A753-17B70F4280EF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} - System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {5814C7F6-0FFE-44A5-835F-803CF84A9A24} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A8A4A0D-86EE-43C6-8E78-1417869112A8} - System32\Tasks\{A7B29540-1879-4028-B3B8-C127971DA397} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {5F7202B8-6B43-46D4-B496-BD78C43A044A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {628EDDD5-1054-40F0-852F-29C1C5048AB7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {64FCA12B-117D-4AF7-A494-268A560BFF01} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EDF7077-E62B-4942-82AF-20B5A2C43BC4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {722FEC1C-89F5-444A-9226-EE14DBE764E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {75FE8499-D9D8-43D7-9340-6CCCD29A37DE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7755D443-2648-4B89-9EA8-EAF190163556} - System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => C:\Windows\system32\pcalua.exe -a C:\Users\Pflügl\AppData\Roaming\Allmyapps\Allmyapps.exe -c uninstall
Task: {778EF4BA-BFC7-480A-9270-1825B71C55A5} - System32\Tasks\{9DF84523-FD29-4C9E-82DD-775A63EB0FB1} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {800860D9-C124-49BC-93CC-1985C6E97327} - System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {818D08B0-AB79-40A5-9AF8-7C65320AE798} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {83CFBC6A-B820-4018-B988-7BBCBA3EF8DE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85639F17-6779-492C-90D3-2A04C81EAF20} - System32\Tasks\{25B82541-8571-45E6-83AB-4AF95DABF24A} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {8569E4D6-C467-4B53-9C7B-6D6D3A207AEC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AD0768E-4A9E-494C-951A-8D6B0158C676} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8E3C62E9-BB57-4328-BD78-3F42CAE4DE4A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {8EE3DC86-4A70-4349-9AA9-F0203D291B72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {90D8AB43-209E-4370-BAD1-D5259AB7396C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {950A73AF-EF0A-4F16-814B-2894C2203ABB} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe start BrowserDefendert <==== ACHTUNG
Task: {9D8EF176-E6FB-4931-8DB6-99D24652A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A2F0F64E-16E2-4DE3-BD2C-5E63E84C7090} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A421C8AC-59B4-4306-A012-784EB2DEA81A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A6716755-233F-4A56-A111-02A2D4DD0A9B} - System32\Tasks\{0E5B43A1-4CBC-49B7-B663-FC61E5FBB58F} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {A72A0967-0AB3-4972-A197-0DCFCC791D8F} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-Pflügl => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {ABF8455B-5FDC-4FBF-A21F-B8E4F38DE2E2} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-nathalie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {B18AA8C6-1B5E-4934-8263-757AA676496E} - System32\Tasks\{F9402AE5-ACC8-4BA8-9E7E-0375A8F72E09} => C:\Windows\system32\pcalua.exe -a F:\install_flash_player_active_x.exe -d F:\
Task: {B278D98E-6409-45E9-8A49-416935FC9A9B} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {B6F48632-6D52-4C8A-AFF3-9899AB8B5AE7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B85D8103-15F1-4054-9C89-21D9B559D123} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {BFB32430-75BB-4606-BD31-CE87342D524F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {C7A4899A-F1FE-4A82-808D-6CFAE45C319E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFB1136A-F1BC-4634-9CBF-A999C7B3A3C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) <==== ACHTUNG
Task: {D627BDDD-E3F7-4578-9963-518C3686B0C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) <==== ACHTUNG
Task: {D718E290-E157-4664-A9F3-8B04A0A02DC8} - System32\Tasks\{9711830A-13DD-481F-A336-AA3C7885661B} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D71B6264-3754-414A-BF96-9E2E2E614FF8} - System32\Tasks\{B0CE2170-76B6-4422-A267-413ED3F67B11} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D84A16D9-413C-46C6-9768-09EF6339DF29} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {DCAF2E5C-9386-4622-BD13-B534BB0F78A3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {DD91A8EB-DA59-473D-969E-320501B67A7F} - System32\Tasks\{D81F541F-3DE9-4EC6-9DAE-1BF798040AC6} => C:\Windows\system32\pcalua.exe -a "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)\NeoGamma Installer by Wii-Homebrew.exe" -d "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)"
Task: {E8CFFA40-C104-4B30-BD9D-1B3420B5D4C4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB64C26B-0806-4248-8678-D6FE1375A527} - System32\Tasks\{463E93F0-2199-42B9-8D18-DBD746D676A9} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {EC056EB6-2863-4CE6-94AB-5748B2D8EDCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) <==== ACHTUNG
Task: {EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F1C99E32-F492-4038-BD10-731DA69C2968} - System32\Tasks\{1A9F0B80-4630-434D-A4D3-C672A48987F2} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {F2E1695E-1F6E-4122-BB8F-98AF48FAC07A} - \DealPlyUpdate -> Keine Datei <==== ACHTUNG
Task: {F44EBEAB-A6B2-4B21-96BA-E4465EF19E75} - System32\Tasks\{966A14DB-D34B-4A06-BC26-743C4C42F131} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {F518F3A1-B8F3-401C-A21C-3FA1BCF4A3A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F70666D8-716B-49F8-B3AD-5CC32FAEE9E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {FB3379A3-B190-40F2-A65D-03A35D445AD9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Pflügl\Desktop\eBay.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-13 22:48 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-11 18:04 - 2016-12-29 15:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-01-11 00:07 - 2017-01-11 00:07 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 12:02 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 12:03 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-07-13 22:47 - 2017-06-21 08:36 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-07-13 22:47 - 2017-06-21 08:35 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-07-13 22:47 - 2017-06-21 08:37 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-07-24 11:23 - 2017-07-24 11:25 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-24 11:23 - 2017-07-24 11:25 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-24 11:23 - 2017-07-24 11:25 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-24 11:23 - 2017-07-24 11:25 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 003774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-11 17:24 - 2017-02-23 16:30 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-01-11 17:24 - 2017-02-23 16:30 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile:  <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile:  <==== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Control Panel\Desktop\\Wallpaper -> c:\users\pflügl\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{ceedc30e-03f3-4223-aeb0-1bb4c000d5a6}.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{6764BC9A-AB39-4504-8F82-9BDA992F3446}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [UDP Query User{823B4211-7E40-4248-98CF-BE85E7AC7085}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{53EC6C2E-FAAC-4F66-9EF9-3520406A6913}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4692755E-2E62-439A-8D1C-8A1EE34316D0}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{12F65F9D-A5BE-4325-98C7-E6278A2CDE17}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [{B1908BEA-AD44-41F3-B7FB-8639558AB54D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0E349DC-E761-452A-A9C8-FF5372646FE2}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{09B2A8BF-15F4-49C1-AB92-DCD9C3EF35D3}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{4B4D1B33-47F8-4FA5-A55A-5984420C7F87}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{B617C342-BBB7-4B32-B821-505EAAB675BB}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{A06D5442-904C-441E-BBFB-D978E61202D3}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{DA1C4275-AAF6-4019-9F46-4E7BF1F14776}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{1C8A7C60-770C-4F71-AF74-DFB5A766E952}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{B85F5BC9-5B59-4EBA-A6C2-7BA604913A9A}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{02AF66E7-A9F6-45F0-89FE-093EA2A1B1D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{565DC845-DF99-4033-9771-B3277CA0BA27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6535CE99-10FD-4752-A321-1CFA1864D1D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{A1A6D11E-B062-466A-9269-32740E3A90C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D6417DF7-A14F-414F-906E-771A3732508C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CB0909D1-9148-41EF-A181-315C3D60A4BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6A09E45E-391E-4FAF-966C-BAF4700D2641}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Wiederherstellungspunkte =========================

09-07-2017 11:34:16 Windows Update
13-07-2017 23:18:01 Windows Update
13-07-2017 23:19:20 Windows Update
03-08-2017 08:48:12 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/24/2017 01:11:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (08/24/2017 01:09:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/24/2017 12:48:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1316.Das angegebene Konto ist bereits vorhanden.

Error: (08/24/2017 12:43:33 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.

Error: (08/24/2017 12:43:33 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.

Error: (08/11/2017 06:55:50 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.

Error: (08/03/2017 08:48:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (07/24/2017 11:42:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Pflügl\Pictures\SoftonicDownloader_fuer_abiword.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (07/24/2017 11:27:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pflügl-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/24/2017 11:06:05 AM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.


Systemfehler:
=============
Error: (08/24/2017 01:58:32 PM) (Source: DCOM) (EventID: 10016) (User: Pflügl-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Pflügl-PC\Pflügl" (SID: S-1-5-21-1664608947-3428569484-2814311379-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/24/2017 01:56:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_5733f" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (08/24/2017 01:53:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetPipeActivator" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/24/2017 01:53:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.

Error: (08/24/2017 01:53:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira.ServiceHost erreicht.

Error: (08/24/2017 01:53:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (08/24/2017 01:52:45 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎08.‎2017 um 13:31:21 unerwartet heruntergefahren.

Error: (08/24/2017 12:43:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_39527" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (08/24/2017 12:41:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/24/2017 12:41:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 1152.6 MB
Summe virtueller Speicher: 7915.86 MB
Verfügbarer virtueller Speicher: 4794.09 MB

==================== Laufwerke ================================

Drive c: (Packard Bell) (Fixed) (Total:678.54 GB) (Free:597.2 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 8397C1BA)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=678.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
--- --- ---



SCHRITT 2

Code:
ATTFilter
14:28:31.0557 0x1e48  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
14:28:37.0369 0x1e48  ============================================================
14:28:37.0369 0x1e48  Current date / time: 2017/08/24 14:28:37.0369
14:28:37.0369 0x1e48  SystemInfo:
14:28:37.0369 0x1e48  
14:28:37.0369 0x1e48  OS Version: 10.0.14393 ServicePack: 0.0
14:28:37.0369 0x1e48  Product type: Workstation
14:28:37.0369 0x1e48  ComputerName: PFLÜGL-PC
14:28:37.0369 0x1e48  UserName: Pflügl
14:28:37.0369 0x1e48  Windows directory: C:\WINDOWS
14:28:37.0369 0x1e48  System windows directory: C:\WINDOWS
14:28:37.0369 0x1e48  Running under WOW64
14:28:37.0369 0x1e48  Processor architecture: Intel x64
14:28:37.0369 0x1e48  Number of processors: 4
14:28:37.0369 0x1e48  Page size: 0x1000
14:28:37.0369 0x1e48  Boot type: Normal boot
14:28:37.0369 0x1e48  CodeIntegrityOptions = 0x00000001
14:28:37.0369 0x1e48  ============================================================
14:28:37.0369 0x1e48  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1480, osProperties = 0x19
14:28:37.0666 0x1e48  System UUID: {87F4E558-BE4F-298E-ECB8-1DA4EEBA9E42}
14:28:38.0213 0x1e48  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:28:38.0229 0x1e48  ============================================================
14:28:38.0229 0x1e48  \Device\Harddisk0\DR0:
14:28:38.0260 0x1e48  MBR partitions:
14:28:38.0260 0x1e48  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
14:28:38.0260 0x1e48  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x54D13000
14:28:38.0260 0x1e48  ============================================================
14:28:38.0307 0x1e48  C: <-> \Device\Harddisk0\DR0\Partition2
14:28:38.0307 0x1e48  ============================================================
14:28:38.0307 0x1e48  Initialize success
14:28:38.0307 0x1e48  ============================================================
14:29:00.0433 0x1d0c  ============================================================
14:29:00.0433 0x1d0c  Scan started
14:29:00.0433 0x1d0c  Mode: Manual; 
14:29:00.0433 0x1d0c  ============================================================
14:29:00.0433 0x1d0c  KSN ping started
14:29:00.0480 0x1d0c  KSN ping finished: true
14:29:01.0902 0x1d0c  ================ Scan system memory ========================
14:29:01.0902 0x1d0c  System memory - ok
14:29:01.0902 0x1d0c  ================ Scan services =============================
14:29:03.0340 0x1d0c  1394ohci - ok
14:29:03.0371 0x1d0c  3ware - ok
14:29:03.0387 0x1d0c  ACPI - ok
14:29:03.0402 0x1d0c  AcpiDev - ok
14:29:03.0418 0x1d0c  acpiex - ok
14:29:03.0418 0x1d0c  acpipagr - ok
14:29:03.0433 0x1d0c  AcpiPmi - ok
14:29:03.0449 0x1d0c  acpitime - ok
14:29:03.0668 0x1d0c  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
14:29:03.0683 0x1d0c  AdobeActiveFileMonitor9.0 - ok
14:29:03.0824 0x1d0c  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:29:03.0840 0x1d0c  AdobeARMservice - ok
14:29:04.0496 0x1d0c  [ C52B8980692CACB057742C450D734149, BB2D7034592B6EBBECE5A73FB625E1352FD59972620523022CABA68EE00B7B98 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:29:04.0512 0x1d0c  AdobeFlashPlayerUpdateSvc - ok
14:29:04.0543 0x1d0c  ADP80XX - ok
14:29:04.0558 0x1d0c  AFD - ok
14:29:04.0590 0x1d0c  ahcache - ok
14:29:04.0621 0x1d0c  AJRouter - ok
14:29:04.0637 0x1d0c  ALG - ok
14:29:04.0683 0x1d0c  AmdK8 - ok
14:29:04.0699 0x1d0c  AmdPPM - ok
14:29:04.0715 0x1d0c  amdsata - ok
14:29:04.0715 0x1d0c  amdsbs - ok
14:29:04.0715 0x1d0c  amdxata - ok
14:29:05.0074 0x1d0c  [ 0ACC38DF0CFF151C63AD6F6F35C55D0C, E77574F3FBF50FA6935D79AB2282971FBA5FC52FD626797CDFEA50889DFEAE2B ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
14:29:05.0168 0x1d0c  AntiVirMailService - ok
14:29:05.0246 0x1d0c  [ 22B27C504A06096CDF3D5D0D46893EA0, 587B1A8AD24526A300563EACB0157099AA5CC3F2208534C91698758364EBE0AE ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:29:05.0277 0x1d0c  AntiVirSchedulerService - ok
14:29:05.0340 0x1d0c  [ 22B27C504A06096CDF3D5D0D46893EA0, 587B1A8AD24526A300563EACB0157099AA5CC3F2208534C91698758364EBE0AE ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:29:05.0355 0x1d0c  AntiVirService - ok
14:29:05.0527 0x1d0c  [ 8D2DD42AA98E1BD156FB59B320C0C613, 8711ECB09D420B3A3CA81F9326B23E9ED38D3D39CBDA332E59770DAA3E8A6CD3 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
14:29:05.0590 0x1d0c  AntiVirWebService - ok
14:29:05.0637 0x1d0c  AppHostSvc - ok
14:29:05.0668 0x1d0c  AppID - ok
14:29:05.0715 0x1d0c  AppIDSvc - ok
14:29:05.0746 0x1d0c  Appinfo - ok
14:29:05.0777 0x1d0c  applockerfltr - ok
14:29:05.0824 0x1d0c  AppReadiness - ok
14:29:05.0840 0x1d0c  AppXSvc - ok
14:29:05.0840 0x1d0c  arcsas - ok
14:29:06.0090 0x1d0c  aspnet_state - ok
14:29:06.0105 0x1d0c  AsyncMac - ok
14:29:06.0152 0x1d0c  atapi - ok
14:29:06.0199 0x1d0c  athr - ok
14:29:06.0246 0x1d0c  AudioEndpointBuilder - ok
14:29:06.0262 0x1d0c  Audiosrv - ok
14:29:06.0309 0x1d0c  [ 4621EA3385170B087A03F3C90E276B4A, 1513802CF844B1B7A70C820AEF732EDA432D44CD8726560D95F05EB5CA556CD7 ] avdevprot       C:\WINDOWS\system32\DRIVERS\avdevprot.sys
14:29:06.0324 0x1d0c  avdevprot - ok
14:29:06.0371 0x1d0c  [ 6FA5F3EA4F088EEECC5519A8C92ACC6D, 197BEFF6AFCA9A4E9C8504DCA4D039D497E05288ABC0927F3521425A14B3DAF9 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:29:06.0387 0x1d0c  avgntflt - ok
14:29:06.0418 0x1d0c  [ C320148D031EA49D210C6DDEC4405EE3, 5DF6A142F399A2BAA1F3708A92F284BB2905229A1E9D438275BF04C918DBE1A3 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:29:06.0418 0x1d0c  avipbb - ok
14:29:06.0512 0x1d0c  [ 899C706D9C5A829BEA290CD02A95B07C, 40121149932C76E2377386D4C286E1C0CE5AE382515C8DE391B68A0E77478B28 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
14:29:06.0543 0x1d0c  Avira.ServiceHost - ok
14:29:06.0574 0x1d0c  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:29:06.0574 0x1d0c  avkmgr - ok
14:29:06.0590 0x1d0c  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
14:29:06.0590 0x1d0c  avnetflt - ok
14:29:06.0605 0x1d0c  AxInstSV - ok
14:29:06.0621 0x1d0c  b06bdrv - ok
14:29:06.0652 0x1d0c  [ 0630C8915B747E88E825CE7F73B66A5D, E9B465EE23487B59B1C906B04F9235B0BFBF254C1760E2462A7D1D7FE1655088 ] b57xdbd         C:\WINDOWS\System32\drivers\b57xdbd.sys
14:29:06.0668 0x1d0c  b57xdbd - ok
14:29:06.0684 0x1d0c  [ CA8457E528E13B38F8DC3B86B6BA4C6B, 532E48BBBA806608EBEFE10A94DCE2BFE8918D8DD6DEF6871F44FEEDA51238B8 ] b57xdmp         C:\WINDOWS\System32\drivers\b57xdmp.sys
14:29:06.0699 0x1d0c  b57xdmp - ok
14:29:06.0730 0x1d0c  BasicDisplay - ok
14:29:06.0793 0x1d0c  BasicRender - ok
14:29:06.0840 0x1d0c  bcmfn - ok
14:29:06.0840 0x1d0c  bcmfn2 - ok
14:29:06.0871 0x1d0c  BDESVC - ok
14:29:06.0887 0x1d0c  Beep - ok
14:29:06.0934 0x1d0c  BFE - ok
14:29:06.0980 0x1d0c  BITS - ok
14:29:06.0980 0x1d0c  bowser - ok
14:29:07.0012 0x1d0c  BrokerInfrastructure - ok
14:29:07.0043 0x1d0c  Browser - ok
14:29:07.0090 0x1d0c  [ 0E9B28782D0E5DE7C25207432B791B33, FE33E3B27BEED03922DB2565DECC0E12F8CD586B5060EE4A1A87FF99EEC77B22 ] bScsiMSa        C:\WINDOWS\System32\drivers\bScsiMSa.sys
14:29:07.0105 0x1d0c  bScsiMSa - ok
14:29:07.0137 0x1d0c  [ 59CA958CBB12C3344A22D33D3582F4C0, 29F06D9B507703D6F4DA28230E067340FC11B63DDEB5C113E6F991C4EC87FB7A ] bScsiSDa        C:\WINDOWS\System32\drivers\bScsiSDa.sys
14:29:07.0137 0x1d0c  bScsiSDa - ok
14:29:07.0168 0x1d0c  BthAvrcpTg - ok
14:29:07.0184 0x1d0c  BthHFEnum - ok
14:29:07.0184 0x1d0c  bthhfhid - ok
14:29:07.0215 0x1d0c  BthHFSrv - ok
14:29:07.0230 0x1d0c  BTHMODEM - ok
14:29:07.0262 0x1d0c  bthserv - ok
14:29:07.0309 0x1d0c  buttonconverter - ok
14:29:07.0340 0x1d0c  CapImg - ok
14:29:07.0371 0x1d0c  cdfs - ok
14:29:07.0387 0x1d0c  CDPSvc - ok
14:29:07.0387 0x1d0c  CDPUserSvc - ok
14:29:07.0480 0x1d0c  cdrom - ok
14:29:07.0527 0x1d0c  CertPropSvc - ok
14:29:07.0543 0x1d0c  cht4iscsi - ok
14:29:07.0559 0x1d0c  cht4vbd - ok
14:29:07.0574 0x1d0c  circlass - ok
14:29:08.0527 0x1d0c  [ E6C13708EC768ABE89BC45F7F12F49DB, 713C2FC2DF6EC3E79871A639686FE0358A564927D696EB2ED9AB5EDEAA9D47D2 ] cjpcsc          C:\WINDOWS\SysWOW64\cjpcsc.exe
14:29:08.0731 0x1d0c  cjpcsc - ok
14:29:08.0746 0x1d0c  [ E3B86AB029D1C523981C3476DE859521, F787284359F6322DB7135FCDFD3DA3EFD92FBBB95F3DC5C9D77B881A8351B080 ] cjusb           C:\WINDOWS\system32\DRIVERS\cjusb.sys
14:29:08.0746 0x1d0c  cjusb - ok
14:29:08.0762 0x1d0c  CLFS - ok
14:29:08.0793 0x1d0c  ClipSVC - ok
14:29:08.0809 0x1d0c  clreg - ok
14:29:08.0840 0x1d0c  CmBatt - ok
14:29:08.0871 0x1d0c  CNG - ok
14:29:08.0871 0x1d0c  cnghwassist - ok
14:29:09.0277 0x1d0c  CompositeBus - ok
14:29:09.0293 0x1d0c  COMSysApp - ok
14:29:09.0309 0x1d0c  condrv - ok
14:29:09.0340 0x1d0c  CoreMessagingRegistrar - ok
14:29:09.0731 0x1d0c  [ 5D19617245C798A0EED86D4D36B8C6E8, 90AB9125B1A56134489E81CE5AEE1F2C7005BE505E52603B1A884A2B8C3C4735 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:29:10.0106 0x1d0c  cphs - ok
14:29:10.0121 0x1d0c  CryptSvc - ok
14:29:10.0153 0x1d0c  dam - ok
14:29:10.0168 0x1d0c  DcomLaunch - ok
14:29:10.0199 0x1d0c  DcpSvc - ok
14:29:10.0215 0x1d0c  defragsvc - ok
14:29:10.0246 0x1d0c  DeviceAssociationService - ok
14:29:10.0278 0x1d0c  DeviceInstall - ok
14:29:10.0293 0x1d0c  DevQueryBroker - ok
14:29:10.0309 0x1d0c  Dfsc - ok
14:29:10.0340 0x1d0c  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
14:29:10.0356 0x1d0c  dg_ssudbus - ok
14:29:10.0403 0x1d0c  Dhcp - ok
14:29:10.0481 0x1d0c  diagnosticshub.standardcollector.service - ok
14:29:10.0528 0x1d0c  DiagTrack - ok
14:29:10.0559 0x1d0c  disk - ok
14:29:10.0606 0x1d0c  DmEnrollmentSvc - ok
14:29:10.0653 0x1d0c  dmvsc - ok
14:29:10.0684 0x1d0c  dmwappushservice - ok
14:29:10.0746 0x1d0c  Dnscache - ok
14:29:10.0762 0x1d0c  dot3svc - ok
14:29:10.0793 0x1d0c  DPS - ok
14:29:10.0809 0x1d0c  drmkaud - ok
14:29:11.0012 0x1d0c  [ 9DD3A22F804697606C2B7FF9E912FF6B, BBE2FC0D554030BA9E3A96CC4A360D61DBCCAA1D81BD7547809F29A3AF0B3A25 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
14:29:11.0012 0x1d0c  DsiWMIService - ok
14:29:11.0074 0x1d0c  DsmSvc - ok
14:29:11.0090 0x1d0c  DsSvc - ok
14:29:11.0121 0x1d0c  DXGKrnl - ok
14:29:11.0168 0x1d0c  EapHost - ok
14:29:11.0184 0x1d0c  ebdrv - ok
14:29:11.0215 0x1d0c  EFS - ok
14:29:11.0246 0x1d0c  EhStorClass - ok
14:29:11.0293 0x1d0c  EhStorTcgDrv - ok
14:29:11.0309 0x1d0c  embeddedmode - ok
14:29:11.0340 0x1d0c  EntAppSvc - ok
14:29:11.0590 0x1d0c  [ 48425C93B6F36529707206E4FA680CF3, 328BD59DEDFAD359EF79CCFBC2AD3E9C95657EC616AE0611F5EFEB34B810692A ] ePowerSvc       C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
14:29:11.0637 0x1d0c  ePowerSvc - ok
14:29:11.0653 0x1d0c  ErrDev - ok
14:29:11.0715 0x1d0c  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
14:29:11.0731 0x1d0c  ETD - ok
14:29:11.0824 0x1d0c  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
14:29:11.0824 0x1d0c  ETDService - ok
14:29:11.0887 0x1d0c  EventSystem - ok
14:29:11.0887 0x1d0c  exfat - ok
14:29:11.0918 0x1d0c  fastfat - ok
14:29:11.0934 0x1d0c  Fax - ok
14:29:11.0949 0x1d0c  fdc - ok
14:29:11.0981 0x1d0c  fdPHost - ok
14:29:11.0996 0x1d0c  FDResPub - ok
14:29:12.0043 0x1d0c  fhsvc - ok
14:29:12.0074 0x1d0c  FileCrypt - ok
14:29:12.0121 0x1d0c  FileInfo - ok
14:29:12.0153 0x1d0c  Filetrace - ok
14:29:12.0184 0x1d0c  flpydisk - ok
14:29:12.0184 0x1d0c  FltMgr - ok
14:29:12.0246 0x1d0c  FontCache - ok
14:29:12.0434 0x1d0c  FontCache3.0.0.0 - ok
14:29:12.0512 0x1d0c  FrameServer - ok
14:29:12.0528 0x1d0c  FsDepends - ok
14:29:12.0528 0x1d0c  Fs_Rec - ok
14:29:12.0543 0x1d0c  fvevol - ok
14:29:12.0590 0x1d0c  gencounter - ok
14:29:12.0668 0x1d0c  genericusbfn - ok
14:29:12.0700 0x1d0c  GPIOClx0101 - ok
14:29:12.0746 0x1d0c  gpsvc - ok
14:29:12.0778 0x1d0c  GpuEnergyDrv - ok
14:29:12.0809 0x1d0c  HDAudBus - ok
14:29:12.0809 0x1d0c  HidBatt - ok
14:29:12.0809 0x1d0c  HidBth - ok
14:29:12.0825 0x1d0c  hidi2c - ok
14:29:12.0840 0x1d0c  hidinterrupt - ok
14:29:12.0871 0x1d0c  HidIr - ok
14:29:12.0903 0x1d0c  hidserv - ok
14:29:12.0934 0x1d0c  HidUsb - ok
14:29:12.0965 0x1d0c  HomeGroupListener - ok
14:29:12.0981 0x1d0c  HomeGroupProvider - ok
14:29:13.0028 0x1d0c  HpSAMD - ok
14:29:13.0106 0x1d0c  [ EA0047216B112D4E2B38ECF6F9D769AC, 92250C8CBE4373716FF777A929AC0D88181660BA94B0BB656EFA1BF448D858C8 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
14:29:13.0106 0x1d0c  HPSupportSolutionsFrameworkService - ok
14:29:13.0153 0x1d0c  HTTP - ok
14:29:13.0184 0x1d0c  HvHost - ok
14:29:13.0231 0x1d0c  hvservice - ok
14:29:13.0231 0x1d0c  hwpolicy - ok
14:29:13.0262 0x1d0c  hyperkbd - ok
14:29:13.0278 0x1d0c  i8042prt - ok
14:29:13.0278 0x1d0c  iagpio - ok
14:29:13.0293 0x1d0c  iai2c - ok
14:29:13.0309 0x1d0c  iaLPSS2i_GPIO2 - ok
14:29:13.0340 0x1d0c  iaLPSS2i_I2C - ok
14:29:13.0340 0x1d0c  iaLPSSi_GPIO - ok
14:29:13.0356 0x1d0c  iaLPSSi_I2C - ok
14:29:13.0371 0x1d0c  iaStorAV - ok
14:29:13.0387 0x1d0c  iaStorV - ok
14:29:13.0418 0x1d0c  ibbus - ok
14:29:13.0450 0x1d0c  icssvc - ok
14:29:13.0996 0x1d0c  [ 226EAECA4F21F899E3F0C95297678A0B, DC18AAE3F1505C9BECB75218F4CCCD8DC6E1C6258EDA9A57B57028246EF346FA ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:29:14.0168 0x1d0c  igfx - ok
14:29:14.0200 0x1d0c  IKEEXT - ok
14:29:14.0215 0x1d0c  IndirectKmd - ok
14:29:14.0606 0x1d0c  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:29:14.0731 0x1d0c  IntcAzAudAddService - ok
14:29:14.0809 0x1d0c  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
14:29:14.0825 0x1d0c  IntcDAud - ok
14:29:14.0840 0x1d0c  intelide - ok
14:29:14.0856 0x1d0c  intelpep - ok
14:29:14.0887 0x1d0c  intelppm - ok
14:29:14.0918 0x1d0c  iorate - ok
14:29:14.0934 0x1d0c  IpFilterDriver - ok
14:29:14.0965 0x1d0c  iphlpsvc - ok
14:29:14.0997 0x1d0c  IPMIDRV - ok
14:29:15.0028 0x1d0c  IPNAT - ok
14:29:15.0028 0x1d0c  irda - ok
14:29:15.0028 0x1d0c  IRENUM - ok
14:29:15.0059 0x1d0c  irmon - ok
14:29:15.0106 0x1d0c  isapnp - ok
14:29:15.0122 0x1d0c  iScsiPrt - ok
14:29:15.0153 0x1d0c  k57nd60a - ok
14:29:15.0168 0x1d0c  kbdclass - ok
14:29:15.0200 0x1d0c  kbdhid - ok
14:29:15.0247 0x1d0c  kdnic - ok
14:29:15.0262 0x1d0c  KeyIso - ok
14:29:15.0278 0x1d0c  KSecDD - ok
14:29:15.0309 0x1d0c  KSecPkg - ok
14:29:15.0325 0x1d0c  ksthunk - ok
14:29:15.0340 0x1d0c  KtmRm - ok
14:29:15.0356 0x1d0c  LanmanServer - ok
14:29:15.0372 0x1d0c  LanmanWorkstation - ok
14:29:15.0512 0x1d0c  [ D186AAAE72691136BDE00BBB41F48D12, C64885A726C0642C92BC4993667696DFEC8D284C20872D58E49786EE280A01ED ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
14:29:15.0528 0x1d0c  LBTServ - ok
14:29:15.0543 0x1d0c  lfsvc - ok
14:29:15.0575 0x1d0c  [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
14:29:15.0590 0x1d0c  LHidFilt - ok
14:29:15.0622 0x1d0c  LicenseManager - ok
14:29:15.0747 0x1d0c  [ B705C7097F9A0EC941D02DCE7C7D426C, 1A137BEA25BF7BA1EF190212CD6E556B53293D6388E9F7E790BF53F641F3CF89 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
14:29:15.0762 0x1d0c  Live Updater Service - ok
14:29:15.0778 0x1d0c  lltdio - ok
14:29:15.0793 0x1d0c  lltdsvc - ok
14:29:15.0825 0x1d0c  lmhosts - ok
14:29:15.0856 0x1d0c  [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
14:29:15.0856 0x1d0c  LMouFilt - ok
14:29:15.0934 0x1d0c  [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:29:15.0950 0x1d0c  LMS - ok
14:29:15.0981 0x1d0c  LSI_SAS - ok
14:29:15.0997 0x1d0c  LSI_SAS2i - ok
14:29:15.0997 0x1d0c  LSI_SAS3i - ok
14:29:16.0012 0x1d0c  LSI_SSS - ok
14:29:16.0043 0x1d0c  LSM - ok
14:29:16.0043 0x1d0c  luafv - ok
14:29:16.0090 0x1d0c  MapsBroker - ok
14:29:16.0106 0x1d0c  megasas - ok
14:29:16.0137 0x1d0c  megasas2i - ok
14:29:16.0168 0x1d0c  megasr - ok
14:29:16.0200 0x1d0c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
14:29:16.0215 0x1d0c  MEIx64 - ok
14:29:16.0247 0x1d0c  MessagingService - ok
14:29:16.0434 0x1d0c  Microsoft SharePoint Workspace Audit Service - ok
14:29:16.0450 0x1d0c  mlx4_bus - ok
14:29:16.0465 0x1d0c  MMCSS - ok
14:29:16.0497 0x1d0c  Modem - ok
14:29:16.0543 0x1d0c  monitor - ok
14:29:16.0575 0x1d0c  mouclass - ok
14:29:16.0590 0x1d0c  mouhid - ok
14:29:16.0590 0x1d0c  mountmgr - ok
14:29:16.0653 0x1d0c  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:29:16.0668 0x1d0c  MozillaMaintenance - ok
14:29:16.0684 0x1d0c  mpsdrv - ok
14:29:16.0700 0x1d0c  MpsSvc - ok
14:29:16.0747 0x1d0c  MQAC - ok
14:29:16.0762 0x1d0c  MRxDAV - ok
14:29:16.0793 0x1d0c  mrxsmb - ok
14:29:16.0809 0x1d0c  mrxsmb10 - ok
14:29:16.0825 0x1d0c  mrxsmb20 - ok
14:29:16.0856 0x1d0c  MsBridge - ok
14:29:16.0872 0x1d0c  MSDTC - ok
14:29:16.0872 0x1d0c  Msfs - ok
14:29:16.0934 0x1d0c  msgpiowin32 - ok
14:29:16.0965 0x1d0c  mshidkmdf - ok
14:29:16.0981 0x1d0c  mshidumdf - ok
14:29:16.0981 0x1d0c  msisadrv - ok
14:29:17.0028 0x1d0c  MSiSCSI - ok
14:29:17.0043 0x1d0c  msiserver - ok
14:29:17.0075 0x1d0c  MSKSSRV - ok
14:29:17.0075 0x1d0c  MsLldp - ok
14:29:17.0122 0x1d0c  MSMQ - ok
14:29:17.0137 0x1d0c  MSPCLOCK - ok
14:29:17.0137 0x1d0c  MSPQM - ok
14:29:17.0153 0x1d0c  MsRPC - ok
14:29:17.0184 0x1d0c  mssmbios - ok
14:29:17.0184 0x1d0c  MSTEE - ok
14:29:17.0215 0x1d0c  MTConfig - ok
14:29:17.0231 0x1d0c  Mup - ok
14:29:17.0247 0x1d0c  mvumis - ok
14:29:17.0278 0x1d0c  NativeWifiP - ok
14:29:17.0418 0x1d0c  [ 13AA2130F2A104DD775EAD0F0EE5417B, EBA07599FC2D10750CE6372EA6BA94EDDAFFF732223A1135F1971B958A6B57A2 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
14:29:17.0450 0x1d0c  NAUpdate - ok
14:29:17.0450 0x1d0c  NcaSvc - ok
14:29:17.0481 0x1d0c  NcbService - ok
14:29:17.0481 0x1d0c  NcdAutoSetup - ok
14:29:17.0512 0x1d0c  ndfltr - ok
14:29:17.0544 0x1d0c  NDIS - ok
14:29:17.0544 0x1d0c  NdisCap - ok
14:29:17.0590 0x1d0c  NdisImPlatform - ok
14:29:17.0590 0x1d0c  NdisTapi - ok
14:29:17.0606 0x1d0c  Ndisuio - ok
14:29:17.0606 0x1d0c  NdisVirtualBus - ok
14:29:17.0622 0x1d0c  NdisWan - ok
14:29:17.0637 0x1d0c  ndiswanlegacy - ok
14:29:17.0637 0x1d0c  ndproxy - ok
14:29:17.0637 0x1d0c  Ndu - ok
14:29:17.0669 0x1d0c  NetAdapterCx - ok
14:29:17.0684 0x1d0c  NetBIOS - ok
14:29:17.0700 0x1d0c  NetBT - ok
14:29:17.0700 0x1d0c  Netlogon - ok
14:29:17.0715 0x1d0c  Netman - ok
14:29:18.0028 0x1d0c  NetMsmqActivator - ok
14:29:18.0044 0x1d0c  NetPipeActivator - ok
14:29:18.0059 0x1d0c  netprofm - ok
14:29:18.0106 0x1d0c  NetSetupSvc - ok
14:29:18.0106 0x1d0c  NetTcpActivator - ok
14:29:18.0106 0x1d0c  NetTcpPortSharing - ok
14:29:18.0137 0x1d0c  NgcCtnrSvc - ok
14:29:18.0137 0x1d0c  NgcSvc - ok
14:29:18.0153 0x1d0c  NlaSvc - ok
14:29:18.0169 0x1d0c  Npfs - ok
14:29:18.0215 0x1d0c  npsvctrig - ok
14:29:18.0231 0x1d0c  nsi - ok
14:29:18.0231 0x1d0c  nsiproxy - ok
14:29:18.0262 0x1d0c  NTFS - ok
14:29:18.0278 0x1d0c  Null - ok
14:29:18.0387 0x1d0c  [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
14:29:18.0403 0x1d0c  NvContainerLocalSystem - ok
14:29:18.0419 0x1d0c  [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
14:29:18.0419 0x1d0c  NvContainerNetworkService - ok
14:29:20.0575 0x1d0c  [ 88F3EEDD47473E7206C0A049AE96A0F7, 3A02CF546993270E3DE2715F1065A4832CC1F2C6CCB62D87DDB939C423EF1EA1 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys
14:29:20.0981 0x1d0c  nvlddmkm - ok
14:29:21.0028 0x1d0c  [ 63718B0FF94E14B883650DA9CD7DBED9, 37BA4B85E677E041277051B476A640E8FA270B423B5D41874050AAAE91619AFE ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
14:29:21.0044 0x1d0c  nvpciflt - ok
14:29:21.0091 0x1d0c  nvraid - ok
14:29:21.0106 0x1d0c  nvstor - ok
14:29:21.0169 0x1d0c  [ 05FECCB901276013D16A42AD4CFCE24B, 281E2F23E5C820FA670E908EA1798F3FA062C4DD37B16DF73CE13E58B6F3C56E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:29:21.0184 0x1d0c  NvStreamKms - ok
14:29:21.0294 0x1d0c  [ 40B216E2D52371BC377C892FE83E63E9, AFD5466C86F0B0B54BE9AE6EF172D1B8F1F828C867FDA91CDD4E0A805D6EF71E ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
14:29:21.0325 0x1d0c  NvTelemetryContainer - ok
14:29:21.0356 0x1d0c  [ FC7835536FA1EA57B2996B6340A08D1B, D2CF883103316E747C11D10121C65742D748FC79BF7E3665A648FF5586AADA0A ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
14:29:21.0356 0x1d0c  nvvad_WaveExtensible - ok
14:29:21.0387 0x1d0c  [ 848DD3F4E7346B03F380AEA9A50F829B, F8B6E6F88619E9F0A7CB8039B4AC8765796857F634CCC73A1EC9768D16517F75 ] nvvhci          C:\WINDOWS\System32\drivers\nvvhci.sys
14:29:21.0403 0x1d0c  nvvhci - ok
14:29:21.0434 0x1d0c  OneSyncSvc - ok
14:29:21.0512 0x1d0c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:29:21.0528 0x1d0c  ose - ok
14:29:22.0012 0x1d0c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:29:22.0153 0x1d0c  osppsvc - ok
14:29:22.0184 0x1d0c  p2pimsvc - ok
14:29:22.0200 0x1d0c  p2psvc - ok
14:29:22.0231 0x1d0c  Parport - ok
14:29:22.0247 0x1d0c  partmgr - ok
14:29:22.0263 0x1d0c  PcaSvc - ok
14:29:22.0294 0x1d0c  pci - ok
14:29:22.0341 0x1d0c  pciide - ok
14:29:22.0341 0x1d0c  pcmcia - ok
14:29:22.0341 0x1d0c  pcw - ok
14:29:22.0372 0x1d0c  pdc - ok
14:29:22.0388 0x1d0c  PEAUTH - ok
14:29:22.0434 0x1d0c  percsas2i - ok
14:29:22.0434 0x1d0c  percsas3i - ok
14:29:23.0075 0x1d0c  PerfHost - ok
14:29:23.0122 0x1d0c  PhoneSvc - ok
14:29:23.0153 0x1d0c  PimIndexMaintenanceSvc - ok
14:29:23.0200 0x1d0c  pla - ok
14:29:23.0231 0x1d0c  PlugPlay - ok
14:29:23.0247 0x1d0c  PNRPAutoReg - ok
14:29:23.0247 0x1d0c  PNRPsvc - ok
14:29:23.0278 0x1d0c  PolicyAgent - ok
14:29:23.0278 0x1d0c  Power - ok
14:29:23.0325 0x1d0c  PptpMiniport - ok
14:29:23.0622 0x1d0c  [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:29:23.0747 0x1d0c  PrintNotify - ok
14:29:23.0778 0x1d0c  Processor - ok
14:29:23.0809 0x1d0c  ProfSvc - ok
14:29:23.0809 0x1d0c  Psched - ok
14:29:23.0872 0x1d0c  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\WINDOWS\system32\Drivers\PxHlpa64.sys
14:29:23.0888 0x1d0c  PxHlpa64 - ok
14:29:23.0903 0x1d0c  QWAVE - ok
14:29:23.0919 0x1d0c  QWAVEdrv - ok
14:29:23.0934 0x1d0c  RasAcd - ok
14:29:23.0997 0x1d0c  RasAgileVpn - ok
14:29:23.0997 0x1d0c  RasAuto - ok
14:29:24.0013 0x1d0c  Rasl2tp - ok
14:29:24.0028 0x1d0c  RasMan - ok
14:29:24.0028 0x1d0c  RasPppoe - ok
14:29:24.0044 0x1d0c  RasSstp - ok
14:29:24.0059 0x1d0c  rdbss - ok
14:29:24.0075 0x1d0c  rdpbus - ok
14:29:24.0075 0x1d0c  RDPDR - ok
14:29:24.0106 0x1d0c  RdpVideoMiniport - ok
14:29:24.0138 0x1d0c  rdyboost - ok
14:29:24.0169 0x1d0c  ReFSv1 - ok
14:29:24.0184 0x1d0c  RemoteAccess - ok
14:29:24.0216 0x1d0c  RemoteRegistry - ok
14:29:24.0247 0x1d0c  RetailDemo - ok
14:29:24.0263 0x1d0c  RmSvc - ok
14:29:24.0294 0x1d0c  RpcEptMapper - ok
14:29:24.0310 0x1d0c  RpcLocator - ok
14:29:24.0341 0x1d0c  RpcSs - ok
14:29:24.0356 0x1d0c  rspndr - ok
14:29:24.0388 0x1d0c  s3cap - ok
14:29:24.0434 0x1d0c  SamSs - ok
14:29:24.0466 0x1d0c  sbp2port - ok
14:29:24.0513 0x1d0c  SCardSvr - ok
14:29:24.0560 0x1d0c  ScDeviceEnum - ok
14:29:24.0622 0x1d0c  scfilter - ok
14:29:24.0653 0x1d0c  Schedule - ok
14:29:24.0669 0x1d0c  scmbus - ok
14:29:24.0700 0x1d0c  scmdisk0101 - ok
14:29:24.0731 0x1d0c  SCPolicySvc - ok
14:29:24.0763 0x1d0c  sdbus - ok
14:29:24.0810 0x1d0c  SDRSVC - ok
14:29:24.0856 0x1d0c  sdstor - ok
14:29:24.0856 0x1d0c  seclogon - ok
14:29:24.0888 0x1d0c  SENS - ok
14:29:24.0935 0x1d0c  SensorDataService - ok
14:29:24.0950 0x1d0c  SensorService - ok
14:29:24.0966 0x1d0c  SensrSvc - ok
14:29:24.0981 0x1d0c  SerCx - ok
14:29:24.0981 0x1d0c  SerCx2 - ok
14:29:25.0013 0x1d0c  Serenum - ok
14:29:25.0013 0x1d0c  Serial - ok
14:29:25.0013 0x1d0c  sermouse - ok
14:29:25.0044 0x1d0c  SessionEnv - ok
14:29:25.0044 0x1d0c  sfloppy - ok
14:29:25.0106 0x1d0c  SharedAccess - ok
14:29:25.0138 0x1d0c  ShellHWDetection - ok
14:29:25.0153 0x1d0c  shpamsvc - ok
14:29:25.0216 0x1d0c  SiSRaid2 - ok
14:29:25.0216 0x1d0c  SiSRaid4 - ok
14:29:25.0263 0x1d0c  smphost - ok
14:29:25.0310 0x1d0c  SmsRouter - ok
14:29:25.0356 0x1d0c  SNMPTRAP - ok
14:29:25.0403 0x1d0c  spaceport - ok
14:29:25.0435 0x1d0c  SpbCx - ok
14:29:25.0450 0x1d0c  Spooler - ok
14:29:25.0466 0x1d0c  sppsvc - ok
14:29:25.0481 0x1d0c  srv - ok
14:29:25.0497 0x1d0c  srv2 - ok
14:29:25.0513 0x1d0c  srvnet - ok
14:29:25.0544 0x1d0c  SSDPSRV - ok
14:29:25.0606 0x1d0c  SstpSvc - ok
14:29:25.0669 0x1d0c  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
14:29:25.0669 0x1d0c  ssudmdm - ok
14:29:25.0716 0x1d0c  StateRepository - ok
14:29:25.0763 0x1d0c  stexstor - ok
14:29:25.0794 0x1d0c  stisvc - ok
14:29:25.0825 0x1d0c  storahci - ok
14:29:25.0872 0x1d0c  storflt - ok
14:29:25.0903 0x1d0c  stornvme - ok
14:29:25.0950 0x1d0c  storqosflt - ok
14:29:26.0013 0x1d0c  StorSvc - ok
14:29:26.0028 0x1d0c  storufs - ok
14:29:26.0044 0x1d0c  storvsc - ok
14:29:26.0106 0x1d0c  svsvc - ok
14:29:26.0138 0x1d0c  swenum - ok
14:29:26.0153 0x1d0c  swprv - ok
14:29:26.0185 0x1d0c  Synth3dVsc - ok
14:29:26.0200 0x1d0c  SysMain - ok
14:29:26.0231 0x1d0c  SystemEventsBroker - ok
14:29:26.0263 0x1d0c  TabletInputService - ok
14:29:26.0278 0x1d0c  TapiSrv - ok
14:29:26.0310 0x1d0c  Tcpip - ok
14:29:26.0310 0x1d0c  Tcpip6 - ok
14:29:26.0341 0x1d0c  tcpipreg - ok
14:29:26.0341 0x1d0c  tdx - ok
14:29:26.0372 0x1d0c  terminpt - ok
14:29:26.0419 0x1d0c  TermService - ok
14:29:26.0450 0x1d0c  Themes - ok
14:29:26.0513 0x1d0c  TieringEngineService - ok
14:29:26.0560 0x1d0c  tiledatamodelsvc - ok
14:29:26.0575 0x1d0c  TimeBrokerSvc - ok
14:29:26.0607 0x1d0c  TPM - ok
14:29:26.0622 0x1d0c  TrkWks - ok
14:29:26.0669 0x1d0c  TrustedInstaller - ok
14:29:26.0685 0x1d0c  tsusbflt - ok
14:29:26.0700 0x1d0c  TsUsbGD - ok
14:29:26.0716 0x1d0c  tunnel - ok
14:29:26.0763 0x1d0c  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\WINDOWS\system32\DRIVERS\TurboB.sys
14:29:26.0778 0x1d0c  TurboB - ok
14:29:26.0950 0x1d0c  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
14:29:26.0982 0x1d0c  TurboBoost - ok
14:29:27.0013 0x1d0c  tzautoupdate - ok
14:29:27.0060 0x1d0c  UASPStor - ok
14:29:27.0060 0x1d0c  UcmCx0101 - ok
14:29:27.0091 0x1d0c  UcmTcpciCx0101 - ok
14:29:27.0091 0x1d0c  UcmUcsi - ok
14:29:27.0107 0x1d0c  Ucx01000 - ok
14:29:27.0107 0x1d0c  UdeCx - ok
14:29:27.0107 0x1d0c  udfs - ok
14:29:27.0107 0x1d0c  UEFI - ok
14:29:27.0138 0x1d0c  Ufx01000 - ok
14:29:27.0153 0x1d0c  UfxChipidea - ok
14:29:27.0153 0x1d0c  ufxsynopsys - ok
14:29:27.0200 0x1d0c  UI0Detect - ok
14:29:27.0232 0x1d0c  umbus - ok
14:29:27.0247 0x1d0c  UmPass - ok
14:29:27.0278 0x1d0c  UmRdpService - ok
14:29:27.0310 0x1d0c  UnistoreSvc - ok
14:29:27.0716 0x1d0c  [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:29:27.0810 0x1d0c  UNS - ok
14:29:27.0841 0x1d0c  upnphost - ok
14:29:27.0857 0x1d0c  UrsChipidea - ok
14:29:27.0872 0x1d0c  UrsCx01000 - ok
14:29:27.0872 0x1d0c  UrsSynopsys - ok
14:29:27.0903 0x1d0c  usbccgp - ok
14:29:27.0950 0x1d0c  usbcir - ok
14:29:27.0950 0x1d0c  usbehci - ok
14:29:27.0982 0x1d0c  usbhub - ok
14:29:27.0997 0x1d0c  USBHUB3 - ok
14:29:28.0028 0x1d0c  usbohci - ok
14:29:28.0044 0x1d0c  usbprint - ok
14:29:28.0091 0x1d0c  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:29:28.0107 0x1d0c  usbscan - ok
14:29:28.0107 0x1d0c  usbser - ok
14:29:28.0107 0x1d0c  USBSTOR - ok
14:29:28.0138 0x1d0c  usbuhci - ok
14:29:28.0169 0x1d0c  usbvideo - ok
14:29:28.0200 0x1d0c  USBXHCI - ok
14:29:28.0247 0x1d0c  UserDataSvc - ok
14:29:28.0263 0x1d0c  UserManager - ok
14:29:28.0278 0x1d0c  UsoSvc - ok
14:29:28.0278 0x1d0c  VaultSvc - ok
14:29:28.0310 0x1d0c  vdrvroot - ok
14:29:28.0310 0x1d0c  vds - ok
14:29:28.0325 0x1d0c  VerifierExt - ok
14:29:28.0357 0x1d0c  vhdmp - ok
14:29:28.0388 0x1d0c  vhf - ok
14:29:28.0403 0x1d0c  vmbus - ok
14:29:28.0419 0x1d0c  VMBusHID - ok
14:29:28.0435 0x1d0c  vmgid - ok
14:29:28.0466 0x1d0c  vmicguestinterface - ok
14:29:28.0466 0x1d0c  vmicheartbeat - ok
14:29:28.0466 0x1d0c  vmickvpexchange - ok
14:29:28.0513 0x1d0c  vmicrdv - ok
14:29:28.0513 0x1d0c  vmicshutdown - ok
14:29:28.0513 0x1d0c  vmictimesync - ok
14:29:28.0513 0x1d0c  vmicvmsession - ok
14:29:28.0528 0x1d0c  vmicvss - ok
14:29:28.0544 0x1d0c  volmgr - ok
14:29:28.0544 0x1d0c  volmgrx - ok
14:29:28.0560 0x1d0c  volsnap - ok
14:29:28.0575 0x1d0c  volume - ok
14:29:28.0591 0x1d0c  vpci - ok
14:29:28.0607 0x1d0c  vsmraid - ok
14:29:28.0622 0x1d0c  VSS - ok
14:29:28.0653 0x1d0c  VSTXRAID - ok
14:29:28.0700 0x1d0c  vwifibus - ok
14:29:28.0700 0x1d0c  vwififlt - ok
14:29:28.0732 0x1d0c  vwifimp - ok
14:29:28.0763 0x1d0c  W32Time - ok
14:29:28.0825 0x1d0c  w3logsvc - ok
14:29:28.0841 0x1d0c  W3SVC - ok
14:29:28.0841 0x1d0c  WacomPen - ok
14:29:28.0857 0x1d0c  WalletService - ok
14:29:28.0872 0x1d0c  wanarp - ok
14:29:28.0872 0x1d0c  wanarpv6 - ok
14:29:28.0872 0x1d0c  WAS - ok
14:29:28.0919 0x1d0c  wbengine - ok
14:29:28.0966 0x1d0c  WbioSrvc - ok
14:29:28.0997 0x1d0c  wcifs - ok
14:29:29.0013 0x1d0c  Wcmsvc - ok
14:29:29.0044 0x1d0c  wcncsvc - ok
14:29:29.0060 0x1d0c  wcnfs - ok
14:29:29.0060 0x1d0c  WdBoot - ok
14:29:29.0091 0x1d0c  Wdf01000 - ok
14:29:29.0107 0x1d0c  WdFilter - ok
14:29:29.0122 0x1d0c  WdiServiceHost - ok
14:29:29.0122 0x1d0c  WdiSystemHost - ok
14:29:29.0154 0x1d0c  wdiwifi - ok
14:29:29.0154 0x1d0c  WdNisDrv - ok
14:29:29.0185 0x1d0c  WdNisSvc - ok
14:29:29.0200 0x1d0c  WebClient - ok
14:29:29.0200 0x1d0c  Wecsvc - ok
14:29:29.0232 0x1d0c  WEPHOSTSVC - ok
14:29:29.0247 0x1d0c  wercplsupport - ok
14:29:29.0263 0x1d0c  WerSvc - ok
14:29:29.0263 0x1d0c  WFPLWFS - ok
14:29:29.0279 0x1d0c  WiaRpc - ok
14:29:29.0294 0x1d0c  WIMMount - ok
14:29:29.0310 0x1d0c  WinDefend - ok
14:29:29.0341 0x1d0c  WindowsTrustedRT - ok
14:29:29.0341 0x1d0c  WindowsTrustedRTProxy - ok
14:29:29.0357 0x1d0c  WinHttpAutoProxySvc - ok
14:29:29.0404 0x1d0c  WinMad - ok
14:29:29.0560 0x1d0c  Winmgmt - ok
14:29:29.0591 0x1d0c  WinRM - ok
14:29:29.0638 0x1d0c  WINUSB - ok
14:29:29.0654 0x1d0c  WinVerbs - ok
14:29:29.0700 0x1d0c  wisvc - ok
14:29:29.0732 0x1d0c  WlanSvc - ok
14:29:29.0825 0x1d0c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:29:29.0841 0x1d0c  wlcrasvc - ok
14:29:29.0857 0x1d0c  wlidsvc - ok
14:29:29.0872 0x1d0c  WmiAcpi - ok
14:29:29.0888 0x1d0c  wmiApSrv - ok
14:29:29.0935 0x1d0c  WMPNetworkSvc - ok
14:29:29.0966 0x1d0c  Wof - ok
14:29:29.0997 0x1d0c  workfolderssvc - ok
14:29:30.0060 0x1d0c  WPDBusEnum - ok
14:29:30.0107 0x1d0c  WpdUpFltr - ok
14:29:30.0169 0x1d0c  WpnService - ok
14:29:30.0169 0x1d0c  WpnUserService - ok
14:29:30.0200 0x1d0c  ws2ifsl - ok
14:29:30.0216 0x1d0c  wscsvc - ok
14:29:30.0232 0x1d0c  WSearch - ok
14:29:30.0263 0x1d0c  wuauserv - ok
14:29:30.0279 0x1d0c  WudfPf - ok
14:29:30.0294 0x1d0c  WUDFRd - ok
14:29:30.0310 0x1d0c  wudfsvc - ok
14:29:30.0325 0x1d0c  WUDFWpdFs - ok
14:29:30.0325 0x1d0c  WUDFWpdMtp - ok
14:29:30.0341 0x1d0c  WwanSvc - ok
14:29:30.0388 0x1d0c  XblAuthManager - ok
14:29:30.0435 0x1d0c  XblGameSave - ok
14:29:30.0450 0x1d0c  xboxgip - ok
14:29:30.0466 0x1d0c  XboxNetApiSvc - ok
14:29:30.0497 0x1d0c  xinputhid - ok
14:29:30.0513 0x1d0c  ================ Scan global ===============================
14:29:30.0622 0x1d0c  [ Global ] - ok
14:29:30.0622 0x1d0c  ================ Scan MBR ==================================
14:29:30.0638 0x1d0c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:29:35.0060 0x1d0c  \Device\Harddisk0\DR0 - ok
14:29:35.0060 0x1d0c  ================ Scan VBR ==================================
14:29:35.0076 0x1d0c  [ 47C5968E092978007A35FC2326201E56 ] \Device\Harddisk0\DR0\Partition1
14:29:35.0091 0x1d0c  \Device\Harddisk0\DR0\Partition1 - ok
14:29:35.0107 0x1d0c  [ FBB31BCC55EC8AD4565F0A069B16CF78 ] \Device\Harddisk0\DR0\Partition2
14:29:35.0138 0x1d0c  \Device\Harddisk0\DR0\Partition2 - ok
14:29:35.0138 0x1d0c  ================ Scan generic autorun ======================
14:29:35.0138 0x1d0c  ETDCtrl - ok
14:29:35.0482 0x1d0c  [ A3F0187B2B6402168E65BE6688002041, 695A220D95D072F311E68AC9A629A73EBFE9FF922E82CB31A8AA58DF3645E477 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
14:29:35.0513 0x1d0c  avgnt - ok
14:29:35.0576 0x1d0c  [ 36828A828CEAA19A0FEA14C8723DC60C, 005627B96A08AC88BE3813DCB73228D8668A8270021D824FFC5EEA26C29027FA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
14:29:35.0591 0x1d0c  Avira SystrayStartTrigger - ok
14:29:36.0295 0x1d0c  OneDriveSetup - ok
14:29:36.0295 0x1d0c  OneDriveSetup - ok
14:29:36.0295 0x1d0c  OneDriveSetup - ok
14:29:36.0357 0x1d0c  WAB Migrate - ok
14:29:36.0357 0x1d0c  OneDriveSetup - ok
14:29:36.0357 0x1d0c  WAB Migrate - ok
14:29:36.0357 0x1d0c  OneDriveSetup - ok
14:29:36.0357 0x1d0c  WAB Migrate - ok
14:29:36.0357 0x1d0c  Waiting for KSN requests completion. In queue: 2
14:29:37.0373 0x1d0c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\WindowsSecurityCenter.exe ( 15.0.29.31 ), 0x41000 ( enabled : updated )
14:29:37.0435 0x1d0c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x62100 ( disabled : updated )
14:29:37.0466 0x1d0c  Win FW state via NFP2: enabled ( trusted )
14:29:37.0623 0x1d0c  ============================================================
14:29:37.0623 0x1d0c  Scan finished
14:29:37.0623 0x1d0c  ============================================================
14:29:37.0623 0x1a5c  Detected object count: 0
14:29:37.0623 0x1a5c  Actual detected object count: 0
         
__________________

Alt 24.08.2017, 16:27   #4
M-K-D-B
/// TB-Ausbilder
 
Quickshare von linkury - Standard

Quickshare von linkury



Servus,




bitte beachten:
Zitat:
Gestartet von C:\Users\lol12
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 24.08.2017, 17:00   #5
Lol12
 
Quickshare von linkury - Standard

Quickshare von linkury




FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von Pflügl (Administrator) auf PFLÜGL-PC (24-08-2017 16:44:15)
Gestartet von C:\Users\Pflügl\Desktop
Geladene Profile: Pflügl (Verfügbare Profile: Pflügl & nathalie & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-08-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2013-12-26]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk [2017-08-24]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{75ff37bc-f35e-4fd1-8f72-5840205e2664}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
URLSearchHook: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 - (Kein Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - Keine Datei
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM-x32 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^YYA^de&si=flvrunner&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&ind=2013072811&n=77fd0dab&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {3E5C233F-F334-43B2-87BA-0B102B44359D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {609F3A36-D7A7-45F3-B223-E2F3E96CC3B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {6CB0C3DC-BCBD-4D81-9DD0-96BD1A294EE9} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {95ED1396-3F7D-478C-AD6A-B97A247F1AD6} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a4ae2de500000000000074de2b60baf1&r=947
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_403bc9d4f41241b69d0dd74ec0d909d6_39_1006_20130621_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {E10C5AE2-82EC-4B63-9AAB-2DD26A68FE3F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default [2017-08-24]
FF user.js: detected! => C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js [2013-11-17]
FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nca6gzm3.default -> Sweetpacks Search
FF Homepage: Mozilla\Firefox\Profiles\nca6gzm3.default -> www.google.de
FF Extension: (Avira Browser Safety) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\abs@avira.com.xpi [2017-08-03]
FF Extension: (Adblock Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Tab Mix Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-05-18]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-24] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-02] <==== ACHTUNG

Chrome: 
=======
CHR DefaultProfile: Default
CHR NewTab: Default ->  Active:"chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR Profile: C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-04-01]
CHR Extension: (Google Wallet) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-01]
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Pflügl\AppData\Local\Smartbar/Application\1Extension.crx <nicht gefunden>
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [604216 2017-02-01] (REINER SCT)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.)
S3 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-23] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [173784 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-31] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\WINDOWS\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

Error(1) reading file: "C:\Users\Pflügl\Desktop\www.bildkontakte.de - einfach einen Partner finden   profil   klaus   g.j.c.   div."
2017-08-24 16:44 - 2017-08-24 16:44 - 000022003 _____ C:\Users\Pflügl\Desktop\FRST.txt
2017-08-24 15:33 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-08-24 15:32 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-08-24 15:32 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-08-24 15:32 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-08-24 15:00 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-24 15:00 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-24 15:00 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-24 15:00 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-24 15:00 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-24 15:00 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-24 15:00 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-24 15:00 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-24 15:00 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-24 15:00 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-24 15:00 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-24 15:00 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-24 15:00 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-24 15:00 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-24 15:00 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-24 15:00 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-24 15:00 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-24 15:00 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-24 15:00 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-24 15:00 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-24 15:00 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-24 15:00 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-24 15:00 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-24 15:00 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-24 15:00 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-24 15:00 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-24 15:00 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-24 15:00 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-24 15:00 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-24 15:00 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-24 15:00 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-24 15:00 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-24 15:00 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-24 15:00 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-24 14:59 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-24 14:59 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-24 14:59 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-24 14:59 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-24 14:59 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-24 14:59 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-24 14:59 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-24 14:59 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-24 14:59 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-24 14:59 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-24 14:59 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-24 14:59 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-24 14:59 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-24 14:59 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-24 14:59 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-24 14:59 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-24 14:59 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-24 14:59 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-24 14:59 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-24 14:59 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-24 14:59 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-24 14:59 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-24 14:59 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-24 14:59 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-24 14:59 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-24 14:59 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-24 14:59 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-24 14:59 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-24 14:59 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-24 14:59 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-24 14:59 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-24 14:59 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-24 14:59 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-24 14:59 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-24 14:59 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-24 14:59 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-24 14:59 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-24 14:59 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-24 14:59 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-24 14:59 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-24 14:59 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-24 14:59 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-24 14:59 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-24 14:59 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-24 14:59 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-24 14:59 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-24 14:59 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-24 14:59 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-24 14:59 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-24 14:59 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-24 14:59 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-24 14:59 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-24 14:59 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-24 14:59 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-24 14:59 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-24 14:59 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-24 14:59 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-24 14:59 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-24 14:59 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-24 14:59 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-24 14:58 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-24 14:58 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-24 14:58 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-24 14:58 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-24 14:58 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-24 14:58 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-24 14:58 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-24 14:58 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-24 14:58 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-24 14:58 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-24 14:58 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-24 14:58 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-24 14:58 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-24 14:58 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-24 14:58 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-24 14:58 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-24 14:58 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-24 14:58 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-24 14:58 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-24 14:58 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-24 14:58 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-24 14:58 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-24 14:58 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-24 14:58 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-24 14:58 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-24 14:58 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-24 14:58 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-24 14:58 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-24 14:58 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-24 14:57 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-24 14:57 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-24 14:57 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-24 14:57 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-24 14:57 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-24 14:57 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-24 14:57 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-24 14:57 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-24 14:57 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-24 14:57 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-24 14:57 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-24 14:57 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-24 14:57 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-24 14:57 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-24 14:57 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-24 14:57 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-24 14:57 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-24 14:57 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-24 14:57 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-24 14:57 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-24 14:57 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-24 14:57 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-24 14:57 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-24 14:57 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-24 14:57 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-24 14:57 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-24 14:57 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-24 14:57 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-24 14:57 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-24 14:57 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-24 14:56 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-24 14:56 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-24 14:56 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-24 14:56 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-24 14:56 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-24 14:56 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-24 14:56 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-24 14:56 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-24 14:56 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-24 14:56 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-24 14:56 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-24 14:56 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-24 14:56 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-24 14:56 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-24 14:56 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-24 14:56 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-24 14:56 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-24 14:56 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-24 14:56 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-24 14:56 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-24 14:56 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-24 14:56 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-24 14:56 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-24 14:56 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-24 14:56 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-24 14:56 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-24 14:56 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-24 14:56 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-24 14:56 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-24 14:56 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-24 14:56 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-24 14:56 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-24 14:56 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-24 14:56 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-24 14:56 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-24 14:56 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-24 14:56 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-24 14:56 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-24 14:56 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-24 14:56 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-24 14:56 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-24 14:56 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-24 14:56 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-24 14:56 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-24 14:56 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-24 14:56 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-24 14:56 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-24 14:56 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-24 14:56 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-24 14:56 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-24 14:56 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-24 14:56 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-24 14:56 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-24 14:56 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-24 14:56 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-24 14:56 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-24 14:56 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-24 14:56 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-24 14:56 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-24 14:56 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-24 14:56 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-24 14:56 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-24 14:56 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-24 14:56 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-24 14:56 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-24 14:56 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-24 14:56 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-24 14:56 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-24 14:56 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-24 14:56 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-24 14:56 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-24 14:56 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-24 14:56 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-24 14:56 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-24 14:56 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-24 14:56 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-24 14:56 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-24 14:56 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-24 14:56 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-24 14:56 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-24 14:56 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-24 14:56 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-24 14:56 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-24 14:56 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-24 14:56 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-24 14:56 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-24 14:56 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-24 14:56 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-24 14:56 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-24 14:56 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-24 14:56 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-24 14:56 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-24 14:56 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-24 14:56 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-24 14:56 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-24 14:56 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-24 14:56 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-24 14:56 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-24 14:56 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-24 14:56 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-24 14:28 - 2017-08-24 14:49 - 000075224 _____ C:\TDSSKiller.3.1.0.15_24.08.2017_14.28.31_log.txt
2017-08-24 14:26 - 2017-08-24 14:27 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Pflügl\Desktop\tdsskiller.exe
2017-08-24 14:12 - 2017-08-24 16:44 - 000000000 ____D C:\FRST
2017-08-24 14:10 - 2017-08-24 14:19 - 000000000 ____D C:\Users\lol12
2017-08-24 14:08 - 2017-08-24 14:11 - 002395648 _____ (Farbar) C:\Users\Pflügl\Desktop\FRST64.exe
2017-08-24 12:44 - 2017-08-24 12:44 - 005763072 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-24 16:46 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-24 16:43 - 2017-01-11 00:38 - 002612032 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-24 16:43 - 2016-07-17 00:51 - 001074420 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-24 16:43 - 2016-07-17 00:51 - 000261042 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-24 16:41 - 2017-01-11 00:40 - 000000000 ____D C:\Users\Pflügl
2017-08-24 16:41 - 2016-12-11 22:08 - 000000000 ____D C:\Users\Pflügl\AppData\LocalLow\Mozilla
2017-08-24 16:40 - 2017-01-11 00:34 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-24 16:40 - 2015-08-03 09:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-24 16:37 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-24 16:35 - 2017-01-11 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-24 16:35 - 2017-01-11 00:29 - 000389616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-24 16:07 - 2016-07-16 08:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-24 15:54 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-24 15:49 - 2017-01-11 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-24 15:32 - 2013-08-14 21:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-24 15:24 - 2012-02-03 19:00 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-24 15:14 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-24 14:28 - 2015-04-01 19:00 - 000000000 ____D C:\Users\Pflügl\Downloads\Firefox
2017-08-24 14:28 - 2012-08-07 07:55 - 000000000 ____D C:\Users\Pflügl\AppData\Local\CrashDumps
2017-08-24 13:52 - 2015-04-01 17:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-24 13:14 - 2011-08-11 13:30 - 000000000 ____D C:\Program Files (x86)\CyberLink
2017-08-24 13:14 - 2011-08-11 12:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-24 12:44 - 2013-12-26 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-11 19:08 - 2016-07-29 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-11 19:03 - 2015-04-01 18:29 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-08-11 19:03 - 2015-04-01 18:29 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-08-03 08:52 - 2009-07-14 04:34 - 000000669 _____ C:\WINDOWS\win.ini
2017-07-31 17:14 - 2016-07-16 13:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:14 - 2016-07-16 13:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-02-02 19:44 - 2013-07-28 17:17 - 000194952 _____ () C:\Program Files (x86)\8hres.dll
2014-02-02 19:44 - 2013-07-28 17:17 - 000712264 _____ (MindSpark) C:\Program Files (x86)\8hUninstall Allin1Convert.dll
2015-05-17 22:42 - 2015-05-17 22:42 - 006420480 _____ () C:\Program Files (x86)\GUTA86F.tmp
2013-09-13 19:54 - 2013-09-13 19:54 - 000017740 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.dat
2013-09-13 19:54 - 2013-09-13 19:54 - 000013844 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.msg
2014-02-03 12:09 - 2014-07-18 23:20 - 000000106 _____ () C:\Users\Pflügl\AppData\Roaming\WB.CFG
2016-07-15 14:04 - 2016-07-15 14:04 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-01-11 00:33 - 2017-01-11 00:33 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\AlexaNSISPlugin.6676.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-08-24 15:16

==================== Ende von FRST.txt ============================
         
--- --- ---


Alt 24.08.2017, 17:00   #6
Lol12
 
Quickshare von linkury - Standard

Quickshare von linkury



FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Pflügl (24-08-2017 16:48:08)
Gestartet von C:\Users\Pflügl\Desktop
Windows 10 Home Version 1607 (X64) (2017-01-11 11:18:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1664608947-3428569484-2814311379-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1664608947-3428569484-2814311379-503 - Limited - Disabled)
Gast (S-1-5-21-1664608947-3428569484-2814311379-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1664608947-3428569484-2814311379-1003 - Limited - Enabled)
nathalie (S-1-5-21-1664608947-3428569484-2814311379-1005 - Administrator - Enabled) => C:\Users\nathalie.Pflügl-PC
Pflügl (S-1-5-21-1664608947-3428569484-2814311379-1001 - Administrator - Enabled) => C:\Users\Pflügl

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.29.32 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.6.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Collector's Edition 251 (HKLM-x32\...\Collector's Edition 251) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.3.5 - REINER SCT)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{25175695-4B20-4298-9F34-C2C57CD277B3}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{DF37555F-0259-43DA-B60C-47106FA14AA3}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.7.22.13 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.1.5.4 - ) <==== ACHTUNG
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
LUXOR 5th Passage (HKLM-x32\...\LUXOR 5th Passage) (Version: 1.1.0.0 - MumboJumbo)
LUXOR Amun Rising HD (HKLM-x32\...\LUXOR Amun Rising HD) (Version: 1.1.0.0 - MumboJumbo)
LUXOR HD (HKLM-x32\...\LUXOR HD) (Version: 1.1.0.0 - MumboJumbo)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3503 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0811.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Packard Bell)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickShare (HKLM-x32\...\{AF860F85-54A3-4A28-879B-BF9E6E325776}) (Version: 1.6.1.952 - Linkury Inc.) <==== ACHTUNG
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rommé 1 (HKLM-x32\...\Rommé 1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{C559DE9F-9451-49E5-9176-316E36192409}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
TuneUp Utilities Language Pack (de-DE) (HKLM-x32\...\{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}) (Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Video Web Camera (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3503 - Packard Bell)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinFunktion Mathematik plus 20 (HKLM-x32\...\{CDBA97DF-63B9-44E7-B900-92E8165260C0}) (Version: 1.00.0000 - bhv Publishing GmbH)
Woodcutter Simulator 2011 (HKLM-x32\...\Woodcutter Simulator 2011) (Version:  - )
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [04MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  -> Keine Datei
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01BB4D1B-818C-42A0-8B4B-F0BE210EEA30} - System32\Tasks\{03604C09-673A-46D7-91D0-CA6847E45206} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {020DD405-A394-493E-A0CB-B783EBD3F509} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {043089C6-8ECC-41BA-8C31-9D399E684526} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {04DDA79F-A03A-4D1D-92C9-818DDB94FB9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {06B82B36-C8DB-4E88-8657-3141B92BD458} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08482869-7638-449B-A5EA-666DC75E2230} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0B7079CF-6583-4042-A382-32A46A0A17F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BAF5FB1-CE07-4410-810F-D2A94D3999DC} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {0E4E0451-2A7E-4E1D-AB7D-C88EE1D220ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {102215A6-16FA-4986-8E15-553FDA45B53F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {10A5FE77-F8C1-47C8-BE1B-C5428967A6D8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {10ED276C-DD72-4CA8-BCF2-D376268DDEE7} - System32\Tasks\{033A4D70-36D7-46FA-9F7D-A9996B7334EF} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {115C02AF-C7DF-4330-A688-E92B8C8CC4C5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1927C3E0-3CC2-4151-8F7F-F8296774A57D} - System32\Tasks\hpUrlLauncher.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\utils\hpUrlLauncher.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {2802C96A-F077-4A17-8011-3294DAF7C369} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {29CDB149-4C4B-477B-9755-08A513679DEB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C9B83-785F-431C-85BF-97D2AA0F4D8C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3E1954-1BC7-40A1-8F0D-5AA94B0302B1} - System32\Tasks\{EB5F7CC8-1425-4DAB-BF0A-DB808FA16761} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {302E1C0A-0A15-44AD-BA44-1786E28CB20C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3151EB25-0E8A-4AE8-992F-BD36A730A79B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3163DEF0-BC1D-47B8-9AF8-DBCF9E8556D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {35F823C9-B2FC-4792-B8D9-3464229D5382} - System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3B1331CB-2787-440D-B754-4090BED944E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3B14775C-29A3-477E-9E6C-E263967BD99C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3B31208C-629E-4B92-AA6A-7C9FC6883795} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {45D9E40C-1CC9-4A5B-ACA5-97ED713ACF04} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {499F3997-E54C-421E-B526-5F6648D49F51} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AA2C224-1479-45B5-8AE5-605F6BB9EED8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4ADD35B4-9050-421C-9098-0EEB76AC112D} - System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {4BBE6D73-6050-437A-80DE-B8233F98BEF5} - System32\Tasks\{1C26DB06-23AC-4B07-B041-48C78A9D1CBD} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {4C2AED65-E5A5-41F8-BCAD-92EF44FF8907} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Pflügl\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {4D3D5094-88FE-4CE0-A91C-2113C2000A42} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-24] (Adobe Systems Incorporated)
Task: {4E44E590-0AAA-4A64-A753-17B70F4280EF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} - System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {5814C7F6-0FFE-44A5-835F-803CF84A9A24} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A8A4A0D-86EE-43C6-8E78-1417869112A8} - System32\Tasks\{A7B29540-1879-4028-B3B8-C127971DA397} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {5F7202B8-6B43-46D4-B496-BD78C43A044A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {628EDDD5-1054-40F0-852F-29C1C5048AB7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {64FCA12B-117D-4AF7-A494-268A560BFF01} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EDF7077-E62B-4942-82AF-20B5A2C43BC4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {722FEC1C-89F5-444A-9226-EE14DBE764E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {75FE8499-D9D8-43D7-9340-6CCCD29A37DE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7755D443-2648-4B89-9EA8-EAF190163556} - System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => C:\Windows\system32\pcalua.exe -a C:\Users\Pflügl\AppData\Roaming\Allmyapps\Allmyapps.exe -c uninstall
Task: {778EF4BA-BFC7-480A-9270-1825B71C55A5} - System32\Tasks\{9DF84523-FD29-4C9E-82DD-775A63EB0FB1} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {800860D9-C124-49BC-93CC-1985C6E97327} - System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {818D08B0-AB79-40A5-9AF8-7C65320AE798} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {83CFBC6A-B820-4018-B988-7BBCBA3EF8DE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85639F17-6779-492C-90D3-2A04C81EAF20} - System32\Tasks\{25B82541-8571-45E6-83AB-4AF95DABF24A} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {8569E4D6-C467-4B53-9C7B-6D6D3A207AEC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AD0768E-4A9E-494C-951A-8D6B0158C676} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8E3C62E9-BB57-4328-BD78-3F42CAE4DE4A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {8EE3DC86-4A70-4349-9AA9-F0203D291B72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {90D8AB43-209E-4370-BAD1-D5259AB7396C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {950A73AF-EF0A-4F16-814B-2894C2203ABB} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe start BrowserDefendert <==== ACHTUNG
Task: {9D8EF176-E6FB-4931-8DB6-99D24652A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A2F0F64E-16E2-4DE3-BD2C-5E63E84C7090} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A421C8AC-59B4-4306-A012-784EB2DEA81A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A6716755-233F-4A56-A111-02A2D4DD0A9B} - System32\Tasks\{0E5B43A1-4CBC-49B7-B663-FC61E5FBB58F} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {A72A0967-0AB3-4972-A197-0DCFCC791D8F} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-Pflügl => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {ABF8455B-5FDC-4FBF-A21F-B8E4F38DE2E2} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-nathalie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {B18AA8C6-1B5E-4934-8263-757AA676496E} - System32\Tasks\{F9402AE5-ACC8-4BA8-9E7E-0375A8F72E09} => C:\Windows\system32\pcalua.exe -a F:\install_flash_player_active_x.exe -d F:\
Task: {B278D98E-6409-45E9-8A49-416935FC9A9B} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {B6F48632-6D52-4C8A-AFF3-9899AB8B5AE7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B85D8103-15F1-4054-9C89-21D9B559D123} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {BFB32430-75BB-4606-BD31-CE87342D524F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {C7A4899A-F1FE-4A82-808D-6CFAE45C319E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFB1136A-F1BC-4634-9CBF-A999C7B3A3C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {D627BDDD-E3F7-4578-9963-518C3686B0C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {D718E290-E157-4664-A9F3-8B04A0A02DC8} - System32\Tasks\{9711830A-13DD-481F-A336-AA3C7885661B} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D71B6264-3754-414A-BF96-9E2E2E614FF8} - System32\Tasks\{B0CE2170-76B6-4422-A267-413ED3F67B11} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D84A16D9-413C-46C6-9768-09EF6339DF29} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {DCAF2E5C-9386-4622-BD13-B534BB0F78A3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {DD91A8EB-DA59-473D-969E-320501B67A7F} - System32\Tasks\{D81F541F-3DE9-4EC6-9DAE-1BF798040AC6} => C:\Windows\system32\pcalua.exe -a "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)\NeoGamma Installer by Wii-Homebrew.exe" -d "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)"
Task: {E8CFFA40-C104-4B30-BD9D-1B3420B5D4C4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB64C26B-0806-4248-8678-D6FE1375A527} - System32\Tasks\{463E93F0-2199-42B9-8D18-DBD746D676A9} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {EC056EB6-2863-4CE6-94AB-5748B2D8EDCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F1C99E32-F492-4038-BD10-731DA69C2968} - System32\Tasks\{1A9F0B80-4630-434D-A4D3-C672A48987F2} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {F2E1695E-1F6E-4122-BB8F-98AF48FAC07A} - \DealPlyUpdate -> Keine Datei <==== ACHTUNG
Task: {F44EBEAB-A6B2-4B21-96BA-E4465EF19E75} - System32\Tasks\{966A14DB-D34B-4A06-BC26-743C4C42F131} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {F518F3A1-B8F3-401C-A21C-3FA1BCF4A3A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F70666D8-716B-49F8-B3AD-5CC32FAEE9E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {FB3379A3-B190-40F2-A65D-03A35D445AD9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Pflügl\Desktop\eBay.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
ShortcutWithArgument: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-13 22:48 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-11 18:04 - 2016-12-29 15:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-01-11 00:07 - 2017-01-11 00:07 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 12:02 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 12:03 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-24 14:56 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-24 14:56 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-24 14:56 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-17 12:03 - 2017-03-04 08:04 - 000114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2017-03-17 12:03 - 2017-03-04 08:04 - 000115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2017-03-17 12:03 - 2017-03-04 08:04 - 000522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 000040448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000813056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000963584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000249344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000572416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000403968 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000183296 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2016-07-16 13:43 - 2016-07-17 00:56 - 000288256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2017-08-24 15:10 - 2017-08-24 15:12 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 15:10 - 2017-08-24 15:12 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 15:10 - 2017-08-24 15:12 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 15:10 - 2017-08-24 15:12 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-08-03 08:53 - 2017-08-03 08:53 - 000054272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 003774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile:  <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile:  <==== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Control Panel\Desktop\\Wallpaper -> c:\users\pflügl\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{ceedc30e-03f3-4223-aeb0-1bb4c000d5a6}.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{6764BC9A-AB39-4504-8F82-9BDA992F3446}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [UDP Query User{823B4211-7E40-4248-98CF-BE85E7AC7085}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{53EC6C2E-FAAC-4F66-9EF9-3520406A6913}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4692755E-2E62-439A-8D1C-8A1EE34316D0}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{12F65F9D-A5BE-4325-98C7-E6278A2CDE17}C:\users\gast\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\gast\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [{B1908BEA-AD44-41F3-B7FB-8639558AB54D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0E349DC-E761-452A-A9C8-FF5372646FE2}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{09B2A8BF-15F4-49C1-AB92-DCD9C3EF35D3}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{4B4D1B33-47F8-4FA5-A55A-5984420C7F87}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{B617C342-BBB7-4B32-B821-505EAAB675BB}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{A06D5442-904C-441E-BBFB-D978E61202D3}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{DA1C4275-AAF6-4019-9F46-4E7BF1F14776}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{1C8A7C60-770C-4F71-AF74-DFB5A766E952}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{B85F5BC9-5B59-4EBA-A6C2-7BA604913A9A}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{02AF66E7-A9F6-45F0-89FE-093EA2A1B1D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{565DC845-DF99-4033-9771-B3277CA0BA27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6535CE99-10FD-4752-A321-1CFA1864D1D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{A1A6D11E-B062-466A-9269-32740E3A90C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D6417DF7-A14F-414F-906E-771A3732508C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CB0909D1-9148-41EF-A181-315C3D60A4BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6A09E45E-391E-4FAF-966C-BAF4700D2641}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Wiederherstellungspunkte =========================

09-07-2017 11:34:16 Windows Update
13-07-2017 23:18:01 Windows Update
13-07-2017 23:19:20 Windows Update
03-08-2017 08:48:12 Windows Update
24-08-2017 15:19:23 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/24/2017 03:24:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Pflügl-PC)
Description: Das Paket „Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (08/24/2017 03:21:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/24/2017 02:27:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: {E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe, Version: 3.1.0.15, Zeitstempel: 0x58f5cf94
Name des fehlerhaften Moduls: {E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe, Version: 3.1.0.15, Zeitstempel: 0x58f5cf94
Ausnahmecode: 0x40000015
Fehleroffset: 0x0014376c
ID des fehlerhaften Prozesses: 0x1f58
Startzeit der fehlerhaften Anwendung: 0x01d31cd4509c1b30
Pfad der fehlerhaften Anwendung: C:\Users\PFLGL~1\AppData\Local\Temp\{3F148F86-334A-484B-8CFE-C9212706ABA4}\{E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe
Pfad des fehlerhaften Moduls: C:\Users\PFLGL~1\AppData\Local\Temp\{3F148F86-334A-484B-8CFE-C9212706ABA4}\{E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe
Berichtskennung: 587d6b27-b42b-4b44-852b-83217d664be8
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/24/2017 01:11:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (08/24/2017 01:09:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/24/2017 12:48:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1316.Das angegebene Konto ist bereits vorhanden.

Error: (08/24/2017 12:43:33 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.

Error: (08/24/2017 12:43:33 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.

Error: (08/11/2017 06:55:50 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.

Error: (08/03/2017 08:48:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (08/24/2017 04:43:55 PM) (Source: DCOM) (EventID: 10016) (User: Pflügl-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Pflügl-PC\Pflügl" (SID: S-1-5-21-1664608947-3428569484-2814311379-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/24/2017 04:42:59 PM) (Source: DCOM) (EventID: 10016) (User: Pflügl-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Pflügl-PC\Pflügl" (SID: S-1-5-21-1664608947-3428569484-2814311379-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/24/2017 04:40:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_1983b8" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (08/24/2017 04:35:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (08/24/2017 01:58:32 PM) (Source: DCOM) (EventID: 10016) (User: Pflügl-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Pflügl-PC\Pflügl" (SID: S-1-5-21-1664608947-3428569484-2814311379-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/24/2017 01:56:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_5733f" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (08/24/2017 01:53:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetPipeActivator" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/24/2017 01:53:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.

Error: (08/24/2017 01:53:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira.ServiceHost erreicht.

Error: (08/24/2017 01:53:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 1164.22 MB
Summe virtueller Speicher: 7915.86 MB
Verfügbarer virtueller Speicher: 4238.95 MB

==================== Laufwerke ================================

Drive c: (Packard Bell) (Fixed) (Total:678.54 GB) (Free:594.54 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 8397C1BA)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=678.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
--- --- ---


Code:
ATTFilter
16:54:01.0758 0x0820  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
16:54:04.0743 0x0820  ============================================================
16:54:04.0743 0x0820  Current date / time: 2017/08/24 16:54:04.0743
16:54:04.0743 0x0820  SystemInfo:
16:54:04.0758 0x0820  
16:54:04.0758 0x0820  OS Version: 10.0.14393 ServicePack: 0.0
16:54:04.0758 0x0820  Product type: Workstation
16:54:04.0758 0x0820  ComputerName: PFLÜGL-PC
16:54:04.0758 0x0820  UserName: Pflügl
16:54:04.0758 0x0820  Windows directory: C:\WINDOWS
16:54:04.0758 0x0820  System windows directory: C:\WINDOWS
16:54:04.0758 0x0820  Running under WOW64
16:54:04.0758 0x0820  Processor architecture: Intel x64
16:54:04.0758 0x0820  Number of processors: 4
16:54:04.0758 0x0820  Page size: 0x1000
16:54:04.0758 0x0820  Boot type: Normal boot
16:54:04.0758 0x0820  CodeIntegrityOptions = 0x00000001
16:54:04.0758 0x0820  ============================================================
16:54:06.0493 0x0820  KLMD registered as C:\WINDOWS\system32\drivers\60026162.sys
16:54:06.0493 0x0820  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1593, osProperties = 0x19
16:54:06.0758 0x0820  System UUID: {87F4E558-BE4F-298E-ECB8-1DA4EEBA9E42}
16:54:08.0180 0x0820  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:54:08.0259 0x0820  ============================================================
16:54:08.0259 0x0820  \Device\Harddisk0\DR0:
16:54:08.0305 0x0820  MBR partitions:
16:54:08.0305 0x0820  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
16:54:08.0305 0x0820  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x54D13000
16:54:08.0305 0x0820  ============================================================
16:54:08.0477 0x0820  C: <-> \Device\Harddisk0\DR0\Partition2
16:54:08.0477 0x0820  ============================================================
16:54:08.0477 0x0820  Initialize success
16:54:08.0477 0x0820  ============================================================
16:54:11.0071 0x1e84  ============================================================
16:54:11.0071 0x1e84  Scan started
16:54:11.0071 0x1e84  Mode: Manual; 
16:54:11.0071 0x1e84  ============================================================
16:54:11.0071 0x1e84  KSN ping started
16:54:11.0352 0x1e84  KSN ping finished: true
16:54:23.0931 0x1e84  ================ Scan system memory ========================
16:54:23.0931 0x1e84  System memory - ok
16:54:23.0931 0x1e84  ================ Scan services =============================
16:54:24.0650 0x1e84  1394ohci - ok
16:54:24.0681 0x1e84  3ware - ok
16:54:24.0697 0x1e84  ACPI - ok
16:54:24.0713 0x1e84  AcpiDev - ok
16:54:24.0728 0x1e84  acpiex - ok
16:54:24.0744 0x1e84  acpipagr - ok
16:54:24.0806 0x1e84  AcpiPmi - ok
16:54:24.0838 0x1e84  acpitime - ok
16:54:24.0994 0x1e84  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
16:54:25.0009 0x1e84  AdobeActiveFileMonitor9.0 - ok
16:54:25.0213 0x1e84  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:54:25.0228 0x1e84  AdobeARMservice - ok
16:54:26.0041 0x1e84  [ C52B8980692CACB057742C450D734149, BB2D7034592B6EBBECE5A73FB625E1352FD59972620523022CABA68EE00B7B98 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:54:26.0088 0x1e84  AdobeFlashPlayerUpdateSvc - ok
16:54:26.0119 0x1e84  ADP80XX - ok
16:54:26.0150 0x1e84  AFD - ok
16:54:26.0181 0x1e84  ahcache - ok
16:54:26.0197 0x1e84  AJRouter - ok
16:54:26.0228 0x1e84  ALG - ok
16:54:26.0259 0x1e84  AmdK8 - ok
16:54:26.0275 0x1e84  AmdPPM - ok
16:54:26.0275 0x1e84  amdsata - ok
16:54:26.0291 0x1e84  amdsbs - ok
16:54:26.0291 0x1e84  amdxata - ok
16:54:26.0525 0x1e84  [ 0ACC38DF0CFF151C63AD6F6F35C55D0C, E77574F3FBF50FA6935D79AB2282971FBA5FC52FD626797CDFEA50889DFEAE2B ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
16:54:26.0556 0x1e84  AntiVirMailService - ok
16:54:26.0681 0x1e84  [ 22B27C504A06096CDF3D5D0D46893EA0, 587B1A8AD24526A300563EACB0157099AA5CC3F2208534C91698758364EBE0AE ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:54:26.0744 0x1e84  AntiVirSchedulerService - ok
16:54:26.0885 0x1e84  [ 22B27C504A06096CDF3D5D0D46893EA0, 587B1A8AD24526A300563EACB0157099AA5CC3F2208534C91698758364EBE0AE ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:54:26.0900 0x1e84  AntiVirService - ok
16:54:27.0197 0x1e84  [ 8D2DD42AA98E1BD156FB59B320C0C613, 8711ECB09D420B3A3CA81F9326B23E9ED38D3D39CBDA332E59770DAA3E8A6CD3 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:54:27.0228 0x1e84  AntiVirWebService - ok
16:54:27.0322 0x1e84  AppHostSvc - ok
16:54:27.0353 0x1e84  AppID - ok
16:54:27.0416 0x1e84  AppIDSvc - ok
16:54:27.0478 0x1e84  Appinfo - ok
16:54:27.0525 0x1e84  applockerfltr - ok
16:54:27.0603 0x1e84  AppReadiness - ok
16:54:27.0635 0x1e84  AppXSvc - ok
16:54:27.0650 0x1e84  arcsas - ok
16:54:27.0900 0x1e84  aspnet_state - ok
16:54:27.0978 0x1e84  AsyncMac - ok
16:54:28.0041 0x1e84  atapi - ok
16:54:28.0166 0x1e84  athr - ok
16:54:28.0213 0x1e84  AudioEndpointBuilder - ok
16:54:28.0244 0x1e84  Audiosrv - ok
16:54:28.0291 0x1e84  [ 4621EA3385170B087A03F3C90E276B4A, 1513802CF844B1B7A70C820AEF732EDA432D44CD8726560D95F05EB5CA556CD7 ] avdevprot       C:\WINDOWS\system32\DRIVERS\avdevprot.sys
16:54:28.0291 0x1e84  avdevprot - ok
16:54:28.0400 0x1e84  [ 6FA5F3EA4F088EEECC5519A8C92ACC6D, 197BEFF6AFCA9A4E9C8504DCA4D039D497E05288ABC0927F3521425A14B3DAF9 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:54:28.0400 0x1e84  avgntflt - ok
16:54:28.0510 0x1e84  [ C320148D031EA49D210C6DDEC4405EE3, 5DF6A142F399A2BAA1F3708A92F284BB2905229A1E9D438275BF04C918DBE1A3 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:54:28.0510 0x1e84  avipbb - ok
16:54:28.0635 0x1e84  [ 899C706D9C5A829BEA290CD02A95B07C, 40121149932C76E2377386D4C286E1C0CE5AE382515C8DE391B68A0E77478B28 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
16:54:28.0666 0x1e84  Avira.ServiceHost - ok
16:54:28.0697 0x1e84  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
16:54:28.0697 0x1e84  avkmgr - ok
16:54:28.0713 0x1e84  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
16:54:28.0713 0x1e84  avnetflt - ok
16:54:28.0744 0x1e84  AxInstSV - ok
16:54:28.0760 0x1e84  b06bdrv - ok
16:54:28.0806 0x1e84  [ 0630C8915B747E88E825CE7F73B66A5D, E9B465EE23487B59B1C906B04F9235B0BFBF254C1760E2462A7D1D7FE1655088 ] b57xdbd         C:\WINDOWS\System32\drivers\b57xdbd.sys
16:54:28.0806 0x1e84  b57xdbd - ok
16:54:28.0885 0x1e84  [ CA8457E528E13B38F8DC3B86B6BA4C6B, 532E48BBBA806608EBEFE10A94DCE2BFE8918D8DD6DEF6871F44FEEDA51238B8 ] b57xdmp         C:\WINDOWS\System32\drivers\b57xdmp.sys
16:54:28.0900 0x1e84  b57xdmp - ok
16:54:28.0931 0x1e84  BasicDisplay - ok
16:54:29.0010 0x1e84  BasicRender - ok
16:54:29.0041 0x1e84  bcmfn - ok
16:54:29.0056 0x1e84  bcmfn2 - ok
16:54:29.0072 0x1e84  BDESVC - ok
16:54:29.0088 0x1e84  Beep - ok
16:54:29.0135 0x1e84  BFE - ok
16:54:29.0150 0x1e84  BITS - ok
16:54:29.0166 0x1e84  bowser - ok
16:54:29.0197 0x1e84  BrokerInfrastructure - ok
16:54:29.0213 0x1e84  Browser - ok
16:54:29.0291 0x1e84  [ 0E9B28782D0E5DE7C25207432B791B33, FE33E3B27BEED03922DB2565DECC0E12F8CD586B5060EE4A1A87FF99EEC77B22 ] bScsiMSa        C:\WINDOWS\System32\drivers\bScsiMSa.sys
16:54:29.0307 0x1e84  bScsiMSa - ok
16:54:29.0353 0x1e84  [ 59CA958CBB12C3344A22D33D3582F4C0, 29F06D9B507703D6F4DA28230E067340FC11B63DDEB5C113E6F991C4EC87FB7A ] bScsiSDa        C:\WINDOWS\System32\drivers\bScsiSDa.sys
16:54:29.0369 0x1e84  bScsiSDa - ok
16:54:29.0416 0x1e84  BthAvrcpTg - ok
16:54:29.0432 0x1e84  BthHFEnum - ok
16:54:29.0447 0x1e84  bthhfhid - ok
16:54:29.0494 0x1e84  BthHFSrv - ok
16:54:29.0494 0x1e84  BTHMODEM - ok
16:54:29.0510 0x1e84  bthserv - ok
16:54:29.0557 0x1e84  buttonconverter - ok
16:54:29.0572 0x1e84  CapImg - ok
16:54:29.0619 0x1e84  cdfs - ok
16:54:29.0650 0x1e84  CDPSvc - ok
16:54:29.0666 0x1e84  CDPUserSvc - ok
16:54:29.0728 0x1e84  cdrom - ok
16:54:29.0744 0x1e84  CertPropSvc - ok
16:54:29.0791 0x1e84  cht4iscsi - ok
16:54:29.0807 0x1e84  cht4vbd - ok
16:54:29.0869 0x1e84  circlass - ok
16:54:30.0228 0x1e84  [ E6C13708EC768ABE89BC45F7F12F49DB, 713C2FC2DF6EC3E79871A639686FE0358A564927D696EB2ED9AB5EDEAA9D47D2 ] cjpcsc          C:\WINDOWS\SysWOW64\cjpcsc.exe
16:54:30.0260 0x1e84  cjpcsc - ok
16:54:30.0275 0x1e84  [ E3B86AB029D1C523981C3476DE859521, F787284359F6322DB7135FCDFD3DA3EFD92FBBB95F3DC5C9D77B881A8351B080 ] cjusb           C:\WINDOWS\system32\DRIVERS\cjusb.sys
16:54:30.0275 0x1e84  cjusb - ok
16:54:30.0307 0x1e84  CLFS - ok
16:54:30.0353 0x1e84  ClipSVC - ok
16:54:30.0400 0x1e84  clreg - ok
16:54:30.0541 0x1e84  CmBatt - ok
16:54:30.0572 0x1e84  CNG - ok
16:54:30.0588 0x1e84  cnghwassist - ok
16:54:30.0869 0x1e84  CompositeBus - ok
16:54:30.0869 0x1e84  COMSysApp - ok
16:54:30.0900 0x1e84  condrv - ok
16:54:30.0963 0x1e84  CoreMessagingRegistrar - ok
16:54:31.0447 0x1e84  [ 5D19617245C798A0EED86D4D36B8C6E8, 90AB9125B1A56134489E81CE5AEE1F2C7005BE505E52603B1A884A2B8C3C4735 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:54:31.0463 0x1e84  cphs - ok
16:54:31.0494 0x1e84  CryptSvc - ok
16:54:31.0525 0x1e84  dam - ok
16:54:31.0557 0x1e84  DcomLaunch - ok
16:54:31.0572 0x1e84  DcpSvc - ok
16:54:31.0604 0x1e84  defragsvc - ok
16:54:31.0635 0x1e84  DeviceAssociationService - ok
16:54:31.0666 0x1e84  DeviceInstall - ok
16:54:31.0697 0x1e84  DevQueryBroker - ok
16:54:31.0713 0x1e84  Dfsc - ok
16:54:31.0775 0x1e84  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
16:54:31.0775 0x1e84  dg_ssudbus - ok
16:54:31.0838 0x1e84  Dhcp - ok
16:54:31.0932 0x1e84  diagnosticshub.standardcollector.service - ok
16:54:31.0947 0x1e84  DiagTrack - ok
16:54:32.0025 0x1e84  disk - ok
16:54:32.0119 0x1e84  DmEnrollmentSvc - ok
16:54:32.0166 0x1e84  dmvsc - ok
16:54:32.0244 0x1e84  dmwappushservice - ok
16:54:32.0291 0x1e84  Dnscache - ok
16:54:32.0322 0x1e84  dot3svc - ok
16:54:32.0338 0x1e84  DPS - ok
16:54:32.0338 0x1e84  drmkaud - ok
16:54:32.0525 0x1e84  [ 9DD3A22F804697606C2B7FF9E912FF6B, BBE2FC0D554030BA9E3A96CC4A360D61DBCCAA1D81BD7547809F29A3AF0B3A25 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
16:54:32.0541 0x1e84  DsiWMIService - ok
16:54:32.0604 0x1e84  DsmSvc - ok
16:54:32.0619 0x1e84  DsSvc - ok
16:54:32.0650 0x1e84  DXGKrnl - ok
16:54:32.0666 0x1e84  EapHost - ok
16:54:32.0697 0x1e84  ebdrv - ok
16:54:32.0729 0x1e84  EFS - ok
16:54:32.0775 0x1e84  EhStorClass - ok
16:54:32.0807 0x1e84  EhStorTcgDrv - ok
16:54:32.0838 0x1e84  embeddedmode - ok
16:54:32.0854 0x1e84  EntAppSvc - ok
16:54:33.0104 0x1e84  [ 48425C93B6F36529707206E4FA680CF3, 328BD59DEDFAD359EF79CCFBC2AD3E9C95657EC616AE0611F5EFEB34B810692A ] ePowerSvc       C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
16:54:33.0150 0x1e84  ePowerSvc - ok
16:54:33.0197 0x1e84  ErrDev - ok
16:54:33.0338 0x1e84  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
16:54:33.0385 0x1e84  ETD - ok
16:54:33.0510 0x1e84  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
16:54:33.0510 0x1e84  ETDService - ok
16:54:33.0541 0x1e84  EventSystem - ok
16:54:33.0541 0x1e84  exfat - ok
16:54:33.0572 0x1e84  fastfat - ok
16:54:33.0588 0x1e84  Fax - ok
16:54:33.0619 0x1e84  fdc - ok
16:54:33.0635 0x1e84  fdPHost - ok
16:54:33.0635 0x1e84  FDResPub - ok
16:54:33.0666 0x1e84  fhsvc - ok
16:54:33.0713 0x1e84  FileCrypt - ok
16:54:33.0713 0x1e84  FileInfo - ok
16:54:33.0744 0x1e84  Filetrace - ok
16:54:33.0744 0x1e84  flpydisk - ok
16:54:33.0760 0x1e84  FltMgr - ok
16:54:33.0791 0x1e84  FontCache - ok
16:54:34.0010 0x1e84  FontCache3.0.0.0 - ok
16:54:34.0057 0x1e84  FrameServer - ok
16:54:34.0088 0x1e84  FsDepends - ok
16:54:34.0088 0x1e84  Fs_Rec - ok
16:54:34.0119 0x1e84  fvevol - ok
16:54:34.0166 0x1e84  gencounter - ok
16:54:34.0197 0x1e84  genericusbfn - ok
16:54:34.0229 0x1e84  GPIOClx0101 - ok
16:54:34.0276 0x1e84  gpsvc - ok
16:54:34.0291 0x1e84  GpuEnergyDrv - ok
16:54:34.0322 0x1e84  HDAudBus - ok
16:54:34.0322 0x1e84  HidBatt - ok
16:54:34.0322 0x1e84  HidBth - ok
16:54:34.0354 0x1e84  hidi2c - ok
16:54:34.0354 0x1e84  hidinterrupt - ok
16:54:34.0385 0x1e84  HidIr - ok
16:54:34.0401 0x1e84  hidserv - ok
16:54:34.0432 0x1e84  HidUsb - ok
16:54:34.0447 0x1e84  HomeGroupListener - ok
16:54:34.0463 0x1e84  HomeGroupProvider - ok
16:54:34.0510 0x1e84  HpSAMD - ok
16:54:34.0619 0x1e84  [ EA0047216B112D4E2B38ECF6F9D769AC, 92250C8CBE4373716FF777A929AC0D88181660BA94B0BB656EFA1BF448D858C8 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
16:54:34.0635 0x1e84  HPSupportSolutionsFrameworkService - ok
16:54:34.0651 0x1e84  HTTP - ok
16:54:34.0682 0x1e84  HvHost - ok
16:54:34.0729 0x1e84  hvservice - ok
16:54:34.0744 0x1e84  hwpolicy - ok
16:54:34.0776 0x1e84  hyperkbd - ok
16:54:34.0791 0x1e84  i8042prt - ok
16:54:34.0807 0x1e84  iagpio - ok
16:54:34.0807 0x1e84  iai2c - ok
16:54:34.0822 0x1e84  iaLPSS2i_GPIO2 - ok
16:54:34.0822 0x1e84  iaLPSS2i_I2C - ok
16:54:34.0838 0x1e84  iaLPSSi_GPIO - ok
16:54:34.0838 0x1e84  iaLPSSi_I2C - ok
16:54:34.0854 0x1e84  iaStorAV - ok
16:54:34.0854 0x1e84  iaStorV - ok
16:54:34.0869 0x1e84  ibbus - ok
16:54:34.0916 0x1e84  icssvc - ok
16:54:36.0104 0x1e84  [ 226EAECA4F21F899E3F0C95297678A0B, DC18AAE3F1505C9BECB75218F4CCCD8DC6E1C6258EDA9A57B57028246EF346FA ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:54:36.0197 0x1e84  igfx - ok
16:54:36.0260 0x1e84  IKEEXT - ok
16:54:36.0276 0x1e84  IndirectKmd - ok
16:54:36.0635 0x1e84  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:54:36.0791 0x1e84  IntcAzAudAddService - ok
16:54:36.0838 0x1e84  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:54:36.0838 0x1e84  IntcDAud - ok
16:54:36.0854 0x1e84  intelide - ok
16:54:36.0869 0x1e84  intelpep - ok
16:54:36.0901 0x1e84  intelppm - ok
16:54:36.0916 0x1e84  iorate - ok
16:54:36.0916 0x1e84  IpFilterDriver - ok
16:54:36.0963 0x1e84  iphlpsvc - ok
16:54:36.0979 0x1e84  IPMIDRV - ok
16:54:37.0010 0x1e84  IPNAT - ok
16:54:37.0010 0x1e84  irda - ok
16:54:37.0010 0x1e84  IRENUM - ok
16:54:37.0041 0x1e84  irmon - ok
16:54:37.0104 0x1e84  isapnp - ok
16:54:37.0135 0x1e84  iScsiPrt - ok
16:54:37.0166 0x1e84  k57nd60a - ok
16:54:37.0244 0x1e84  kbdclass - ok
16:54:37.0291 0x1e84  kbdhid - ok
16:54:37.0385 0x1e84  kdnic - ok
16:54:37.0385 0x1e84  KeyIso - ok
16:54:37.0432 0x1e84  KSecDD - ok
16:54:37.0448 0x1e84  KSecPkg - ok
16:54:37.0463 0x1e84  ksthunk - ok
16:54:37.0479 0x1e84  KtmRm - ok
16:54:37.0494 0x1e84  LanmanServer - ok
16:54:37.0494 0x1e84  LanmanWorkstation - ok
16:54:37.0666 0x1e84  [ D186AAAE72691136BDE00BBB41F48D12, C64885A726C0642C92BC4993667696DFEC8D284C20872D58E49786EE280A01ED ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:54:37.0698 0x1e84  LBTServ - ok
16:54:37.0713 0x1e84  lfsvc - ok
16:54:37.0823 0x1e84  [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
16:54:37.0838 0x1e84  LHidFilt - ok
16:54:37.0869 0x1e84  LicenseManager - ok
16:54:38.0061 0x1e84  [ B705C7097F9A0EC941D02DCE7C7D426C, 1A137BEA25BF7BA1EF190212CD6E556B53293D6388E9F7E790BF53F641F3CF89 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
16:54:38.0106 0x1e84  Live Updater Service - ok
16:54:38.0134 0x1e84  lltdio - ok
16:54:38.0166 0x1e84  lltdsvc - ok
16:54:38.0195 0x1e84  lmhosts - ok
16:54:38.0311 0x1e84  [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
16:54:38.0311 0x1e84  LMouFilt - ok
16:54:38.0561 0x1e84  [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:54:38.0593 0x1e84  LMS - ok
16:54:38.0655 0x1e84  LSI_SAS - ok
16:54:38.0671 0x1e84  LSI_SAS2i - ok
16:54:38.0671 0x1e84  LSI_SAS3i - ok
16:54:38.0686 0x1e84  LSI_SSS - ok
16:54:38.0702 0x1e84  LSM - ok
16:54:38.0718 0x1e84  luafv - ok
16:54:38.0780 0x1e84  MapsBroker - ok
16:54:38.0827 0x1e84  megasas - ok
16:54:38.0890 0x1e84  megasas2i - ok
16:54:38.0905 0x1e84  megasr - ok
16:54:38.0968 0x1e84  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
16:54:38.0983 0x1e84  MEIx64 - ok
16:54:39.0030 0x1e84  MessagingService - ok
16:54:39.0265 0x1e84  Microsoft SharePoint Workspace Audit Service - ok
16:54:39.0280 0x1e84  mlx4_bus - ok
16:54:39.0311 0x1e84  MMCSS - ok
16:54:39.0327 0x1e84  Modem - ok
16:54:39.0358 0x1e84  monitor - ok
16:54:39.0405 0x1e84  mouclass - ok
16:54:39.0405 0x1e84  mouhid - ok
16:54:39.0405 0x1e84  mountmgr - ok
16:54:39.0483 0x1e84  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:54:39.0499 0x1e84  MozillaMaintenance - ok
16:54:39.0499 0x1e84  mpsdrv - ok
16:54:39.0530 0x1e84  MpsSvc - ok
16:54:39.0577 0x1e84  MQAC - ok
16:54:39.0593 0x1e84  MRxDAV - ok
16:54:39.0624 0x1e84  mrxsmb - ok
16:54:39.0640 0x1e84  mrxsmb10 - ok
16:54:39.0671 0x1e84  mrxsmb20 - ok
16:54:39.0702 0x1e84  MsBridge - ok
16:54:39.0749 0x1e84  MSDTC - ok
16:54:39.0749 0x1e84  Msfs - ok
16:54:39.0780 0x1e84  msgpiowin32 - ok
16:54:39.0843 0x1e84  mshidkmdf - ok
16:54:39.0874 0x1e84  mshidumdf - ok
16:54:39.0890 0x1e84  msisadrv - ok
16:54:39.0952 0x1e84  MSiSCSI - ok
16:54:39.0968 0x1e84  msiserver - ok
16:54:39.0983 0x1e84  MSKSSRV - ok
16:54:39.0999 0x1e84  MsLldp - ok
16:54:40.0030 0x1e84  MSMQ - ok
16:54:40.0046 0x1e84  MSPCLOCK - ok
16:54:40.0061 0x1e84  MSPQM - ok
16:54:40.0077 0x1e84  MsRPC - ok
16:54:40.0093 0x1e84  mssmbios - ok
16:54:40.0108 0x1e84  MSTEE - ok
16:54:40.0124 0x1e84  MTConfig - ok
16:54:40.0171 0x1e84  Mup - ok
16:54:40.0186 0x1e84  mvumis - ok
16:54:40.0202 0x1e84  NativeWifiP - ok
16:54:40.0421 0x1e84  [ 13AA2130F2A104DD775EAD0F0EE5417B, EBA07599FC2D10750CE6372EA6BA94EDDAFFF732223A1135F1971B958A6B57A2 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
16:54:40.0452 0x1e84  NAUpdate - ok
16:54:40.0468 0x1e84  NcaSvc - ok
16:54:40.0483 0x1e84  NcbService - ok
16:54:40.0483 0x1e84  NcdAutoSetup - ok
16:54:40.0530 0x1e84  ndfltr - ok
16:54:40.0546 0x1e84  NDIS - ok
16:54:40.0561 0x1e84  NdisCap - ok
16:54:40.0608 0x1e84  NdisImPlatform - ok
16:54:40.0624 0x1e84  NdisTapi - ok
16:54:40.0640 0x1e84  Ndisuio - ok
16:54:40.0671 0x1e84  NdisVirtualBus - ok
16:54:40.0718 0x1e84  NdisWan - ok
16:54:40.0718 0x1e84  ndiswanlegacy - ok
16:54:40.0733 0x1e84  ndproxy - ok
16:54:40.0733 0x1e84  Ndu - ok
16:54:40.0812 0x1e84  NetAdapterCx - ok
16:54:40.0843 0x1e84  NetBIOS - ok
16:54:40.0843 0x1e84  NetBT - ok
16:54:40.0858 0x1e84  Netlogon - ok
16:54:40.0890 0x1e84  Netman - ok
16:54:41.0124 0x1e84  NetMsmqActivator - ok
16:54:41.0124 0x1e84  NetPipeActivator - ok
16:54:41.0171 0x1e84  netprofm - ok
16:54:41.0218 0x1e84  NetSetupSvc - ok
16:54:41.0218 0x1e84  NetTcpActivator - ok
16:54:41.0218 0x1e84  NetTcpPortSharing - ok
16:54:41.0280 0x1e84  NgcCtnrSvc - ok
16:54:41.0280 0x1e84  NgcSvc - ok
16:54:41.0312 0x1e84  NlaSvc - ok
16:54:41.0343 0x1e84  Npfs - ok
16:54:41.0374 0x1e84  npsvctrig - ok
16:54:41.0405 0x1e84  nsi - ok
16:54:41.0421 0x1e84  nsiproxy - ok
16:54:41.0437 0x1e84  NTFS - ok
16:54:41.0452 0x1e84  Null - ok
16:54:41.0671 0x1e84  [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
16:54:41.0687 0x1e84  NvContainerLocalSystem - ok
16:54:41.0749 0x1e84  [ CEF487606A4D64DC9A5F4D76EEE996AA, 0534E3EE033B0E821597328AAA62C818593D537BDCA54625CB3C1B99912ACC21 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
16:54:41.0765 0x1e84  NvContainerNetworkService - ok
16:54:44.0234 0x1e84  [ 88F3EEDD47473E7206C0A049AE96A0F7, 3A02CF546993270E3DE2715F1065A4832CC1F2C6CCB62D87DDB939C423EF1EA1 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys
16:54:44.0468 0x1e84  nvlddmkm - ok
16:54:44.0515 0x1e84  [ 63718B0FF94E14B883650DA9CD7DBED9, 37BA4B85E677E041277051B476A640E8FA270B423B5D41874050AAAE91619AFE ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
16:54:44.0515 0x1e84  nvpciflt - ok
16:54:44.0593 0x1e84  nvraid - ok
16:54:44.0593 0x1e84  nvstor - ok
16:54:44.0655 0x1e84  [ 05FECCB901276013D16A42AD4CFCE24B, 281E2F23E5C820FA670E908EA1798F3FA062C4DD37B16DF73CE13E58B6F3C56E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:54:44.0671 0x1e84  NvStreamKms - ok
16:54:44.0812 0x1e84  [ 40B216E2D52371BC377C892FE83E63E9, AFD5466C86F0B0B54BE9AE6EF172D1B8F1F828C867FDA91CDD4E0A805D6EF71E ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
16:54:44.0827 0x1e84  NvTelemetryContainer - ok
16:54:44.0874 0x1e84  [ FC7835536FA1EA57B2996B6340A08D1B, D2CF883103316E747C11D10121C65742D748FC79BF7E3665A648FF5586AADA0A ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
16:54:44.0874 0x1e84  nvvad_WaveExtensible - ok
16:54:44.0905 0x1e84  [ 848DD3F4E7346B03F380AEA9A50F829B, F8B6E6F88619E9F0A7CB8039B4AC8765796857F634CCC73A1EC9768D16517F75 ] nvvhci          C:\WINDOWS\System32\drivers\nvvhci.sys
16:54:44.0905 0x1e84  nvvhci - ok
16:54:44.0968 0x1e84  OneSyncSvc - ok
16:54:45.0140 0x1e84  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:54:45.0140 0x1e84  ose - ok
16:54:45.0874 0x1e84  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:54:45.0952 0x1e84  osppsvc - ok
16:54:45.0984 0x1e84  p2pimsvc - ok
16:54:46.0031 0x1e84  p2psvc - ok
16:54:46.0062 0x1e84  Parport - ok
16:54:46.0093 0x1e84  partmgr - ok
16:54:46.0124 0x1e84  PcaSvc - ok
16:54:46.0156 0x1e84  pci - ok
16:54:46.0171 0x1e84  pciide - ok
16:54:46.0202 0x1e84  pcmcia - ok
16:54:46.0218 0x1e84  pcw - ok
16:54:46.0234 0x1e84  pdc - ok
16:54:46.0265 0x1e84  PEAUTH - ok
16:54:46.0312 0x1e84  percsas2i - ok
16:54:46.0343 0x1e84  percsas3i - ok
16:54:46.0827 0x1e84  PerfHost - ok
16:54:46.0843 0x1e84  PhoneSvc - ok
16:54:46.0906 0x1e84  PimIndexMaintenanceSvc - ok
16:54:46.0937 0x1e84  pla - ok
16:54:46.0968 0x1e84  PlugPlay - ok
16:54:46.0984 0x1e84  PNRPAutoReg - ok
16:54:46.0984 0x1e84  PNRPsvc - ok
16:54:47.0015 0x1e84  PolicyAgent - ok
16:54:47.0015 0x1e84  Power - ok
16:54:47.0031 0x1e84  PptpMiniport - ok
16:54:47.0390 0x1e84  [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:54:47.0452 0x1e84  PrintNotify - ok
16:54:47.0577 0x1e84  Processor - ok
16:54:47.0609 0x1e84  ProfSvc - ok
16:54:47.0640 0x1e84  Psched - ok
16:54:47.0687 0x1e84  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\WINDOWS\system32\Drivers\PxHlpa64.sys
16:54:47.0687 0x1e84  PxHlpa64 - ok
16:54:47.0718 0x1e84  QWAVE - ok
16:54:47.0749 0x1e84  QWAVEdrv - ok
16:54:47.0781 0x1e84  RasAcd - ok
16:54:47.0859 0x1e84  RasAgileVpn - ok
16:54:47.0890 0x1e84  RasAuto - ok
16:54:47.0906 0x1e84  Rasl2tp - ok
16:54:47.0937 0x1e84  RasMan - ok
16:54:47.0937 0x1e84  RasPppoe - ok
16:54:47.0937 0x1e84  RasSstp - ok
16:54:47.0952 0x1e84  rdbss - ok
16:54:47.0984 0x1e84  rdpbus - ok
16:54:47.0999 0x1e84  RDPDR - ok
16:54:48.0046 0x1e84  RdpVideoMiniport - ok
16:54:48.0078 0x1e84  rdyboost - ok
16:54:48.0093 0x1e84  ReFSv1 - ok
16:54:48.0124 0x1e84  RemoteAccess - ok
16:54:48.0156 0x1e84  RemoteRegistry - ok
16:54:48.0187 0x1e84  RetailDemo - ok
16:54:48.0249 0x1e84  RmSvc - ok
16:54:48.0281 0x1e84  RpcEptMapper - ok
16:54:48.0296 0x1e84  RpcLocator - ok
16:54:48.0328 0x1e84  RpcSs - ok
16:54:48.0343 0x1e84  rspndr - ok
16:54:48.0390 0x1e84  s3cap - ok
16:54:48.0468 0x1e84  SamSs - ok
16:54:48.0531 0x1e84  sbp2port - ok
16:54:48.0593 0x1e84  SCardSvr - ok
16:54:48.0624 0x1e84  ScDeviceEnum - ok
16:54:48.0671 0x1e84  scfilter - ok
16:54:48.0687 0x1e84  Schedule - ok
16:54:48.0703 0x1e84  scmbus - ok
16:54:48.0749 0x1e84  scmdisk0101 - ok
16:54:48.0796 0x1e84  SCPolicySvc - ok
16:54:48.0828 0x1e84  sdbus - ok
16:54:48.0874 0x1e84  SDRSVC - ok
16:54:48.0906 0x1e84  sdstor - ok
16:54:48.0921 0x1e84  seclogon - ok
16:54:48.0953 0x1e84  SENS - ok
16:54:49.0015 0x1e84  SensorDataService - ok
16:54:49.0046 0x1e84  SensorService - ok
16:54:49.0046 0x1e84  SensrSvc - ok
16:54:49.0093 0x1e84  SerCx - ok
16:54:49.0093 0x1e84  SerCx2 - ok
16:54:49.0140 0x1e84  Serenum - ok
16:54:49.0140 0x1e84  Serial - ok
16:54:49.0156 0x1e84  sermouse - ok
16:54:49.0187 0x1e84  SessionEnv - ok
16:54:49.0203 0x1e84  sfloppy - ok
16:54:49.0234 0x1e84  SharedAccess - ok
16:54:49.0281 0x1e84  ShellHWDetection - ok
16:54:49.0312 0x1e84  shpamsvc - ok
16:54:49.0359 0x1e84  SiSRaid2 - ok
16:54:49.0359 0x1e84  SiSRaid4 - ok
16:54:49.0437 0x1e84  smphost - ok
16:54:49.0468 0x1e84  SmsRouter - ok
16:54:49.0531 0x1e84  SNMPTRAP - ok
16:54:49.0578 0x1e84  spaceport - ok
16:54:49.0593 0x1e84  SpbCx - ok
16:54:49.0624 0x1e84  Spooler - ok
16:54:49.0656 0x1e84  sppsvc - ok
16:54:49.0671 0x1e84  srv - ok
16:54:49.0687 0x1e84  srv2 - ok
16:54:49.0734 0x1e84  srvnet - ok
16:54:49.0749 0x1e84  SSDPSRV - ok
16:54:49.0796 0x1e84  SstpSvc - ok
16:54:49.0859 0x1e84  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
16:54:49.0859 0x1e84  ssudmdm - ok
16:54:49.0937 0x1e84  StateRepository - ok
16:54:50.0031 0x1e84  stexstor - ok
16:54:50.0093 0x1e84  stisvc - ok
16:54:50.0109 0x1e84  storahci - ok
16:54:50.0124 0x1e84  storflt - ok
16:54:50.0124 0x1e84  stornvme - ok
16:54:50.0124 0x1e84  storqosflt - ok
16:54:50.0156 0x1e84  StorSvc - ok
16:54:50.0156 0x1e84  storufs - ok
16:54:50.0171 0x1e84  storvsc - ok
16:54:50.0187 0x1e84  svsvc - ok
16:54:50.0218 0x1e84  swenum - ok
16:54:50.0234 0x1e84  swprv - ok
16:54:50.0265 0x1e84  Synth3dVsc - ok
16:54:50.0296 0x1e84  SysMain - ok
16:54:50.0312 0x1e84  SystemEventsBroker - ok
16:54:50.0343 0x1e84  TabletInputService - ok
16:54:50.0359 0x1e84  TapiSrv - ok
16:54:50.0390 0x1e84  Tcpip - ok
16:54:50.0390 0x1e84  Tcpip6 - ok
16:54:50.0421 0x1e84  tcpipreg - ok
16:54:50.0421 0x1e84  tdx - ok
16:54:50.0453 0x1e84  terminpt - ok
16:54:50.0484 0x1e84  TermService - ok
16:54:50.0546 0x1e84  Themes - ok
16:54:50.0562 0x1e84  TieringEngineService - ok
16:54:50.0625 0x1e84  tiledatamodelsvc - ok
16:54:50.0640 0x1e84  TimeBrokerSvc - ok
16:54:50.0656 0x1e84  TPM - ok
16:54:50.0703 0x1e84  TrkWks - ok
16:54:50.0796 0x1e84  TrustedInstaller - ok
16:54:50.0796 0x1e84  tsusbflt - ok
16:54:50.0828 0x1e84  TsUsbGD - ok
16:54:50.0843 0x1e84  tunnel - ok
16:54:50.0890 0x1e84  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\WINDOWS\system32\DRIVERS\TurboB.sys
16:54:50.0890 0x1e84  TurboB - ok
16:54:51.0046 0x1e84  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:54:51.0046 0x1e84  TurboBoost - ok
16:54:51.0109 0x1e84  tzautoupdate - ok
16:54:51.0140 0x1e84  UASPStor - ok
16:54:51.0140 0x1e84  UcmCx0101 - ok
16:54:51.0218 0x1e84  UcmTcpciCx0101 - ok
16:54:51.0218 0x1e84  UcmUcsi - ok
16:54:51.0328 0x1e84  Ucx01000 - ok
16:54:51.0328 0x1e84  UdeCx - ok
16:54:51.0343 0x1e84  udfs - ok
16:54:51.0375 0x1e84  UEFI - ok
16:54:51.0406 0x1e84  Ufx01000 - ok
16:54:51.0406 0x1e84  UfxChipidea - ok
16:54:51.0421 0x1e84  ufxsynopsys - ok
16:54:51.0468 0x1e84  UI0Detect - ok
16:54:51.0484 0x1e84  umbus - ok
16:54:51.0500 0x1e84  UmPass - ok
16:54:51.0531 0x1e84  UmRdpService - ok
16:54:51.0562 0x1e84  UnistoreSvc - ok
16:54:52.0015 0x1e84  [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:54:52.0062 0x1e84  UNS - ok
16:54:52.0078 0x1e84  upnphost - ok
16:54:52.0093 0x1e84  UrsChipidea - ok
16:54:52.0109 0x1e84  UrsCx01000 - ok
16:54:52.0125 0x1e84  UrsSynopsys - ok
16:54:52.0140 0x1e84  usbccgp - ok
16:54:52.0187 0x1e84  usbcir - ok
16:54:52.0203 0x1e84  usbehci - ok
16:54:52.0218 0x1e84  usbhub - ok
16:54:52.0234 0x1e84  USBHUB3 - ok
16:54:52.0250 0x1e84  usbohci - ok
16:54:52.0265 0x1e84  usbprint - ok
16:54:52.0328 0x1e84  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:54:52.0328 0x1e84  usbscan - ok
16:54:52.0343 0x1e84  usbser - ok
16:54:52.0375 0x1e84  USBSTOR - ok
16:54:52.0437 0x1e84  usbuhci - ok
16:54:52.0453 0x1e84  usbvideo - ok
16:54:52.0484 0x1e84  USBXHCI - ok
16:54:52.0546 0x1e84  UserDataSvc - ok
16:54:52.0593 0x1e84  UserManager - ok
16:54:52.0609 0x1e84  UsoSvc - ok
16:54:52.0609 0x1e84  VaultSvc - ok
16:54:52.0625 0x1e84  vdrvroot - ok
16:54:52.0656 0x1e84  vds - ok
16:54:52.0671 0x1e84  VerifierExt - ok
16:54:52.0687 0x1e84  vhdmp - ok
16:54:52.0718 0x1e84  vhf - ok
16:54:52.0765 0x1e84  vmbus - ok
16:54:52.0781 0x1e84  VMBusHID - ok
16:54:52.0812 0x1e84  vmgid - ok
16:54:52.0843 0x1e84  vmicguestinterface - ok
16:54:52.0843 0x1e84  vmicheartbeat - ok
16:54:52.0859 0x1e84  vmickvpexchange - ok
16:54:52.0890 0x1e84  vmicrdv - ok
16:54:52.0890 0x1e84  vmicshutdown - ok
16:54:52.0890 0x1e84  vmictimesync - ok
16:54:52.0906 0x1e84  vmicvmsession - ok
16:54:52.0906 0x1e84  vmicvss - ok
16:54:52.0937 0x1e84  volmgr - ok
16:54:52.0937 0x1e84  volmgrx - ok
16:54:52.0953 0x1e84  volsnap - ok
16:54:52.0968 0x1e84  volume - ok
16:54:52.0984 0x1e84  vpci - ok
16:54:53.0015 0x1e84  vsmraid - ok
16:54:53.0015 0x1e84  VSS - ok
16:54:53.0015 0x1e84  VSTXRAID - ok
16:54:53.0078 0x1e84  vwifibus - ok
16:54:53.0093 0x1e84  vwififlt - ok
16:54:53.0093 0x1e84  vwifimp - ok
16:54:53.0109 0x1e84  W32Time - ok
16:54:53.0172 0x1e84  w3logsvc - ok
16:54:53.0234 0x1e84  W3SVC - ok
16:54:53.0234 0x1e84  WacomPen - ok
16:54:53.0265 0x1e84  WalletService - ok
16:54:53.0265 0x1e84  wanarp - ok
16:54:53.0281 0x1e84  wanarpv6 - ok
16:54:53.0281 0x1e84  WAS - ok
16:54:53.0312 0x1e84  wbengine - ok
16:54:53.0343 0x1e84  WbioSrvc - ok
16:54:53.0375 0x1e84  wcifs - ok
16:54:53.0406 0x1e84  Wcmsvc - ok
16:54:53.0422 0x1e84  wcncsvc - ok
16:54:53.0453 0x1e84  wcnfs - ok
16:54:53.0468 0x1e84  WdBoot - ok
16:54:53.0500 0x1e84  Wdf01000 - ok
16:54:53.0515 0x1e84  WdFilter - ok
16:54:53.0531 0x1e84  WdiServiceHost - ok
16:54:53.0531 0x1e84  WdiSystemHost - ok
16:54:53.0547 0x1e84  wdiwifi - ok
16:54:53.0547 0x1e84  WdNisDrv - ok
16:54:53.0593 0x1e84  WdNisSvc - ok
16:54:53.0609 0x1e84  WebClient - ok
16:54:53.0625 0x1e84  Wecsvc - ok
16:54:53.0656 0x1e84  WEPHOSTSVC - ok
16:54:53.0687 0x1e84  wercplsupport - ok
16:54:53.0718 0x1e84  WerSvc - ok
16:54:53.0750 0x1e84  WFPLWFS - ok
16:54:53.0781 0x1e84  WiaRpc - ok
16:54:53.0812 0x1e84  WIMMount - ok
16:54:53.0812 0x1e84  WinDefend - ok
16:54:53.0875 0x1e84  WindowsTrustedRT - ok
16:54:53.0890 0x1e84  WindowsTrustedRTProxy - ok
16:54:53.0922 0x1e84  WinHttpAutoProxySvc - ok
16:54:53.0953 0x1e84  WinMad - ok
16:54:54.0109 0x1e84  Winmgmt - ok
16:54:54.0140 0x1e84  WinRM - ok
16:54:54.0218 0x1e84  WINUSB - ok
16:54:54.0234 0x1e84  WinVerbs - ok
16:54:54.0281 0x1e84  wisvc - ok
16:54:54.0312 0x1e84  WlanSvc - ok
16:54:54.0406 0x1e84  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:54:54.0406 0x1e84  wlcrasvc - ok
16:54:54.0437 0x1e84  wlidsvc - ok
16:54:54.0468 0x1e84  WmiAcpi - ok
16:54:54.0484 0x1e84  wmiApSrv - ok
16:54:54.0531 0x1e84  WMPNetworkSvc - ok
16:54:54.0547 0x1e84  Wof - ok
16:54:54.0593 0x1e84  workfolderssvc - ok
16:54:54.0625 0x1e84  WPDBusEnum - ok
16:54:54.0703 0x1e84  WpdUpFltr - ok
16:54:54.0734 0x1e84  WpnService - ok
16:54:54.0734 0x1e84  WpnUserService - ok
16:54:54.0765 0x1e84  ws2ifsl - ok
16:54:54.0797 0x1e84  wscsvc - ok
16:54:54.0797 0x1e84  WSearch - ok
16:54:54.0812 0x1e84  wuauserv - ok
16:54:54.0843 0x1e84  WudfPf - ok
16:54:54.0843 0x1e84  WUDFRd - ok
16:54:54.0875 0x1e84  wudfsvc - ok
16:54:54.0875 0x1e84  WUDFWpdFs - ok
16:54:54.0875 0x1e84  WUDFWpdMtp - ok
16:54:54.0906 0x1e84  WwanSvc - ok
16:54:54.0953 0x1e84  XblAuthManager - ok
16:54:55.0015 0x1e84  XblGameSave - ok
16:54:55.0031 0x1e84  xboxgip - ok
16:54:55.0062 0x1e84  XboxNetApiSvc - ok
16:54:55.0125 0x1e84  xinputhid - ok
16:54:55.0125 0x1e84  ================ Scan global ===============================
16:54:55.0234 0x1e84  [ Global ] - ok
16:54:55.0234 0x1e84  ================ Scan MBR ==================================
16:54:55.0250 0x1e84  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:54:56.0453 0x1e84  \Device\Harddisk0\DR0 - ok
16:54:56.0453 0x1e84  ================ Scan VBR ==================================
16:54:56.0484 0x1e84  [ 47C5968E092978007A35FC2326201E56 ] \Device\Harddisk0\DR0\Partition1
16:54:56.0484 0x1e84  \Device\Harddisk0\DR0\Partition1 - ok
16:54:56.0484 0x1e84  [ FBB31BCC55EC8AD4565F0A069B16CF78 ] \Device\Harddisk0\DR0\Partition2
16:54:56.0484 0x1e84  \Device\Harddisk0\DR0\Partition2 - ok
16:54:56.0484 0x1e84  ================ Scan generic autorun ======================
16:54:56.0484 0x1e84  ETDCtrl - ok
16:54:56.0781 0x1e84  [ A3F0187B2B6402168E65BE6688002041, 695A220D95D072F311E68AC9A629A73EBFE9FF922E82CB31A8AA58DF3645E477 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:54:56.0797 0x1e84  avgnt - ok
16:54:56.0906 0x1e84  [ 36828A828CEAA19A0FEA14C8723DC60C, 005627B96A08AC88BE3813DCB73228D8668A8270021D824FFC5EEA26C29027FA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
16:54:56.0906 0x1e84  Avira SystrayStartTrigger - ok
16:54:57.0594 0x1e84  OneDriveSetup - ok
16:54:57.0594 0x1e84  OneDriveSetup - ok
16:54:57.0594 0x1e84  OneDriveSetup - ok
16:54:57.0656 0x1e84  WAB Migrate - ok
16:54:57.0656 0x1e84  OneDriveSetup - ok
16:54:57.0656 0x1e84  WAB Migrate - ok
16:54:57.0656 0x1e84  OneDriveSetup - ok
16:54:57.0656 0x1e84  WAB Migrate - ok
16:54:57.0656 0x1e84  Waiting for KSN requests completion. In queue: 29
16:54:58.0672 0x1e84  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\WindowsSecurityCenter.exe ( 15.0.29.31 ), 0x41000 ( enabled : updated )
16:54:58.0719 0x1e84  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x62100 ( disabled : updated )
16:54:58.0766 0x1e84  Win FW state via NFP2: enabled ( trusted )
16:54:58.0922 0x1e84  ============================================================
16:54:58.0922 0x1e84  Scan finished
16:54:58.0922 0x1e84  ============================================================
16:54:58.0922 0x1614  Detected object count: 0
16:54:58.0922 0x1614  Actual detected object count: 0
         

Alt 24.08.2017, 21:51   #7
M-K-D-B
/// TB-Ausbilder
 
Quickshare von linkury - Standard

Quickshare von linkury



Servus,





Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Image File Execution Options Schlüssel
    • Tracing Schlüssel
    • Prefetch Dateien
    • Proxy
    • Winsock
    • Firewall
    • IE Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 3
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die zwei neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 24.08.2017, 23:18   #8
Lol12
 
Quickshare von linkury - Standard

Quickshare von linkury



SCHRITT 1

Code:
ATTFilter
# AdwCleaner 7.0.1.0 - Logfile created on Thu Aug 24 21:02:38 2017
# Updated on 2017/05/08 by Malwarebytes 
# Database: 08-22-2017.4
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Windows\System32\ARFC
PUP.Optional.Legacy, C:\Windows\SysWOW64\ARFC
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\DesktopIconForAmazon
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\dvdvideosoftiehelpers
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Local\iLivid
PUP.Optional.Legacy, C:\Windows\System32\jmdp
PUP.Optional.Legacy, C:\Windows\SysWOW64\jmdp
PUP.Optional.Legacy, C:\Windows\SysNative\ljkb
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\OCS
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Local\VirtualStore\Program Files (x86)\Search Results Toolbar
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\LocalLow\SimplyTech
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\SimplyTech
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\Tlapia
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\Toolbar4
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\Windows Net Data
PUP.Optional.Legacy, C:\Windows\System32\WNLT
PUP.Optional.Legacy, C:\Windows\SysWOW64\WNLT
PUP.Optional.Legacy, C:\Windows\SysNative\tprb
PUP.Optional.Legacy, C:\Users\Gast\AppData\Local\Allin1Convert_8h
PUP.Optional.Legacy, C:\Users\Gast\AppData\LocalLow\Allin1Convert_8h
PUP.Optional.Ask, C:\ProgramData\Ask
PUP.Optional.Ask, C:\Users\All Users\Ask
PUP.Optional.SaveSense, C:\Users\Gast\AppData\Local\SaveSense
PUP.Optional.SaveSense, C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive
PUP.Optional.SaveSense, C:\Users\All Users\SaveSenseLive
PUP.Optional.SaveSense, C:\Users\Gast\AppData\Local\SaveSenseLive
PUP.Optional.Iminent, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Iminent
Adware.Yontoo, C:\ProgramData\Tarma Installer
Adware.Yontoo, C:\Users\All Users\Tarma Installer
Rogue.ForcedExtension, C:\ProgramData\apn
Rogue.ForcedExtension, C:\Users\All Users\apn
Rogue.ForcedExtension, C:\Users\Pflügl\AppData\Local\apn
PUP.Optional.InboxToolBar, C:\Users\Pflügl\AppData\LocalLow\Inbox Toolbar
PUP.Optional.SpecialSavings, C:\Users\Pflügl\AppData\Roaming\SpecialSavings
PUP.Optional.DriverTurbo, C:\Users\Pflügl\AppData\Roaming\DriverTurbo
PUP.Optional.OpenCandy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\OpenCandy
PUP.Optional.SofTonicAssistant, C:\Users\Pflügl\AppData\LocalLow\Softonic
PUP.Optional.SofTonicAssistant, C:\Users\Pflügl\AppData\Roaming\Softonic
Trojan.Agent, C:\Users\Gast\AppData\LocalLow\iac
PUP.Optional.DNSErrorHelper, C:\ProgramData\DNSErrorHelper
PUP.Optional.DNSErrorHelper, C:\Users\All Users\DNSErrorHelper
PUP.Optional.SysTweak, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Systweak
PUP.Optional.AllMyApps, C:\ProgramData\Allmyapps
PUP.Optional.AllMyApps, C:\Users\All Users\Allmyapps
PUP.Optional.AllMyApps, C:\Users\Pflügl\AppData\Roaming\Allmyapps
PUP.Optional.SmartBar, C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\Smartbar
PUP.Optional.SmartBar, C:\Users\Pflügl\AppData\LocalLow\Smartbar
PUP.Optional.DownloadGuide, C:\Users\Pflügl\AppData\Local\DownloadGuide
PUP.Optional.MySearchDial, C:\Users\Gast\AppData\Local\Mysearchdial
PUP.Optional.IoloSC, C:\Program Files (x86)\iolo\System Checkup
PUP.Optional.FoxTab, C:\Users\Pflügl\AppData\Roaming\FoxTab
PUP.Optional.BrowserUpdater, C:\Program Files (x86)\Browser Updater
PUP.Adware.Heuristic, C:\Program Files (x86)\8hUninstall Allin1Convert.dll
PUP.Adware.Heuristic, C:\Users\Gast\AppData\Local\Allin1Convert_8h


***** [ Files ] *****

PUP.Optional.Legacy, C:\Windows\launcher.exe
PUP.Optional.Legacy, C:\Windows\SysNative\dmwu.exe
PUP.Optional.Legacy, C:\Users\Pflügl\Desktop\eBay.lnk
PUP.Optional.Legacy, C:\END
PUP.Optional.Legacy, C:\Windows\SysNative\ImHttpComm.dll
PUP.Optional.Legacy, C:\Users\Gast\AppData\Local\mysearchdial-speeddial.crx
PUP.Optional.Legacy, C:\Users\Gast\AppData\LocalLow\SkwConfig.bin
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\SkwConfig.bin
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\LocalLow\SkwConfig.bin
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\MyStart Search.xml
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\MyStart.xml
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\bprotector_extensions.sqlite
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\bprotector_prefs.js
PUP.Optional.Legacy, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\ask-search.xml
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\invalidprefs.js
PUP.Optional.Ask, C:\Users\Pflügl\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml
PUP.Optional.WatchDogPCCleaner, C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Cleaner.lnk
PUP.Optional.MySearchDial, C:\Users\Gast\Desktop\MySearchDial.url


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

PUP.Optional.Legacy, C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
PUP.Optional.Legacy, C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
PUP.Optional.Legacy, C:\Users\Pflügl\Desktop\eBay.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
PUP.Optional.Legacy, C:\Users\Pflügl\Desktop\eBay.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX
PUP.Optional.Legacy, C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX


***** [ Tasks ] *****

PUP.Optional.Legacy, DealPlyUpdate
PUP.Optional.BrowserDefender.AppFlsh, BrowserDefendert


***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F0E349DC-E761-452A-A9C8-FF5372646FE2}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {09B2A8BF-15F4-49C1-AB92-DCD9C3EF35D3}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4B4D1B33-47F8-4FA5-A55A-5984420C7F87}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B617C342-BBB7-4B32-B821-505EAAB675BB}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A06D5442-904C-441E-BBFB-D978E61202D3}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DA1C4275-AAF6-4019-9F46-4E7BF1F14776}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1C8A7C60-770C-4F71-AF74-DFB5A766E952}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B85F5BC9-5B59-4EBA-A6C2-7BA604913A9A}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\distromatic
PUP.Optional.Legacy, [Key] - HKCU\Software\distromatic
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\ImInstaller
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\ImInstaller
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\ImInstaller
PUP.Optional.Legacy, [Key] - HKCU\Software\ImInstaller
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AppDataLow\Software\SIMPLYTECH
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\Software\SIMPLYTECH
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\WNLT
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\WNLT
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\WNLT
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\WNLT
PUP.Optional.Legacy, [Key] - HKCU\Software\WNLT
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AF860F85-54A3-4A28-879B-BF9E6E325776}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Alexa Internet
PUP.Optional.Legacy, [Key] - HKCU\Software\Alexa Internet
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BABSOLUTION
PUP.Optional.Legacy, [Key] - HKCU\Software\BABSOLUTION
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\InstalledThirdPartyPrograms
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\InstalledThirdPartyPrograms
PUP.Optional.Legacy, [Key] - HKCU\Software\InstalledThirdPartyPrograms
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Tarma Installer
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AppDataLow\Software\simplytech
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\Software\simplytech
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | {D4027C7F-154A-4066-A1AD-4243D8127440}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | {EEE6C35B-6118-11DC-9C72-001320C79847}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {98889811-442D-49DD-99D7-DC866BE87DBC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\CLSID\{A0359AE6-F410-4425-A975-684AAB785ABD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {58124A0B-DC32-4180-9BFF-E0E21AE34026}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{9B6B03F1-16CF-4491-BBBB-E872802DD717}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | {C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | {41564952-412D-5637-4300-7A786E7484D7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | Babylon Client
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | DriverTurbo
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | BackgroundHost.exe
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD | BackgroundHost.exe
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\CLASSES\b
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | DisableAddonLoadTimePerformanceNotifications
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
PUP.Optional.SweetIM, [Key] - HKLM\SOFTWARE\SweetIM
PUP.Optional.SweetIM, [Key] - HKU\.DEFAULT\Software\SweetIM
PUP.Optional.SweetIM, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\SweetIM
PUP.Optional.SweetIM, [Key] - HKU\S-1-5-18\Software\SweetIM
PUP.Optional.SweetIM, [Key] - HKCU\Software\SweetIM
PUP.Optional.Iminent, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {977AE9CC-AF83-45E8-9E03-E2798216E2D5}
PUP.Optional.IBUpdater, [Key] - HKU\.DEFAULT\Software\IBUpdaterService
PUP.Optional.IBUpdater, [Key] - HKU\S-1-5-18\Software\IBUpdaterService
PUP.Optional.SofTonicAssistant, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Softonic
PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Softonic
PUP.Optional.ProtectedSearch, [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\ProtectedSearch
PUP.Optional.ProtectedSearch, [Key] - HKCU\Software\ProtectedSearch
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Firefox (and derivatives) ] *****

Plugin found: YouTube Unblocker - www.unblocker.yt


***** [ Chromium (and derivatives) ] *****

SearchProvider found: MyStart - mystart.incredibar.com
SearchProvider found: MyStart - mystart.incredibar.com/
Plugin found: SweetPacks Chrome Extension - 
Plugin found: MySearchDial - 

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271 


*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
         
Nochmal Schritt 1 nach der löschung und des neustarts

Code:
ATTFilter
# AdwCleaner 7.0.1.0 - Logfile created on Thu Aug 24 21:11:59 2017
# Updated on 2017/05/08 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Windows\System32\ARFC
Deleted: C:\Windows\SysWOW64\ARFC
Deleted: C:\Users\Pflügl\AppData\Roaming\DesktopIconForAmazon
Deleted: C:\Users\Pflügl\AppData\Roaming\dvdvideosoftiehelpers
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Local\iLivid
Deleted: C:\Windows\System32\jmdp
Deleted: C:\Windows\SysWOW64\jmdp
Deleted: C:\Windows\SysNative\ljkb
Deleted: C:\Users\Pflügl\AppData\Roaming\OCS
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Local\VirtualStore\Program Files (x86)\Search Results Toolbar
Deleted: C:\Users\Pflügl\AppData\LocalLow\SimplyTech
Deleted: C:\Users\Pflügl\AppData\Roaming\SimplyTech
Deleted: C:\Users\Pflügl\AppData\Roaming\Tlapia
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\Toolbar4
Deleted: C:\Users\Pflügl\AppData\Roaming\Windows Net Data
Deleted: C:\Windows\System32\WNLT
Deleted: C:\Windows\SysWOW64\WNLT
Deleted: C:\Windows\SysNative\tprb
Deleted: C:\Users\Gast\AppData\Local\Allin1Convert_8h
Deleted: C:\Users\Gast\AppData\LocalLow\Allin1Convert_8h
Deleted: C:\ProgramData\Ask
Deleted: C:\Users\All Users\Ask
Deleted: C:\Users\Gast\AppData\Local\SaveSense
Deleted: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Deleted: C:\ProgramData\SaveSenseLive
Deleted: C:\Users\All Users\SaveSenseLive
Deleted: C:\Users\Gast\AppData\Local\SaveSenseLive
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Iminent
Deleted: C:\ProgramData\Tarma Installer
Deleted: C:\Users\All Users\Tarma Installer
Deleted: C:\ProgramData\apn
Deleted: C:\Users\All Users\apn
Deleted: C:\Users\Pflügl\AppData\Local\apn
Deleted: C:\Users\Pflügl\AppData\LocalLow\Inbox Toolbar
Deleted: C:\Users\Pflügl\AppData\Roaming\SpecialSavings
Deleted: C:\Users\Pflügl\AppData\Roaming\DriverTurbo
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\OpenCandy
Deleted: C:\Users\Pflügl\AppData\LocalLow\Softonic
Deleted: C:\Users\Pflügl\AppData\Roaming\Softonic
Deleted: C:\Users\Gast\AppData\LocalLow\iac
Deleted: C:\ProgramData\DNSErrorHelper
Deleted: C:\Users\All Users\DNSErrorHelper
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Systweak
Deleted: C:\ProgramData\Allmyapps
Deleted: C:\Users\All Users\Allmyapps
Deleted: C:\Users\Pflügl\AppData\Roaming\Allmyapps
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\Smartbar
Deleted: C:\Users\Pflügl\AppData\LocalLow\Smartbar
Deleted: C:\Users\Pflügl\AppData\Local\DownloadGuide
Deleted: C:\Users\Gast\AppData\Local\Mysearchdial
Deleted: C:\Program Files (x86)\iolo\System Checkup
Deleted: C:\Users\Pflügl\AppData\Roaming\FoxTab
Deleted: C:\Program Files (x86)\Browser Updater
Deleted: C:\Program Files (x86)\8hUninstall Allin1Convert.dll
Deleted: C:\Users\Gast\AppData\Local\Allin1Convert_8h


***** [ Files ] *****

Deleted: C:\Windows\\launcher.exe
Deleted: C:\Windows\SysNative\dmwu.exe
Deleted: C:\Users\Pflügl\Desktop\eBay.lnk
Deleted: C:\END
Deleted: C:\Windows\SysNative\ImHttpComm.dll
Deleted: C:\Users\Gast\AppData\Local\mysearchdial-speeddial.crx
Deleted: C:\Users\Gast\AppData\LocalLow\SkwConfig.bin
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\LocalLow\SkwConfig.bin
Deleted: C:\Users\Pflügl\AppData\LocalLow\SkwConfig.bin
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\MyStart Search.xml
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\MyStart.xml
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\bprotector_extensions.sqlite
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\bprotector_prefs.js
Deleted: C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\searchplugins\ask-search.xml
Deleted: C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\invalidprefs.js
Deleted: C:\Users\Pflügl\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml
Deleted: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Cleaner.lnk
Deleted: C:\Users\Gast\Desktop\MySearchDial.url


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Cleaned: C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
Cleaned: C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
Cleaned: C:\Users\Pflügl\Desktop\eBay.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
Cleaned: C:\Users\Pflügl\Desktop\eBay.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
Cleaned: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]
Cleaned: C:\Users\Pflügl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[http:\\isearch.omiga-plus.com\?type=sc&ts=1383502839&from=mlv&uid=HitachiXHTS547575A9E384_J2540054CE8U3ECE8U3EX]


***** [ Tasks ] *****

Deleted: DealPlyUpdate
Deleted: BrowserDefendert


***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F0E349DC-E761-452A-A9C8-FF5372646FE2}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{09B2A8BF-15F4-49C1-AB92-DCD9C3EF35D3}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4B4D1B33-47F8-4FA5-A55A-5984420C7F87}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B617C342-BBB7-4B32-B821-505EAAB675BB}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A06D5442-904C-441E-BBFB-D978E61202D3}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DA1C4275-AAF6-4019-9F46-4E7BF1F14776}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1C8A7C60-770C-4F71-AF74-DFB5A766E952}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B85F5BC9-5B59-4EBA-A6C2-7BA604913A9A}
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\distromatic
Deleted: [Key] - HKCU\Software\distromatic
Deleted: [Key] - HKU\.DEFAULT\Software\ImInstaller
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\ImInstaller
Deleted: [Key] - HKU\S-1-5-18\Software\ImInstaller
Deleted: [Key] - HKCU\Software\ImInstaller
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AppDataLow\Software\SIMPLYTECH
Deleted: [Key] - HKCU\Software\AppDataLow\Software\SIMPLYTECH
Deleted: [Key] - HKLM\SOFTWARE\WNLT
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Deleted: [Key] - HKU\.DEFAULT\Software\WNLT
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\WNLT
Deleted: [Key] - HKU\S-1-5-18\Software\WNLT
Deleted: [Key] - HKCU\Software\WNLT
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AF860F85-54A3-4A28-879B-BF9E6E325776}
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Alexa Internet
Deleted: [Key] - HKCU\Software\Alexa Internet
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BABSOLUTION
Deleted: [Key] - HKCU\Software\BABSOLUTION
Deleted: [Key] - HKLM\SOFTWARE\InstalledThirdPartyPrograms
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\InstalledThirdPartyPrograms
Deleted: [Key] - HKCU\Software\InstalledThirdPartyPrograms
Deleted: [Key] - HKLM\SOFTWARE\Tarma Installer
Deleted: [Key] - HKLM\SOFTWARE\Yahoo\Companion
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AppDataLow\Software\simplytech
Deleted: [Key] - HKCU\Software\AppDataLow\Software\simplytech
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Deleted: [Key] - HKCU\Software\Classes\CLSID\{A0359AE6-F410-4425-A975-684AAB785ABD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9B6B03F1-16CF-4491-BBBB-E872802DD717}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{41564952-412D-5637-4300-7A786E7484D7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Babylon Client
Deleted: [Value] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DriverTurbo
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\b
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext|DisableAddonLoadTimePerformanceNotifications
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted: [Key] - HKLM\SOFTWARE\SweetIM
Deleted: [Key] - HKU\.DEFAULT\Software\SweetIM
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\SweetIM
Deleted: [Key] - HKU\S-1-5-18\Software\SweetIM
Deleted: [Key] - HKCU\Software\SweetIM
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Deleted: [Key] - HKU\.DEFAULT\Software\IBUpdaterService
Deleted: [Key] - HKU\S-1-5-18\Software\IBUpdaterService
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Softonic
Deleted: [Key] - HKCU\Software\Softonic
Deleted: [Key] - HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\ProtectedSearch
Deleted: [Key] - HKCU\Software\ProtectedSearch
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Firefox (and derivatives) ] *****

Plugin deleted: YouTube Unblocker - www.unblocker.yt


***** [ Chromium (and derivatives) ] *****

Plugin deleted: SweetPacks Chrome Extension - 
Plugin deleted: MySearchDial - 
SearchProvider deleted: MyStart - mystart.incredibar.com
SearchProvider deleted: MyStart - mystart.incredibar.com/


*************************

::Tracing keys deleted
::Winsock settings cleared
::Image File Execution Options%s keys deleted
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [24688 B] - [2017/8/24 21:2:38]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
         

Alt 24.08.2017, 23:52   #9
Lol12
 
Quickshare von linkury - Standard

Quickshare von linkury



SCHRITT 2
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 24.08.17
Scan-Zeit: 23:21
Protokolldatei: 214949d6-8912-11e7-b5ef-dc0ea102cdc0.json
Administrator: Ja

-Softwaredaten-
Version: 3.2.2.2018
Komponentenversion: 1.0.186
Version des Aktualisierungspakets: 1.0.2653
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 14393.1593)
CPU: x64
Dateisystem: NTFS
Benutzer: Pfl\u00c3\u00bcgl-PC\Pfl\u00c3\u00bcgl

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 515790
Erkannte Bedrohungen: 487
In die Quarantäne verschobene Bedrohungen: 487
Abgelaufene Zeit: 17 Min., 48 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 82
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\esrv.BabylonESrvc.1, In Quarantäne, [6388], [235656],1.0.2653
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}, In Quarantäne, [6388], [235656],1.0.2653
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}, In Quarantäne, [6388], [235656],1.0.2653
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\esrv.BabylonESrvc, In Quarantäne, [6388], [235656],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\Allin1Convert_8h, Löschen bei Neustart, [259], [240418],1.0.2653
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\AskPartnerNetwork, Löschen bei Neustart, [8877], [186876],1.0.2653
PUP.Optional.InstallCore, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\InstallCore, Löschen bei Neustart, [2], [239563],1.0.2653
PUP.Optional.MySearchDial, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\mysearchdial, Löschen bei Neustart, [1555], [241078],1.0.2653
PUP.Optional.SaveSense, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\SaveSense, Löschen bei Neustart, [1486], [242563],1.0.2653
PUP.Optional.SaveSense, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\SaveSenseLive, Löschen bei Neustart, [1486], [242564],1.0.2653
PUP.Optional.SweetIM, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\SweetIM, Löschen bei Neustart, [1160], [243758],1.0.2653
PUP.Optional.AmazonTB, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, Löschen bei Neustart, [9867], [235409],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, Löschen bei Neustart, [259], [240422],1.0.2653
PUP.Optional.SmartBar, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\amfclgbdpgndipgoegfpkkgobahigbcl, In Quarantäne, [1572], [231096],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{13AC3A56-4B9D-4F5C-99E6-A3A46174BC6B}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2AB3D872-B14D-4016-8FF2-ACA48055DA2A}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5F98DD07-A56D-41F4-B5AB-1BFFEF9CC2A6}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5FDB1F52-69CC-4D73-A965-9CB9432F8779}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{883348F7-331B-4B69-BC27-B24DFFDB76E8}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9922E137-61FB-4D6A-A195-AD924F649CBD}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A50D6AE9-158A-40D8-A4C3-63D68113E7C0}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9B0964E-F8AA-4E6A-B1E4-AFACA0ED48D9}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BD764411-4CD0-44A1-8062-D8D8DA1D8775}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C9F07FA1-E867-4D0C-9F52-60B46F1C44B1}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2AA6726-A019-4B94-AE16-452311B6AD53}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9C4654E-5687-42A8-8579-C1437AAA2185}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DE51DFE9-D984-467F-8AAB-E44917E3B75C}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DEBBFF41-E4B1-4943-AE69-43D81A783F9E}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E022C11E-8C40-48E6-81B9-6D75446F2811}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E670E5DC-208C-4057-95C3-1D96B834BBB4}, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA0D4DD8-951D-4D94-80A9-2C2676473377}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA1EA972-CA55-45F8-A6CA-6FB9848E3859}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EADFECF4-85ED-40DA-A7AE-C43871B6F3F3}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB07AF29-B56F-46B4-8F93-71EF8D1444F4}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F1012B0A-9D2A-4629-8262-1A24923DF064}, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.MySearchDial, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, Löschen bei Neustart, [1555], [241075],1.0.2653
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [9611], [233310],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75B4241F-171E-44A3-BF44-23613B6E3E03}, Löschen bei Neustart, [516], [245523],1.0.2653
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75B4241F-171E-44A3-BF44-23613B6E3E03}, In Quarantäne, [516], [245523],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}, In Quarantäne, [516], [245523],1.0.2653
PUP.Optional.SofTonic, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{95ED1396-3F7D-478C-AD6A-B97A247F1AD6}, In Quarantäne, [3262], [243270],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Allin1Convert_8h, In Quarantäne, [259], [240418],1.0.2653
PUP.Optional.BabylonToolBar, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\BabylonToolbar, In Quarantäne, [6388], [235657],1.0.2653
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jcdgjdiieiljkfkdcloehkohchhpekkn, In Quarantäne, [1160], [243759],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, In Quarantäne, [259], [240422],1.0.2653
PUP.Optional.SearchResults, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, Löschen bei Neustart, [10131], [184971],1.0.2653
PUP.Optional.InstallBrain, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\WNLT, Löschen bei Neustart, [396], [239558],1.0.2653
PUP.Optional.Babylon, HKLM\SOFTWARE\WOW6432NODE\BabylonToolbar, In Quarantäne, [1727], [235651],1.0.2653
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\SweetIM, In Quarantäne, [1160], [243762],1.0.2653
PUP.Optional.DealPly, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, In Quarantäne, [207], [237621],1.0.2653
PUP.Optional.BProtector, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Löschen bei Neustart, [4000], [235981],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\Allin1Convert_8h, Löschen bei Neustart, [259], [240418],1.0.2653
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\AskPartnerNetwork, Löschen bei Neustart, [8877], [186876],1.0.2653
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\DataMngr_Toolbar, Löschen bei Neustart, [8871], [253613],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\Iminent, Löschen bei Neustart, [3065], [239410],1.0.2653
PUP.Optional.SweetIM, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\SweetIM, Löschen bei Neustart, [1160], [243758],1.0.2653
PUP.Optional.SysTweak, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\Systweak, Löschen bei Neustart, [238], [327156],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, Löschen bei Neustart, [259], [240422],1.0.2653
PUP.Optional.IoloSC, HKLM\SOFTWARE\WOW6432NODE\IOLO\System Checkup, In Quarantäne, [2066], [349242],1.0.2653
PUP.Optional.SmartBar, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AE07101B-46D4-4A98-AF68-0333EA26E113}, Löschen bei Neustart, [1572], [189776],1.0.2653
PUP.Optional.SmartBar, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AE07101B-46D4-4A98-AF68-0333EA26E113}, Löschen bei Neustart, [1572], [189776],1.0.2653
PUP.Optional.SmartBar, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AE07101B-46D4-4A98-AF68-0333EA26E113}, Löschen bei Neustart, [1572], [189776],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, Löschen bei Neustart, [3065], [168094],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, Löschen bei Neustart, [3065], [168094],1.0.2653
PUP.Optional.InboxToolBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, In Quarantäne, [10002], [168102],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, Löschen bei Neustart, [516], [306571],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, Löschen bei Neustart, [516], [306571],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{58124A0B-DC32-4180-9BFF-E0E21AE34026}, Löschen bei Neustart, [3065], [168091],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{58124A0B-DC32-4180-9BFF-E0E21AE34026}, Löschen bei Neustart, [3065], [168091],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35B-6118-11DC-9C72-001320C79847}, Löschen bei Neustart, [1026], [168894],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35B-6118-11DC-9C72-001320C79847}, Löschen bei Neustart, [1026], [168894],1.0.2653
PUP.Optional.InboxToolBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, In Quarantäne, [10002], [168103],1.0.2653
PUP.Optional.MySearchDial, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Löschen bei Neustart, [1555], [168579],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35C-6118-11DC-9C72-001320C79847}, Löschen bei Neustart, [1026], [161093],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35C-6118-11DC-9C72-001320C79847}, Löschen bei Neustart, [1026], [161093],1.0.2653
PUP.Optional.QuickShare, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Löschen bei Neustart, [3387], [168682],1.0.2653
PUP.Optional.QuickShare, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Löschen bei Neustart, [3387], [168682],1.0.2653
PUP.Optional.QuickShare, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Löschen bei Neustart, [3387], [168682],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, Löschen bei Neustart, [3065], [168095],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, Löschen bei Neustart, [3065], [168095],1.0.2653
PUP.Optional.DealPly, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}, In Quarantäne, [207], [167880],1.0.2653

Registrierungswert: 52
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{13AC3A56-4B9D-4F5C-99E6-A3A46174BC6B}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2AB3D872-B14D-4016-8FF2-ACA48055DA2A}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5F98DD07-A56D-41F4-B5AB-1BFFEF9CC2A6}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5FDB1F52-69CC-4D73-A965-9CB9432F8779}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{883348F7-331B-4B69-BC27-B24DFFDB76E8}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9922E137-61FB-4D6A-A195-AD924F649CBD}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A50D6AE9-158A-40D8-A4C3-63D68113E7C0}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9B0964E-F8AA-4E6A-B1E4-AFACA0ED48D9}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BD764411-4CD0-44A1-8062-D8D8DA1D8775}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C9F07FA1-E867-4D0C-9F52-60B46F1C44B1}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2AA6726-A019-4B94-AE16-452311B6AD53}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9C4654E-5687-42A8-8579-C1437AAA2185}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DE51DFE9-D984-467F-8AAB-E44917E3B75C}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DEBBFF41-E4B1-4943-AE69-43D81A783F9E}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E022C11E-8C40-48E6-81B9-6D75446F2811}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E670E5DC-208C-4057-95C3-1D96B834BBB4}|APPNAME, In Quarantäne, [219], [237488],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA0D4DD8-951D-4D94-80A9-2C2676473377}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA1EA972-CA55-45F8-A6CA-6FB9848E3859}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EADFECF4-85ED-40DA-A7AE-C43871B6F3F3}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB07AF29-B56F-46B4-8F93-71EF8D1444F4}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.CrossRider, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F1012B0A-9D2A-4629-8262-1A24923DF064}|APPNAME, In Quarantäne, [219], [237487],1.0.2653
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, In Quarantäne, [9611], [233310],1.0.2653
PUP.Optional.Babylon, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FAVICONURL, In Quarantäne, [1727], [235650],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|DISPLAYNAME, In Quarantäne, [516], [245523],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|SUGGESTIONSURL_JSON, In Quarantäne, [516], [245522],1.0.2653
PUP.Optional.SofTonic, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{95ED1396-3F7D-478C-AD6A-B97A247F1AD6}|URL, In Quarantäne, [3262], [243270],1.0.2653
PUP.Optional.SofTonic, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{95ED1396-3F7D-478C-AD6A-B97A247F1AD6}|FAVICONURL, In Quarantäne, [3262], [243270],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|DISPLAYNAME, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|FAVICONURL, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|DISPLAYNAME, In Quarantäne, [516], [245523],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|FAVICONURLFALLBACK, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|URL, In Quarantäne, [516], [245522],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|TOPRESULTURL, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|TOPRESULTURLFALLBACK, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|URL, In Quarantäne, [1026], [243769],1.0.2653
PUP.Optional.SearchResults, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|URL, In Quarantäne, [10131], [184971],1.0.2653
PUP.Optional.InstallBrain, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\WNLT|URL, In Quarantäne, [396], [239558],1.0.2653
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, [8871], [-1],0.0.0
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, [8871], [-1],0.0.0
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|DISPLAYNAME, In Quarantäne, [516], [245525],1.0.2653
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|URL, In Quarantäne, [516], [245524],1.0.2653
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|SUGGESTIONSURL_JSON, In Quarantäne, [516], [245524],1.0.2653
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{AE07101B-46D4-4A98-AF68-0333EA26E113}, In Quarantäne, [1572], [189776],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, In Quarantäne, [3065], [168094],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [516], [306571],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EEE6C35B-6118-11DC-9C72-001320C79847}, In Quarantäne, [1026], [168894],1.0.2653
PUP.Optional.ASK, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [516], [306571],1.0.2653
PUP.Optional.Iminent, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, In Quarantäne, [3065], [168094],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{CD1A63BA-A08C-431B-9A34-F240AADC728D}, In Quarantäne, [259], [169956],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{CD1A63BA-A08C-431B-9A34-F240AADC728D}, In Quarantäne, [259], [169956],1.0.2653
PUP.Optional.MindSpark, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4}, In Quarantäne, [259], [169955],1.0.2653
PUP.Optional.SweetPacks, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EEE6C35B-6118-11DC-9C72-001320C79847}, In Quarantäne, [1026], [168894],1.0.2653

Registrierungsdaten: 5
PUP.Optional.SnapDo, HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Ersetzt, [6619], [293027],1.0.2653
Hijack.StartPage, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Ersetzt, [1816], [292742],1.0.2653
PUP.Optional.Babylon, HKU\S-1-5-21-1664608947-3428569484-2814311379-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|BPROTECTOR START PAGE, Ersetzt, [1727], [293037],1.0.2653
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Ersetzt, [13272], [292819],1.0.2653
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Ersetzt, [13272], [292819],1.0.2653

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 66
PUP.Optional.Delta.ShrtCln, C:\USERS\PFLüGL\APPDATA\LOCALLOW\DELTA\DELTA, In Quarantäne, [9611], [175031],1.0.2653
PUP.Optional.Babylon, C:\Users\Pflügl\AppData\LocalLow\BabylonToolbar\BabylonToolbar, In Quarantäne, [1727], [175554],1.0.2653
PUP.Optional.Babylon, C:\USERS\PFLüGL\APPDATA\LOCALLOW\BABYLONTOOLBAR, In Quarantäne, [1727], [175554],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\favorites, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\info, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\resources, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\browser\misc, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\browser, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\pt_BR, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ar, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\de, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\en, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\es, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\fr, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\he, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\it, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ja, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\nl, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\pl, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ru, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\tr, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\icons, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\USERS\GAST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PFLPHAOOAPBGPEAKOHLGGBPIDPPPGDFF, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.SweetIM, C:\USERS\PFLüGL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTERNAL EXTENSIONS\{EEE6C373-6118-11DC-9C72-001320C79847}, In Quarantäne, [1160], [243753],1.0.2653
PUP.Optional.SweetPacks, C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\SweetPacksToolbarData\logs, In Quarantäne, [1026], [179951],1.0.2653
PUP.Optional.SweetPacks, C:\USERS\PFLüGL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NCA6GZM3.DEFAULT\SWEETPACKSTOOLBARDATA, In Quarantäne, [1026], [179951],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\USERS\GAST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OGCCGBMABAPHCAKPICLGCNMCNIMHOKCJ, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.IoloSC, C:\PROGRAMDATA\IOLO\SCU, In Quarantäne, [2066], [349238],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\pt-br, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zh-cn, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\eng, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\da, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\de, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\nl, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\no, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ru, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\sv, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\es, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fi, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fr, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\it, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ja, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\components, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\plugins, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\chrome, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\USERS\NATHALIE.PFLüGL-PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UG6GJRUZ.DEFAULT\EXTENSIONS\{AA9CC3FA-A5E4-449B-AAB5-1EBDBC7314EE}, In Quarantäne, [11807], [302037],1.0.2653

Datei: 282
PUP.Optional.BProtector, C:\USERS\PFLüGL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\BPROTECTORPREFERENCES, In Quarantäne, [4000], [235980],1.0.2653
PUP.Optional.BProtector, C:\USERS\NATHALIE.PFLüGL-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\BPROTECTORPREFERENCES, In Quarantäne, [4000], [235980],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\browser\misc\screenshot.inject.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\browser\background.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\browser\background.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_de.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_en_gb.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_en_us.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_fr.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_he.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_it.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_pt_br.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_ru.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\data\favorites_tr.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\angular.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\crypto-js.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery-2.1.0.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery.autocomplete.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery.balloon.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery.fittext.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery.Jcrop.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\jquery.simplecolorpicker.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\mustache.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\string.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\external\underscore-min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\gallery.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\gallery.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\newtab.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\newtab.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\review.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\content\newtab\review.min.js, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\foundation.min.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\indicator.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\Jcrop.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\jquery.autocomplete.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\jquery.Jcrop.min.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\jquery.simplecolorpicker.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\external\normalize.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\arrow-gallery-cat-selected.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\arrow.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\emptyArea.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\gallery.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\gallery_templates.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\icon-gallery-search.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\not_available_32.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\plus.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\gallery\X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\icons\128.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\icons\16.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\icons\48.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\buttons.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\footer.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\header.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\list.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\newtab.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\search.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\css\themes.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\arab_tile.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\batthern_@2X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\bo_play_pattern_@2X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\dark_wood_@2X.jpg, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\diagonal_striped_brick.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\escheresque_ste_@2X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\gold_scale.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\purty_wood_@2X.jpg, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\readme.txt, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\starring_@2X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\weave_@2X.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\wild_oliva_@2X.jpg, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\patterns\woven.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-layout.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\ajax-loader-2.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\ajax-loader-bar.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\ajax-loader-medium.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\ajax-loader-small.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\ajax-loader.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\arrow-footer.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\arrow-header.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\attachment.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\close-bar2.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\close.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\edit-button.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-apps-dark.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-apps.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-chrome.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-close.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-contents-light.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-contents.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-edit.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-plus-dark.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-plus.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-right.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-search.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-settings.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\icon-theme.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\menu_v.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\menu_v_white.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\provider.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\images\x-button.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\resources\groups.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\resources\list.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\newtab\resources\menu.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\activetabs.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\favorites.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\layout.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\modal-fav-add.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\modal-fav-edit.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\modal-fav-group.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\readitlater.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\recentlyclosed.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\theme.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\css\webapps.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\bookmarks.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\download.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\downloads.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\downloas.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\extensions.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\history.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\settings.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\chrome\trash.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\favorites\empty.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\favorites\error.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\favorites\shadow.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\info\contactus.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\info\facebook.ico, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\info\rateus.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\images\info\twitter.ico, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\activetabs.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\favorites.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\layout.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\modal-fav-add.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\modal-fav-edit.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\modal-fav-group.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\readitlater.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\readitlater_content.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\readitlater_menu.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\recentlyclosed.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\theme.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\webapps.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\plugins\resources\webapps_contextmenu.html, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\cat_1.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\cat_2.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\cat_3.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\cat_4.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\cat_5.gif, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\rating-star.png, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\skin\review\review.css, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ar\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\de\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\en\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\es\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\fr\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\he\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\it\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ja\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\nl\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\pl\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\pt_BR\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\ru\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\_locales\tr\messages.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.MySpeedDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\manifest.json, In Quarantäne, [8836], [178637],1.0.2653
PUP.Optional.BProtector, C:\USERS\NATHALIE.PFLüGL-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\BPROTECTOR WEB DATA, In Quarantäne, [4000], [235979],1.0.2653
PUP.Optional.SweetIM, C:\USERS\PFLüGL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTERNAL EXTENSIONS\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx, In Quarantäne, [1160], [243753],1.0.2653
PUP.Optional.BProtector, C:\USERS\PFLüGL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\BPROTECTOR WEB DATA, In Quarantäne, [4000], [235979],1.0.2653
PUP.Optional.NewTab, C:\USERS\PFLüGL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NEWTAB.CRX, In Quarantäne, [11472], [241199],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\128.png, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\19.png, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\48.png, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\background.html, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\flavour.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\keys.json, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\logger.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\main.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\manifest.json, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\newtab.html, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\newtab.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\popup.html, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\popup.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\simapp.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.WhiteSmoke, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\toolbar.js, In Quarantäne, [3452], [180465],1.0.2653
PUP.Optional.MySpeedDial, C:\USERS\GAST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage, In Quarantäne, [8836], [241090],1.0.2653
PUP.Optional.MySpeedDial, C:\USERS\GAST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage-journal, In Quarantäne, [8836], [241090],1.0.2653
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\config.dll, In Quarantäne, [2066], [349238],1.0.2653
PUP.Optional.SysTweak, C:\USERS\PFLüGL\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\ADVANCED DISK RECOVERY.LNK, In Quarantäne, [238], [338871],1.0.2653
PUP.Optional.SysTweak, C:\PROGRAM FILES (X86)\ADVANCED DISK RECOVERY\ENG\CHECKUPDATE.INI, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\eng\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\eng\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\eng\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\da\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\da\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\da\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\da\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\de\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\de\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\de\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\de\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\nl\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\nl\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\nl\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\nl\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\no\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\no\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\no\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\no\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\pt-br\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\pt-br\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\pt-br\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\pt-br\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ru\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ru\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ru\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ru\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\sv\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\sv\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\sv\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\sv\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zh-cn\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zh-cn\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zh-cn\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zh-cn\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\es\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\es\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\es\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\es\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fi\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fi\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fi\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fi\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fr\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fr\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fr\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\fr\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\it\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\it\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\it\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\it\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ja\aso.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ja\checkupdate.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ja\client.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ja\undelete.ini, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ADRDLL.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ADRHelper.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\adrsys.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\AdvancedDiskRecovery.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\ASEng.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\AsInvoker.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\asohtm.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\asores.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\CheckUpdate.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Downloader.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Microsoft.VC90.ATL.manifest, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Microsoft.VC90.CRT.manifest, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Microsoft.VC90.MFC.manifest, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Microsoft.VC90.MFCLOC.manifest, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\Network.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\RequireAdministrator.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\unins000.dat, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\unins000.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\unrar.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\XceedZip.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\xmllite.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\zlibwapi.dll, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\HighestAvailable.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.SysTweak, C:\Program Files (x86)\Advanced Disk Recovery\KillADRProcesses.exe, In Quarantäne, [238], [331833],1.0.2653
PUP.Optional.MySearchDial, C:\USERS\GAST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\SECURE PREFERENCES, Ersetzt, [1555], [302892],1.0.2653
PUP.Optional.CrossRider, C:\USERS\PFLüGL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NCA6GZM3.DEFAULT\PREFS.JS, Ersetzt, [219], [301531],1.0.2653
PUP.Optional.SweetPacks, C:\USERS\PFLüGL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NCA6GZM3.DEFAULT\PREFS.JS, Ersetzt, [1026], [301675],1.0.2653
PUP.Optional.Widdit, C:\USERS\NATHALIE.PFLüGL-PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UG6GJRUZ.DEFAULT\EXTENSIONS\{AA9CC3FA-A5E4-449B-AAB5-1EBDBC7314EE}\INSTALL.RDF, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\chrome\HomeTab_3580.jar, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\components\wtb_complete.js, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\plugins\npwiddit.dll, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\chrome.manifest, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\HomeTab_3580.sqlite, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\install.js, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.Widdit, C:\Users\nathalie.Pflügl-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ug6gjruz.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}\pop.htm, In Quarantäne, [11807], [302037],1.0.2653
PUP.Optional.MindSpark, C:\PROGRAM FILES (X86)\8HRES.DLL, In Quarantäne, [259], [301125],1.0.2653
PUP.Optional.Ilivid, C:\USERS\NATHALIE.PFLüGL-PC\DOWNLOADS\ILIVIDSETUP.EXE, In Quarantäne, [3186], [56018],1.0.2653
PUP.Optional.MindSpark, C:\USERS\PFLüGL\DOWNLOADS\ALLIN1CONVERT.EXE, In Quarantäne, [259], [301125],1.0.2653
PUP.Optional.BundleInstaller, C:\USERS\PFLüGL\DOWNLOADS\PASSWDFINDER-WINDOWS-DOWNLOADER.EXE, In Quarantäne, [20], [76335],1.0.2653
PUP.Optional.SofTonic, C:\USERS\PFLüGL\PICTURES\SOFTONICDOWNLOADER_FUER_ABIWORD.EXE, In Quarantäne, [3262], [8262],1.0.2653
PUP.Optional.SnapDo, C:\WINDOWS\INSTALLER\1CD3C.MSI, In Quarantäne, [6619], [77242],1.0.2653

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 24.08.2017, 23:57   #10
Lol12
 
Quickshare von linkury - Standard

Quickshare von linkury




FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von Pflügl (Administrator) auf PFLÜGL-PC (24-08-2017 23:52:49)
Gestartet von C:\Users\Pflügl\Desktop
Geladene Profile: Pflügl &  (Verfügbare Profile: Pflügl & nathalie & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1561_none_7ef6e89821f9a6be\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-08-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234525649\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234821568\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2013-12-26]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Pflügl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk [2017-08-24]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{75ff37bc-f35e-4fd1-8f72-5840205e2664}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {3E5C233F-F334-43B2-87BA-0B102B44359D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {609F3A36-D7A7-45F3-B223-E2F3E96CC3B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {6CB0C3DC-BCBD-4D81-9DD0-96BD1A294EE9} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_403bc9d4f41241b69d0dd74ec0d909d6_39_1006_20130621_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {E10C5AE2-82EC-4B63-9AAB-2DD26A68FE3F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {3E5C233F-F334-43B2-87BA-0B102B44359D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {609F3A36-D7A7-45F3-B223-E2F3E96CC3B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {6CB0C3DC-BCBD-4D81-9DD0-96BD1A294EE9} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_403bc9d4f41241b69d0dd74ec0d909d6_39_1006_20130621_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> {E10C5AE2-82EC-4B63-9AAB-2DD26A68FE3F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {3E5C233F-F334-43B2-87BA-0B102B44359D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {609F3A36-D7A7-45F3-B223-E2F3E96CC3B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {6CB0C3DC-BCBD-4D81-9DD0-96BD1A294EE9} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_403bc9d4f41241b69d0dd74ec0d909d6_39_1006_20130621_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> {E10C5AE2-82EC-4B63-9AAB-2DD26A68FE3F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> {5809E9FB-C152-4D28-81C3-952F25687BAA} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> {5D4A600E-90EA-4D1A-AFF5-2BDB3E27FD0E} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> {7894D067-3C4C-42E1-A6E1-03F025D8106E} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> {E042A6EC-FF89-4E6D-8C51-57DE7A7113C1} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> {5809E9FB-C152-4D28-81C3-952F25687BAA} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> {5D4A600E-90EA-4D1A-AFF5-2BDB3E27FD0E} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> {7894D067-3C4C-42E1-A6E1-03F025D8106E} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> {E042A6EC-FF89-4E6D-8C51-57DE7A7113C1} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default [2017-08-24]
FF user.js: detected! => C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js [2013-11-17]
FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nca6gzm3.default -> Sweetpacks Search
FF Homepage: Mozilla\Firefox\Profiles\nca6gzm3.default -> www.google.de
FF Extension: (Avira Browser Safety) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\abs@avira.com.xpi [2017-08-03]
FF Extension: (Adblock Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Tab Mix Plus) - C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-05-18]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-24] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-02] <==== ACHTUNG

Chrome: 
=======
CHR DefaultProfile: Default
CHR NewTab: Default ->  Active:"chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR Profile: C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default [2017-08-24]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-04-01]
CHR Extension: (Google Wallet) - C:\Users\Pflügl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-01]
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-08-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-08-11] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [389312 2017-08-02] (Avira Operations GmbH & Co. KG)
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [604216 2017-02-01] (REINER SCT)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.)
S3 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-23] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [173784 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-31] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\WINDOWS\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-21] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-08-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-08-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-24] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253888 2017-08-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-08-24] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

Error(1) reading file: "C:\Users\Pflügl\Desktop\www.bildkontakte.de - einfach einen Partner finden   profil   klaus   g.j.c.   div."
2017-08-24 23:50 - 2017-08-24 23:50 - 000092579 _____ C:\Users\Pflügl\Desktop\mbam.txt.txt
2017-08-24 23:06 - 2017-08-24 23:46 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-08-24 23:06 - 2017-08-24 23:46 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-08-24 23:06 - 2017-08-24 23:46 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-08-24 23:06 - 2017-08-24 23:45 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-24 23:06 - 2017-08-24 23:06 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-08-24 23:05 - 2017-08-24 23:05 - 000001924 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-08-24 23:05 - 2017-08-24 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-08-24 23:05 - 2017-08-24 23:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-24 23:05 - 2017-08-24 23:05 - 000000000 ____D C:\Program Files\Malwarebytes
2017-08-24 23:05 - 2017-08-21 07:20 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-08-24 22:59 - 2017-08-24 23:17 - 000000000 ____D C:\AdwCleaner
2017-08-24 22:58 - 2017-08-24 22:59 - 008185288 _____ (Malwarebytes) C:\Users\Pflügl\Desktop\adwcleaner_7.0.1.0.exe
2017-08-24 16:54 - 2017-08-24 17:00 - 000075392 _____ C:\TDSSKiller.3.1.0.15_24.08.2017_16.54.01_log.txt
2017-08-24 16:44 - 2017-08-24 23:53 - 000033261 _____ C:\Users\Pflügl\Desktop\FRST.txt
2017-08-24 15:33 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-08-24 15:32 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-08-24 15:32 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-08-24 15:32 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-08-24 15:00 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-24 15:00 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-24 15:00 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-24 15:00 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-24 15:00 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-24 15:00 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-24 15:00 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-24 15:00 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-24 15:00 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-24 15:00 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-24 15:00 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-24 15:00 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-24 15:00 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-24 15:00 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-24 15:00 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-24 15:00 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-24 15:00 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-24 15:00 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-24 15:00 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-24 15:00 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-24 15:00 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-24 15:00 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-24 15:00 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-24 15:00 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-24 15:00 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-24 15:00 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-24 15:00 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-24 15:00 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-24 15:00 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-24 15:00 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-24 15:00 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-24 15:00 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-24 15:00 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-24 15:00 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-24 15:00 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-24 15:00 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-24 14:59 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-24 14:59 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-24 14:59 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-24 14:59 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-24 14:59 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-24 14:59 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-24 14:59 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-24 14:59 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-24 14:59 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-24 14:59 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-24 14:59 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-24 14:59 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-24 14:59 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-24 14:59 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-24 14:59 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-24 14:59 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-24 14:59 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-24 14:59 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-24 14:59 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-24 14:59 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-24 14:59 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-24 14:59 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-24 14:59 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-24 14:59 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-24 14:59 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-24 14:59 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-24 14:59 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-24 14:59 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-24 14:59 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-24 14:59 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-24 14:59 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-24 14:59 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-24 14:59 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-24 14:59 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-24 14:59 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-24 14:59 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-24 14:59 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-24 14:59 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-24 14:59 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-24 14:59 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-24 14:59 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-24 14:59 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-24 14:59 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-24 14:59 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-24 14:59 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-24 14:59 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-24 14:59 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-24 14:59 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-24 14:59 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-24 14:59 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-24 14:59 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-24 14:59 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-24 14:59 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-24 14:59 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-24 14:59 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-24 14:59 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-24 14:59 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-24 14:59 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-24 14:59 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-24 14:59 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-24 14:59 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-24 14:59 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-24 14:59 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-24 14:59 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-24 14:59 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-24 14:59 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-24 14:58 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-24 14:58 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-24 14:58 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-24 14:58 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-24 14:58 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-24 14:58 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-24 14:58 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-24 14:58 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-24 14:58 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-24 14:58 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-24 14:58 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-24 14:58 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-24 14:58 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-24 14:58 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-24 14:58 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-24 14:58 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-24 14:58 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-24 14:58 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-24 14:58 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-24 14:58 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-24 14:58 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-24 14:58 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-24 14:58 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-24 14:58 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-24 14:58 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-24 14:58 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-24 14:58 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-24 14:58 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-24 14:58 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-24 14:58 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-24 14:57 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-24 14:57 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-24 14:57 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-24 14:57 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-24 14:57 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-24 14:57 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-24 14:57 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-24 14:57 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-24 14:57 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-24 14:57 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-24 14:57 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-24 14:57 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-24 14:57 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-24 14:57 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-24 14:57 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-24 14:57 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-24 14:57 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-24 14:57 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-24 14:57 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-24 14:57 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-24 14:57 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-24 14:57 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-24 14:57 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-24 14:57 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-24 14:57 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-24 14:57 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-24 14:57 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-24 14:57 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-24 14:57 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-24 14:57 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-24 14:56 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-24 14:56 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-24 14:56 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-24 14:56 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-24 14:56 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-24 14:56 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-24 14:56 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-24 14:56 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-24 14:56 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-24 14:56 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-24 14:56 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-24 14:56 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-24 14:56 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-24 14:56 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-24 14:56 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-24 14:56 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-24 14:56 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-24 14:56 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-24 14:56 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-24 14:56 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-24 14:56 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-24 14:56 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-24 14:56 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-24 14:56 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-24 14:56 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-24 14:56 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-24 14:56 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-24 14:56 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-24 14:56 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-24 14:56 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-24 14:56 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-24 14:56 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-24 14:56 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-24 14:56 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-24 14:56 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-24 14:56 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-24 14:56 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-24 14:56 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-24 14:56 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-24 14:56 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-24 14:56 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-24 14:56 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-24 14:56 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-24 14:56 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-24 14:56 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-24 14:56 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-24 14:56 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-24 14:56 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-24 14:56 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-24 14:56 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-24 14:56 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-24 14:56 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-24 14:56 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-24 14:56 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-24 14:56 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-24 14:56 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-24 14:56 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-24 14:56 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-24 14:56 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-24 14:56 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-24 14:56 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-24 14:56 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-24 14:56 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-24 14:56 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-24 14:56 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-24 14:56 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-24 14:56 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-24 14:56 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-24 14:56 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-24 14:56 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-24 14:56 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-24 14:56 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-24 14:56 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-24 14:56 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-24 14:56 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-24 14:56 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-24 14:56 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-24 14:56 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-24 14:56 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-24 14:56 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-24 14:56 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-24 14:56 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-24 14:56 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-24 14:56 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-24 14:56 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-24 14:56 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-24 14:56 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-24 14:56 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-24 14:56 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-24 14:56 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-24 14:56 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-24 14:56 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-24 14:56 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-24 14:56 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-24 14:56 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-24 14:56 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-24 14:56 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-24 14:56 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-24 14:56 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-24 14:56 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-24 14:56 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-24 14:56 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-24 14:56 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-24 14:56 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-24 14:56 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-24 14:56 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-24 14:56 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-24 14:56 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-24 14:56 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-24 14:56 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-24 14:56 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-24 14:26 - 2017-08-24 14:27 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Pflügl\Desktop\tdsskiller.exe
2017-08-24 14:12 - 2017-08-24 23:52 - 000000000 ____D C:\FRST
2017-08-24 14:10 - 2017-08-24 14:19 - 000000000 ____D C:\Users\lol12
2017-08-24 14:08 - 2017-08-24 14:11 - 002395648 _____ (Farbar) C:\Users\Pflügl\Desktop\FRST64.exe
2017-08-24 12:44 - 2017-08-24 12:44 - 005763072 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-24 23:49 - 2017-01-11 00:34 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-24 23:47 - 2016-12-11 22:08 - 000000000 ____D C:\Users\Pflügl\AppData\LocalLow\Mozilla
2017-08-24 23:44 - 2017-01-11 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-24 23:43 - 2016-07-16 08:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-24 23:42 - 2014-02-03 12:26 - 000000000 ____D C:\Program Files (x86)\Advanced Disk Recovery
2017-08-24 23:41 - 2013-06-06 21:13 - 000000000 ____D C:\ProgramData\iolo
2017-08-24 23:39 - 2017-01-11 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-24 23:39 - 2013-07-15 18:29 - 000000000 ____D C:\Users\Pflügl\AppData\LocalLow\Delta
2017-08-24 23:11 - 2015-10-30 09:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-08-24 23:11 - 2013-06-06 21:13 - 000000000 ____D C:\Program Files (x86)\iolo
2017-08-24 23:05 - 2015-04-01 19:00 - 000000000 ____D C:\Users\Pflügl\Downloads\Firefox
2017-08-24 20:42 - 2017-01-11 00:40 - 000000000 ____D C:\Users\Pflügl
2017-08-24 20:34 - 2013-11-06 23:43 - 008118144 _____ (WiseCleaner.com ) C:\Users\Pflügl\Downloads\WiseCare365_2.86.exe
2017-08-24 20:31 - 2012-01-25 21:22 - 000000908 _____ C:\Users\Pflügl\Desktop\Downloads.lnk
2017-08-24 19:48 - 2017-01-11 00:38 - 002643162 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-24 19:48 - 2016-07-17 00:51 - 001091362 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-24 19:48 - 2016-07-17 00:51 - 000265778 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-24 19:45 - 2016-07-31 16:24 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-24 19:45 - 2016-07-29 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-24 16:46 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-24 16:40 - 2015-08-03 09:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-24 16:37 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-24 16:35 - 2017-01-11 00:29 - 000389616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-24 16:02 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-24 16:01 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-24 15:54 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-24 15:32 - 2013-08-14 21:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-24 15:24 - 2012-02-03 19:00 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-24 15:14 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-24 14:28 - 2012-08-07 07:55 - 000000000 ____D C:\Users\Pflügl\AppData\Local\CrashDumps
2017-08-24 13:52 - 2015-04-01 17:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-24 13:14 - 2011-08-11 13:30 - 000000000 ____D C:\Program Files (x86)\CyberLink
2017-08-24 13:14 - 2011-08-11 12:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-24 12:44 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-24 12:44 - 2013-12-26 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-11 19:03 - 2015-04-01 18:29 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-08-11 19:03 - 2015-04-01 18:29 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-08-03 08:52 - 2009-07-14 04:34 - 000000669 _____ C:\WINDOWS\win.ini
2017-07-31 17:14 - 2016-07-16 13:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:14 - 2016-07-16 13:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-17 22:42 - 2015-05-17 22:42 - 006420480 _____ () C:\Program Files (x86)\GUTA86F.tmp
2013-09-13 19:54 - 2013-09-13 19:54 - 000017740 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.dat
2013-09-13 19:54 - 2013-09-13 19:54 - 000013844 _____ () C:\Users\Pflügl\AppData\Roaming\unins000.msg
2014-02-03 12:09 - 2014-07-18 23:20 - 000000106 _____ () C:\Users\Pflügl\AppData\Roaming\WB.CFG
2016-07-15 14:04 - 2016-07-15 14:04 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-01-11 00:33 - 2017-01-11 00:33 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\AlexaNSISPlugin.6676.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-08-24 15:16

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 24.08.2017, 23:58   #11
Lol12
 
Quickshare von linkury - Standard

Quickshare von linkury



FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Pflügl (24-08-2017 23:54:25)
Gestartet von C:\Users\Pflügl\Desktop
Windows 10 Home Version 1607 (X64) (2017-01-11 11:18:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1664608947-3428569484-2814311379-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1664608947-3428569484-2814311379-503 - Limited - Disabled)
Gast (S-1-5-21-1664608947-3428569484-2814311379-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1664608947-3428569484-2814311379-1003 - Limited - Enabled)
nathalie (S-1-5-21-1664608947-3428569484-2814311379-1005 - Administrator - Enabled) => C:\Users\nathalie.Pflügl-PC
Pflügl (S-1-5-21-1664608947-3428569484-2814311379-1001 - Administrator - Enabled) => C:\Users\Pflügl

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.29.32 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{7990b9d3-2da3-4eef-bf20-73a05086fd12}) (Version: 1.2.92.32157 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{E972AE5C-71B3-4D35-8193-BC4CC2F1FA20}) (Version: 1.2.92.32157 - Avira Operations GmbH & Co. KG) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.6.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Collector's Edition 251 (HKLM-x32\...\Collector's Edition 251) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.3.5 - REINER SCT)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{25175695-4B20-4298-9F34-C2C57CD277B3}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{DF37555F-0259-43DA-B60C-47106FA14AA3}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.7.22.13 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
LUXOR 5th Passage (HKLM-x32\...\LUXOR 5th Passage) (Version: 1.1.0.0 - MumboJumbo)
LUXOR Amun Rising HD (HKLM-x32\...\LUXOR Amun Rising HD) (Version: 1.1.0.0 - MumboJumbo)
LUXOR HD (HKLM-x32\...\LUXOR HD) (Version: 1.1.0.0 - MumboJumbo)
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mysearchdial (HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\...\mysearchdial) (Version:  - Mysearchdial) <==== ACHTUNG
Mysearchdial (HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\...\mysearchdial) (Version:  - Mysearchdial) <==== ACHTUNG
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3503 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0811.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rommé 1 (HKLM-x32\...\Rommé 1) (Version:  - )
SaveSense (HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\...\SaveSense) (Version: 6.4.0.0 - SaveSense)
SaveSense (HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\...\SaveSense) (Version: 6.4.0.0 - SaveSense)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{C559DE9F-9451-49E5-9176-316E36192409}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
TuneUp Utilities Language Pack (de-DE) (HKLM-x32\...\{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}) (Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Video Web Camera (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3503 - Packard Bell)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinFunktion Mathematik plus 20 (HKLM-x32\...\{CDBA97DF-63B9-44E7-B900-92E8165260C0}) (Version: 1.00.0000 - bhv Publishing GmbH)
Woodcutter Simulator 2011 (HKLM-x32\...\Woodcutter Simulator 2011) (Version:  - )
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [01MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [02MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [03MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [04MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  -> Keine Datei
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-11] (Avira Operations GmbH & Co. KG)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01BB4D1B-818C-42A0-8B4B-F0BE210EEA30} - System32\Tasks\{03604C09-673A-46D7-91D0-CA6847E45206} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {020DD405-A394-493E-A0CB-B783EBD3F509} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {043089C6-8ECC-41BA-8C31-9D399E684526} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {04DDA79F-A03A-4D1D-92C9-818DDB94FB9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {06B82B36-C8DB-4E88-8657-3141B92BD458} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08482869-7638-449B-A5EA-666DC75E2230} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0B7079CF-6583-4042-A382-32A46A0A17F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BAF5FB1-CE07-4410-810F-D2A94D3999DC} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {0E4E0451-2A7E-4E1D-AB7D-C88EE1D220ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {102215A6-16FA-4986-8E15-553FDA45B53F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {10A5FE77-F8C1-47C8-BE1B-C5428967A6D8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {10ED276C-DD72-4CA8-BCF2-D376268DDEE7} - System32\Tasks\{033A4D70-36D7-46FA-9F7D-A9996B7334EF} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {115C02AF-C7DF-4330-A688-E92B8C8CC4C5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1927C3E0-3CC2-4151-8F7F-F8296774A57D} - System32\Tasks\hpUrlLauncher.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\utils\hpUrlLauncher.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {2802C96A-F077-4A17-8011-3294DAF7C369} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {29CDB149-4C4B-477B-9755-08A513679DEB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C9B83-785F-431C-85BF-97D2AA0F4D8C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3E1954-1BC7-40A1-8F0D-5AA94B0302B1} - System32\Tasks\{EB5F7CC8-1425-4DAB-BF0A-DB808FA16761} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {302E1C0A-0A15-44AD-BA44-1786E28CB20C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3151EB25-0E8A-4AE8-992F-BD36A730A79B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {3163DEF0-BC1D-47B8-9AF8-DBCF9E8556D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {35F823C9-B2FC-4792-B8D9-3464229D5382} - System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3B1331CB-2787-440D-B754-4090BED944E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3B14775C-29A3-477E-9E6C-E263967BD99C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3B31208C-629E-4B92-AA6A-7C9FC6883795} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {45D9E40C-1CC9-4A5B-ACA5-97ED713ACF04} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {499F3997-E54C-421E-B526-5F6648D49F51} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AA2C224-1479-45B5-8AE5-605F6BB9EED8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4ADD35B4-9050-421C-9098-0EEB76AC112D} - System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {4BBE6D73-6050-437A-80DE-B8233F98BEF5} - System32\Tasks\{1C26DB06-23AC-4B07-B041-48C78A9D1CBD} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {4C2AED65-E5A5-41F8-BCAD-92EF44FF8907} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Pflügl\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {4D3D5094-88FE-4CE0-A91C-2113C2000A42} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-24] (Adobe Systems Incorporated)
Task: {4E44E590-0AAA-4A64-A753-17B70F4280EF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} - System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {5814C7F6-0FFE-44A5-835F-803CF84A9A24} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A8A4A0D-86EE-43C6-8E78-1417869112A8} - System32\Tasks\{A7B29540-1879-4028-B3B8-C127971DA397} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {5F7202B8-6B43-46D4-B496-BD78C43A044A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {628EDDD5-1054-40F0-852F-29C1C5048AB7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {64FCA12B-117D-4AF7-A494-268A560BFF01} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EDF7077-E62B-4942-82AF-20B5A2C43BC4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {722FEC1C-89F5-444A-9226-EE14DBE764E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {75FE8499-D9D8-43D7-9340-6CCCD29A37DE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7755D443-2648-4B89-9EA8-EAF190163556} - System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => C:\Windows\system32\pcalua.exe -a C:\Users\Pflügl\AppData\Roaming\Allmyapps\Allmyapps.exe -c uninstall
Task: {778EF4BA-BFC7-480A-9270-1825B71C55A5} - System32\Tasks\{9DF84523-FD29-4C9E-82DD-775A63EB0FB1} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {800860D9-C124-49BC-93CC-1985C6E97327} - System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {818D08B0-AB79-40A5-9AF8-7C65320AE798} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {83CFBC6A-B820-4018-B988-7BBCBA3EF8DE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85639F17-6779-492C-90D3-2A04C81EAF20} - System32\Tasks\{25B82541-8571-45E6-83AB-4AF95DABF24A} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {8569E4D6-C467-4B53-9C7B-6D6D3A207AEC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AD0768E-4A9E-494C-951A-8D6B0158C676} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8E3C62E9-BB57-4328-BD78-3F42CAE4DE4A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {8EE3DC86-4A70-4349-9AA9-F0203D291B72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {90D8AB43-209E-4370-BAD1-D5259AB7396C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {9D8EF176-E6FB-4931-8DB6-99D24652A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A2F0F64E-16E2-4DE3-BD2C-5E63E84C7090} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A421C8AC-59B4-4306-A012-784EB2DEA81A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A6716755-233F-4A56-A111-02A2D4DD0A9B} - System32\Tasks\{0E5B43A1-4CBC-49B7-B663-FC61E5FBB58F} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {A72A0967-0AB3-4972-A197-0DCFCC791D8F} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-Pflügl => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {ABF8455B-5FDC-4FBF-A21F-B8E4F38DE2E2} - System32\Tasks\AdobeAAMUpdater-1.0-Pflügl-PC-nathalie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {B18AA8C6-1B5E-4934-8263-757AA676496E} - System32\Tasks\{F9402AE5-ACC8-4BA8-9E7E-0375A8F72E09} => C:\Windows\system32\pcalua.exe -a F:\install_flash_player_active_x.exe -d F:\
Task: {B278D98E-6409-45E9-8A49-416935FC9A9B} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {B6F48632-6D52-4C8A-AFF3-9899AB8B5AE7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B85D8103-15F1-4054-9C89-21D9B559D123} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {BFB32430-75BB-4606-BD31-CE87342D524F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {C7A4899A-F1FE-4A82-808D-6CFAE45C319E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFB1136A-F1BC-4634-9CBF-A999C7B3A3C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {D627BDDD-E3F7-4578-9963-518C3686B0C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {D718E290-E157-4664-A9F3-8B04A0A02DC8} - System32\Tasks\{9711830A-13DD-481F-A336-AA3C7885661B} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D71B6264-3754-414A-BF96-9E2E2E614FF8} - System32\Tasks\{B0CE2170-76B6-4422-A267-413ED3F67B11} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {D84A16D9-413C-46C6-9768-09EF6339DF29} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {DCAF2E5C-9386-4622-BD13-B534BB0F78A3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {DD91A8EB-DA59-473D-969E-320501B67A7F} - System32\Tasks\{D81F541F-3DE9-4EC6-9DAE-1BF798040AC6} => C:\Windows\system32\pcalua.exe -a "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)\NeoGamma Installer by Wii-Homebrew.exe" -d "C:\Users\nathalie.Pflügl-PC\Desktop\Neuer Ordner (3)"
Task: {E8CFFA40-C104-4B30-BD9D-1B3420B5D4C4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB64C26B-0806-4248-8678-D6FE1375A527} - System32\Tasks\{463E93F0-2199-42B9-8D18-DBD746D676A9} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {EC056EB6-2863-4CE6-94AB-5748B2D8EDCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ACHTUNG
Task: {EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F1C99E32-F492-4038-BD10-731DA69C2968} - System32\Tasks\{1A9F0B80-4630-434D-A4D3-C672A48987F2} => C:\Program Files (x86)\Philips\GoGear SA4MIN Device Manager\main.exe
Task: {F44EBEAB-A6B2-4B21-96BA-E4465EF19E75} - System32\Tasks\{966A14DB-D34B-4A06-BC26-743C4C42F131} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {F518F3A1-B8F3-401C-A21C-3FA1BCF4A3A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F70666D8-716B-49F8-B3AD-5CC32FAEE9E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {FB3379A3-B190-40F2-A65D-03A35D445AD9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-13 22:48 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-11 18:04 - 2016-12-29 15:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-08-24 23:05 - 2017-08-21 07:20 - 002264520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-01-11 00:07 - 2017-01-11 00:07 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 12:02 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 12:03 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 12:03 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-24 14:56 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-24 14:56 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-24 14:56 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-08-24 15:10 - 2017-08-24 15:12 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 15:10 - 2017-08-24 15:12 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 15:10 - 2017-08-24 15:12 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 15:10 - 2017-08-24 15:12 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 003774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 17:24 - 2017-02-23 20:35 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-11 17:24 - 2017-02-23 16:30 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-01-11 17:24 - 2017-02-23 16:30 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-01-11 17:24 - 2017-02-23 16:30 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile:  <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile:  <==== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234518383\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234818646\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519243\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234818943\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Control Panel\Desktop\\Wallpaper -> c:\users\pflügl\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{ceedc30e-03f3-4223-aeb0-1bb4c000d5a6}.jpg
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\Control Panel\Desktop\\Wallpaper -> c:\users\pflügl\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{ceedc30e-03f3-4223-aeb0-1bb4c000d5a6}.jpg
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\Control Panel\Desktop\\Wallpaper -> c:\users\pflügl\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{ceedc30e-03f3-4223-aeb0-1bb4c000d5a6}.jpg
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234525649\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234821568\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

03-08-2017 08:48:12 Windows Update
24-08-2017 15:19:23 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/24/2017 11:47:13 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.

Error: (08/24/2017 11:47:04 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{95CABCC9-BC57-4C12-B8DF-BA193232AA01}" wurde abgelehnt.

Error: (08/24/2017 08:30:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Pflügl-PC)
Description: Das Paket „Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (08/24/2017 04:52:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pflügl-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/24/2017 04:52:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Pflügl-PC)
Description: Das Paket „Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (08/24/2017 03:24:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Pflügl-PC)
Description: Das Paket „Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (08/24/2017 03:21:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/24/2017 02:27:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: {E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe, Version: 3.1.0.15, Zeitstempel: 0x58f5cf94
Name des fehlerhaften Moduls: {E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe, Version: 3.1.0.15, Zeitstempel: 0x58f5cf94
Ausnahmecode: 0x40000015
Fehleroffset: 0x0014376c
ID des fehlerhaften Prozesses: 0x1f58
Startzeit der fehlerhaften Anwendung: 0x01d31cd4509c1b30
Pfad der fehlerhaften Anwendung: C:\Users\PFLGL~1\AppData\Local\Temp\{3F148F86-334A-484B-8CFE-C9212706ABA4}\{E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe
Pfad des fehlerhaften Moduls: C:\Users\PFLGL~1\AppData\Local\Temp\{3F148F86-334A-484B-8CFE-C9212706ABA4}\{E1DD8E6D-4F4C-458E-A489-120D693A8403}.exe
Berichtskennung: 587d6b27-b42b-4b44-852b-83217d664be8
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/24/2017 01:11:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (08/24/2017 01:09:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (08/24/2017 11:46:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_41694" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (08/24/2017 11:45:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetMsmqActivator" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/24/2017 11:45:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetMsmqActivator erreicht.

Error: (08/24/2017 11:45:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetPipeActivator" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/24/2017 11:45:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.

Error: (08/24/2017 11:45:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira.ServiceHost erreicht.

Error: (08/24/2017 11:45:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/24/2017 11:45:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/24/2017 11:44:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (08/24/2017 11:43:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMService erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 1796.33 MB
Summe virtueller Speicher: 7915.86 MB
Verfügbarer virtueller Speicher: 5605.79 MB

==================== Laufwerke ================================

Drive c: (Packard Bell) (Fixed) (Total:678.54 GB) (Free:596.99 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 8397C1BA)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=678.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
--- --- ---

Alt 25.08.2017, 12:06   #12
M-K-D-B
/// TB-Ausbilder
 
Quickshare von linkury - Standard

Quickshare von linkury



Servus,





Schritt 1
  • Kopiere den Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    CloseProcesses:
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
    SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
    Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
    Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
    Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
    Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei
    Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
    Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei
    Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
    Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} -  Keine Datei
    Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} -  Keine Datei
    FF user.js: detected! => C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js [2013-11-17]
    FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nca6gzm3.default -> Sweetpacks Search
    FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => nicht gefunden
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-02] <==== ACHTUNG
    CHR NewTab: Default ->  Active:"chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html"
    CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
    CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
    CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
    CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx <nicht gefunden>
    C:\Windows\SysWOW64\mjcm
    C:\Users\Public\AlexaNSISPlugin.6676.dll
    Task: {08482869-7638-449B-A5EA-666DC75E2230} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
    Task: {2802C96A-F077-4A17-8011-3294DAF7C369} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
    Task: {3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
    Task: {3B1331CB-2787-440D-B754-4090BED944E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
    Task: {3B14775C-29A3-477E-9E6C-E263967BD99C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
    Task: {35F823C9-B2FC-4792-B8D9-3464229D5382} - System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
    Task: {4ADD35B4-9050-421C-9098-0EEB76AC112D} - System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
    Task: {50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} - System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
    Task: {5F7202B8-6B43-46D4-B496-BD78C43A044A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
    Task: {722FEC1C-89F5-444A-9226-EE14DBE764E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
    Task: {74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
    Task: {7755D443-2648-4B89-9EA8-EAF190163556} - System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => C:\Windows\system32\pcalua.exe -a C:\Users\Pflügl\AppData\Roaming\Allmyapps\Allmyapps.exe -c uninstall
    Task: {800860D9-C124-49BC-93CC-1985C6E97327} - System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
    Task: {8AD0768E-4A9E-494C-951A-8D6B0158C676} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
    Task: {D84A16D9-413C-46C6-9768-09EF6339DF29} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
    Task: {DCAF2E5C-9386-4622-BD13-B534BB0F78A3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
    Task: {EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile:  <==== ACHTUNG
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile:  <==== ACHTUNG
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps"
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps Update"
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps"
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps Update"
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps"
    HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps Update"
    CMD: dir "%ProgramFiles%"
    CMD: dir "%ProgramFiles(x86)%"
    CMD: dir "%ProgramData%"
    CMD: dir "%Appdata%"
    CMD: dir "%LocalAppdata%"
    CMD: dir "%CommonProgramFiles(x86)%"
    CMD: dir "%CommonProgramW6432%"
    CMD: dir "%UserProfile%"
    CMD: dir "C:\"
    ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
    RemoveProxy:
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.






Schritt 2
Bitte setze deine Brower wie folgt zurück:

IE :::
Setze folgendermassen den Internet Explorer zurück:
  • Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
  • Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
  • Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.
(Hier findest du die bebilderte Anleitung.)

EDGE :::
Edge zurücksetzen

FF :::
Firefox zurücksetzen

CHR:::
Chrome zurücksetzen

OPR::
Opera zurücksetzen






Schritt 3
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :regfind
    iLivid
    jmdp
    ljkb
    Search Results
    SimplyTech
    Windows Net Data
    Toolbar4
    WNLT
    tprb
    Allin1Convert
    SaveSense
    Iminent
    Tarma Installer
    Inbox Toolbar
    SpecialSavings
    DriverTurbo
    OpenCandy
    Softonic
    DNSErrorHelper
    Systweak
    Allmyapps
    Smartbar
    Mysearchdial
    FoxTab
    Browser Updater
    MyStart Search
    ask-search
    bprotector
    MySearchDial
    BrowserDefendert
    DealPly
    omiga-plus
    distromatic
    SweetIM
    ProtectedSearch
    incredibar
    Babylon
    AskPartnerNetwork
    InstallCore
    Advanced Disk Recovery
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 25.08.2017, 12:11   #13
Lol12
 
Quickshare von linkury - Standard

Quickshare von linkury



Hallo Matthias
Ich fahre heute in den Urlaub und komme am 5. September wieder
Ich werde mich also erst dann wieder melden.:-)

Danke für die Hilfe und bis dann:-)

Alt 25.08.2017, 13:36   #14
M-K-D-B
/// TB-Ausbilder
 
Quickshare von linkury - Standard

Quickshare von linkury



Zitat:
Zitat von Lol12 Beitrag anzeigen
Hallo Matthias
Ich fahre heute in den Urlaub und komme am 5. September wieder
Ich werde mich also erst dann wieder melden.:-)

Danke für die Hilfe und bis dann:-)
Ok, das trifft sich gut. Ich komme nämlich auch erst am 5. September vom Urlaub zurück.

Bis 8. September lasse ich das Thema offen. Wenn du bis dahin nicht angwortest, lösche ich es aus meinen Abos.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Geändert von M-K-D-B (26.08.2017 um 10:39 Uhr)

Alt 06.09.2017, 18:29   #15
Lol12
 
Quickshare von linkury - Standard

Quickshare von linkury



Hallo Matthias ich hoffe du konntest deinen Urlaub genießen :-)

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Pflügl (06-09-2017 14:53:48) Run:1
Gestartet von C:\Users\Pflügl\Desktop
Geladene Profile: Pflügl (Verfügbare Profile: Pflügl & nathalie & Gast & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
SearchScopes: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} -  Keine Datei
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} -  Keine Datei
FF user.js: detected! => C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js [2013-11-17]
FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nca6gzm3.default -> Sweetpacks Search
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-02] <==== ACHTUNG
CHR NewTab: Default ->  Active:"chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92826532311964385
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx <nicht gefunden>
C:\Windows\SysWOW64\mjcm
C:\Users\Public\AlexaNSISPlugin.6676.dll
Task: {08482869-7638-449B-A5EA-666DC75E2230} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2802C96A-F077-4A17-8011-3294DAF7C369} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3B1331CB-2787-440D-B754-4090BED944E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3B14775C-29A3-477E-9E6C-E263967BD99C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {35F823C9-B2FC-4792-B8D9-3464229D5382} - System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {4ADD35B4-9050-421C-9098-0EEB76AC112D} - System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} - System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {5F7202B8-6B43-46D4-B496-BD78C43A044A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {722FEC1C-89F5-444A-9226-EE14DBE764E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7755D443-2648-4B89-9EA8-EAF190163556} - System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => C:\Windows\system32\pcalua.exe -a C:\Users\Pflügl\AppData\Roaming\Allmyapps\Allmyapps.exe -c uninstall
Task: {800860D9-C124-49BC-93CC-1985C6E97327} - System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {8AD0768E-4A9E-494C-951A-8D6B0158C676} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {D84A16D9-413C-46C6-9768-09EF6339DF29} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {DCAF2E5C-9386-4622-BD13-B534BB0F78A3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile:  <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile:  <==== ACHTUNG
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps Update"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps"
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps Update"
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Schlüssel erfolgreich entfernt
HKLM\Software\Classes\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Wert erfolgreich entfernt
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Schlüssel nicht gefunden. 
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234522227 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820271 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234523634 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} -  Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
Toolbar: HKU\S-1-5-21-1664608947-3428569484-2814311379-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234820896 -> Kein Name - {41564952-412D-5637-4300-7A786E7484D7} -  Keine Datei => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
C:\Users\Pflügl\AppData\Roaming\Mozilla\Firefox\Profiles\nca6gzm3.default\user.js => erfolgreich verschoben
FF NewTab: Mozilla\Firefox\Profiles\nca6gzm3.default -> hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92826532311964385 => nicht gefunden
Firefox SelectedSearchEngine erfolgreich entfernt
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ocr@babylon.com => Wert erfolgreich entfernt
C:\Program Files (x86)\mozilla firefox\firefox.cfg => erfolgreich verschoben
Chrome NewTab => erfolgreich entfernt
Chrome DefaultSearchURL => erfolgreich entfernt
Chrome DefaultSearchKeyword => erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj => Schlüssel erfolgreich entfernt
"C:\Windows\SysWOW64\mjcm" => nicht gefunden.
C:\Users\Public\AlexaNSISPlugin.6676.dll => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08482869-7638-449B-A5EA-666DC75E2230} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08482869-7638-449B-A5EA-666DC75E2230} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2802C96A-F077-4A17-8011-3294DAF7C369} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2802C96A-F077-4A17-8011-3294DAF7C369} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AC2660B-54A9-4FE2-BEA4-ABA541B0F077} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B1331CB-2787-440D-B754-4090BED944E1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B1331CB-2787-440D-B754-4090BED944E1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B14775C-29A3-477E-9E6C-E263967BD99C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B14775C-29A3-477E-9E6C-E263967BD99C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35F823C9-B2FC-4792-B8D9-3464229D5382} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35F823C9-B2FC-4792-B8D9-3464229D5382} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1587E3C-7BB7-44C8-9A91-AD34009E8522} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4ADD35B4-9050-421C-9098-0EEB76AC112D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ADD35B4-9050-421C-9098-0EEB76AC112D} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{178387A7-AFF9-488C-B358-FF663010DCB9} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{178387A7-AFF9-488C-B358-FF663010DCB9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50BB70D6-2E88-4D14-B5C3-4A47DAC491EE} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E84B91E8-33F3-49E1-AFCB-F597D8B57F9D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F7202B8-6B43-46D4-B496-BD78C43A044A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F7202B8-6B43-46D4-B496-BD78C43A044A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{722FEC1C-89F5-444A-9226-EE14DBE764E4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{722FEC1C-89F5-444A-9226-EE14DBE764E4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74077C09-2BBC-4BA4-99AC-8A4C7EB3F6C7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7755D443-2648-4B89-9EA8-EAF190163556} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7755D443-2648-4B89-9EA8-EAF190163556} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{E5B827C0-690F-459F-9390-EDD753E6FB01} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5B827C0-690F-459F-9390-EDD753E6FB01} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{800860D9-C124-49BC-93CC-1985C6E97327} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{800860D9-C124-49BC-93CC-1985C6E97327} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32AE58AB-121B-4CD1-87E0-41F9A93F18AD} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AD0768E-4A9E-494C-951A-8D6B0158C676} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AD0768E-4A9E-494C-951A-8D6B0158C676} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D84A16D9-413C-46C6-9768-09EF6339DF29} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D84A16D9-413C-46C6-9768-09EF6339DF29} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCAF2E5C-9386-4622-BD13-B534BB0F78A3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCAF2E5C-9386-4622-BD13-B534BB0F78A3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEEDF309-D0F3-4BF3-9ECB-2B70DF3E6274} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\batfile => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\Classes\cmdfile => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Allmyapps => Wert erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Allmyapps => Wert nicht gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Allmyapps Update => Wert erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Allmyapps Update => Wert nicht gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps" => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234519883\...\StartupApproved\Run: => "Allmyapps Update" => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps" => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242017234819443\...\StartupApproved\Run: => "Allmyapps Update" => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.

========= dir "%ProgramFiles%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: A4AE-2DE5

 Verzeichnis von C:\Program Files

24.08.2017  23:05    <DIR>          .
24.08.2017  23:05    <DIR>          ..
25.01.2012  21:21    <DIR>          Accessory Store
11.01.2017  16:56    <DIR>          Babylon
26.12.2013  21:13    <DIR>          Broadcom
11.01.2017  00:45    <DIR>          Common Files
03.08.2015  07:58    <DIR>          DVD Maker
11.01.2017  22:17    <DIR>          Elantech
06.11.2013  23:54    <DIR>          Google
15.07.2016  14:04    <DIR>          HP
27.01.2016  12:48    <DIR>          Intel
20.03.2017  15:31    <DIR>          Internet Explorer
26.12.2013  21:07    <DIR>          Logitech
24.08.2017  23:05    <DIR>          Malwarebytes
11.01.2017  00:45    <DIR>          Microsoft Games
04.12.2013  18:05    <DIR>          Microsoft Office
02.07.2017  22:24    <DIR>          Microsoft Silverlight
10.01.2017  23:46    <DIR>          MSBuild
07.04.2017  16:49    <DIR>          NVIDIA Corporation
11.10.2011  19:02    <DIR>          Packard Bell
11.01.2017  00:33    <DIR>          Realtek
10.01.2017  23:46    <DIR>          Reference Assemblies
09.07.2017  11:37    <DIR>          UNP
24.08.2017  16:01    <DIR>          Windows Defender
11.08.2011  13:13    <DIR>          Windows Live
24.08.2017  16:01    <DIR>          Windows Mail
11.01.2017  00:11    <DIR>          Windows Media Player
16.07.2016  13:47    <DIR>          Windows Multimedia Platform
11.01.2017  13:04    <DIR>          Windows NT
24.08.2017  16:01    <DIR>          Windows Photo Viewer
16.07.2016  13:47    <DIR>          Windows Portable Devices
16.07.2016  13:47    <DIR>          WindowsPowerShell
               0 Datei(en),              0 Bytes
              32 Verzeichnis(se), 639.807.406.080 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: A4AE-2DE5

 Verzeichnis von C:\Program Files (x86)

24.08.2017  23:42    <DIR>          .
24.08.2017  23:42    <DIR>          ..
16.02.2014  22:33    <DIR>          Adobe
24.08.2017  23:42    <DIR>          Advanced Disk Recovery
09.12.2013  00:35    <DIR>          Amazon
26.12.2013  21:14    <DIR>          Atheros
31.07.2016  16:25    <DIR>          Avira
20.08.2013  21:42    <DIR>          bhv
07.10.2014  21:26    <DIR>          City Interactive
11.01.2017  00:45    <DIR>          Common Files
13.09.2013  19:54    <DIR>          concept design
24.08.2017  13:14    <DIR>          CyberLink
11.01.2015  22:18    <DIR>          DeutschlandsKartenspiele
31.03.2017  16:13    <DIR>          eGames
13.09.2013  19:54    <DIR>          FRANZIS
11.01.2017  16:59    <DIR>          Google
29.08.2015  19:54    <DIR>          GUM8F34.tmp
02.02.2016  21:11    <DIR>          GUM9C80.tmp
17.05.2015  22:42    <DIR>          GUMA86E.tmp
17.05.2015  22:42         6.420.480 GUTA86F.tmp
15.07.2016  13:58    <DIR>          Hewlett-Packard
15.07.2016  14:05    <DIR>          HP
15.07.2016  14:05    <DIR>          HP Photo Creations
20.02.2015  21:11    <DIR>          HPH-Software
27.01.2016  12:48    <DIR>          Intel
20.03.2017  15:31    <DIR>          Internet Explorer
24.08.2017  23:11    <DIR>          iolo
04.11.2014  20:58    <DIR>          Java
14.04.2015  16:25    <DIR>          Jewel Legends - Magical Kingdom
22.11.2013  21:40    <DIR>          LAN Speed Test
11.10.2011  18:39    <DIR>          Launch Manager
06.08.2012  08:18    <DIR>          LibreOffice 3
07.10.2012  19:46    <DIR>          LibreOffice 3.5
06.11.2013  23:21    <DIR>          Microsoft
04.12.2013  18:04    <DIR>          Microsoft Analysis Services
12.11.2014  22:23    <DIR>          Microsoft ASP.NET
04.12.2013  18:07    <DIR>          Microsoft Office
26.09.2013  08:35    <DIR>          Microsoft Research
02.07.2017  22:24    <DIR>          Microsoft Silverlight
04.12.2013  18:07    <DIR>          Microsoft SQL Server Compact Edition
04.12.2013  18:07    <DIR>          Microsoft Sync Framework
04.12.2013  18:07    <DIR>          Microsoft Synchronization Services
04.12.2013  18:05    <DIR>          Microsoft Visual Studio 8
11.01.2017  00:45    <DIR>          Microsoft.NET
06.09.2017  14:54    <DIR>          Mozilla Firefox
24.08.2017  13:52    <DIR>          Mozilla Maintenance Service
11.01.2017  00:56    <DIR>          MSBuild
15.11.2012  19:56    <DIR>          MSECache
28.01.2012  01:07    <DIR>          MSXML 4.0
20.08.2013  22:08    <DIR>          MumboJumbo
24.06.2013  21:30    <DIR>          MyHeritage
03.07.2014  17:36    <DIR>          MyMenu
11.08.2011  13:24    <DIR>          Nero
07.04.2017  16:49    <DIR>          NVIDIA Corporation
20.08.2012  00:44    <DIR>          OLYMPUS
06.11.2013  23:34    <DIR>          OpenOffice.org 3
11.08.2011  13:33    <DIR>          Packard Bell
07.05.2013  20:44    <DIR>          Philips
11.10.2011  18:45    <DIR>          Realtek
10.01.2017  23:46    <DIR>          Reference Assemblies
31.03.2017  14:05    <DIR>          REINER SCT
08.11.2014  22:54    <DIR>          Romm‚ 1
26.12.2013  21:37    <DIR>          S.A.D
07.11.2012  21:02    <DIR>          Samsung
06.08.2012  08:01    <DIR>          Secunia
11.10.2011  18:53    <DIR>          Social Networks
31.03.2015  23:57    <DIR>          Spiele fuer Win8
11.08.2011  13:28    <DIR>          SymSilent
30.09.2012  07:04    <DIR>          TraXEx
11.10.2011  19:02    <DIR>          Video Web Camera
15.11.2012  21:12    <DIR>          VideoLAN
17.02.2017  21:56    <DIR>          VulkanRT
24.08.2017  16:01    <DIR>          Windows Defender
11.08.2011  13:19    <DIR>          Windows Live
20.03.2017  15:31    <DIR>          Windows Mail
11.01.2017  00:11    <DIR>          Windows Media Player
16.07.2016  13:47    <DIR>          Windows Multimedia Platform
16.07.2016  13:47    <DIR>          Windows NT
24.08.2017  16:01    <DIR>          Windows Photo Viewer
16.07.2016  13:47    <DIR>          Windows Portable Devices
16.07.2016  13:47    <DIR>          WindowsPowerShell
23.03.2016  21:59    <DIR>          Woodcutter Simulator 2011
07.01.2016  19:08    <DIR>          XMedia Recode
               1 Datei(en),      6.420.480 Bytes
              82 Verzeichnis(se), 639.807.344.640 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: A4AE-2DE5

 Verzeichnis von C:\ProgramData

27.04.2014  20:49    <DIR>          Adobe
15.07.2016  14:04                57 Ament.ini
13.03.2016  22:15    <DIR>          Apple
14.08.2012  07:20    <DIR>          Apple Computer
31.07.2016  16:25    <DIR>          Avira
11.08.2011  13:11    <DIR>          CLSK
16.07.2016  13:47    <DIR>          Comms
16.08.2012  08:41    <DIR>          COMPUTERBILD-Abzockschutz Premium
26.01.2012  00:20    <DIR>          CyberLink
06.06.2013  21:09    <DIR>          DesktopIcons
08.07.2014  17:47    <DIR>          DriverGenius
07.07.2012  12:29    <DIR>          FloodLightGames
31.07.2016  16:39    <DIR>          Hewlett-Packard
06.12.2012  14:08    <DIR>          HP
15.07.2016  14:05    <DIR>          HP Photo Creations
20.02.2015  21:11    <DIR>          HPH-Software
03.11.2013  23:06    <DIR>          install_clap
11.10.2011  18:33    <DIR>          Intel
24.08.2017  23:41    <DIR>          iolo
26.12.2013  21:09    <DIR>          Logishrd
26.12.2013  21:09    <DIR>          Logitech
24.08.2017  23:05    <DIR>          Malwarebytes
26.01.2012  22:29    <DIR>          McAfee
03.08.2017  08:53    <DIR>          Microsoft Help
11.01.2017  16:36    <DIR>          Microsoft OneDrive
06.08.2012  10:02    <DIR>          Mozilla
16.10.2013  18:25    <DIR>          MumboJumbo
11.08.2011  13:24    <DIR>          Nero
04.08.2012  12:14    <DIR>          Norton
11.08.2011  13:28    <DIR>          NortonInstaller
06.09.2017  14:54    <DIR>          NVIDIA
07.04.2017  16:51    <DIR>          NVIDIA Corporation
25.01.2012  21:22    <DIR>          oem
04.11.2014  20:58    <DIR>          Oracle
06.10.2014  18:38    <DIR>          Origin
24.08.2017  19:45    <DIR>          Package Cache
11.08.2011  13:12    <DIR>          Packard Bell
26.12.2013  20:14    <DIR>          Qualcomm Atheros
11.01.2017  00:56    <DIR>          regid.1986-12.com.adobe
11.01.2017  00:53    <DIR>          regid.1991-06.com.microsoft
31.03.2017  14:05    <DIR>          REINER SCT
07.11.2012  21:01    <DIR>          Samsung
24.12.2014  19:08    <DIR>          Skype
16.07.2016  13:47    <DIR>          SoftwareDistribution
03.02.2012  21:57    <DIR>          Sun
13.06.2012  17:13    <DIR>          Temp
11.01.2017  16:55    <DIR>          TuneUp Software
11.01.2017  13:40    <DIR>          USOPrivate
11.01.2017  13:40    <DIR>          USOShared
14.02.2012  00:21    <DIR>          VirtualizedApplications
15.07.2016  14:05    <DIR>          Visan
11.07.2012  16:33    <DIR>          Wild Tangent
23.01.2014  23:34    <DIR>          WildTangent
               1 Datei(en),             57 Bytes
              52 Verzeichnis(se), 639.807.209.472 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: A4AE-2DE5

 Verzeichnis von C:\Users\Pflgl\AppData\Roaming

24.08.2017  23:11    <DIR>          .
24.08.2017  23:11    <DIR>          ..
29.09.2012  10:56    <DIR>          Abelssoft
07.11.2013  00:37    <DIR>          Absolute Romm‚
24.11.2015  10:28    <DIR>          Adobe
16.08.2012  04:29    <DIR>          Apple Computer
08.04.2015  17:50    <DIR>          Avira
04.02.2014  18:25    <DIR>          Birdie Shoot 2
04.09.2013  04:27    <DIR>          chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
13.09.2013  19:56    <DIR>          concept design
26.01.2012  00:20    <DIR>          CyberLink
04.02.2014  19:53    <DIR>          Dr. Brain Nonogram
04.02.2014  18:00    <DIR>          Dr. Tool Logiktrainer
15.11.2012  21:14    <DIR>          dvdcss
21.05.2014  01:24    <DIR>          DVDVideoSoft
13.09.2013  19:56    <DIR>          Franzis
02.07.2017  23:02    <DIR>          Hewlett-Packard
14.12.2016  12:49    <DIR>          HpUpdate
25.01.2012  21:22    <DIR>          Identities
07.05.2013  20:43    <DIR>          InstallShield
26.12.2013  20:13    <DIR>          Intel Corporation
26.12.2013  21:09    <DIR>          Leadertech
04.08.2012  10:25    <DIR>          LibreOffice
26.12.2013  21:07    <DIR>          Logishrd
26.12.2013  21:09    <DIR>          Logitech
11.10.2011  18:58    <DIR>          Macromedia
28.03.2013  10:12    <DIR>          Maxthon3
21.11.2010  09:16    <DIR>          Media Center Programs
15.10.2013  19:55    <DIR>          Media Player Classic
14.04.2015  16:25    <DIR>          Mind Elevator Games
26.01.2012  22:13    <DIR>          Mozilla
28.08.2013  20:51    <DIR>          MumboJumbo
26.08.2015  22:10    <DIR>          Nero
13.02.2012  17:07    <DIR>          OpenOffice.org
25.09.2013  17:05    <DIR>          Opera
11.01.2017  16:54    <DIR>          PhotoScape
20.07.2013  22:45    <DIR>          SAD-Office-Vorlagen
20.07.2013  22:42    <DIR>          SAD-Shared
30.08.2016  22:40    <DIR>          Skype
22.02.2012  18:37    <DIR>          SNS
02.09.2013  10:04    <DIR>          SoftGrid Client
27.05.2014  21:21    <DIR>          The Legend Of Egypt
22.11.2013  21:40    <DIR>          Totusoft
13.02.2012  17:19    <DIR>          TP
21.07.2013  18:59    <DIR>          TuneUp Software
13.09.2013  19:54            17.740 unins000.dat
13.09.2013  19:54            13.844 unins000.msg
17.12.2016  22:23    <DIR>          vlc
18.07.2014  23:20               106 WB.CFG
09.03.2013  14:57    <DIR>          WebCompiler2
23.01.2014  23:34    <DIR>          WildTangent
17.09.2012  09:30    <DIR>          Windows Live Writer
27.09.2012  03:53    <DIR>          WinRAR
07.01.2016  19:27    <DIR>          XMedia Recode
               3 Datei(en),         31.690 Bytes
              51 Verzeichnis(se), 639.807.152.128 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: A4AE-2DE5

 Verzeichnis von C:\Users\Pflgl\AppData\Local

24.08.2017  23:11    <DIR>          .
24.08.2017  23:11    <DIR>          ..
29.09.2012  10:56    <DIR>          Abelssoft
27.01.2016  21:25    <DIR>          ActiveSync
03.05.2017  20:25    <DIR>          Adobe
16.02.2014  22:34    <DIR>          Adobe_Systems_Incorporate
23.03.2013  22:25    <DIR>          Amazon
14.08.2012  07:19    <DIR>          Apple
14.08.2012  07:21    <DIR>          Apple Computer
15.08.2012  19:30    <DIR>          Apps
14.09.2013  21:51    <DIR>          avgchrome
11.01.2017  17:25    <DIR>          CEF
11.01.2017  17:25    <DIR>          Chromium
05.08.2015  22:28    <DIR>          Comms
24.08.2017  14:28    <DIR>          CrashDumps
03.02.2014  12:27    <DIR>          CrashRpt
01.05.2014  15:59    <DIR>          Cyberlink
07.05.2017  23:54    <DIR>          Diagnostics
14.10.2013  17:59    <DIR>          Downloaded Installations
31.08.2016  18:45    <DIR>          ElevatedDiagnostics
30.12.2014  18:36           126.832 GDIPFONTCACHEV1.DAT
01.04.2015  17:47    <DIR>          Google
06.06.2015  00:02    <DIR>          GWX
15.07.2016  14:00    <DIR>          Hewlett-Packard
06.12.2012  13:32    <DIR>          HP
06.08.2012  08:53    <DIR>          Macromedia
11.01.2017  22:04    <DIR>          Microsoft
09.06.2012  01:33    <DIR>          Microsoft Help
20.04.2016  12:06    <DIR>          MicrosoftEdge
26.09.2013  08:39    <DIR>          Microsoft_Research
27.10.2013  09:41    <DIR>          Mozilla
20.08.2013  22:09    <DIR>          MumboJumbo
06.12.2012  17:46    <DIR>          Nero_AG
03.08.2015  10:39    <DIR>          NetworkTiles
11.01.2017  17:31    <DIR>          NVIDIA
12.01.2017  19:55    <DIR>          NVIDIA Corporation
20.07.2012  23:00    <DIR>          OLYMPUS
11.05.2017  19:32    <DIR>          Packages
21.06.2013  18:28    <DIR>          Programs
03.08.2015  10:19    <DIR>          Publishers
06.08.2012  08:01    <DIR>          Secunia PSI
13.02.2012  17:19    <DIR>          SoftGrid Client
23.04.2015  22:53    <DIR>          SWDS
06.09.2017  14:54    <DIR>          Temp
03.02.2014  22:34    <DIR>          TempDIR
03.08.2015  10:18    <DIR>          TileDataLayer
09.07.2017  11:45    <DIR>          UNP
22.09.2013  18:20    <DIR>          VirtualStore
06.10.2014  00:04    <DIR>          Windows Live
06.04.2013  16:46    <DIR>          Windows Live Writer
02.02.2012  02:04    <DIR>          {01628B2C-FB9A-467D-8466-047FB7A66D07}
09.09.2016  11:52    <DIR>          {0A7781E6-9833-459D-B77F-F0B73D3F0ACA}
20.07.2012  23:10    <DIR>          {0AAD0657-44A6-40EA-A26F-520F44A69132}
02.03.2013  20:21    <DIR>          {0F0F3318-BE9E-41B5-94D3-CD2C6415FA3B}
16.09.2012  09:17    <DIR>          {1347F0F8-23A3-4D1C-84DC-6AE2D882C1B9}
05.09.2012  05:32    <DIR>          {1431BE7B-A40C-476C-A7A0-CA9F78D619AC}
20.07.2012  21:55    <DIR>          {1ACF9E8C-63F5-43E4-8505-F3DAA33C2114}
08.02.2016  21:16    <DIR>          {26FC1506-1ACE-4F98-9C2F-CC1B3878E8F2}
03.04.2016  11:26    <DIR>          {2A19937B-1979-4DDA-A384-432286E8439E}
01.06.2016  11:16    <DIR>          {2B98E61D-6780-441A-A2F0-36A3CE939500}
29.01.2013  22:25    <DIR>          {2EA348EB-15D3-43B4-93F2-E036FF7E7483}
11.09.2016  12:17    <DIR>          {2F9F1539-5723-4F8A-9407-E07D66B09281}
16.01.2013  22:21    <DIR>          {329D67ED-A66F-4E5E-A6A9-44B42C31958D}
28.12.2014  18:59    <DIR>          {33025E21-82AD-4D75-A277-DFD5FDCA4607}
17.09.2012  09:30    <DIR>          {3441B3C1-B57D-4C41-A58C-B7F28962E120}
04.02.2012  18:56    <DIR>          {38C56E93-4932-49BB-A46A-D8422157D130}
05.08.2015  23:02    <DIR>          {39923D35-538C-4E18-8E8A-635BD147CE89}
22.07.2012  00:49    <DIR>          {3AE150ED-F499-494B-B607-73C3A964E02B}
31.08.2012  17:58    <DIR>          {3D747B48-D9C9-4C15-B5A6-AF8DDD274ECB}
21.07.2012  00:42    <DIR>          {3DE01258-3A3D-4A5C-9390-00AEE985689D}
01.07.2016  11:56    <DIR>          {430C2BBF-C37C-49F1-B317-92366084A328}
05.08.2012  10:53    <DIR>          {4A4C62C6-86D6-4667-8F2B-3FE9E4B0E6F2}
20.07.2012  21:34    <DIR>          {50823A4B-B54C-4816-9203-01E8C5CDDA9B}
06.04.2013  16:25    <DIR>          {539A51AC-1DE1-4F29-9BA4-3059FB4CBEC3}
21.09.2012  09:58    <DIR>          {5860283C-5324-4AD9-B849-C4ACBFBB22B2}
13.03.2016  22:06    <DIR>          {5A17D495-9267-4B7B-A7FA-8C2C065AE112}
05.08.2012  11:01    <DIR>          {5CAE4ED5-162C-4C4B-9DD0-A2AC6BCE33DB}
11.05.2016  22:22    <DIR>          {5D04E2AE-B780-440D-93CE-EEF624C2962C}
19.09.2012  06:18    <DIR>          {60084747-9278-468B-8C30-BC6AFB2F0090}
01.09.2012  19:04    <DIR>          {64706D49-232C-4A41-B680-71CFBBBE8A65}
20.06.2012  02:22    <DIR>          {652BE9A5-FA0B-4BAB-82C0-B02D7BDF8D8E}
16.08.2012  18:46    <DIR>          {6D72F2CE-6BD4-4065-AA13-A842434514E4}
21.01.2013  19:18    <DIR>          {73C4C812-6816-4D1D-AFED-822B19581A36}
11.03.2013  12:29    <DIR>          {7860A353-6685-4376-BE44-9F6F12494811}
07.10.2012  16:57    <DIR>          {7F078D1A-B003-442C-BE66-59F682093F3B}
08.06.2016  22:30    <DIR>          {831F4407-6A5F-4C1A-8EAB-8ADAD86F76CF}
05.08.2012  10:48    <DIR>          {85E68664-6B36-41C7-B7F4-993C36A1A43E}
20.07.2012  23:09    <DIR>          {89563F5A-C50E-462B-BA9A-39112BA3AA08}
02.02.2012  02:03    <DIR>          {8A220DD2-189C-464E-A09B-D18CAD743DE6}
22.07.2012  02:39    <DIR>          {8A5C3E48-300E-40CD-B27E-0E722870E645}
27.09.2012  04:02    <DIR>          {9C2BF2BF-04D9-420F-AE78-768A6712987C}
22.07.2012  00:47    <DIR>          {9CADA1E3-5B48-401A-8DAA-07BF8A902297}
04.02.2012  18:56    <DIR>          {9D041E83-A431-47D9-A329-5E852A088637}
20.07.2012  22:27    <DIR>          {9EF5012F-32F4-42E4-8B43-EBBE5152FAE0}
30.05.2013  16:49    <DIR>          {A1E5E119-AB1F-486D-A625-05A0FFD63810}
20.07.2012  23:10    <DIR>          {A5584890-092D-4DC7-8C89-B2D802576581}
21.02.2013  22:27    <DIR>          {A62DAE46-1AA8-4E5B-82F8-D03D61221AD3}
01.09.2016  00:42    <DIR>          {B86B0B90-93E4-46FE-B095-7F56F68A540F}
03.09.2012  22:11    <DIR>          {C3868DC7-CF27-43C3-BF71-F6AED4A67635}
03.04.2016  23:30    <DIR>          {C713F4EC-EA48-497D-9BBC-B10A10B208AE}
01.07.2016  11:54    <DIR>          {CB0A53AD-B3F3-4F50-A38B-1C606431DA22}
21.10.2016  10:52    <DIR>          {D2FA332A-6759-4B1F-A1D8-79C8D1F5712D}
02.04.2013  05:46    <DIR>          {D60A7ADC-CC47-4FDC-98E4-0F83D1B0A95C}
14.06.2016  12:19    <DIR>          {DA971D9C-89ED-4C58-B4F3-015EED6E9311}
03.02.2016  22:23    <DIR>          {E084CCF6-3885-40C7-9593-A36D797F5ACC}
02.02.2012  02:03    <DIR>          {E0DF5867-2F33-446F-9389-8080B53AD766}
20.07.2012  21:36    <DIR>          {EB9C46E3-A6D7-4B0E-B5AE-09A7AA502B92}
28.09.2012  18:31    <DIR>          {F75238AA-82F3-4BEC-AE05-87EDD742CC16}
16.08.2012  18:43    <DIR>          {FDA26DB6-4872-45E0-A020-95F24150F61B}
20.07.2012  21:39    <DIR>          {FDF15750-0CD7-49D3-9682-571A44CB46EE}
               1 Datei(en),        126.832 Bytes
             109 Verzeichnis(se), 639.807.078.400 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: A4AE-2DE5

 Verzeichnis von C:\Program Files (x86)\Common Files

11.01.2017  00:45    <DIR>          .
11.01.2017  00:45    <DIR>          ..
16.01.2013  23:14    <DIR>          Adobe
20.10.2014  12:40    <DIR>          Adobe AIR
14.05.2014  21:48    <DIR>          DESIGNER
27.12.2013  05:20    <DIR>          InstallShield
27.12.2013  05:20    <DIR>          Intel
26.12.2013  20:13    <DIR>          Intel Corporation
26.12.2013  21:09    <DIR>          LogiShrd
11.01.2017  00:45    <DIR>          Microsoft Shared
11.08.2011  13:24    <DIR>          Nero
11.10.2011  18:46    <DIR>          postureAgent
11.10.2011  18:59    <DIR>          PX Storage Engine
16.07.2016  13:47    <DIR>          Services
11.10.2011  18:53    <DIR>          Sonic Shared
11.01.2017  00:45    <DIR>          SpeechEngines
04.08.2012  12:13    <DIR>          Symantec Shared
12.04.2017  23:10    <DIR>          System
11.08.2011  13:13    <DIR>          Windows Live
23.03.2016  10:53    <DIR>          Wise Installation Wizard
               0 Datei(en),              0 Bytes
              20 Verzeichnis(se), 639.807.021.056 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: A4AE-2DE5

 Verzeichnis von C:\Program Files\Common Files

11.01.2017  00:45    <DIR>          .
11.01.2017  00:45    <DIR>          ..
27.12.2013  05:20    <DIR>          Intel
26.12.2013  21:08    <DIR>          LogiShrd
11.01.2017  00:45    <DIR>          microsoft shared
16.07.2016  13:47    <DIR>          Services
11.01.2017  00:45    <DIR>          SpeechEngines
24.08.2017  16:01    <DIR>          System
               0 Datei(en),              0 Bytes
               8 Verzeichnis(se), 639.806.967.808 Bytes frei

========= Ende von CMD: =========


========= dir "%UserProfile%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: A4AE-2DE5

 Verzeichnis von C:\Users\Pflgl

24.08.2017  20:42    <DIR>          .
24.08.2017  20:42    <DIR>          ..
24.08.2017  16:40    <DIR>          Contacts
06.09.2017  14:53    <DIR>          Desktop
27.08.2017  19:59    <DIR>          Documents
24.08.2017  23:42    <DIR>          Downloads
24.08.2017  16:40    <DIR>          Favorites
26.12.2013  20:11    <DIR>          Intel
24.08.2017  16:40    <DIR>          Links
23.04.2016  19:30    <DIR>          Mozilla
24.08.2017  16:40    <DIR>          Music
11.01.2017  16:59    <DIR>          OneDrive
27.08.2017  21:58    <DIR>          Pictures
24.08.2017  16:40    <DIR>          Saved Games
24.08.2017  16:40    <DIR>          Searches
20.07.2012  17:09         3.098.066 Studioline_Regensburg 016.jpg
29.01.2013  22:43    <DIR>          Tracing
06.09.2017  14:41    <DIR>          Videos
               1 Datei(en),      3.098.066 Bytes
              17 Verzeichnis(se), 639.806.889.984 Bytes frei

========= Ende von CMD: =========


========= dir "C:\" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: A4AE-2DE5

 Verzeichnis von C:\

27.10.2015  22:01    <DIR>          $SysReset
05.09.2017  09:55    <DIR>          AdwCleaner
04.12.2013  20:36    <DIR>          book
07.11.2007  08:00            17.734 eula.1028.txt
28.12.2007  00:24            15.428 eula.1031.txt
07.11.2007  08:00            10.134 eula.1033.txt
07.11.2007  08:00            17.734 eula.1036.txt
07.11.2007  08:00            17.734 eula.1040.txt
07.11.2007  08:00               118 eula.1041.txt
07.11.2007  08:00            17.734 eula.1042.txt
07.11.2007  08:00            17.734 eula.2052.txt
07.11.2007  08:00            17.734 eula.3082.txt
06.09.2017  14:55    <DIR>          FRST
28.12.2007  00:24             1.110 globdata.ini
10.01.2017  23:46    <DIR>          inetpub
28.12.2007  00:24           562.688 install.exe
28.12.2007  00:24               843 install.ini
07.11.2007  08:03            76.304 install.res.1028.dll
28.12.2007  00:37            96.272 install.res.1031.dll
07.11.2007  08:03            91.152 install.res.1033.dll
07.11.2007  08:03            97.296 install.res.1036.dll
07.11.2007  08:03            95.248 install.res.1040.dll
07.11.2007  08:03            81.424 install.res.1041.dll
07.11.2007  08:03            79.888 install.res.1042.dll
07.11.2007  08:03            75.792 install.res.2052.dll
07.11.2007  08:03            96.272 install.res.3082.dll
11.01.2017  00:32    <DIR>          Intel
16.05.2013  21:51    <DIR>          output
16.07.2016  13:47    <DIR>          PerfLogs
24.08.2017  23:05    <DIR>          Program Files
24.08.2017  23:42    <DIR>          Program Files (x86)
15.10.2013  19:50               287 SetSearchAndHomepageInBrowserLog.txt
24.08.2017  17:00            75.392 TDSSKiller.3.1.0.15_24.08.2017_16.54.01_log.txt
17.02.2017  21:56    <DIR>          temp
24.08.2017  14:10    <DIR>          Users
28.12.2007  00:24             5.686 vcredist.bmp
28.12.2007  00:48         1.442.522 VC_RED.cab
28.12.2007  00:51           234.496 VC_RED.MSI
24.08.2017  23:55    <DIR>          Windows
26.01.2017  21:15    <DIR>          Windows.old
              26 Datei(en),      3.244.756 Bytes
              14 Verzeichnis(se), 639.806.701.568 Bytes frei

========= Ende von CMD: =========

================== ExportKey: ===================

[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]

=== Ende von ExportKey ===

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 289374849 B
Java, Flash, Steam htmlcache => 681 B
Windows/system/drivers => 40982847 B
Edge => 19453 B
Chrome => 8526401 B
Firefox => 275151966 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 72420 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 1830696 B
NetworkService => 4360 B
Pflügl => 328570444 B
nathalie.Pflügl-PC => 527951 B
Gast => 544953 B
DefaultAppPool => 39250 B

RecycleBin => 29236615 B
EmptyTemp: => 929.8 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 14:57:14 ====
         
Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 16:28 on 06/09/2017 by Pflügl
Administrator - Elevation successful

========== regfind ==========

Searching for "iLivid"
No data found.

Searching for "jmdp"
No data found.

Searching for "ljkb"
No data found.

Searching for "Search Results"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\OpenContainingFolderHiddenList]
"Start menu search results for Control Panel"="::{26EE0668-A00A-44D7-9371-BEB064C98683}\0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\OpenContainingFolderHiddenList]
"Start menu search results for Control Panel"="::{26EE0668-A00A-44D7-9371-BEB064C98683}\0"

Searching for "SimplyTech"
No data found.

Searching for "Windows Net Data"
No data found.

Searching for "Toolbar4"
No data found.

Searching for "WNLT"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\WNLT]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\WNLT]

Searching for "tprb"
No data found.

Searching for "Allin1Convert"
No data found.

Searching for "SaveSense"
No data found.

Searching for "Iminent"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"iexplore homepages"="hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&si=flvrunner hxxp://search.iminent.com/?appid=418165f6-4c64-49cd-8d32-1d41005c1070 hxxp://google.de/ hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"firefox homepages"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944 hxxp://search.iminent.com/?appId=418165f6-4c64-49cd-8d32-1d41005c1070&ref=homepage hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"iexplore homepages"="hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&si=flvrunner hxxp://www.firetab.org/?type=ds3nt hxxp://search.iminent.com/?appid=418165f6-4c64-49cd-8d32-1d41005c1070 hxxp://www.firetab.org/?type=ds3hp hxxp://google.de/ hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"firefox homepages"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944 hxxp://search.iminent.com/?appId=418165f6-4c64-49cd-8d32-1d41005c1070&ref=homepage hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\TBSB01620\Toolbar]
"toolbar_version"="IMinent Toolbar 1.0.256"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\54e17962_0]
@="{0.0.0.00000000}.{313a4c54-825e-4e86-b563-414128ed714b}|\Device\HarddiskVolume3\Users\Pflügl\Desktop\IminentSetup_2-KFRPtAWP-1_.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"iexplore homepages"="hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&si=flvrunner hxxp://search.iminent.com/?appid=418165f6-4c64-49cd-8d32-1d41005c1070 hxxp://google.de/ hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"firefox homepages"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944 hxxp://search.iminent.com/?appId=418165f6-4c64-49cd-8d32-1d41005c1070&ref=homepage hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"iexplore homepages"="hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=7DF34BFD-0CB9-4476-B4F3-9F1DF2F80B6B&si=flvrunner hxxp://www.firetab.org/?type=ds3nt hxxp://search.iminent.com/?appid=418165f6-4c64-49cd-8d32-1d41005c1070 hxxp://www.firetab.org/?type=ds3hp hxxp://google.de/ hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"firefox homepages"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A4AE74DE2B60BAF1&affID=121563&tl=wgkn1061868&tt=110713_91114&tsp=4944 hxxp://search.iminent.com/?appId=418165f6-4c64-49cd-8d32-1d41005c1070&ref=homepage hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f535cbfe-1f47-4bd9-b47e-06feb703b262&searchtype=hp&installDate=01/01/1970"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\TBSB01620\Toolbar]
"toolbar_version"="IMinent Toolbar 1.0.256"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\54e17962_0]
@="{0.0.0.00000000}.{313a4c54-825e-4e86-b563-414128ed714b}|\Device\HarddiskVolume3\Users\Pflügl\Desktop\IminentSetup_2-KFRPtAWP-1_.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "Tarma Installer"
No data found.

Searching for "Inbox Toolbar"
No data found.

Searching for "SpecialSavings"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\specialsavings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B22160E7-B239-4dfd-942D-C0032C4FBEF0}]
"AppPath"="C:\Program Files (x86)\specialsavings"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\specialsavings]

Searching for "DriverTurbo"
No data found.

Searching for "OpenCandy"
No data found.

Searching for "Softonic"
No data found.

Searching for "DNSErrorHelper"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\DNSErrorHelper]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\DNSErrorHelper]

Searching for "Systweak"
No data found.

Searching for "Allmyapps"
No data found.

Searching for "Smartbar"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\58F068FA3A4582A478B9FBE9E6237567\SourceList]
"LastUsedSource"="n;1;C:\Users\Pflügl\AppData\Local\Temp\Smartbar\d6e4d9fa-e316-4a0b-a6cf-253169a3bcb8\"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\58F068FA3A4582A478B9FBE9E6237567\SourceList\Net]
"1"="C:\Users\Pflügl\AppData\Local\Temp\Smartbar\d6e4d9fa-e316-4a0b-a6cf-253169a3bcb8\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\016A7206F164D5243BE66200904CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\016A7206F164D5243BE662E09C4CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\0B394BFA95E9CAE4FBB27DB664DCBD0E]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\0B51AA2BED003754EB928BEF1B2E8A42]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\0B6A7206F164D5243BE662E09C4CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\116A7206F164D5243BE662E09C4CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\216A7206F164D5243BE66288984CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\216A7206F164D5243BE662E09C4CD4AC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\2E35213FD461DD045869F4E01B62B2BE]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\33592FD0CF5A7AA4A8F106EB69B9A0D7]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\40623894481B5D040B0F8C26B6D7A878]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\43F238B8E12237E46A4AFF0CB31E2ECC]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\4CD231EF64D076744824027B43D7B1AD]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\55D0E21DCD38B8E40BA0517C0D9CCCE0]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\649A52D257CA5DB4EAAE8BA9EB23E467]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\93D6CC2FC9612424E87EB7375E2FC46C]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB73868888]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB73D61A81]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB73D68A18]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB73D68A82]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB73D6BA21]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A0AEB88D68A82]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\9DDEC1131A9FA2348B0A81EB88D68A81]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\A143CF598A8430D4BB0E71700E8C09C5]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\A805D820868346044B5BDD92EB6CA6C3]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\A9AB3AEAE939E984293B9178134BD540]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\BBB8D37874E1A0946834CDB33A9FC4C5]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\C4FE6082BC8553B4B91EC0FE408D71DA]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\CA86D8ADF7525524299E35592473F71A]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\CA86D8ADF7525524299E35592473F72A]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\CA86D8ADF7525524299E35592473F73A]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\D0386F2D6FEAFBC45BFCAFE158BF5064]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\D40B7F324393F624DACA80C397004DA1]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\DF0B7F324F93FE24DBCA80C397004DF2]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E13864C95DCE91247A4435FFDA762754]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E2647758E1ED7134F8C4259CC51A2AA8]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E5ADE64D843807D4997A4AFC96B78EF1]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E5ADE64D843807D4997A4AFC96B78EF2]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E5ADE64D843807D4997A4AFC96B78EF3]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E5ADE64D843807D4997A4AFC96B78EF4]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Components\E5ADE64D843807D4997A4AFC96B78EF5]
"58F068FA3A4582A478B9FBE9E6237567"="01:\Software\Smartbar\version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1664608947-3428569484-2814311379-1001\Products\58F068FA3A4582A478B9FBE9E6237567\InstallProperties]
"InstallSource"="C:\Users\Pflügl\AppData\Local\Temp\Smartbar\d6e4d9fa-e316-4a0b-a6cf-253169a3bcb8\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Environment]
"Path"="C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Internet Explorer;C:\Users\Pflügl\AppData\Local\Smartbar\Application\;C:\Program Files (x86)\Internet Explorer;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment]
"Path"="C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Internet Explorer;C:\Users\Pflügl\AppData\Local\Smartbar\Application\;C:\Program Files (x86)\Internet Explorer;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Installer\Products\58F068FA3A4582A478B9FBE9E6237567\SourceList]
"LastUsedSource"="n;1;C:\Users\Pflügl\AppData\Local\Temp\Smartbar\d6e4d9fa-e316-4a0b-a6cf-253169a3bcb8\"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Installer\Products\58F068FA3A4582A478B9FBE9E6237567\SourceList\Net]
"1"="C:\Users\Pflügl\AppData\Local\Temp\Smartbar\d6e4d9fa-e316-4a0b-a6cf-253169a3bcb8\"

Searching for "Mysearchdial"
No data found.

Searching for "FoxTab"
No data found.

Searching for "Browser Updater"
No data found.

Searching for "MyStart Search"
No data found.

Searching for "ask-search"
No data found.

Searching for "bprotector"
No data found.

Searching for "MySearchDial"
No data found.

Searching for "BrowserDefendert"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]
"serviceName"="BrowserDefendert"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]
"serviceName"="BrowserDefendert"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]
"serviceName"="BrowserDefendert"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]
"serviceName"="BrowserDefendert"

Searching for "DealPly"
No data found.

Searching for "omiga-plus"
No data found.

Searching for "distromatic"
No data found.

Searching for "SweetIM"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\SweetIM]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\SweetIM]

Searching for "ProtectedSearch"
No data found.

Searching for "incredibar"
No data found.

Searching for "Babylon"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"chrome search engines"="Search the web (Babylon) Delta Search Amazon Web"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"SpXmlFN"="babylon.xml"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"chrome search engines"="Search the web (Babylon) Delta Search Amazon Wikipedia (de) Search Google golsearch.com Web"
[HKEY_CURRENT_USER\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"SpXmlFN"="babylon.xml"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"prdct"="BabylonToolbar"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"prtnrid"="BabylonToolbar"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"tlbrsrchurl"="http%3A%2F%2Fsearch%2Ebabylon%2Ecom%2F%3Fbabsrc%3DTB%5Fdef%26mntrId%3Da4ae2de500000000000074de2b60baf1%26q%3D"
[HKEY_CURRENT_USER\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\Instl]
"InstallDir"="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\BabylonHelper.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd\CurVer]
@="Babylon.dskBnd.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\AppID\BabylonHelper.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\AppID\BabylonHelper.EXE]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"chrome search engines"="Search the web (Babylon) Delta Search Amazon Web"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1519.190]
"SpXmlFN"="babylon.xml"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"chrome search engines"="Search the web (Babylon) Delta Search Amazon Wikipedia (de) Search Google golsearch.com Web"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\a28f8cb668b944\2.6.1673.238]
"SpXmlFN"="babylon.xml"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"prdct"="BabylonToolbar"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"prtnrid"="BabylonToolbar"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\BabylonToolbar\BabylonToolbar\iestrg]
"tlbrsrchurl"="http%3A%2F%2Fsearch%2Ebabylon%2Ecom%2F%3Fbabsrc%3DTB%5Fdef%26mntrId%3Da4ae2de500000000000074de2b60baf1%26q%3D"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\Instl]
"InstallDir"="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2"
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\Instl]
"InstallDir"="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2"

Searching for "AskPartnerNetwork"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AskPartnerNetwork]
[HKEY_USERS\S-1-5-21-1664608947-3428569484-2814311379-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1664608947-3428569484-2814311379-1001\Software\AskPartnerNetwork]

Searching for "InstallCore"
No data found.

Searching for "Advanced Disk Recovery"
No data found.

-= EOF =-
         

Antwort

Themen zu Quickshare von linkury
avira, deinstallations, gefunde, gemerkt, google, googlen, handel, hierbei, installiere, installieren, kästchen, laptop, linkury, löschen, meinem, namens, programm, quickshare, spuren, super, systems, systemsteuerung, typische, verbannen, virus, würde



Ähnliche Themen: Quickshare von linkury


  1. Windows 7 - PUP.Optional.Linkury
    Log-Analyse und Auswertung - 21.03.2016 (23)
  2. QuickShare lässt sich nicht deinstallieren (MalSign.Linkury.33E)
    Log-Analyse und Auswertung - 10.05.2015 (17)
  3. PUA/Linkury.gen2
    Plagegeister aller Art und deren Bekämpfung - 01.05.2015 (11)
  4. PUA/Linkury.JH wurde von Avira gefunden, was kann ich tun?
    Log-Analyse und Auswertung - 18.04.2015 (7)
  5. Pua/Linkury.gen 2
    Plagegeister aller Art und deren Bekämpfung - 14.04.2015 (15)
  6. pup.optional.somoto und PUA/Linkury.gen2
    Log-Analyse und Auswertung - 23.03.2015 (13)
  7. Windows 7; Roll around ads und PUA/Linkury.Gen2
    Log-Analyse und Auswertung - 02.03.2015 (11)
  8. Win7 Avira PUA/Linkury.Gen2
    Log-Analyse und Auswertung - 26.02.2015 (9)
  9. PUA/Linkury.Gen2 erfolgreich gelöscht?
    Plagegeister aller Art und deren Bekämpfung - 24.02.2015 (13)
  10. not-a-virus:AdWare.Win32.Linkury.a
    Plagegeister aller Art und deren Bekämpfung - 08.02.2015 (15)
  11. linkury,toolbar
    Plagegeister aller Art und deren Bekämpfung - 15.01.2015 (15)
  12. Yahoo Community Smartbar (by Linkury)
    Plagegeister aller Art und deren Bekämpfung - 14.09.2014 (12)
  13. Linkury / QuickShare loswerden
    Plagegeister aller Art und deren Bekämpfung - 01.08.2014 (3)
  14. Mein Rechner lädt so langsam in letzter Zeit Toolbar Quickshare daran schuld? (Snapshot.do virus? )
    Plagegeister aller Art und deren Bekämpfung - 27.08.2013 (13)
  15. QuickShare & Snap.do auf Rechner: Deinstallation nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 23.06.2013 (33)
  16. Snap.do und QuickShare eingefangen, erste Schritte schon unternommen
    Plagegeister aller Art und deren Bekämpfung - 13.04.2013 (9)
  17. OpenCandy - Linkury Smart Bar
    Plagegeister aller Art und deren Bekämpfung - 28.09.2012 (2)

Zum Thema Quickshare von linkury - Hallo, Ich habe in meiner systemsteuerung ein Programm Namens QuickShare vom Herausgeber Linkury Inc. gefunden, Nach reichlichen Googlen habe ich gemerkt das es sich hierbei um einen Virus handelt. Als - Quickshare von linkury...
Archiv
Du betrachtest: Quickshare von linkury auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.