grillfest1 | 28.08.2016 13:12 | Log Datei ADW Cleaner: Code:
# AdwCleaner v6.010 - Logfile created 28/08/2016 at 13:24:57
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-27.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Flo Admin - BÜROSUF
# Running from : C:\Users\Flo Admin\Desktop\AdwCleaner_6.010.exe
# Mode: Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
:: "Prefetch" files deleted
:: Proxy settings cleared
:: IE policies deleted
:: Chrome policies deleted
:: Chrome preferences reset: C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6021 Bytes] - [24/08/2016 15:16:39]
C:\AdwCleaner\AdwCleaner[C2].txt - [1219 Bytes] - [24/08/2016 15:28:03]
C:\AdwCleaner\AdwCleaner[C3].txt - [1093 Bytes] - [28/08/2016 13:24:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [5968 Bytes] - [24/08/2016 15:14:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [1334 Bytes] - [24/08/2016 15:24:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1428 Bytes] - [28/08/2016 13:24:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1385 Bytes] ########## MBAM: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 28.08.2016
Suchlaufzeit: 13:32
Protokolldatei: mbam.txt
Administrator: Ja
Version: 2.2.1.1043
Malware-Datenbank: v2016.08.28.04
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Flo Admin
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 372171
Abgelaufene Zeit: 22 Min., 58 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 3
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , In Quarantäne, [88ec4c045a40fe38ec6147724fb45ca4],
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [78fcb49c53479d997d9eb32b4fb46997],
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [9fd5ca86970313238498588612f12bd5],
Registrierungswerte: 7
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [50242f214b4f83b388c45a5f0cf73ac6]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [70045ff1bfdbe6503d0f2198966d18e8]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [185ca0b05446fa3c5af27247dd2658a8]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [4b29a0b0f8a253e362ea84351de61de3]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [3a3ad977821820168cc003b67192956b]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [d2a276da4456a98da6a65d5ce71cf30d]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [88ec4c045a40fe38ec6147724fb45ca4]
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 20
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\AddedAppDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DefualtImages, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DetectedAppDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\EngineFirstTimeDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\images, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\Images, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarUntrustedAppsApprovalDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAddedAppDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppApprovalDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppPendingDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15],
Dateien: 76
PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Samsung Kies - CHIP-Installer.exe, In Quarantäne, [da9aaba5debcd66088746fa73bc59868],
PUP.Optional.DownloadGuide, C:\Users\Flo Admin\Downloads\SandboxieInstall_CB-DL-Manager.exe, In Quarantäne, [aec6e26e138785b1cef4b1ce39c88a76],
PUP.Optional.SofTonic, C:\Users\Flo Admin\Downloads\SoftonicDownloader_fuer_artrage.exe, In Quarantäne, [7004a5ab1585999d4cf832ee5ca4eb15],
PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Studio One Free - CHIP-Installer.exe, In Quarantäne, [f480cd834f4b94a20def070f2dd3eb15],
PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Tor Browser Paket - CHIP-Installer.exe, In Quarantäne, [4133db75fb9f7fb714e80115e02018e8],
PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\DarkWave Studio - CHIP-Installer.exe, In Quarantäne, [23511838900ab086cd2f1bfbb14f58a8],
PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\CopyTrans Contacts - CHIP-Installer.exe, In Quarantäne, [304453fdacee0b2b708c9b7b8080cb35],
PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Helium Backup Desktop Client - CHIP-Installer.exe, In Quarantäne, [c8acdb751c7e0e2851ab53c327d9669a],
PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\http___i.imgur.com_phFeCiS.png_downloader.exe, In Quarantäne, [14605ff18b0f96a0bac2679556aa2bd5],
PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Vollversion Ashampoo Burning Studio 2014 - CHIP-Installer(1).exe, In Quarantäne, [ed8771dffb9fc76fc23ad93dfb0558a8],
PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Vollversion Ashampoo Burning Studio 2014 - CHIP-Installer.exe, In Quarantäne, [03717dd3f8a21b1b7c8066b0b34d44bc],
Worm.SFDC, C:\Users\Flo Admin\homep.exe, In Quarantäne, [afc5123e64364ceab390141130d3ac54],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\RoundedCornersIE9.css, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DialogsAPI.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\excanvas.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\generalDialogStyle.css, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\PIE.htc, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\RoundedCorners.css, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\settings.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\version.txt, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\AddedAppDialog\app-added.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\AddedAppDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DefualtImages\icon.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DetectedAppDialog\app-2go.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DetectedAppDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\EngineFirstTimeDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\EngineFirstTimeDialog\right-click.gif, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\SearchProtector.css, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\SearchProtector.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\images\ok-button.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\images\separation-line.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\images\warning.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\bubble.css, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\bubble.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images\information.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\SearchProtector.css, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\SearchProtector.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\Images\info.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\Images\ok-on.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\Images\ok.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\divider.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAddedAppDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppApprovalDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppPendingDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, In Quarantäne, [6d07dd731189b3837429725306fceb15],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) JRT: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by Flo Admin (Administrator) on 28.08.2016 at 14:00:57,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\WINDOWS\SysWOW64\REN2CD6.tmp (File)
Registry: 4
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{269D0B18-45D0-46D0-A644-2D60D928BC7F} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{269D0B18-45D0-46D0-A644-2D60D928BC7F} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.08.2016 at 14:04:35,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by Flo Admin (Administrator) on 28.08.2016 at 14:00:57,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\WINDOWS\SysWOW64\REN2CD6.tmp (File)
Registry: 4
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{269D0B18-45D0-46D0-A644-2D60D928BC7F} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{269D0B18-45D0-46D0-A644-2D60D928BC7F} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.08.2016 at 14:04:35,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Addition: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-08-2016
durchgeführt von Flo Admin (28-08-2016 14:08:58)
Gestartet von C:\Users\Flo Admin\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-02 16:24:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4126187190-1361339850-3817463540-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4126187190-1361339850-3817463540-503 - Limited - Disabled)
Flo Admin (S-1-5-21-4126187190-1361339850-3817463540-1001 - Administrator - Enabled) => C:\Users\Flo Admin
Gast (S-1-5-21-4126187190-1361339850-3817463540-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4126187190-1361339850-3817463540-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.05 - ASUSTeK Computer Inc.)
Amazon Music (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{377C9C44-398B-6CBD-9138-F6B4AB951839}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
America's Army 3 (HKLM-x32\...\Steam App 13140) (Version: - U.S. Army)
Any Video Converter 5.7.0 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtRage 2 Starter Edition (HKLM-x32\...\{394C2C3E-CA18-4216-B430-ACDD82C26973}) (Version: 2.6.0 - Ambient Design)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{CFA9C800-9B0B-42E3-92E7-08B5AF2E192E}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{E3185090-8796-46FB-A27F-6C844F106DAC}) (Version: 4.0.1.90 - MAGIX AG)
ASUS Video easy (Version: 4.0.1.90 - MAGIX AG) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Biller (HKLM\...\Biller) (Version: 1.49 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 10.1.0.1871 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.1.0.1871 - Bullzip)
calibre (HKLM-x32\...\{04882E0B-389F-4F58-B1B9-DE87371DEBDE}) (Version: 2.34.0 - Kovid Goyal)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deutschland Digital 1.0.0 (HKLM-x32\...\Deutschland Digital_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.19695 - Landesfinanzdirektion Thüringen)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.10.923 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.7 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.7 - Ellora Assets Corporation)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Haufe Formular-Manager (HKLM-x32\...\{9353F6E9-13B7-43B4-8FA5-CB46CA22671B}) (Version: 2.1.8.0 - Haufe)
Haufe iDesk-Browser (HKLM-x32\...\{043671DC-DE3A-4A5B-B7A2-34F7DF6F5523}) (Version: 7.07.25.4312 - Haufe)
Haufe iDesk-Service (HKLM-x32\...\{A4E86B6A-6EEC-41FD-8960-26947F0E3353}) (Version: 7.09.07.4355 - Haufe)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP Officejet 5740 series - Grundlegende Software für das Gerät (HKLM\...\{4029319E-A53E-4FAA-A2FA-D0091D85EB17}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet 5740 series Hilfe (HKLM-x32\...\{0C0C43A4-CDBF-4CF6-9902-4CF6BBD09C80}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\HP Photo Creations) (Version: 1.0.0.19522 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
HyperVcam Mobile (HKLM-x32\...\Camera) (Version: - )
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
IsoBuster 3.7 (HKLM-x32\...\IsoBuster_is1) (Version: 3.7 - Smart Projects)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
leogeo_timebeat (HKLM-x32\...\leogeo_timebeat_is1) (Version: - )
Lexware buchhalter 2016 (HKLM-x32\...\{c471bebe-ad7b-4c54-8a91-2d314fd041a0}) (Version: 21.51.0.280 - Haufe-Lexware GmbH & Co.KG)
Lexware buchhalter 2016 (x32 Version: 21.51.00.0377 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster (x32 Version: 16.05.00.0033 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2016 (HKLM-x32\...\{c9c745c2-74e4-454e-91e0-ca041e6ed42c}) (Version: 16.5.0.33 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (x32 Version: 16.00.00.0040 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (HKLM-x32\...\{6FF55A3A-4E59-4CF8-9248-2EE747168B3E}) (Version: 5.01.00.0040 - Haufe-Lexware GmbH & Co.KG)
Lexware know how buchhaltung (HKLM-x32\...\{86C5FBB1-83D3-4E79-B60C-FB43BF003AE9}) (Version: 6.0.0.0 - Haufe Mediengruppe)
Lexware online banking (x32 Version: 22.04.00.0043 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.00.01.0009 - Haufe-Lexware GmbH & Co.KG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{F66C4A41-C3A8-4523-AB6C-BAA1DB38305C}) (Version: 2.7.357 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.4.132.12090 (HKLM-x32\...\{7C5AEEE1-6D7C-8922-4548-7BF9096077EC}) (Version: 2.4.132.12090 - Sony)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MP3 Splitter version 3.1 (HKLM-x32\...\MP3 Splitter_is1) (Version: - )
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{769E695A-F93F-803E-3763-9A00A0E38786}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PreSonus Studio One 2 (HKLM-x32\...\PreSonus Studio One 2) (Version: 2.6.0.24200 - PreSonus Audio Electronics)
Prezi Desktop (HKLM-x32\...\{b2c1866d-4df0-43b9-bf09-f126fac08e1c}) (Version: 6.12.1.0 - Prezi)
Prezi Desktop (x32 Version: 6.12.1.0 - Prezi) Hidden
PSD Viewer (HKLM-x32\...\{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1) (Version: - IdeaMK)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6890 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
SplitCam (HKLM-x32\...\SplitCam) (Version: 7.4.4.1 - SplitCam Co)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP Officejet 5740 series (HKLM\...\{E49940D5-31DD-40BA-851D-3B82C4FF7A18}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65280 - TeamViewer)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Unity Web Player (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
USB Server (HKLM-x32\...\InstallShield_{2DCD32C2-EBB2-4461-8398-6FBA1E8BCD0D}) (Version: 09.1117.0028 - Ihr Firmenname)
USB Server (x32 Version: 09.1117.0028 - Ihr Firmenname) Hidden
USB Server NPW (HKLM-x32\...\InstallShield_{7B88E312-ED74-4FE4-BC76-18DA40597382}) (Version: - )
USB Server NPW (Version: 09.1117.0028 - Ihr Firmenname) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ 8 (HKLM-x32\...\{9652ACA0-38A4-4BF8-B15E-2317D41D0AE3}) (Version: 8.0.2139.0 - Atomix Productions)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version: - )
WhatsApp (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XnView 2.36 (HKLM-x32\...\XnView_is1) (Version: 2.36 - Gougelet Pierre-e)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {002DB84B-CC92-4F9E-A0BE-E87B9453079B} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0DAEBF49-17B1-4CDB-9E6F-F7754206186E} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {15E5D4B8-C0E1-4B8B-8D99-5D6C13A1AF0B} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {33D000FE-8321-4DA3-BDAA-C90D6DCFB54D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {37FC83F6-061F-4D09-A5B9-CA2AA83C06A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {4129F7A2-1670-4846-8E34-C78C7B2E349E} - System32\Tasks\SafeZone scheduled Autoupdate 1451348094 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {49C49F98-87C7-4737-974D-7B483CCB4DF4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {5956B518-9EF2-475F-8FE5-AAAC2E8B2E56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {6B792BFE-472A-4572-8089-14AD5D9B19FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {75E37311-C0C7-47CD-B46F-7E0743A7C349} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {837E1E21-372A-46A3-BEBC-20A0D334F80E} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Flo Admin\AppData\Roaming\HP Photo Creations\Communicator.exe [2015-12-28] ()
Task: {85859EF5-0169-4590-9C7A-D3ACCD511113} - System32\Tasks\{BF70E981-2856-4D51-B24D-AEF709BD9888} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.106/de/abandoninstall?page=tsProgressBar
Task: {870B6537-E047-4216-926B-000757F67EEF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-30] (AVAST Software)
Task: {8B344A7B-0D2B-4201-8661-07D40F0BD767} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9A6505A9-ADD4-4E45-84CE-794EB4AD0B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9ADBBA26-9754-465C-B9F2-A42FDA0D88E9} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {9F311C0A-4399-4B6C-860B-6CFB5CF40ECD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A0B52DA2-F889-4882-B6D8-C15ED151A088} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {AADFA08E-9B63-4794-A107-8A971BB93DF2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AD8A5F53-032B-4BE5-B984-E5754BA88609} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B76472CA-DB70-4EA5-89FA-0536DDB2CA93} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {C8699E42-5061-4448-B95F-BCD5011F54F7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
Task: {E67ED1D2-A91D-48AD-8B60-032CD299B1A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E7735B02-AEE1-4CEF-AFD2-EEE73F071A9F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-17] (Adobe Systems Incorporated)
Task: {E90A38FA-74F3-4C11-AEF6-0EB529BCF61E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EB7532DE-4464-46D2-B977-C126614D0FC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {EC44A142-D2D6-451E-8822-E0DF8F19D55B} - System32\Tasks\{47D082D0-DAC8-47E7-866E-8F70FCB1A8A2} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.106/de/abandoninstall?page=tsProgressBar
Task: {EF5A316F-7C15-43D2-AC4C-BC271A3F7B9A} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-04-02] (ASUSTeK Computer Inc.)
Task: {F5556D06-9B9A-429E-A85A-7DE576DE25EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FD3264FB-3D5E-4D23-A078-70CC5A09E0DA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core.job => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA.job => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Flo Admin\AppData\Roaming\HP Photo Creations\Communicator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deutschland Digital.lnk -> C:\ProgramData\Ashampoo\DeDigital.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=dedi&edition=eid=15376&utm_medium=desktop&x-pos=Metro
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=15376&utm_medium=desktop&x-pos=Metro
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-14 21:55 - 2016-07-28 23:01 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-07-08 12:35 - 2012-06-01 11:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2009-09-02 15:07 - 2009-09-02 15:07 - 00783360 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe
2009-09-02 15:07 - 2009-09-02 15:07 - 00184320 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWpsm.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00270848 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWdcp.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00087552 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWlog.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00098816 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWuntp.dll
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 01864384 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-13 00:39 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-02 17:49 - 2016-02-02 17:49 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 00:42 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 00:39 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 00:39 - 2016-07-01 05:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-13 00:39 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 00:39 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-27 12:36 - 2016-08-27 12:36 - 03016192 _____ () C:\Program Files\AVAST Software\Avast\defs\16082700\algo.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-08 12:35 - 2016-08-28 13:26 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-07-08 12:35 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-10-23 10:11 - 2013-10-23 10:11 - 00114336 _____ () D:\Programs\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2016-04-19 07:21 - 2016-04-19 07:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "HP Officejet 5740 series (NET)"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B50E6ACD-FE4D-4FA7-AD62-292930B2E001}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS1B2B\HPDiagnosticCoreUI.exe
FirewallRules: [{0D1BD89E-942A-481D-9793-CBDD87278D76}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS1B2B\HPDiagnosticCoreUI.exe
FirewallRules: [{8633FA9A-00AB-4D6B-9F2D-D792A86AB35A}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3A57700A-5BB9-484E-B6BD-A60C80B2030D}] => (Allow) LPort=5357
FirewallRules: [{A6D98DA9-3CAF-4966-A270-4756F6F6E049}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{8F7CFD95-B1FD-4E86-B33B-33301E3E8B3F}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{2A68F774-368B-4770-A3F0-1940CA721348}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{23406359-CA38-495F-BAFF-B0FD369C2B01}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{9A37B5EF-BE64-45F1-8A03-FD869C11F676}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{A6D0BF2B-B59B-4B31-AC70-F271D90DB24B}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{2E3986CF-1592-4B44-A072-5B34C8522F9D}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{01F9A868-FDD2-4C83-9251-7E337F01CCB9}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{6A9C2651-3469-492A-A9AA-4A1F5A746F79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CEC98AA3-AAB4-4E22-8ED7-A32431BD514A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{53803361-4D74-428C-8985-9469C27A8AE2}D:\programs\utherverse vww client\utherverse.exe] => (Block) D:\programs\utherverse vww client\utherverse.exe
FirewallRules: [TCP Query User{CAEFD55D-1B24-4845-8A04-94A2182C5552}D:\programs\utherverse vww client\utherverse.exe] => (Block) D:\programs\utherverse vww client\utherverse.exe
FirewallRules: [{B1A34152-54F4-4E98-8B60-4718839394E2}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS13A4\hppiw.exe
FirewallRules: [{6FE3A923-8A1E-4512-9E73-C5F6661E34FE}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS13A4\hppiw.exe
FirewallRules: [{01AE655B-AEA6-4D34-B7E6-B93D558C11CF}] => (Allow) D:\Programs\skype\Phone\Skype.exe
FirewallRules: [{4C892305-F1CD-456F-9479-29C4A9D6A1F5}] => (Block) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [{B620889F-981E-4380-BD48-5B2A78FFD7B9}] => (Block) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [UDP Query User{06E9E7E6-5460-45A9-99F7-4861592FDBD1}C:\program files (x86)\generic\usb server\usbserver.exe] => (Allow) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [TCP Query User{C7A646F1-22CC-4368-B3C3-F707EDED27FB}C:\program files (x86)\generic\usb server\usbserver.exe] => (Allow) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [{FDD11821-1F86-45C7-851D-FA154D2D3A80}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FD766F05-B765-4447-BFBE-0EEE6453B1F0}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{56AAD266-5579-4571-B2C1-683A719E9156}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{BC4B8B3D-4CFB-4449-A80F-D7B0A21C868F}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{1C44F0E4-B131-4BE7-A724-355BA2FD9BAE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6269E7DD-6F8B-4E38-AB32-DF90F00AF9E5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{58C1409A-E846-458B-83F6-40DEF3C3660E}] => (Allow) LPort=1900
FirewallRules: [{A11458CA-16B4-457D-9540-FC16BEF66DD9}] => (Allow) LPort=2869
FirewallRules: [{CD50D89C-1F74-4331-BF1C-FACF8B80A5AA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7B1C307B-FB47-4954-879A-C9F32AA75306}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7085672E-17F4-4BA2-8CC6-801B3B5A9898}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{4328C627-420E-42CF-AB37-F13E28B5F4EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{712073E1-AD11-4CE5-A5AE-BE23C738C34A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A2E2EE3-69DB-4A8F-A58E-666B302BF57F}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{B9575A9A-84EC-4244-BE5E-C01C2E7EEC8F}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [TCP Query User{04A83C6A-0266-45B2-9129-11A5A9818B63}D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe] => (Allow) D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe
FirewallRules: [UDP Query User{B357CA7F-906A-4042-880B-7BD10906492B}D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe] => (Allow) D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe
FirewallRules: [{BE73B786-5CC6-46D6-AD01-0F6A9D522CBF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAA28F35-185D-4685-90EF-4B7410D89B48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F6258D9-DBA9-4B2E-903E-673846C2DA38}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{41C58828-FF0B-4965-9C6E-A91CFEB64E4E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CBDE9B23-7E39-4384-84B2-BDC86B906BF8}] => (Allow) D:\Programs\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{314B90AE-9C41-40C0-88F6-D3C018DD4AFE}] => (Allow) D:\Programs\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{76FFEB86-3414-48E3-87E9-E3C463423945}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FBD91AC9-FE81-4A2D-A54E-74C1307BE695}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ED23FFEA-5BDC-4A1A-B628-DEDDAD96AD99}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0F8114D3-CEE6-4721-9802-03E34B9C9126}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7AAF4524-9586-46D4-953E-393BB5017E67}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5FB4FD0-3303-4146-B905-D5E726A60E4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4C429BD3-DE78-4ACC-995A-20197F7A6FCA}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{392515B6-D467-4EDB-ADF2-2E06D5027746}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{041AF5DD-4D23-41DD-800E-CEEABF6DC692}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0F5F0B1-FDB7-4CBD-B20C-CE66EAAA3C7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7A12128E-F079-4781-8B63-A51B6E987D8A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{DDAFAD4B-154A-4455-981E-E2B9380D6339}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8B0D8291-A290-4956-AB94-3F5FA3B49338}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C75E758B-1B29-451A-A14A-961B3A9692CB}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{30C3732E-0062-4D4C-934D-FEE94DCDB5A3}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{3367E635-FE50-4DA3-B206-D68ACE711329}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{025BFE64-AC16-444F-A936-96CEAF40D492}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{388D8BFC-62D5-45AE-A03F-763078672E9B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FCA7B880-A697-415A-A88B-03FCBF0A5547}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38E3F818-26D7-4287-B9D7-8100E51B2A61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Wiederherstellungspunkte =========================
09-08-2016 19:02:46 Geplanter Prüfpunkt
18-08-2016 21:06:42 Geplanter Prüfpunkt
22-08-2016 22:28:01 Windows Update
28-08-2016 14:01:00 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/28/2016 02:01:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/28/2016 02:00:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0x21cc
Startzeit der fehlerhaften Anwendung: 0x01d20120011e669c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: 4d27488e-7a90-428b-aec6-2269ec92bce5
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/28/2016 02:00:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0x21cc
Startzeit der fehlerhaften Anwendung: 0x01d20120011e669c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: 7b80ba39-ccee-45bb-9672-23f1d2ac5136
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/28/2016 01:22:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (08/28/2016 01:09:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0xe50
Startzeit der fehlerhaften Anwendung: 0x01d200aa7de8e4cc
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: 03712ad4-794b-4048-a330-ad8f5bde59f2
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/28/2016 01:09:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0xe50
Startzeit der fehlerhaften Anwendung: 0x01d200aa7de8e4cc
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: d9890331-7928-4b8d-a42d-a92f02612701
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/27/2016 10:40:36 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Windows (C:)" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (08/27/2016 10:01:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0xad8
Startzeit der fehlerhaften Anwendung: 0x01d1ffe152a82083
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: 56097403-fbf3-47f7-afed-6e5fa0fd8818
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/27/2016 10:01:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0xad8
Startzeit der fehlerhaften Anwendung: 0x01d1ffe152a82083
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: beb7fa52-8c9a-44ff-b463-2db5eb1b50c7
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/26/2016 01:20:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0x2190
Startzeit der fehlerhaften Anwendung: 0x01d1ff1822619ca8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: 49445d0f-1c07-410b-a592-7944d33e292f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (08/28/2016 01:30:14 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (08/28/2016 01:26:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2 = Das System kann die angegebene Datei nicht finden.
Error: (08/28/2016 01:25:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (08/28/2016 01:25:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3df84" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:25:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3df84" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:25:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3df84" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:25:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3df84" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:24:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:24:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:24:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FABS - Helping agent for MAGIX media database" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-08-17 20:12:53.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-11 04:31:33.072
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-18 20:12:04.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-18 03:08:42.766
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 23:46:59.191
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-17 03:01:05.692
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-15 19:54:02.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-10 08:03:53.589
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Store signing level requirements.
Date: 2016-06-10 08:02:32.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Store signing level requirements.
Date: 2016-06-10 08:01:10.015
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A4-6300 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 3272.3 MB
Verfügbarer physikalischer RAM: 1274.35 MB
Summe virtueller Speicher: 4232.3 MB
Verfügbarer virtueller Speicher: 1953.4 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:149.66 GB) (Free:49.06 GB) NTFS
Drive d: (Data) (Fixed) (Total:761.33 GB) (Free:719.4 GB) NTFS
Drive k: (FLO Doku und Fotos) (Fixed) (Total:931.51 GB) (Free:790.31 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 710B350F)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 119756C8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================ |