Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Google Chrome Reset & Packed.VMProtect.ABD Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 10.12.2017, 12:07   #1
John Boy
 
Google Chrome Reset & Packed.VMProtect.ABD Trojaner - Standard

Google Chrome Reset & Packed.VMProtect.ABD Trojaner



Hallo liebes Board, ich habe seit einigen Tagen vermehrt mit Google Chrome Resets, Abstürzen und sehr langsamen Ausführungen zu tun. Ich habe auch schon einige Schritte, bevor ich auf diesem Bord gelandet bin, unternommen. Hier meine Logfiles, in der Hoffnung Hilfe zu finden!

FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2017
durchgeführt von ***** (Administrator) auf CINEGRAFFIX (10-12-2017 11:21:26)
Gestartet von C:\Users\*****\Desktop
Geladene Profile: ***** (Verfügbare Profile: ***** & **********)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Palm) C:\Program Files (x86)\HP webOS\SDK\bin\novacomd\x86\novacomd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-05] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-11-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\MountPoints2: {91b1dfe8-5664-11e2-aba1-806e6f6e6963} - Q:\.\Bin\ASSETUP.exe
HKU\S-1-5-18\...\Run: [] => [X]
IFEO\notepad.exe: [Debugger] "C:\Program Files\Notepad2\Notepad2.exe" /z
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2017-12-08]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{69E4630D-1A01-4998-9122-EA1A5F5F3EE2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A973FD47-15DE-4114-A081-07B68A57139E}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{DE9129D6-95DB-449C-AB17-40463F338A0D}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131505218575769462&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131505218575769462&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3458773745-2075050605-1070322646-1000 -> {ACAE303C-0F75-40B0-82B0-0105200A98AF} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-06] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-11-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-06] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-06] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-12-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-06] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Co.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3458773745-2075050605-1070322646-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  Keine Datei
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: k741u5pw.default-1497732525045
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\k741u5pw.default-1497732525045 [2017-12-10]
FF Homepage: Mozilla\Firefox\Profiles\k741u5pw.default-1497732525045 -> hxxps://www.google.de/
FF Extension: (Avira Browserschutz) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\k741u5pw.default-1497732525045\Extensions\abs@avira.com.xpi [2017-12-08]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-27]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2017-02-09] [Lagacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-17] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-10-28] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-29] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-09] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3458773745-2075050605-1070322646-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3458773745-2075050605-1070322646-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2017-12-10]
CHR Extension: (ProxFlow) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-12-02]
CHR Extension: (Adobe Acrobat) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-09]
CHR Extension: (Avira Browserschutz) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-10-01]
CHR Extension: (AdBlock) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-08]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2017-07-28]
CHR Extension: (Adobe Edge Inspect CC) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoeapleklopieoejahbpdnhkjjgddem [2014-09-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-29]
CHR Extension: (Click&Clean App) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2017-12-08]
CHR Extension: (Chrome Media Router) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-08]
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R2 Asset Management Daemon; C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe [118784 2009-06-26] () [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063664 2017-11-22] (Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [69632 2009-06-26] () [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
S4 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S4 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S4 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
S4 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [49664 2013-10-08] (Haufe-Lexware GmbH & Co. KG) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NovacomD; C:\Program Files (x86)\HP webOS\SDK\bin\novacomd\x86\novacomd.exe [61440 2011-09-19] (Palm) [Datei ist nicht signiert]
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-07-19] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-19] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-13] (Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-13] (Electronic Arts)
R2 Palm_TCP_Relay; C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe [11776 2011-12-21] () [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-12-13] ()
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-12-30] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.229\WsAppService.exe [493280 2017-08-21] (Wondershare)
S3 AfterFLICS v3; C:\Program Files (x86)\AFLICS\AfterFLICS.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S1 acedrv05; C:\Windows\system32\drivers\acedrv05.sys [136192 2016-04-05] () [Datei ist nicht signiert]
S3 DJM-2000Audio; C:\Windows\System32\drivers\DJM-2000Audio64.sys [60280 2010-05-21] (Pioneer Corporation.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-13] ()
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-13] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-10-13] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-10-13] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-12-09] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-10-14] (Malwarebytes)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [112408 2014-08-23] ()
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-07-19] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20520 2009-05-27] (Portrait Displays, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-05-20] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-05-20] (Acronis)
S3 V0610Vid; C:\Windows\System32\DRIVERS\V0610Vid.sys [323136 2011-09-02] (Creative Technology Ltd.)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-05-20] (Acronis International GmbH)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-12-10 11:21 - 2017-12-10 11:23 - 000028025 _____ C:\Users\*****\Desktop\FRST.txt
2017-12-10 11:21 - 2017-12-10 11:21 - 000000000 ____D C:\FRST
2017-12-10 11:19 - 2017-12-10 11:19 - 000002258 _____ C:\Users\*****\Desktop\eset.txt
2017-12-09 20:41 - 2017-12-09 20:41 - 000001751 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-12-09 20:41 - 2017-12-09 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-12-09 20:41 - 2017-12-09 20:41 - 000000000 ____D C:\Program Files\iTunes
2017-12-09 20:41 - 2017-12-09 20:41 - 000000000 ____D C:\Program Files\iPod
2017-12-09 13:38 - 2017-12-09 13:38 - 002390528 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2017-12-09 13:29 - 2017-12-09 13:29 - 000000000 ____D C:\Program Files (x86)\ESET
2017-12-09 13:28 - 2017-12-09 13:28 - 002870984 _____ (ESET) C:\Users\*****\Desktop\esetsmartinstaller_deu.exe
2017-12-09 13:12 - 2017-12-09 13:12 - 000000000 ____D C:\Users\*****\AppData\Local\ElevatedDiagnostics
2017-12-09 13:01 - 2017-12-09 13:01 - 008187336 _____ (Malwarebytes) C:\Users\*****\Downloads\AdwCleaner_7.0.5.0 (1).exe
2017-12-09 12:50 - 2017-12-09 12:50 - 008172032 _____ (Malwarebytes) C:\Users\*****\Downloads\adwcleaner_7.0.5.0(1).exe
2017-12-09 10:08 - 2017-12-09 10:08 - 000001094 _____ C:\Users\*****\Desktop\MSI Afterburner.lnk
2017-12-09 10:06 - 2017-12-09 10:07 - 039234032 _____ C:\Users\*****\Downloads\MSIAfterburnerSetup.zip
2017-12-08 22:09 - 2017-12-09 13:26 - 000000000 ____D C:\AdwCleaner
2017-12-08 22:09 - 2017-12-08 22:09 - 008187336 _____ (Malwarebytes) C:\Users\*****\Downloads\adwcleaner_7.0.5.0.exe
2017-12-08 20:38 - 2017-12-09 23:32 - 000000000 ____D C:\Users\*****\AppData\Roaming\obs-studio
2017-12-08 20:37 - 2017-12-08 20:37 - 000001206 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-12-08 20:37 - 2017-12-08 20:37 - 000000000 ____D C:\Program Files (x86)\obs-studio
2017-12-08 20:35 - 2017-12-08 20:36 - 102779800 _____ (obsproject.com) C:\Users\*****\Downloads\OBS-Studio-20.1.3-Full-Installer (2).exe
2017-12-08 20:22 - 2017-12-08 20:22 - 000000000 ____D C:\Users\*****\AppData\Local\Logitech® Webcam-Software
2017-12-08 20:20 - 2017-12-08 20:20 - 000000000 ____D C:\ProgramData\LogiShrd
2017-12-08 20:19 - 2017-12-08 20:19 - 000001628 _____ C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2017-12-08 20:19 - 2017-12-08 20:19 - 000000000 ____D C:\Users\*****\AppData\Roaming\Leadertech
2017-12-08 20:19 - 2017-12-08 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-12-08 20:19 - 2017-12-08 20:19 - 000000000 ____D C:\ProgramData\Logitech
2017-12-08 20:19 - 2017-12-08 20:19 - 000000000 ____D C:\Program Files (x86)\Logitech
2017-12-08 20:11 - 2017-12-08 20:12 - 102779800 _____ (obsproject.com) C:\Users\*****\Downloads\OBS-Studio-20.1.3-Full-Installer (1).exe
2017-12-08 19:59 - 2017-12-08 19:59 - 000000000 ____D C:\ProgramData\Intel Telemetry
2017-12-08 19:58 - 2017-12-08 19:59 - 000000000 ____D C:\ProgramData\Intel
2017-12-08 19:56 - 2017-12-08 19:57 - 102779800 _____ (obsproject.com) C:\Users\*****\Downloads\OBS-Studio-20.1.3-Full-Installer.exe
2017-12-08 19:49 - 2017-12-08 20:19 - 000000000 ____D C:\Program Files\Common Files\logishrd

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-12-10 11:21 - 2013-10-11 11:03 - 000024202 _____ C:\Users\*****\AppData\Roaming\Notepad2.ini
2017-12-10 09:01 - 2009-07-14 05:45 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-10 09:01 - 2009-07-14 05:45 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-10 02:00 - 2013-03-30 16:42 - 000000000 ____D C:\Users\*****\AppData\Local\Adobe
2017-12-09 20:51 - 2017-10-01 13:35 - 000003044 _____ C:\Windows\System32\Tasks\MSIAfterburner
2017-12-09 20:51 - 2013-05-29 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-09 20:47 - 2017-10-13 19:48 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-12-09 20:47 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-09 13:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2017-12-09 13:06 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-12-09 13:02 - 2009-07-14 05:45 - 010442296 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-09 13:01 - 2013-03-30 13:29 - 000169256 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2017-12-09 12:56 - 2013-03-30 16:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-09 12:55 - 2016-12-22 16:59 - 000000000 ____D C:\Users\*****\AppData\Roaming\Yahoo!
2017-12-09 12:49 - 2017-05-07 13:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-09 12:49 - 2017-04-28 09:19 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2017-12-09 12:49 - 2013-03-30 16:15 - 000000000 ____D C:\Users\*****\AppData\Roaming\Mozilla
2017-12-09 12:45 - 2013-03-30 16:01 - 000003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-09 12:45 - 2013-03-30 16:01 - 000003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-09 10:17 - 2014-11-14 19:49 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-12-09 10:08 - 2013-12-22 21:18 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-12-09 10:08 - 2013-11-21 21:46 - 000000000 ____D C:\Windows\SysWOW64\directx
2017-12-09 10:01 - 2017-10-01 15:31 - 000000000 ____D C:\Program Files (x86)\Avira
2017-12-08 23:00 - 2013-05-29 10:35 - 000000000 ____D C:\Windows\Minidump
2017-12-08 23:00 - 2013-05-10 15:18 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-08 22:25 - 2014-11-18 13:54 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Unity
2017-12-08 22:25 - 2014-11-18 13:54 - 000000000 ____D C:\Users\*****\AppData\Local\Unity
2017-12-08 22:23 - 2017-05-12 13:49 - 000000000 ____D C:\Users\*****\Desktop\Diverse2
2017-12-08 22:22 - 2015-08-17 09:11 - 000000000 ____D C:\Program Files (x86)\Grundschule Lernspass mit Hexe Lilli
2017-12-08 22:22 - 2015-08-17 09:10 - 000000000 ___HD C:\Users\Public\Documents\Silag_prefs
2017-12-08 22:22 - 2013-10-14 17:00 - 000000000 ____D C:\Users\*****\AppData\Roaming\IrfanView
2017-12-08 22:20 - 2015-06-03 10:31 - 000000000 ____D C:\Program Files (x86)\FreeCodecPack
2017-12-08 22:20 - 2013-04-08 17:57 - 000000000 ____D C:\Users\*****\AppData\Roaming\DVDVideoSoft
2017-12-08 22:17 - 2013-09-18 15:36 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-08 22:13 - 2015-05-31 20:18 - 000000000 ____D C:\Users\*****\Desktop\Diverse 2015
2017-12-08 22:06 - 2017-09-13 19:02 - 000000000 ____D C:\Users\**********\AppData\Roaming\Wondershare
2017-12-08 22:06 - 2017-09-13 19:02 - 000000000 ____D C:\Users\**********\.android
2017-12-08 22:06 - 2017-09-13 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-12-08 22:06 - 2015-10-31 20:58 - 000000000 ____D C:\ProgramData\Wondershare
2017-12-08 22:06 - 2015-10-31 20:58 - 000000000 ____D C:\Program Files (x86)\Wondershare
2017-12-08 22:05 - 2017-10-14 11:34 - 000000000 ____D C:\Users\*****\AppData\Roaming\Wondershare
2017-12-08 20:49 - 2015-05-13 09:37 - 000003442 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2017-12-08 18:47 - 2015-08-02 11:12 - 000787388 _____ C:\Windows\system32\perfh00A.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000785430 _____ C:\Windows\system32\perfh013.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000766532 _____ C:\Windows\system32\perfh019.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000725686 _____ C:\Windows\system32\perfh00E.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000710772 _____ C:\Windows\system32\perfh005.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000705652 _____ C:\Windows\system32\perfh01D.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000648920 _____ C:\Windows\system32\perfh008.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000536446 _____ C:\Windows\system32\perfh014.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000523434 _____ C:\Windows\system32\perfh00B.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000470356 _____ C:\Windows\system32\perfh012.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000434276 _____ C:\Windows\system32\perfh00D.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000186250 _____ C:\Windows\system32\perfc00E.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000173450 _____ C:\Windows\system32\perfc00A.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000168078 _____ C:\Windows\system32\perfc013.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000165818 _____ C:\Windows\system32\perfc019.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000157450 _____ C:\Windows\system32\perfc01D.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000156402 _____ C:\Windows\system32\perfc005.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000135360 _____ C:\Windows\system32\perfc012.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000126104 _____ C:\Windows\system32\perfc008.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000116496 _____ C:\Windows\system32\perfc00B.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000110380 _____ C:\Windows\system32\perfc014.dat
2017-12-08 18:47 - 2015-08-02 11:12 - 000099734 _____ C:\Windows\system32\perfc00D.dat
2017-12-08 18:47 - 2015-08-01 18:56 - 000781978 _____ C:\Windows\system32\perfh010.dat
2017-12-08 18:47 - 2015-08-01 18:56 - 000161822 _____ C:\Windows\system32\perfc010.dat
2017-12-08 18:47 - 2015-08-01 18:50 - 000787648 _____ C:\Windows\system32\perfh00C.dat
2017-12-08 18:47 - 2015-08-01 18:50 - 000520946 _____ C:\Windows\system32\perfh001.dat
2017-12-08 18:47 - 2015-08-01 18:50 - 000164556 _____ C:\Windows\system32\perfc00C.dat
2017-12-08 18:47 - 2015-08-01 18:50 - 000109748 _____ C:\Windows\system32\perfc001.dat
2017-12-08 18:47 - 2011-04-12 08:43 - 000779920 _____ C:\Windows\system32\perfh007.dat
2017-12-08 18:47 - 2011-04-12 08:43 - 000174028 _____ C:\Windows\system32\perfc007.dat
2017-12-08 18:47 - 2009-07-14 06:13 - 013028800 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-08 14:10 - 2013-03-30 15:22 - 000000000 ____D C:\Users\*****\Documents\Daten Meinolf
2017-12-01 21:56 - 2013-03-30 14:17 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-12-01 21:54 - 2013-03-30 14:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-12-01 21:26 - 2015-04-20 13:00 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-11-18 14:22 - 2013-03-31 09:52 - 000000000 ____D C:\Users\*****\Documents\Outlook-Dateien
2017-11-18 14:20 - 2013-03-30 13:12 - 013114734 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-11-17 15:48 - 2013-03-30 23:40 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-17 15:48 - 2013-03-30 23:40 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-17 15:48 - 2013-03-30 23:40 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-17 15:48 - 2013-03-30 23:40 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-17 15:48 - 2013-03-30 23:40 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-17 15:30 - 2014-12-24 12:39 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-17 15:29 - 2015-04-20 13:00 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-11-13 20:38 - 2015-07-31 10:07 - 000000000 ____D C:\Users\**********\Documents\Outlook-Dateien
2017-11-13 19:05 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-11-23 23:27 - 2010-11-25 15:14 - 000018724 _____ () C:\Program Files (x86)\mbsuite20.log
2010-11-25 10:41 - 2010-11-25 15:15 - 000006704 _____ () C:\Program Files (x86)\mbsuite21.log
2003-09-08 09:09 - 2002-01-05 03:40 - 000487424 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp70.dll
2004-04-23 17:06 - 2003-11-03 17:07 - 000499712 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp71.dll
2003-09-08 09:09 - 2003-05-30 09:22 - 000344064 ____R (Microsoft Corporation) C:\Program Files (x86)\msvcr70.dll
2004-04-23 17:06 - 2003-11-03 17:07 - 000348160 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr71.dll
2010-11-23 23:43 - 2010-11-23 23:43 - 000036868 _____ () C:\Program Files (x86)\uninst-Lux.exe
2013-07-18 17:49 - 2014-05-22 12:07 - 000000132 _____ () C:\Users\*****\AppData\Roaming\Adobe GIF Format CC Prefs
2013-04-06 16:17 - 2013-06-18 14:07 - 000000132 _____ () C:\Users\*****\AppData\Roaming\Adobe GIF Format CS6 Prefs
2013-12-03 15:52 - 2013-12-03 15:52 - 000000132 _____ () C:\Users\*****\AppData\Roaming\Adobe IllExport Filter CC Prefs
2013-06-07 16:34 - 2013-06-07 16:34 - 000000132 _____ () C:\Users\*****\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2013-11-28 21:04 - 2014-02-28 20:33 - 000000132 _____ () C:\Users\*****\AppData\Roaming\Adobe OpenEXR Format CC Prefs
2013-06-20 10:13 - 2017-04-28 10:22 - 000000132 _____ () C:\Users\*****\AppData\Roaming\Adobe PNG Format CC Prefs
2013-04-10 13:06 - 2014-07-15 11:48 - 000000132 _____ () C:\Users\*****\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-06-30 19:58 - 2017-08-08 18:51 - 000000034 _____ () C:\Users\*****\AppData\Roaming\AdobeWLCMCache.dat
2017-01-24 20:23 - 2017-01-24 20:34 - 000000899 _____ () C:\Users\*****\AppData\Roaming\buttrc
2013-09-27 12:38 - 2013-09-27 12:38 - 000000268 ___RH () C:\Users\*****\AppData\Roaming\Documentation
2013-09-27 12:38 - 2013-09-27 12:38 - 000000268 ___RH () C:\Users\*****\AppData\Roaming\Documents
2013-09-27 12:38 - 2013-09-27 12:38 - 000000268 ___RH () C:\Users\*****\AppData\Roaming\Drum Kits
2015-03-15 11:48 - 2015-10-31 20:23 - 000000083 _____ () C:\Users\*****\AppData\Roaming\mbam.context.scan
2013-10-11 11:03 - 2017-12-10 11:21 - 000024202 _____ () C:\Users\*****\AppData\Roaming\Notepad2.ini
2015-10-31 21:06 - 2015-10-31 21:06 - 000000105 _____ () C:\Users\*****\AppData\Roaming\settings.xml
2013-06-14 16:48 - 2013-06-20 09:41 - 000000005 _____ () C:\Users\*****\AppData\Roaming\WBPU-TTL.DAT
2015-10-09 14:51 - 2016-01-11 22:29 - 000001456 _____ () C:\Users\*****\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-06-04 18:12 - 2017-08-12 14:12 - 000008704 _____ () C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-01 19:24 - 2013-12-06 13:27 - 000007641 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
2016-08-03 23:30 - 2016-08-03 23:30 - 000838688 _____ (NCH Software) C:\Users\**********\AppData\Local\Temp\burnsetup.exe
2017-04-12 19:31 - 2017-04-12 19:31 - 034587552 _____ (Digital Wave Ltd                                            ) C:\Users\**********\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
2016-08-03 23:23 - 2016-08-03 23:23 - 001088680 _____ (NCH Software) C:\Users\**********\AppData\Local\Temp\wpsetup.exe
2017-12-08 22:22 - 2013-10-14 17:00 - 000037984 _____ (Irfan Skiljan, IrfanView) C:\Users\*****\AppData\Local\Temp\iv_uninstall.exe
2017-12-08 19:50 - 2017-12-08 20:16 - 007060456 _____ (Logitech, Inc.) C:\Users\*****\AppData\Local\Temp\qc_e3f0f3ef_27e6_4ca8_8a7c_a3d761aa54bb_64.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-12-09 11:01

==================== Ende von FRST.txt ============================
         
Ich hoffe ihr könnt mir helfen, vielen Dank im voraus! Weitere Logs folgen!

Alt 10.12.2017, 12:08   #2
John Boy
 
Google Chrome Reset & Packed.VMProtect.ABD Trojaner - Standard

Addition Scan



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-12-2017
durchgeführt von ***** (10-12-2017 11:23:23)
Gestartet von C:\Users\*****\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-03-30 11:57:13)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3458773745-2075050605-1070322646-500 - Administrator - Disabled)
********** (S-1-5-21-3458773745-2075050605-1070322646-1020 - Administrator - Enabled) => C:\Users\**********
cinepad (S-1-5-21-3458773745-2075050605-1070322646-1013 - Limited - Enabled)
Gast (S-1-5-21-3458773745-2075050605-1070322646-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3458773745-2075050605-1070322646-1015 - Limited - Enabled)
***** (S-1-5-21-3458773745-2075050605-1070322646-1000 - Administrator - Enabled) => C:\Users\*****

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

470_Help (HKLM-x32\...\{2C876BA7-32D3-4DE6-9934-B6A97FA09FCE}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
470_Readme (HKLM-x32\...\{E022C318-BAC9-468D-8731-3C5EE63C7743}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ableton Live 9 Suite (HKLM\...\{FC45EA8D-5978-49BF-A121-96FA18A1ED83}) (Version: 9.0.0.0 - Ableton)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.1 - Adobe Systems Incorporated)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.2.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_5_0) (Version: 17.5.0 - Adobe Systems Incorporated)
Adobe Edge Animate (HKLM-x32\...\{181241DD-2FC2-4CF9-94CE-97F3E37D6F0B}) (Version: 1.5 - Adobe Systems Incorporated)
Adobe Edge Animate CC 2014 (HKLM-x32\...\{A3643DA2-AF8A-44E8-A56E-7FE001932D8B}) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Edge Animate CC 2014.1 (HKLM-x32\...\{344AEC03-4326-11E4-B63C-FE38885BB836}) (Version: 5.0.1 - Adobe Systems Incorporated)
Adobe Edge Code CC (HKLM-x32\...\{3F1138D5-899C-4584-26F0-1CF3A3A3CFAC}) (Version: 0.96 - Adobe Systems Incorporated)
Adobe Edge Inspect CC (HKLM-x32\...\{67D22EA0-4601-4450-9C99-042DABB0A315}) (Version: 1.0.408 - Adobe Systems Incorporated)
Adobe Edge Reflow CC Preview (HKLM\...\{AC41E46F-969F-439B-84C9-D5DA8C783E9D}) (Version: 0.32.13658 - Adobe Systems Incorporated)
Adobe Exchange Panel (HKLM-x32\...\{41A12FFC-89E9-4743-A51E-00975CA31F40}) (Version: 1 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit CC (HKLM-x32\...\{6297487E-3778-4F72-B458-55690418DB98}) (Version: 4.0.0.0 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2014 (HKLM-x32\...\{AA704223-E11C-11E3-8A38-C09A633B72AF}) (Version: 14.2 - Adobe Systems Incorporated)
Adobe Gaming SDK 1.2 (HKLM-x32\...\{323D371C-CD65-43E2-9E42-BC643F2D4D81}) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe InCopy CC (HKLM-x32\...\{2606D96F-C1A3-1014-9A8F-E3561A1AC78D}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe InCopy CC 2014 (HKLM-x32\...\{B389B226-A760-1014-9ADD-DA3D4A4028DB}) (Version: 10.0 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_1_0) (Version: 12.1.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Muse (HKLM-x32\...\{9A554C9D-E12D-4205-8101-9F4337CD5673}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Muse CC 2017 (HKLM-x32\...\MUSE_2017_1_0) (Version: 2017.1.0.821 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Adobe Prelude CC (HKLM-x32\...\{5D73C19B-BE10-44A6-96B2-A516756ED29F}) (Version: 2.2.0 - Adobe Systems Incorporated)
Adobe Prelude CC 2014 (HKLM-x32\...\{2A054E48-0A75-42BD-8738-EC9AB4E2207A}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Scout CC (HKLM\...\{24CFD7EF-32B7-4FFD-B5A8-B0F129C92D0A}) (Version: 1.1.1.354079 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Adobe SpeedGrade CC (HKLM-x32\...\{29AA12E9-934C-485E-A9A1-D823FEB29880}) (Version: 7.2.1 - Adobe Systems Incorporated)
Adobe SpeedGrade CC 2014 (HKLM-x32\...\{8EFF28F0-9DFD-4208-9E04-4D49A4812CF3}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AfterBurn 4.1 R2013 64-bit (HKLM-x32\...\{05A33CFF-8937-4D34-9637-CF288CD67ECD}) (Version:  - )
Akamai NetSession Interface (HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{5DDB9EF7-1BC0-C9C1-9829-6B9CF68AC357}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Analog Lab 2 2.1.2 (HKLM-x32\...\Analog Lab 2_is1) (Version: 2.1.2 - Arturia)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{F1D83CEA-2855-4224-9935-D981785AA75D}) (Version: 6.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{E2A6344A-45BF-47A0-9AE1-848325E7FD88}) (Version: 6.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Arturia Software Center 1.4.1 (HKLM-x32\...\Arturia Software Center_is1) (Version: 1.4.1 - Arturia)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.4.0 - Asmedia Technology)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1637796.1996247960.2010281950.32 - Audible, Inc.)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Autodesk 3ds Max 2014 SP1 (HKLM\...\Autodesk 3ds Max 2014 SP1) (Version: 16.1.178.0 - Autodesk)
Autodesk 3ds Max 2014 SP2 (HKLM\...\Autodesk 3ds Max 2014 HF1) (Version: 16.2.475.0 - Autodesk)
Autodesk 3ds Max 2014 SP3 (HKLM\...\Autodesk 3ds Max 2014 SP2) (Version: 16.3.253.0 - Autodesk)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Beatport Pro (HKLM-x32\...\{6DD1A4E5-C3F9-48CE-A452-CFDBA3526BEE}) (Version: 1.0.0.27002 - Beatport)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BPDSoftware (HKLM-x32\...\{990635A0-3FCF-4933-AD9B-09CB5C0DC873}) (Version: 130.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM-x32\...\{AFFD253D-5CE1-44B5-81DC-E00EF7048770}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.40.836.0 - Logitech) Hidden
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Inkjet Printer Driver Add-On Module V2.00 (HKLM\...\CANONIJINBOXADDON200) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Command Center (HKLM-x32\...\{B5C98C54-097A-4B4C-8189-FEF1C79F3638}_is1) (Version: 1.1.7.1 - Cakewalk Music Software)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
Craft Director Studio (HKLM-x32\...\CraftDirectorStudio) (Version:  - Craft Animations and Entertainment AB)
Creative Live! Cam Socialize HD (VF0610) (1.04.01.00) (HKLM\...\Creative VF0610) (Version:  - Creative Technology Ltd.)
Creative Live! Central 3 (HKLM-x32\...\Creative Live! Central 2) (Version: 3.01.28 - Creative Technology Ltd)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 3.0.0.0 - devolo AG)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
dLAN Cockpit (HKLM-x32\...\{846E4C72-DF45-43ED-1680-EDF5F87F279E}) (Version: 3.23.12 - devolo AG) Hidden
dLAN Cockpit (HKLM-x32\...\Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1) (Version: 3 (23.12.2010) - devolo AG)
Driver Fusion (HKLM-x32\...\Driver Fusion) (Version: 2.6 - Treexy)
Druckerdeinstallation für EPSON WF-3520 Series (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.1.20130301 - Landesfinanzdirektion Thüringen)
Epson Benutzerhandbuch WF-3520 Series (HKLM-x32\...\WF-3520 Series Useg) (Version:  - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version:  - )
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-3520 Series (HKLM-x32\...\WF-3520 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVGA SLI Enhancement Patch (HKLM-x32\...\{4FBB8F86-CAB5-4FAC-818F-5B896239E153}) (Version: 1.0.4.32 - EVGA)
FabFilter Total Bundle (64-bit) (HKLM-x32\...\FabFilter Total Bundle (64-bit)) (Version:  - )
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
H470 (HKLM-x32\...\{1A45C65B-6059-4091-8433-D53DDF989FC7}) (Version: 130.0.000.000 - Hewlett-Packard) Hidden
High-Logic FontCreator 7.5 (HKLM-x32\...\FontCreator7_is1) (Version:  - High-Logic B.V.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Display Assistant (HKLM-x32\...\{17B371B7-740F-4C83-BDFE-0C3A2C585103}) (Version: 1.60.008 - Portrait Displays, Inc.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP OfficeJet H470 (HKLM\...\{2B71BB94-F52C-4EF2-85E8-45E63296EDF2}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.8.47.1 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP webOS SDK (HKLM\...\{53A97E00-7252-4ED0-A1EB-9F9712FC0AC9}) (Version: 3.0.676 - HP)
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
IBP 12.0.3 (HKLM-x32\...\IBP12_is1) (Version: 12.0.3 - Axandra GmbH)
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
iTunes (HKLM\...\{1A63A05F-AC57-47A2-B94C-CEACBB65A7C2}) (Version: 12.7.2.58 - Apple Inc.)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java(TM) SE Development Kit 6 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160250}) (Version: 1.6.0.250 - Oracle)
Lexware faktura+auftrag 2014 (HKLM-x32\...\{033D0D16-7724-43F1-8FF7-EF5A1EB6FFBA}) (Version: 18.51.00.0174 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware faktura+auftrag 2014 (HKLM-x32\...\{4d54c3b8-5e73-4f9e-a810-07fc42ddb356}) (Version: 18.0.0.78 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (HKLM-x32\...\{BF6B33EE-9023-46E2-89E8-F8E758E5EE92}) (Version: 3.01.00.0011 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (HKLM-x32\...\{7F603892-89C9-4EC4-9236-7AD4A798EA41}) (Version: 21.00.00.0039 - Haufe-Lexware GmbH & Co.KG)
Lightroom 4.3 (HKLM-x32\...\{3c5418ff-7dea-4a37-8c52-45c670677773}) (Version: 4.3 - Adobe Systems Incorporated)
Lightroom 5.0 (HKLM-x32\...\{9bcd38e7-1f9a-4536-8cd4-96448263f367}) (Version: 5.0 - Adobe Systems Incorporated)
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.)
LWS VideoEffects (HKLM\...\{138A4072-9E64-46BD-B5F9-DB2BB395391F}) (Version: 13.30.1379.0 - Logitech) Hidden
Magic Bullet Suite v12.1.3 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 12.1.3 - Red Giant, LLC)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Max 7 (64-bit) (HKLM\...\{0ED56CBB-3E13-45C9-9039-DD618194A10D}) (Version: 7.3.3 - Cycling '74)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8625.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MIDI Control Center 1.7.0 (HKLM-x32\...\MIDI Control Center_is1) (Version: 1.7.0 - Arturia)
Mozilla Firefox 57.0 (x64 de) (HKLM\...\Mozilla Firefox 57.0 (x64 de)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
MPM (HKLM-x32\...\{00772F8B-37FF-4704-A47D-72B30BFAF126}) (Version: 1.00.0000 - Hewlett-Packard)
MSI Afterburner 4.4.0 (HKLM-x32\...\Afterburner) (Version: 4.4.0 - MSI Co., LTD)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.2.8 - Native Instruments)
Native Instruments Guitar Rig Factory Selection for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Factory Selection for Maschine) (Version:  - Native Instruments)
Native Instruments Komplete 8 Players (HKLM-x32\...\Native Instruments Komplete 8 Players) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.6.6.16 - Native Instruments)
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.1.637 - Native Instruments)
Native Instruments Mikro Prism (HKLM-x32\...\Native Instruments Mikro Prism) (Version:  - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.1.3.50 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.3.1344 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.1.1.35 - Native Instruments)
Native Instruments Reaktor Blocks Wired (HKLM-x32\...\Native Instruments Reaktor Blocks Wired) (Version: 1.0.0.3 - Native Instruments)
Native Instruments Reaktor Factory Selection (HKLM-x32\...\Native Instruments Reaktor Factory Selection) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.3.0 - Nikon)
Node.js (HKLM\...\{40435563-20B0-4DA3-8E52-E5BF28ABE5C3}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Notepad2 (Notepad Replacement) (HKLM\...\Notepad2) (Version: 4.2.25  - Florian Balmer)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation)
NVIDIA Grafiktreiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Update 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.0.18 (HKLM\...\{8AB8445D-06D7-4AED-9DC5-39D576277A7D}) (Version: 4.0.18 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.2 - Nikon)
Pioneer CDJ Driver (HKLM-x32\...\Pioneer CDJ) (Version: 1.210.000.000 - Pioneer Corporation.)
Pioneer DJM-2000 Driver (HKLM-x32\...\DJM-2000) (Version: 1.100.000.000 - Pioneer Corporation.)
Pivot Software (HKLM-x32\...\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}) (Version: 9.03.004 - Portrait Displays, Inc.) Hidden
Presto! PageManager 9.03 SE (HKLM-x32\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
ProductContext (HKLM-x32\...\{E805794B-E657-49CD-9110-C5AFEB416D5F}) (Version: 130.0.000.000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RayFire 1.63 - 3ds Max 2014 - 64 bit (HKLM-x32\...\RayFire) (Version: 1.63 - 3ds Max 2014 - 64 bit - Mir Vadim)
RealFlow Plugin for 3D Studio Max (HKLM-x32\...\RealFlowMax) (Version: 2013.0.6 - Next Limit)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Rebus Manager (HKLM-x32\...\Rebus Manager) (Version:  - )
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.7.33 - Red Giant, LLC)
rekordbox 2.2.4 (HKLM-x32\...\Pioneer rekordbox 2.2.4) (Version: 2.2.4 - Pioneer)
rekordbox 3.0.0 (HKLM-x32\...\Pioneer rekordbox 3.0.0) (Version: 3.0.0.2369 - Pioneer)
rekordbox 3.0.1 (HKLM-x32\...\Pioneer rekordbox 3.0.1) (Version: 3.0.1.2408 - Pioneer)
rekordbox 3.1.0 (HKLM-x32\...\Pioneer rekordbox 3.1.0) (Version: 3.1.0.2818 - Pioneer)
rekordbox 3.3.0 (HKLM-x32\...\Pioneer rekordbox 3.3.0) (Version: 3.3.0.4268 - Pioneer)
remixbox 2.1.0 (HKLM-x32\...\Pioneer remixbox 2.1.0) (Version: 2.1.0 - Pioneer)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAUSAGE FATTENER 1.1.5 (HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\SAUSAGE FATTENER) (Version: 1.1.5 - DADA LIFE)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.15.005 - Portrait Displays, Inc.) Hidden
Seagate DiscWizard (HKLM-x32\...\{07B7CC6B-DC59-4497-8652-C1DEF6F8267A}) (Version: 16.0.5840 - Seagate)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SHOUTcast DNAS Server v2.4.0 (HKLM-x32\...\SHOUTcast DNAS Server) (Version: 2.4.0.147 - Radionomy SA)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Software Updater (HKLM-x32\...\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}) (Version: 4.1.7 - SEIKO EPSON CORPORATION)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spire-1.1 Plug-In (x64) (HKLM\...\{3F98118B-D5D1-455B-A899-E03C1D7B4E89}) (Version: 1.1.12.0 - Reveal Sound Ltd.)
Spotify (HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sylenth1 v3.032 (HKLM\...\Sylenth1v3_is1) (Version:  - )
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Trapcode Suite 64-bit (HKLM\...\{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
Trapcode Suite v13.0.0 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.0.0 - Red Giant, LLC)
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.3.0 - Nikon)
Waves Complete V9r13 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.13 - Waves)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WISE-FTP 7 (HKLM-x32\...\{3EAF3023-F780-46E5-8220-72F8DB87A7EB}_is1) (Version:  - AceBIT GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.8-0 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3458773745-2075050605-1070322646-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3458773745-2075050605-1070322646-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2014-05-12] ()
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3458773745-2075050605-1070322646-1000: [Git-Cheetah] -> {ca586c80-7c84-4b88-8537-726724df6929} => C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll [2015-03-19] ()
ContextMenuHandlers2_S-1-5-21-3458773745-2075050605-1070322646-1000: [Git-Cheetah] -> {ca586c80-7c84-4b88-8537-726724df6929} => C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll [2015-03-19] ()
ContextMenuHandlers4_S-1-5-21-3458773745-2075050605-1070322646-1000: [Git-Cheetah] -> {ca586c80-7c84-4b88-8537-726724df6929} => C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll [2015-03-19] ()
ContextMenuHandlers5_S-1-5-21-3458773745-2075050605-1070322646-1000: [Git-Cheetah] -> {ca586c80-7c84-4b88-8537-726724df6929} => C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll [2015-03-19] ()
ContextMenuHandlers6_S-1-5-21-3458773745-2075050605-1070322646-1000: [Git-Cheetah] -> {ca586c80-7c84-4b88-8537-726724df6929} => C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll [2015-03-19] ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DE4E6CE-134D-4274-AF59-859D4C0A3E2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {106C4FB7-18A7-4D60-B1A3-4B4A299D87AF} - System32\Tasks\{E41365F9-5119-4C0B-AC95-9FDBAA4F8E7A} => C:\Windows\system32\pcalua.exe -a "C:\Users\*****\AppData\Roaming\oursurfing\UninstallManager.exe" -c -ptid=amt
Task: {108DB759-47C3-411F-AEDC-CDAF6A53BBF2} - System32\Tasks\{607301E9-00CB-4C3E-A34F-1DEE45016138} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {14FCFF6B-B468-47E8-9F24-8F6BB139AC6A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {160164D4-0983-4735-815D-CDF1BB705991} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-29] ()
Task: {189DE712-832D-4919-A53B-6357C43F7065} - System32\Tasks\{5FEBF72B-F635-4170-AA26-F34DF43D86CD} => C:\Windows\system32\pcalua.exe -a "C:\Users\*****\Desktop\LCTR2_PCAPP_LA_2_00_29.exe" -d "C:\Users\*****\Desktop"
Task: {296DA2E9-90DF-40E9-9808-AF97529514D2} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2017-10-31] ()
Task: {33AF39B2-3715-4BF7-88A6-7368741C24E5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-12-01] (Microsoft Corporation)
Task: {37F93044-64E9-41D2-A620-C4D3855EE8F6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {4539C001-F890-4614-95F5-E332E13F4612} - C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {4539C001-F890-4614-95F5-E332E13F4612} - C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate -noappraiser
Task: {52F75AB4-9513-417D-885D-4039BC1E3430} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {57613E69-95EA-46EC-83A8-990BA2471FE8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {5B049B41-825F-49A8-B8CA-1AD7265D7C31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {62BCE2D8-858E-4745-B2F3-8D56128933C3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-29] ()
Task: {7772635C-1E06-4BD3-B765-D88F90547BDD} - C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(3): %windir%\system32\rundll32.exe -> appraiser.dll,DailyGatedCheck
Task: {7772635C-1E06-4BD3-B765-D88F90547BDD} - C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(4): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy
Task: {82C0A610-8C88-4D7C-80AD-C378C2F21B6F} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {8C6160CB-DD67-4970-B074-55E54F396C59} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {90644DB0-F1C8-42B1-ACCC-BAB1F1758AF1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {92EC0E5E-9113-436D-9000-2D14F058320C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {A654C25F-0E5F-4E0E-869C-630C0CE11885} - System32\Tasks\AdobeAAMUpdater-1.0-cinegraffix-***** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {B1DDA745-A2A5-4F2B-AE1C-F51A372A8A86} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-19] (NVIDIA Corporation)
Task: {B4691BFC-8E01-48D6-A31B-58DB44B60185} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-19] (NVIDIA Corporation)
Task: {B9B644E6-B3F2-4D4C-8621-FE74655C7908} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-19] (NVIDIA Corporation)
Task: {BC0DB215-9BAF-4F4F-A0E4-5379761BF84F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-10-19] (Apple Inc.)
Task: {BD956E80-1E30-4611-A345-1720F2C19947} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-19] (NVIDIA Corporation)
Task: {BFCB3A6F-46C5-4DE9-B481-087909BD1499} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-19] (NVIDIA Corporation)
Task: {C36591E9-6201-43B8-AD8C-CEA0C78B37FB} - System32\Tasks\{D644A3B7-7C94-4752-8CF6-86230EB4A039} => C:\Windows\system32\pcalua.exe -a "C:\Users\*****\Downloads\vcredist_x64.exe" -d "C:\Users\*****\Downloads"
Task: {C665CE07-49DB-4FF4-828A-84902C389238} - System32\Tasks\{2D71D111-9023-483C-94DE-F1FCE16654A0} => C:\Windows\system32\pcalua.exe -a "C:\Users\*****\Downloads\ActiveSetupN (1).exe" -d "C:\Users\*****\Downloads"
Task: {D67AF03E-7D9E-4D83-94A5-33DC628659BA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {DAA35778-CFE0-4331-B9FF-FB8779D86428} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
Task: {E4FD8B61-3E09-44AF-9D8E-FA7ED24ED418} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {EC4FEDF3-35D7-4086-B6B9-34CCA11B0899} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {ECDD8CA8-9AE5-4FF7-BCF7-746FCB4D3E7B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
Task: {FB4107D9-53E2-4623-BDDC-02D4AD9D8FD9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-17] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files\nodejs\nodevars.bat"
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.mystartsearch.com/?type=sc&ts=1440255946&z=28b5d6a30f37237cbc06a84gez0z9ecoew5w7b4mbw&from=slb2&uid=ST2000DM001-1CH164_Z240FYY1XXXXZ240FYY1
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Games.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c "start hxxp://socialgames.splashtop.com/gbsp/mb/?p=w"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-10-03 12:39 - 2017-10-13 19:48 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 000098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2017-12-05 15:43 - 2017-12-05 15:43 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-12-05 15:43 - 2017-12-05 15:43 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2015-12-08 20:25 - 2015-12-08 20:25 - 000057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-11-11 14:07 - 2011-11-11 14:07 - 000265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 12:19 - 2011-08-12 12:19 - 000680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2017-08-14 02:48 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2017-11-30 18:54 - 2017-11-30 18:54 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-03-30 13:50 - 2009-06-26 12:20 - 000118784 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
2013-03-30 13:50 - 2009-06-26 12:17 - 000069632 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
2011-12-21 15:28 - 2011-12-21 15:28 - 000011776 _____ () C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe
2017-11-30 18:55 - 2017-11-30 18:55 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 18:55 - 2017-11-30 18:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-11-30 18:54 - 2017-11-30 18:54 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-09-20 02:42 - 2017-09-20 02:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 002145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 007956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 000342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 000029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 000128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2011-12-12 15:44 - 2011-12-12 15:44 - 000336408 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2013-03-30 13:50 - 2004-11-17 16:49 - 004603904 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\qt-mt332.dll
2013-03-30 13:50 - 2004-05-11 15:51 - 000155648 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\SSLEAY32.dll
2013-03-30 13:50 - 2004-05-11 15:51 - 000798720 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\LIBEAY32.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 03:04 - 2017-09-20 03:04 - 000110688 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:V12MfkLk9xHEq6hXG [2760]
AlternateDataStreams: C:\Program Files\Common Files\System:BcjAcTSuEPeaFykq0vksAM8lLfj [2344]
AlternateDataStreams: C:\Program Files\Common Files\System:vVhQBC4qMtOvGWbbrpimbV1C3Y [2702]
AlternateDataStreams: C:\ProgramData\Microsoft:IOj4wcpLnvHXEawZYThWoZD0 [2482]
AlternateDataStreams: C:\ProgramData\Microsoft:xxlTkMMIOMgAsHMCrlgvcTJuN [585]
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Public\Downloads\.DS_Store:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo [122]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\com -> hxxp://www.msi.com
IE trusted site: HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\com.tw -> hxxp://asia.msi.com.tw
IE trusted site: HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\speedport.ip -> hxxps://speedport.ip

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2017-02-12 13:11 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: AfterFLICS v3 => 2
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: AppMgmt => 3
MSCONFIG\Services: aspnet_state => 3
MSCONFIG\Services: Asset Management Daemon => 2
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: ClickToRunSvc => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: CscService => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: DevoloNetworkService => 2
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: DTSAudioSvc => 2
MSCONFIG\Services: DTSRVC => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 2
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_PM_RPCV4_05 => 2
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FLEXnet Licensing Service 64 => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: hpqcxs08 => 2
MSCONFIG\Services: hpqddsvc => 2
MSCONFIG\Services: HPSLPSVC => 2
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 2
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: Lexware_Update_Service => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: mi-raysat_3dsmax2012_64 => 2
MSCONFIG\Services: mi-raysat_3dsmax2014_64 => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: NovacomD => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Origin Client Service => 2
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: Palm_TCP_Relay => 2
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PdiService => 2
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SgtSch2Svc => 2
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: WsAppService => 2
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WsDrvInst => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: WTabletServicePro => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Color Calibration Software Gamma Loader.lnk => C:\Windows\pss\Color Calibration Software Gamma Loader.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^installer.exe => C:\Windows\pss\installer.exe.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Adobe Creative Cloud\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Adobe Creative Cloud\Acrobat 11.0\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge => 
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\*****\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: DiscWizardMonitor.exe => "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DT HWP => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HWP
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IBP => 
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: Live! Central 2 => "C:\Program Files (x86)\Creative\Creative  Live! Cam\Live! Central 2\CTLVCentral2.exe" /mode2
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
MSCONFIG\startupreg: PMSpeed => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVBg_DTS => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P 
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: Seagate Scheduler2 Service => "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Speech Recognition => "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
MSCONFIG\startupreg: Spotify => "C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: V0610Mon.exe => C:\Windows\V0610Mon.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: WrtMon.exe => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe
MSCONFIG\startupreg: WSHelperSetup.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [C:\Program Files (x86)\AFLICS\AfterFLICS_tools.exe] => (Allow) C:\Program Files (x86)\AFLICS\AfterFLICS_tools.exe
FirewallRules: [TCP Query User{694B9D7A-149C-4043-B90B-7EE0E8AB9593}C:\program files\next limit\realflow 5\realflow.exe] => (Allow) C:\program files\next limit\realflow 5\realflow.exe
FirewallRules: [UDP Query User{D24A44A4-9093-4F07-AB2F-3D244E24767F}C:\program files\next limit\realflow 5\realflow.exe] => (Allow) C:\program files\next limit\realflow 5\realflow.exe
FirewallRules: [{2BEF5ABB-64D3-413C-A62C-F37D87B010FC}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{44B923AB-C129-4A3A-863C-3BF16A6B49B9}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{025440C4-6C0F-4399-B84D-EFE6F565AE7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{9409EAA7-A6A6-4DC1-9DC4-52D121DE8E10}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{B028EB7F-4B66-409A-9797-978B164214A9}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{D77CFEF7-AC5D-4272-BB8F-302DA0B9F94D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1E847A62-31A7-4564-91DD-6EA5EFE098DC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E35A11BC-8182-478F-8BEE-DE41FA90A57B}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [{36FFF0D0-F970-4287-B15E-7355E1DC789D}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Edge Inspect CC\EdgeInspect.exe
FirewallRules: [TCP Query User{E575A514-7577-4B93-B576-E30D52CBE5AB}C:\program files\adobe scout cc\scout.exe] => (Allow) C:\program files\adobe scout cc\scout.exe
FirewallRules: [UDP Query User{209E3793-6692-41DD-BC36-FBF387FE623A}C:\program files\adobe scout cc\scout.exe] => (Allow) C:\program files\adobe scout cc\scout.exe
FirewallRules: [TCP Query User{5FDB0301-B332-4587-8EF7-8AADDD9D161F}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{5B231968-5CB8-46DC-82E1-DB5BB88852C1}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{CFCE06A8-6672-47B1-A204-D90EEBF338F8}] => (Allow) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\LicenseCheck.exe
FirewallRules: [{F85BCBA0-EE02-41E1-A21A-D81A5083A661}] => (Allow) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\LicenseCheck.exe
FirewallRules: [{6EB133BF-5290-41E5-9658-2273651AE612}] => (Allow) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\LicenseCheck.exe
FirewallRules: [{7835FF08-8B72-424F-B0D2-89BD6F95D606}] => (Allow) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\LicenseCheck.exe
FirewallRules: [{289B755B-B0B8-4616-9FE4-EBBB11F4723F}] => (Allow) Q:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{BE05AEFB-A4D0-4DC9-AD1B-C0636C228B9A}] => (Allow) Q:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{B8524643-9F35-452A-856D-11BBDA795443}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{580843A2-6E39-4CC2-A795-842296545EDD}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{5643EEC0-E5C6-4F8C-A116-547AEB044F4A}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{EF207070-DFDC-412D-A2C7-326ED49AACF7}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{A4A83262-6AF9-4931-94F8-79159B78A0A4}C:\program files\adobe\adobe photoshop cc (64 bit)\photoshop-node.exe] => (Allow) C:\program files\adobe\adobe photoshop cc (64 bit)\photoshop-node.exe
FirewallRules: [UDP Query User{CAE65AB6-054C-43EA-BC0C-B201071F02BA}C:\program files\adobe\adobe photoshop cc (64 bit)\photoshop-node.exe] => (Allow) C:\program files\adobe\adobe photoshop cc (64 bit)\photoshop-node.exe
FirewallRules: [{6C7FB0E6-725B-455B-B039-C86129FFACC6}] => (Block) C:\program files\adobe\adobe photoshop cc (64 bit)\photoshop-node.exe
FirewallRules: [{8A54484C-9A05-4792-AF31-4139537E579E}] => (Block) C:\program files\adobe\adobe photoshop cc (64 bit)\photoshop-node.exe
FirewallRules: [{DD9E32FA-6247-40FD-9777-368D38207219}] => (Allow) C:\Program Files (x86)\AceBIT\WISE-FTP 7\WiseFtp7.exe
FirewallRules: [{0B8E75CD-41CA-4FEA-BEA8-43BD0EC34749}] => (Allow) C:\Program Files (x86)\AceBIT\WISE-FTP 7\WiseFtp7.exe
FirewallRules: [{A6A7F3FC-C096-4EA4-9C2D-9A078B603B11}] => (Allow) C:\Program Files (x86)\AceBIT\WISE-FTP 7\WiseFtp7.exe
FirewallRules: [{54B886B4-9826-4619-8C5C-0DEB7F3C16FF}] => (Allow) C:\Program Files (x86)\AceBIT\WISE-FTP 7\WiseFtp7.exe
FirewallRules: [TCP Query User{0AA449E6-3873-4D98-952C-5C7447648B99}C:\program files (x86)\adobe\adobe photoshop cc\photoshop-node.exe] => (Allow) C:\program files (x86)\adobe\adobe photoshop cc\photoshop-node.exe
FirewallRules: [UDP Query User{A03B55B7-9DE5-4FFB-8779-F2687F1CD046}C:\program files (x86)\adobe\adobe photoshop cc\photoshop-node.exe] => (Allow) C:\program files (x86)\adobe\adobe photoshop cc\photoshop-node.exe
FirewallRules: [{B77E7513-B2A0-41C7-9C88-6E2AFAD73A41}] => (Block) C:\program files (x86)\adobe\adobe photoshop cc\photoshop-node.exe
FirewallRules: [{437D5EB6-DC13-47FC-A00A-02D355EEF45E}] => (Block) C:\program files (x86)\adobe\adobe photoshop cc\photoshop-node.exe
FirewallRules: [TCP Query User{972FA12D-0927-4C13-8183-2D6D1CA65BAF}C:\program files\adobe\adobe after effects cc\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc\support files\afterfx.exe
FirewallRules: [UDP Query User{EA8B0892-B7D8-4D6D-B96C-EC3D66CB9CBF}C:\program files\adobe\adobe after effects cc\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc\support files\afterfx.exe
FirewallRules: [{D5AD73F8-9949-4CC9-B418-76525CCF51F2}] => (Block) C:\program files\adobe\adobe after effects cc\support files\afterfx.exe
FirewallRules: [{06B82A9A-C548-4E52-9005-367D0AD74A2E}] => (Block) C:\program files\adobe\adobe after effects cc\support files\afterfx.exe
FirewallRules: [TCP Query User{ACD0E6EA-E603-4797-ADDE-D9609F29B775}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7845F0D7-45F4-4D51-ADB6-1266E42800C0}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8C1DA636-F97F-4721-80FF-D506B0BD3510}] => (Block) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [{AB917A3B-784C-4557-A282-0338C778FC87}] => (Block) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D1556795-DE2D-46A4-A1E2-DBE701EF2E21}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{68B61799-64FA-4520-9A5A-5DC35CFEA1BA}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{3311CFFF-F112-47FF-B78F-E9E06C76885E}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{B5AD0D44-3954-456C-9C21-F260D20C9366}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{04E6D265-80C2-4020-B84F-DEC4402FEE91}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{A6DD24BD-5A9B-42B5-A715-71B8B0C46560}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{B47358E4-F1E7-47D1-9AC6-51DC011E4537}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7E92EADF-0530-442B-9381-4B8AFE2A5CB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F5161E1C-C107-4544-B7E8-91F111FD4867}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{475DDF16-E285-422A-935A-896F0F25539A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5ADB6EA2-AF0E-42EC-8096-124C67E312AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61EF07C3-71E6-476B-BBAD-A81BD3DAAB53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{68140C93-EDC8-4102-BA0D-8B4B8735C494}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{25F8EC1B-5923-488A-91F2-D6AA85890BE2}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{A299915E-9031-4233-9CE0-95957AB8CEE1}] => (Allow) Q:\fsetup.exe
FirewallRules: [{63B61065-BF70-482F-AC85-1A88229ED69B}] => (Allow) Q:\fsetup.exe
FirewallRules: [{A7047FDE-E1C0-42A3-A684-22D97054E91B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{567D9FB2-0C11-4891-B321-F9A857FEB2E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{C3B74F8D-CC16-4670-9709-F125A8BAEAFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{46101A17-CEA8-4850-94F0-0E34C3A24345}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{4CE67101-F0FF-4917-864C-3A31332087D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{145FDC4E-A24C-4741-A578-606CEDAF70D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{EF157853-00A4-4BEF-AA9D-98D395F63BFE}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{D6FA051F-1A6B-40E6-ACA5-4CF3B1E0A113}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{4958EC1B-E569-4F60-879B-7727F008F915}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{C59D5D28-11F3-4B4D-A591-95D1564CADBD}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{5B822A3D-B65F-44D4-9EEA-4079FA655C4F}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{4DD38C3B-442C-4C7B-B927-D8ED9F83DCC4}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [TCP Query User{CEBB4DB8-8532-4410-9E07-26FAF5A231A6}C:\program files (x86)\pioneer\rekordbox 2.2.4\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 2.2.4\psvnfsd.exe
FirewallRules: [UDP Query User{025DBA31-6F4E-43B5-95E3-77DA54A98C3F}C:\program files (x86)\pioneer\rekordbox 2.2.4\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 2.2.4\psvnfsd.exe
FirewallRules: [TCP Query User{C1359AAF-40FE-4BBF-B3B2-975E31B389C3}C:\program files (x86)\pioneer\rekordbox 2.2.4\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 2.2.4\psvlinksysmgr.exe
FirewallRules: [UDP Query User{1076D210-FA40-4924-9496-EF43C4A5FA40}C:\program files (x86)\pioneer\rekordbox 2.2.4\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 2.2.4\psvlinksysmgr.exe
FirewallRules: [TCP Query User{F33679E2-64BC-4271-8232-1DFB41DC8529}C:\program files (x86)\pioneer\rekordbox 2.2.4\rekordbox.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 2.2.4\rekordbox.exe
FirewallRules: [UDP Query User{1E6D175D-9B0A-4444-8350-B36E686E5A65}C:\program files (x86)\pioneer\rekordbox 2.2.4\rekordbox.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 2.2.4\rekordbox.exe
FirewallRules: [TCP Query User{0C2BDE9A-FBFD-4083-9A7F-63945D3B613A}C:\program files (x86)\pioneer\rekordbox 3.0.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.0\rekordbox 3.exe
FirewallRules: [UDP Query User{94BA5395-FD32-492E-B1A5-CB0896DF70E4}C:\program files (x86)\pioneer\rekordbox 3.0.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.0\rekordbox 3.exe
FirewallRules: [TCP Query User{6EE018AF-BD50-4CF4-98E1-390653F51DCA}C:\program files (x86)\pioneer\rekordbox 3.0.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.0\psvnfsd.exe
FirewallRules: [UDP Query User{480D1692-21A3-418E-890F-FC7F8BFACAFA}C:\program files (x86)\pioneer\rekordbox 3.0.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.0\psvnfsd.exe
FirewallRules: [TCP Query User{806B36B5-DA48-4603-B79D-ACC11458DA36}C:\program files (x86)\pioneer\rekordbox 3.0.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{EFD2421F-3327-45A3-AC8F-BA69411EE985}C:\program files (x86)\pioneer\rekordbox 3.0.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.0\psvlinksysmgr.exe
FirewallRules: [TCP Query User{41F7E1DC-82B1-4720-B115-43CD004DC1ED}C:\program files (x86)\pioneer\rekordbox 3.0.1\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.1\rekordbox 3.exe
FirewallRules: [UDP Query User{7A30C856-E3A3-4112-9FFC-BDEEF814561B}C:\program files (x86)\pioneer\rekordbox 3.0.1\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.1\rekordbox 3.exe
FirewallRules: [TCP Query User{B59E7CFD-8195-4DE2-82A7-ABFB736A38CC}C:\program files (x86)\pioneer\rekordbox 3.0.1\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.1\psvnfsd.exe
FirewallRules: [UDP Query User{D8611844-447D-49E4-BBEE-31339D224980}C:\program files (x86)\pioneer\rekordbox 3.0.1\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.1\psvnfsd.exe
FirewallRules: [TCP Query User{41443293-BB1E-406E-89CD-690D785747EA}C:\program files (x86)\pioneer\rekordbox 3.0.1\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.1\psvlinksysmgr.exe
FirewallRules: [UDP Query User{8C4E30AF-70B8-44AF-8CFE-47DA9863038B}C:\program files (x86)\pioneer\rekordbox 3.0.1\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.0.1\psvlinksysmgr.exe
FirewallRules: [{AEE2DCE6-0618-494F-B8C7-E854C28F53B7}] => (Allow) C:\Users\*****\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{87FBDF4F-C5C9-4C73-A41E-D1AEC8086DC3}] => (Allow) C:\Users\*****\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{8FEA529D-E55A-43E0-B70E-A8DCF6245174}] => (Allow) LPort=49181
FirewallRules: [{369FD811-A95C-428C-BB75-11D0498EB92B}] => (Allow) LPort=5000
FirewallRules: [{766943D3-A60F-421A-85C7-76B756CB8D8E}] => (Allow) LPort=8000
FirewallRules: [{191E08EB-7142-47C3-9683-8F581C943179}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{4681EAA7-2FEB-4BDB-9110-CA11B4EDECD0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{102514D7-89E7-4096-A75B-99CEE3F42A9A}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [UDP Query User{EE998773-346C-460C-A270-D6988C80AF16}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [TCP Query User{F7C8C8C5-A1DD-4BF2-95AE-A33B5CBD319F}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [UDP Query User{264F8087-8D76-4FA7-8567-3E7754ECD492}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [TCP Query User{C6FB9FB0-A1A0-4938-94D8-3A224805A216}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{41848C4D-C553-4A93-97FE-A7A734F7E5C0}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [{8FC45646-8C9F-4CAA-B89D-1C76CE83BAA7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E45774E0-F7A8-4790-BEC5-DE4068D4F6B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DDC33FB2-7F1F-4A30-9947-786777B7F78C}C:\program files (x86)\adobe\adobe edge animate cc 2014.1\edgeanimate.exe] => (Allow) C:\program files (x86)\adobe\adobe edge animate cc 2014.1\edgeanimate.exe
FirewallRules: [UDP Query User{3B0E504F-5F5F-497E-857F-D4C1DFAE349C}C:\program files (x86)\adobe\adobe edge animate cc 2014.1\edgeanimate.exe] => (Allow) C:\program files (x86)\adobe\adobe edge animate cc 2014.1\edgeanimate.exe
FirewallRules: [TCP Query User{665D164F-2366-463F-845E-17C4D2431265}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{E168A761-242C-4B7A-8238-5A91108A757F}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{5B8B693E-E7A2-4288-9503-5E49C88E601E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{D106347F-E014-4B70-AADC-03B897043A13}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{13B506E5-14D0-4992-BEF5-F8FB9AA7CD14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{35C7FD9F-CDBF-4F36-9CBD-A3D875B80219}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{9800E5D9-9FAA-4C30-BE3D-A6114B8F8EA0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E597CCAA-21CD-4F37-B0EC-0A5331AA3890}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9268C159-DE5E-41FC-A5DC-FC1F8D73EDE4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{962C3DAB-9A13-4C56-A1C4-402CB3672EA3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{D244FCAE-2AC7-4CEB-93F6-38BBD255BEEE}C:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe
FirewallRules: [UDP Query User{FEEAE0E9-BCD6-4FFD-BECB-3A1A44D3D587}C:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe
FirewallRules: [TCP Query User{37ACAD5F-D190-4FAF-9B1F-40870963D19F}C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe
FirewallRules: [UDP Query User{C315237B-708C-43F3-A966-A3328B07F68A}C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe
FirewallRules: [TCP Query User{F8D4572B-0972-4DE0-AD51-4F3CE8ABCF4A}C:\program files\adobe\adobe media encoder cc 2014\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2014\adobe media encoder.exe
FirewallRules: [UDP Query User{5198D1A2-9154-43CD-93C7-8AE161380FC8}C:\program files\adobe\adobe media encoder cc 2014\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2014\adobe media encoder.exe
FirewallRules: [{C0DE1753-BF5B-4E39-87A0-6E30EC0039B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{585A3839-DDAE-41BB-A8DA-CE3A863D0246}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DABC261A-25F6-46B1-853C-F7792D1DA799}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{02C37341-A7F5-496B-9F24-11331A5C8764}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6F900A85-CF88-4272-954B-053D549C0C2D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{A57D1C4F-81AC-4DE1-A58C-41743EA2524D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{8D2BB314-8B37-4222-AEFF-E4C04E2885CE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{0A9E42CD-BB20-4C8C-ACC9-307B1839E284}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8987EBDC-FC41-41EF-93B2-5C2157F54ED2}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{052C53FC-F004-4BA2-B71A-093618FD96BE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{65C7EACB-F68F-4F85-8F80-E5B5106D2FA3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{27C661AC-DB3B-4038-BFB2-95EEF5F0239A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{C9AB0175-3793-4FE9-9BB4-83C0B8F9533D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{2B6E1E65-6DC4-4FE4-95F3-1751D9B3D05F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{7193AC2C-F64E-44B9-95F2-A61B1B430061}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5D574C71-4EF5-478F-8F08-15F7F4529B20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{311F3C09-11CA-401E-BA98-50E864621511}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7F09DCFE-6899-4CA1-8BC2-94E2BF4AE9E2}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe
FirewallRules: [UDP Query User{8DE0BE42-B2CE-42E6-81C1-DE4AB5C3C12A}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe
FirewallRules: [{FB1DCCE8-3084-4102-840D-AAF804870A8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{0E193564-D73B-4F44-B8EE-B43EB7BBDBD0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{6FDC7694-D1FD-4FD9-88A5-4947F9ACDBB8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{8A73A99B-6912-4D63-ADB6-E26D29FC9F23}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{EDF65724-08DF-4944-85AC-839E284E2ADC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D9CB0457-DFFF-4037-88D2-8C990AF715DE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{FB88356B-C724-4303-9A21-AA9BF1587457}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{74058DC0-4DDB-429C-9937-72F72B3D1100}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{83ADD538-4241-4620-9459-12F8C667D007}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{954B6951-01D7-485B-B97D-677B81094329}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{39675314-6BCD-4958-9C99-A64D6AF24905}C:\program files (x86)\pioneer\rekordbox 3.3.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.3.0\rekordbox 3.exe
FirewallRules: [UDP Query User{55120816-FDA4-4CB4-887E-38F05E8589C9}C:\program files (x86)\pioneer\rekordbox 3.3.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.3.0\rekordbox 3.exe
FirewallRules: [TCP Query User{ECC4D61D-5937-4407-92A8-1D41B0B87B18}C:\program files (x86)\pioneer\rekordbox 3.3.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.3.0\psvnfsd.exe
FirewallRules: [UDP Query User{E84B719C-27AE-4CB3-A797-D6FB2742DACC}C:\program files (x86)\pioneer\rekordbox 3.3.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.3.0\psvnfsd.exe
FirewallRules: [TCP Query User{3A39E567-4691-4B69-B3DB-0ED877C1A548}C:\program files (x86)\pioneer\rekordbox 3.3.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.3.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{93DE2F1B-C901-44B8-8368-252A26DAEE4B}C:\program files (x86)\pioneer\rekordbox 3.3.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.3.0\psvlinksysmgr.exe
FirewallRules: [TCP Query User{5E2D7630-C3EC-4E77-9D3B-2EF36957D916}C:\program files\cycling '74\max 7\max.exe] => (Allow) C:\program files\cycling '74\max 7\max.exe
FirewallRules: [UDP Query User{5E0B773B-165A-4BE5-A477-E6D09ECB2409}C:\program files\cycling '74\max 7\max.exe] => (Allow) C:\program files\cycling '74\max 7\max.exe
FirewallRules: [{3F27E2A2-7538-4E4A-8369-173A9EBD6D83}] => (Allow) C:\Program Files (x86)\Cakewalk\Command Center\Cakewalk-Command-Center.exe
FirewallRules: [{21790D32-3AF6-4A91-A7A7-E6BB183B8B68}] => (Allow) C:\Program Files (x86)\Cakewalk\Command Center\Cakewalk-Command-Center.exe
FirewallRules: [{F44E96FC-4F91-49EA-88AA-18FAB7892EC6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{02ED92C5-8376-40D1-9EAB-9961503E6B0B}] => (Allow) C:\Users\**********\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{3DFE0BAF-F2E4-4BCF-8A12-B00DEA10D9A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C8A2B274-238A-4DC1-A9D9-B55464E852AA}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{71F62B38-AF9E-40A1-B4E0-F9E71730717A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Rebus\Rebus Manager\RebusManager.exe] => Enabled:RebusManager

==================== Wiederherstellungspunkte =========================

10-12-2017 08:26:30 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/10/2017 05:52:39 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80004005).

Error: (12/09/2017 11:33:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\*****\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/09/2017 11:33:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\*****\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/09/2017 08:51:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   19 21.178.168.192.in-addr.arpa. PTR cinegraffix.local.

Error: (12/09/2017 08:51:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.21:5353   21 21.178.168.192.in-addr.arpa. PTR cinegraffix-2.local.

Error: (12/09/2017 08:47:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/09/2017 07:18:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   19 21.178.168.192.in-addr.arpa. PTR cinegraffix.local.

Error: (12/09/2017 07:18:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.21:5353   21 21.178.168.192.in-addr.arpa. PTR cinegraffix-2.local.

Error: (12/09/2017 01:29:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\*****\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/09/2017 01:29:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\*****\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Systemfehler:
=============
Error: (12/09/2017 11:34:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (12/09/2017 11:34:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MEINOL~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/09/2017 11:34:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (12/09/2017 11:34:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MEINOL~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/09/2017 11:34:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (12/09/2017 11:34:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MEINOL~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/09/2017 11:34:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (12/09/2017 11:34:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MEINOL~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/09/2017 11:34:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (12/09/2017 11:34:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MEINOL~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


CodeIntegrity:
===================================
  Date: 2017-12-10 11:20:59.595
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-12-10 11:04:59.968
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-12-09 21:40:51.210
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-12-09 20:47:50.019
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-12-09 20:46:38.024
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv05.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2017-12-09 20:46:37.790
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv05.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2017-12-09 19:10:35.808
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-12-09 14:01:06.564
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-12-09 13:53:04.285
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-12-09 13:38:15.645
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8350 Eight-Core Processor 
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 16284.36 MB
Verfügbarer physikalischer RAM: 10971.98 MB
Summe virtueller Speicher: 32566.89 MB
Verfügbarer virtueller Speicher: 28373.44 MB

==================== Laufwerke ================================

Drive c: (Main) (Fixed) (Total:1862.79 GB) (Free:410.56 GB) NTFS
Drive d: (Lokaler Datenträger) (Fixed) (Total:0.95 GB) (Free:0.92 GB) NTFS
Drive e: () (Fixed) (Total:4.77 GB) (Free:4.72 GB) NTFS
Drive h: (Lokaler Datenträger) (Fixed) (Total:0.95 GB) (Free:0.92 GB) NTFS
Drive i: (Kinospots) (Fixed) (Total:917.2 GB) (Free:71.9 GB) NTFS
Drive m: (Kinospots_II) (Fixed) (Total:2794.39 GB) (Free:2616.15 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1F902DB8)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5A563E54)

Partition: GPT.

========================================================
Disk: 2 (Size: 2794.5 GB) (Disk ID: ECAE5BB4)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
__________________


Alt 10.12.2017, 12:13   #3
John Boy
 
Google Chrome Reset & Packed.VMProtect.ABD Trojaner - Standard

ADWCleaner Scans



Code:
ATTFilter
# AdwCleaner 7.0.5.0 - Logfile created on Sat Dec 09 11:53:18 2017
# Updated on 2017/29/11 by Malwarebytes 
# Database: 12-08-2017.1
# Running on Windows 7 Ultimate (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Program Files (x86)\DeviceVM
PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\Local\FileTypeAssistant
PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\FileTypeAssistant
PUP.Optional.Legacy, C:\Users\******\AppData\Local\FileTypeAssistant
PUP.Optional.Legacy, C:\ProgramData\QuickSet
PUP.Optional.Legacy, C:\ProgramData\Application Data\QuickSet
PUP.Optional.Legacy, C:\Users\All Users\QuickSet
PUP.Optional.Legacy, C:\ProgramData\SoftSafe
PUP.Optional.Legacy, C:\ProgramData\Application Data\SoftSafe
PUP.Optional.Legacy, C:\Users\All Users\SoftSafe
PUP.Optional.Legacy, C:\Users\******\AppData\Roaming\Windows Net Data
PUP.Optional.Legacy, C:\Users\******\AppData\Roaming\Yahoo!\Companion
PUP.Optional.SofTonicAssistant, C:\Users\******\AppData\LocalLow\Softonic
PUP.Optional.PutLockerDownloader, C:\Users\******\AppData\Local\PutLockerDownloader
PUP.Optional.Conduit.A, C:\Users\******\AppData\Roaming\RHEng
PUP.Optional.FoxTabFLVPlayer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
PUP.Adware.Heuristic, C:\ProgramData\36d46dfcd1c350f2


***** [ Files ] *****

PUP.Optional.Legacy, C:\user.js
PUP.Optional.Legacy, C:\END


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command | 
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command | 
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SK.Enhancer
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\APN PIP
PUP.Optional.Legacy, [Key] - HKCU\Software\APN PIP
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\Bitberry Software
PUP.Optional.Legacy, [Key] - HKCU\Software\Bitberry Software
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\FileTypeAssistant
PUP.Optional.Legacy, [Key] - HKCU\Software\FileTypeAssistant
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SP Global
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\AppDataLow\Software\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\Software\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\Yahoo\YFriendsBar
PUP.Optional.Legacy, [Key] - HKCU\Software\Yahoo\YFriendsBar
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\Microsoft\Tinstalls
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Tinstalls
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {58124A0B-DC32-4180-9BFF-E0E21AE34026}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application\x-vnd.dpliveupdate.oneclickctrl.9
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application\x-vnd.dpliveupdate.update3webcontrol.3
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
PUP.Optional.Uniblue, [Key] - HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\UniblueDriverScanner
PUP.Optional.Iminent, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {977AE9CC-AF83-45E8-9E03-E2798216E2D5}
PUP.Optional.ByteFence, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | ByteFence.exe
PUP.Optional.ByteFence, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
PUP.Optional.MaxComputerCleaner, [Key] - HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\Software\tstamptoken
PUP.Optional.MaxComputerCleaner, [Key] - HKCU\Software\tstamptoken
PUP.Optional.Linkey.AppFlsh, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
         
Code:
ATTFilter
# AdwCleaner 7.0.5.0 - Logfile created on Sat Dec 09 12:04:28 2017
# Updated on 2017/29/11 by Malwarebytes 
# Database: 12-08-2017.1
# Running on Windows 7 Ultimate (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [17584 B] - [2017/12/9 11:55:22]
C:/AdwCleaner/AdwCleaner[S0].txt - [19686 B] - [2017/12/9 11:53:18]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########
         
Code:
ATTFilter
# AdwCleaner 7.0.5.0 - Logfile created on Sat Dec 09 12:26:48 2017
# Updated on 2017/29/11 by Malwarebytes 
# Database: 12-08-2017.1
# Running on Windows 7 Ultimate (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [17584 B] - [2017/12/9 11:55:22]
C:/AdwCleaner/AdwCleaner[C1].txt - [5324 B] - [2017/12/9 12:4:43]
C:/AdwCleaner/AdwCleaner[S0].txt - [19686 B] - [2017/12/9 11:53:18]
C:/AdwCleaner/AdwCleaner[S1].txt - [5692 B] - [2017/12/9 12:4:28]


########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########
         
Code:
ATTFilter
C:\AdwCleaner\Quarantine\IDCdJOyapn\4C5A57588E2545489F23693778201200\Installer.exe	Variante von Win32/TrojanDropper.MsiDrop.A Trojaner
C:\Program Files (x86)\Craft Animations\directorstudio\data\core\win\x64\core.dll	Variante von Win32/Packed.VMProtect.ABD Trojaner
C:\ProgramData\DigitalWave.ApplicationUpdater_files\install_app_61.exe	Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung
C:\Users\All Users\DigitalWave.ApplicationUpdater_files\install_app_61.exe	Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung
C:\Users\**********\AppData\Local\Temp\DMR\dmr_72.exe	Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\**********\Downloads\Mail PassView - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
M:\Div_Prog\Sammelmappe\uTorrent_34_30660.exe	Variante von Win32/AdkDLLWrapper.A eventuell unerwünschte Anwendung
M:\Div_Prog\Sammelmappe\CODC_Loader\CODC_Loader.rar	Variante von Win32/Packed.Themida verdächtige Datei
M:\Div_Prog\Sammelmappe\CODC_Loader\objects.dll	Variante von Win32/Packed.Themida verdächtige Datei
         
Code:
ATTFilter
C:\AdwCleaner\Quarantine\IDCdJOyapn\4C5A57588E2545489F23693778201200\Installer.exe	Variante von Win32/TrojanDropper.MsiDrop.A Trojaner
C:\Program Files (x86)\Craft Animations\directorstudio\data\core\win\x64\core.dll	Variante von Win32/Packed.VMProtect.ABD Trojaner
C:\ProgramData\DigitalWave.ApplicationUpdater_files\install_app_61.exe	Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung
C:\Users\All Users\DigitalWave.ApplicationUpdater_files\install_app_61.exe	Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung
C:\Users\**********\AppData\Local\Temp\DMR\dmr_72.exe	Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\**********\Downloads\Mail PassView - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
M:\Div_Prog\Sammelmappe\uTorrent_34_30660.exe	Variante von Win32/AdkDLLWrapper.A eventuell unerwünschte Anwendung
M:\Div_Prog\Sammelmappe\CODC_Loader\CODC_Loader.rar	Variante von Win32/Packed.Themida verdächtige Datei
M:\Div_Prog\Sammelmappe\CODC_Loader\objects.dll	Variante von Win32/Packed.Themida verdächtige Datei
         
__________________

Alt 07.01.2018, 15:46   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome Reset & Packed.VMProtect.ABD Trojaner - Frage

Google Chrome Reset & Packed.VMProtect.ABD Trojaner



Dein Beitrag wurde übersehen. Brauchst du noch Hilfe?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Google Chrome Reset & Packed.VMProtect.ABD Trojaner
abstürzen, administrator, adobe, avira, bonjour, converter, defender, explorer, flash player, format, google, homepage, iexplore.exe, mozilla, prozesse, realtek, registry, rundll, scan, software, svchost.exe, temp, trojaner, windows, winlogon.exe



Ähnliche Themen: Google Chrome Reset & Packed.VMProtect.ABD Trojaner


  1. Windows 10: Trojaner greift Google Chrome und Drive an
    Log-Analyse und Auswertung - 22.01.2017 (17)
  2. McAfee erkennt Trojaner / Zugriff auf Google Chrome durch Werbung und Downloads beschränkt (Win10)
    Plagegeister aller Art und deren Bekämpfung - 16.03.2016 (25)
  3. Win7 - Packed-multi-multi-packed.gen und HEUR:Trojan.script.iframer
    Log-Analyse und Auswertung - 13.12.2015 (10)
  4. Trojaner sendet E-Mails (web.de Account) an Adressbuch (Windows7 zugriff über Google Chrome)
    Log-Analyse und Auswertung - 07.11.2015 (9)
  5. ESET hat Diverses gefunden, Laptop extrem langsam, andauernde Fehlermeldungen Chrome"Ups Google Chrome ...."
    Plagegeister aller Art und deren Bekämpfung - 19.07.2015 (165)
  6. Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.
    Plagegeister aller Art und deren Bekämpfung - 09.05.2015 (32)
  7. Google Chrome - öffnet eine andere Seite beim Starten von Google Chrome (Win7)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (29)
  8. win32/packed.vmprotect.aaa
    Plagegeister aller Art und deren Bekämpfung - 29.09.2014 (1)
  9. Win32.Packed.VMProtect.AAH kommt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 22.06.2014 (5)
  10. Win 7: Google Chrome/Mozilla firefox lässt vermehrt Werbung auf Webseiten zu & Google Suchergebnisse scheinen manipuliert zu sein
    Log-Analyse und Auswertung - 29.04.2014 (8)
  11. jsn.donecore.net Malware Trojaner (Win7/64bit), Google Chrome Werbepopups
    Log-Analyse und Auswertung - 06.12.2013 (13)
  12. bei jedem start von google chrome erscheint trojaner
    Plagegeister aller Art und deren Bekämpfung - 02.12.2013 (6)
  13. Click Compare Trojaner - Laptop (Win7 / Google Chrome)
    Plagegeister aller Art und deren Bekämpfung - 30.05.2013 (11)
  14. Google Chrome leitet Trojaner-Board Treffer bei Google auf dollarade.com um!
    Diskussionsforum - 07.02.2012 (18)
  15. Trojaner-Verdacht: Microsoft-Patch löscht Google Chrome
    Nachrichten - 01.10.2011 (0)
  16. Trojaner JS:Packed-AH
    Plagegeister aller Art und deren Bekämpfung - 17.02.2009 (0)
  17. Generic Packed Trojaner
    Plagegeister aller Art und deren Bekämpfung - 14.02.2006 (1)

Zum Thema Google Chrome Reset & Packed.VMProtect.ABD Trojaner - Hallo liebes Board, ich habe seit einigen Tagen vermehrt mit Google Chrome Resets, Abstürzen und sehr langsamen Ausführungen zu tun. Ich habe auch schon einige Schritte, bevor ich auf diesem - Google Chrome Reset & Packed.VMProtect.ABD Trojaner...
Archiv
Du betrachtest: Google Chrome Reset & Packed.VMProtect.ABD Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.