Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   startgo123 (https://www.trojaner-board.de/181848-startgo123.html)

caloda 20.09.2016 13:31
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-09-2016
durchgeführt von HP (20-09-2016 14:22:09)
Gestartet von C:\Users\HP\Desktop
Windows 8.1 (Update) (X64) (2014-07-11 14:02:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3930845653-3837040866-4171826123-500 - Administrator - Disabled)
Gast (S-1-5-21-3930845653-3837040866-4171826123-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3930845653-3837040866-4171826123-1003 - Limited - Enabled)
HP (S-1-5-21-3930845653-3837040866-4171826123-1001 - Administrator - Enabled) => C:\Users\HP
UpdatusUser (S-1-5-21-3930845653-3837040866-4171826123-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

«Âîéíà è Ìèð» (HKLM-x32\...\«Âîéíà è Ìèð») (Version:  - )
7-Zip 16.02 (HKLM-x32\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Ãåðîè Ìå÷à è Ìàãèè® III (HKLM-x32\...\Heroes of Might and Magic® III) (Version:  - )
Ableton Live 9 Lite (HKLM\...\{E807D51A-ED71-4353-AD60-4E9625BE7531}) (Version: 9.0.0.0 - Ableton)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Akai Elements of UK Dance (HKLM-x32\...\Akai UK Dance_is1) (Version:  - )
Akamai NetSession Interface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anno Online (HKLM\...\Steam App 336510) (Version:  - Blue Byte)
AnVir Task Manager Free (HKLM-x32\...\AnVir Task Manager Free) (Version:  - AnVir Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArmA Demo Uninstall (HKLM-x32\...\ArmA Demo) (Version:  - )
Blitzkrieg (HKLM-x32\...\Blitzkrieg) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrainBread 2 (HKLM\...\Steam App 346330) (Version:  - Reperio Studios)
Chicago 1930 (HKLM-x32\...\Chicago 1930) (Version:  - )
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version:  - Team Psykskallar)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ElectroLyrics-1 (HKLM-x32\...\ElectroLyrics-1) (Version: 1.28.153.3 - Lyrics) <==== ACHTUNG
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.5.1160 - Steinberg Media Technologies GmbH)
Fallout: New Vegas (HKLM\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Grand Theft Auto Vice City (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Grand Theft Auto Vice City (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
GTA2 (HKLM-x32\...\GTA2) (Version:  - )
GTAIII (HKLM-x32\...\{92B94569-6683-4617-8C54-EB27A1B51B30}) (Version:  - )
Hammer & Sickle (HKLM-x32\...\Hammer & Sickle) (Version:  - )
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\HPConnectedMusic) (Version: 1.1 (build 96) hp - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\HPConnectedMusic) (Version: 1.1 (build 96) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
ISScript (x32 Version: 3.00.185 - InstallShield Software Corp.) Hidden
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LEGO Alpha Team (HKLM-x32\...\{C5C8DE40-1AB7-11D4-854E-00A0C99F6AF9}) (Version:  - )
Lollipop (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\lollipop_11221407) (Version:  - Lollipop Network, S.L.) <==== ACHTUNG
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MPC Essentials 1.8.2 (HKLM\...\com.akaipro.mpc.essentials_is1) (Version: 1.8.2 - Akai Professional)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Pro Rally 2001 (HKLM-x32\...\Pro Rally 2001) (Version:  - )
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
SPL Crimson USB ASIO driver (HKLM\...\USB_AUDIO_DEusb-audio.deSPLCrimson) (Version:  - )
Spotify (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB)
Spotify (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 8 (HKLM-x32\...\{C82690CF-7D52-4E6A-02BB-AB612D4D8D28}) (Version: 8.0.10 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 8 64bit (HKLM\...\{C801D1E6-30E3-46BE-368D-0106B42CCE17}) (Version: 8.0.10 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE (HKLM-x32\...\{A6790D47-D653-4B88-BED4-96878DBE5191}) (Version: 4.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version:  - )
Unchecky v0.3.7 (HKLM-x32\...\Unchecky) (Version: 0.3.7 - RaMMicHaeL)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Warface) (Version: 1.87 - Mail.Ru)
Warface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Warface) (Version: 1.87 - Mail.Ru)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Игровой центр (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\GameCenterMailRu) (Version: 2.402 - ООО "Мэйл.Ру Геймз")

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2C56CCE9-6B4E-426A-9439-6EF1FDBA3C65} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {48BF7FE4-16B3-42BB-A43F-95350E7131D5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {52B160ED-B394-4462-8927-43C6ACC8306C} - System32\Tasks\{AF089043-D6AA-41B7-A239-8F8B8E8FAA06} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {6E87A472-CB8B-4D44-9413-166AB458F2D5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {710F6622-7749-4122-80E5-BC696171976F} - System32\Tasks\ExtFixer13197 => C:\windows\TEMP\41844_updater.exe <==== ACHTUNG
Task: {8507F8F4-7E2F-4651-9936-8905E375F9FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {850AC5A8-2E1C-42C3-9965-931751078C0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_backup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-07-13] (Hewlett-Packard)
Task: {8C600834-BD7F-48DE-9DF1-DC80FEEB40F9} - System32\Tasks\{820D1004-08F0-4C3F-8553-9B88F08D781B} => pcalua.exe -a F:\ProRally.exe -d F:\
Task: {9ABBC3D1-DB15-4BAB-9397-BAE1EE87DAF1} - System32\Tasks\ExtFixer2078 => C:\windows\TEMP\41844_updater.exe <==== ACHTUNG
Task: {B2530D95-ACF4-4DC4-82E8-9B2FD6594D84} - System32\Tasks\{42A7BE18-F334-47DC-892B-2C562E256871} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {C463C7B7-3AAB-4778-8630-C3D74C672124} - System32\Tasks\{731C0D96-12CF-47EF-B0BF-E54A152EB958} => pcalua.exe -a "C:\Program Files (x86)\Cinema-Plus-1.2\Uninstall.exe" -c /fcp=1
Task: {D0612721-6B70-4089-9E5E-936897C56ADF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {DE278E01-1E60-465E-A5CB-E857CDF8F5D2} - \Perotainghernerry System -> Keine Datei <==== ACHTUNG
Task: {E09F5153-E919-4910-B801-F1A052F640D8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ExtFixer13197.job => C:\windows\TEMP\41844_updater.exeq/url='hxxp:/xml.localxpath.net/apps/cr/1060-4030_ElectroLyrics.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ExtFixer2078.job => C:\windows\TEMP\41844_updater.exep/url='hxxp:/xml.localxpath.net/apps/cr/1060-4030_ElectroLyrics.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-10-05 21:59 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-06 14:06 - 2013-12-04 04:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-06 14:06 - 2013-12-04 04:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-06 14:06 - 2013-12-04 04:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-06 14:06 - 2013-12-04 04:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-06 14:06 - 2013-12-04 04:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\HP:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [120]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_0refresh-2076883145 [2686]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_1write-1878237577 [2686]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_2adress_book2-609010338 [2686]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-09-16 18:53 - 00001993 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
0.0.0.0 cdn.bisrv.com

Da befinden sich 3 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Theme2\img10.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "fst_de_19"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1831D832-0085-412F-AD86-5D5B89F42A77}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FE33F88C-E0F4-4BB1-9C7D-10CF276F3BED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{576CD0BF-2CA2-47A3-B325-6353000EF03E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DFB4C9B7-8D33-4392-9006-A5AE1CF3BCCC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DEF483F9-E3F4-4D8D-9413-56D219FD4E84}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E372ABB6-ECB4-4096-A3AB-FCE65CA87A5D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3DF00AA1-75E1-4EE9-AD6E-B9057966895D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D452AC97-DBF6-4D48-A3F7-6A8F658A7F74}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{005D2F35-F842-47AB-AFDF-CB2B1F93F775}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2E529D38-E74E-43EE-86F9-0EB0F270B4BA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9435A3F0-0CA3-48F8-8659-DD5FE2C06D01}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2D0B747F-E4DD-4AD7-8843-8EC2BA447690}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DC75E642-E39C-4D17-997A-730CEC93BC47}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{27E3496D-0218-45A8-AE3E-4740FD3CD194}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F2CAA585-C5C7-486D-9C44-D863BAAAD505}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4DB0F702-F2C9-4DBE-BE25-0380369C7F88}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{191DDC5E-F3B1-467E-87B7-1DB5DA27C139}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3210EF94-760C-491A-925D-5F2ECB3E1FFD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0F53E743-082B-4C03-AB49-257ACB1A6F0D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40FB1C47-6484-4FC6-8AE6-64EB79E678F1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{29738446-D9BE-497F-91AB-E3AA893440FD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A66597FB-0C5E-4FAB-B8CB-C6D5032C5BD3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C222B0E6-B5D6-4593-B563-9A584F8B0C16}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6EB0B2FE-F281-4DA6-AFA4-96B3F5A4495D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9CBF9631-4859-4E78-80ED-82367B79F805}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1A1B324F-9A5A-4564-9E30-5F5411A7FB78}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A580BFA5-C63A-4613-9E53-0CEE605CD7AC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8B7583EB-DCC3-48FF-9B3F-AA47A8130C5B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0DA647E8-BEC0-43CC-A928-9C7E670F57B0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F36970C1-D3CC-486A-9BA8-105533EC62E9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E8FFF43F-96FA-4970-9AD5-1568C6E94F5F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9BC6FD9D-2547-484D-82C5-74C002248D19}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FFDBD881-F24A-4FAA-9A0B-2B3D69281BFF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{486C20E5-4BEC-4672-90EB-7AD38E3EFD0B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4B1E150D-DD19-42B1-A0AF-1DA2B59EA750}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{56A5FCC7-361D-445C-A203-DFBE4D2E23F3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E938228E-C3C8-47F0-A642-8AB23B685C9E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DC307FCF-A262-45B8-835E-F322CCA2C7B0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D35373C-2C88-4E7A-A736-BB61396CEF34}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DACDD348-3151-4FBD-871F-4240A5C6313A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4F972021-55F4-4A55-A127-82E51B4DBF26}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0590F1B7-E677-4009-9CD5-CB2CECFCA95C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8DB2BE7B-DD81-4729-866E-5FF3670E4E8F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AB269C0B-3E60-493B-BE9E-98D086323E70}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{240D29B0-90EE-40A2-AD89-774A853E5340}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C3CCAF6F-28EB-467A-97D5-FE03818A57A7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D2A553F1-7611-4A7F-A159-1BC2A2FF9CE4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F9B766F0-9B03-46DB-A606-88A8E911FAA8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6B97FFC2-265A-4D18-AA3A-548E59D885E0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40D5D850-AC28-43A7-8455-95ED9444476C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E374F7F4-55C5-46F5-9C86-6EE161F7A7C9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A9256CFC-1C11-457F-9F8C-16B61A834305}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F970A3D0-30F3-406C-B51B-D6B65520D7C7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D35A0A2-93AF-4EE6-8D9E-478757A78F5E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D06FC8D4-66E8-401A-BD65-8CF943C35DE5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{434C97A3-AA31-40AE-B896-B74555F819F7}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F4A159A5-1196-449F-9842-6E3E8423FA81}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [{672C6317-FB94-43EB-B635-007DDA880CFE}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup (1).exe
FirewallRules: [{23915B54-3A99-49D6-A0F7-1347D4A34C73}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup (1).exe
FirewallRules: [{49E6529A-20EA-4F8E-966F-70A79BD61637}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup.exe
FirewallRules: [{FAB33320-CE75-49B7-B30F-24FA26F42453}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup.exe
FirewallRules: [{CFE45F69-0152-4E39-9985-4466EA1F34DB}] => (Allow) LPort=1900
FirewallRules: [{69760FC3-10F9-4A08-821E-089917CDE05C}] => (Allow) LPort=2869
FirewallRules: [{9990EC68-E558-4940-BF68-77F4AAE397AC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{55EF0FA1-8EE3-4EC4-A3B6-9F754A2E872B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D0307A22-5E62-4E12-8F79-3A6C3D3660B2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7647AE3D-187E-4713-9BF7-7EA40EAD7F0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{26F32E2D-209C-4169-91C7-AD4F3921FEA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AE6EBFF2-C261-4958-A53F-27F490E80E27}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{76B0EE6E-F2AF-44F9-8C36-0D5B3FD53DCA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7D416815-F6FA-4288-BFA1-845D5CECF941}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BBA12AD4-14DB-4BAF-BDF4-179B7D57E9F0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{687944BF-DB4B-4CF7-8415-0DF239EF7065}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{67FC3F5D-D669-494C-BA07-319DAECA001E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D5F865B5-00C2-4C3A-B9D2-46F1A0F7ACE3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B58D4FC7-2099-4D01-A59E-BBD27E8C9C96}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{C8F8AAAD-C85F-4C58-BF89-5AB73D0B452E}C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Block) C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe
FirewallRules: [UDP Query User{3905AADC-36C1-4914-87A1-38B921917B8D}C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Block) C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe
FirewallRules: [{556CD6F7-89FD-4AE5-8742-F07B41EFE276}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{87BE7E7B-DED1-465E-B624-2F036C9F32C7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9668310A-69FD-4A59-8271-1E1EDC150D09}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BAA912D5-89F1-4AAB-A697-AA5EDA1F349B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D2868235-A202-467C-9173-2538567D8C36}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9E7BBFF7-16B9-4039-B0F4-02CFAC9520F7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BF0EF3BB-210F-4CBF-BF12-5A7E76E5E086}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{923CE724-90DC-442C-A82F-394D51545520}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C16FE4D2-A58C-443C-A458-835F236C3A6D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BD837EDC-B82C-4D41-B76A-FAA8B23AB8AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{127EF742-91AF-498B-B9E0-AB2BBCCF265B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3E2CD19B-0CCE-4376-8498-C2AB10717A66}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2E884976-9C69-42B3-BA16-AE0A3146CB5B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2E3AE94F-1027-4B18-B06A-E2AAAC181658}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DA43461D-AF18-4798-A5CD-484DE8C0D4E4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F6CC1C6C-1057-44AC-8FFA-A4BA6F0748B5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{61D012B2-9F18-4F76-A53A-75E5D75EB033}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9C33B8D9-12FE-4161-834B-84B0201B786B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DBD6C599-46EA-48DE-BE74-B3BEB8DBFCCA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{BF725BC3-63F5-481C-A42C-F7B2A1494222}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{72EBE10A-3FB4-450A-A5A4-228A54A39ADD}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C0B486BA-67DC-4C72-892F-3F41C530A530}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8B3D049A-860E-472B-AB5A-5A2CD5994067}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DA256FAE-9E71-434A-9CC3-6085E89C79C1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5BE97B07-F48A-4C7F-9EFA-8AB769CBD3B3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{51A3F8EF-1B17-4A14-AF01-4C4EF75B2942}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CC6669BF-BBF7-4929-8EA2-D4850B422403}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7BEA4A91-DF07-4E4D-B43C-DDE4A5EF32C2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D96E3EF6-E8EA-4B2C-891B-3E52CC9611A6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C1D880B8-5A61-42A1-87B5-833B2806CADB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E8EE6707-99DA-4B50-9953-AB6855A2BA13}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0D5A9B36-55D6-446C-A2AE-E12219D1F7A1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4D650A68-C739-440C-851E-F5F7FD38F18E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1A4F884F-12F0-449F-8EB5-DD871300332C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{884C9969-17FC-425B-933B-98721AAE5B5E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CCBCE541-9B10-4D30-9766-27E25DBF2D17}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D82FB43F-1883-4314-9592-F6A9537551AA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F82555C5-03EC-42FB-A148-44DF7BB37D9A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AEA789FF-39CC-4B3F-BE80-A4FCC343D10C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EA4BFE88-97B1-4C6E-8A49-9AA1E469CE9D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{37972B5A-B10F-41ED-832A-9F964FF6C88E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C28B5E82-E122-438A-B393-023F81584006}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{581112E1-696F-41E0-AB11-A9149AB73436}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{095460BF-7FCA-4F6C-92B0-A065C47B776C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B90E463D-2897-4644-A2C9-3E6F6EC8F0E1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{04BCF110-1434-4CA5-8A00-8DEFDAC39F8A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6499C949-E3C9-434C-8DE4-998474FBCBA1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2AE78E1A-859A-4217-9E5E-A171B0F450CA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{80351C0E-596B-4057-8F90-1BBDE99E34C4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4C5F3409-4A34-427D-AE55-906BFDB3BEA8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{119541EF-2D84-4D6C-A605-C62B9A9312CB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D4AC32D-DC66-4F40-8BA1-F850E4F041C3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F32F3740-7B7B-4A19-87EB-D30D9E9F0911}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{330E6868-4AFD-4A53-9C54-1606A14917A2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D13CE3B4-D3F9-47CF-A179-24E841D5EAD6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A3DFAC17-58B2-414D-970C-A5E12B57371A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{277B5F4B-0882-43F2-9A95-2A159552F72D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2DB048F7-86C3-495D-9648-0A8C1208DABD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1E4E6816-611C-4569-895A-D1F389961EB8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BB3D18A4-AE0C-45E0-97DF-2F092DEFFB6E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DDC1635A-EFB6-4C18-A22F-5C6E62646292}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3352DBB0-0440-4A6D-BB9B-7AC2799D6999}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0D9ACE9C-B6EC-4C18-AC39-4F650D767BF5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{73606971-9468-412B-8B2D-549EFD3CE5FF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7F23168C-8574-4DEB-9E05-FE65F4EE9FA3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{9737E393-5759-4B92-8B74-5CB4AE18AADE}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{417C9F35-448C-40B2-89AF-1236CFE4FDAD}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{152810D6-3EE7-4445-A453-93A51B5B2015}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{76EF961A-A5C0-49E0-A936-E517E5F8E9E3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FD1BBC6F-B08D-4947-84E8-DEB255E28B0E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{78DD4B75-CE4B-482E-9286-0CF7F10B91E5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0C4402D3-3E1E-432B-90D6-6B8DEEBA916B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1F0CE691-712B-4455-AA84-5464E4E3AFF4}] => (Allow) LPort=53000
FirewallRules: [{99B668BB-2A93-4E3F-93DF-D038F403B3CA}] => (Allow) LPort=52000
FirewallRules: [TCP Query User{5AE32623-ECB6-425B-9E5C-277D0FDAF89F}C:\program files\bohemia interactive\arma demo\armademo.exe] => (Allow) C:\program files\bohemia interactive\arma demo\armademo.exe
FirewallRules: [UDP Query User{BC011901-7A51-4AD3-8583-7A8C529646E3}C:\program files\bohemia interactive\arma demo\armademo.exe] => (Allow) C:\program files\bohemia interactive\arma demo\armademo.exe
FirewallRules: [{6CA06C4A-0447-4B57-943A-E2C1C90EB408}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{08CA7946-9C29-4FB8-ADA9-4830B2FB0829}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F3181C95-4C37-4BA3-8350-CC5F00DAF0FE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{10F18B87-7F3A-4747-99E7-9BA04EFB15F0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C600BDA3-1DB9-4350-AC69-5BBC4FBB909D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{1E6C4E5D-39FF-433E-AB0B-1B648DE7725E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{C94EED85-FDCD-49A0-8D89-C9ABAF743893}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{EBCECBAB-D15C-48C3-AE6A-5903338AEC5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{5A0CE2C0-382A-4A59-A099-554F406746B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E4045A13-F24C-4C6D-A974-B46DF44560AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{9EA36164-95AA-4373-9F64-1CA2E7C4F66A}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{FC78917D-A1B3-448C-A6CB-2B31CA69BC37}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{F743E7B3-B31C-4E1A-B8FD-300DB314E27F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{196AC14A-EE27-4A8A-8476-5761E98413BE}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5EE74F2D-BC1C-41EB-BFCE-37C916707AF1}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{08C91461-1FEA-4D94-8623-2D46BD51F151}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{15A17A4A-E1C0-40DC-B4F2-6D1655F7A7F1}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{6FACB36C-E4C8-40DB-B900-3096AAFBC88A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\brainbread2\hl2.exe
FirewallRules: [{8D209586-73F4-41EB-946D-627FA1581959}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\brainbread2\hl2.exe
FirewallRules: [{A461D0CF-9F9E-4F69-ADDE-42DB66F7210E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno Online\nw.exe
FirewallRules: [{60C5CB51-0891-44A6-A9EB-711701E05717}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno Online\nw.exe
FirewallRules: [{3E926C57-708F-4F5D-843C-61B9C76F1140}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{7F6501C0-3AB2-4D61-9D05-93D7903B691B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{C6F9BD41-52D1-460C-AA6B-A193561111FA}C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe] => (Allow) C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe
FirewallRules: [UDP Query User{8CB60933-7022-4957-A469-E0974B22D98E}C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe] => (Allow) C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe
FirewallRules: [{2807E630-6F67-4B2F-A442-E00378054676}] => (Allow) C:\Users\HP\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{24AEEB3B-4053-4ECA-A9A1-6D4B67FC9DB4}] => (Allow) C:\Users\HP\AppData\Local\Temp\MPCOnline\MPCDownload.exe

==================== Wiederherstellungspunkte =========================

11-09-2016 11:04:07 Geplanter Prüfpunkt
16-09-2016 18:47:16 Malwarebytes Anti-Rootkit Restore Point
20-09-2016 14:13:44 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/20/2016 02:01:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3375

Error: (09/20/2016 02:01:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3375

Error: (09/20/2016 02:01:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/20/2016 02:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2250

Error: (09/20/2016 02:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2250

Error: (09/20/2016 02:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/20/2016 02:01:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1110

Error: (09/20/2016 02:01:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1110

Error: (09/20/2016 02:01:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/19/2016 09:48:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpotifyWebHelper.exe, Version: 1.0.37.150, Zeitstempel: 0x57c6f630
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f736a2e
ID des fehlerhaften Prozesses: 0x176c
Startzeit der fehlerhaften Anwendung: 0x01d211af3307b214
Pfad der fehlerhaften Anwendung: C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 0afdf0cb-7ea2-11e6-bf19-b4b52fd9f2dd
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (09/20/2016 02:14:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2016 02:01:24 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/20/2016 01:52:53 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942402.

Error: (09/20/2016 01:11:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (09/20/2016 01:06:08 PM) (Source: DCOM) (EventID: 10010) (User: HP-HP)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/20/2016 01:06:08 PM) (Source: DCOM) (EventID: 10010) (User: HP-HP)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/20/2016 01:03:51 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (09/20/2016 01:03:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2016 01:03:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2016 01:03:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-09-20 14:13:44.129
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 14:13:43.884
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 13:04:26.088
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 13:04:25.850
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 13:03:53.123
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 13:03:52.906
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 12:54:52.155
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 12:54:51.911
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-18 00:49:15.615
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-18 00:49:15.386
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8147.3 MB
Verfügbarer physikalischer RAM: 6234.61 MB
Summe virtueller Speicher: 8547.3 MB
Verfügbarer virtueller Speicher: 6587.2 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:918.38 GB) (Free:581.69 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.36 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 076766A4)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B 20.09.2016 16:17
Servus,


sehr gut gemacht. :daumenhoc :daumenhoc



So geht es weiter:




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-3930845653-3837040866-4171826123-1004 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
Toolbar: HKLM-x32 - Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
FF Plugin HKU\S-1-5-21-3930845653-3837040866-4171826123-1001: @mail.ru/GameCenter -> C:\Users\HP\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll [Keine Datei]
FF Extension: (Kein Name) - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta351\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha256\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2543\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4549\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8521\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff [nicht gefunden]
CHR HKLM-x32\...\Chrome\Extension: [ffffoobpkbfcfibdgopmebhlghaiiamk] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ch\WebexpEnhancedV1alpha38.crx <nicht gefunden>
C:\Program Files (x86)\WebexpEnhancedV1
C:\Users\HP\AppData\Local\Kabeghtjerpoing
C:\Users\HP\Desktop\Die Installation von keygen - Free Download fortsetzen.lnk
C:\Program Files (x86)\Qotachcoerduk
C:\Users\HP\AppData\Local\clucadomqenayfehuent
C:\Users\HP\Downloads\*CHIP-Installer.exe
Unlock: C:\WINDOWS\system32\Drivers\etc\hosts
C:\WINDOWS\system32\Drivers\etc\hosts
Task: {710F6622-7749-4122-80E5-BC696171976F} - System32\Tasks\ExtFixer13197 => C:\windows\TEMP\41844_updater.exe <==== ACHTUNG
Task: {9ABBC3D1-DB15-4BAB-9397-BAE1EE87DAF1} - System32\Tasks\ExtFixer2078 => C:\windows\TEMP\41844_updater.exe <==== ACHTUNG
Task: {C463C7B7-3AAB-4778-8630-C3D74C672124} - System32\Tasks\{731C0D96-12CF-47EF-B0BF-E54A152EB958} => pcalua.exe -a "C:\Program Files (x86)\Cinema-Plus-1.2\Uninstall.exe" -c /fcp=1
Task: {DE278E01-1E60-465E-A5CB-E857CDF8F5D2} - \Perotainghernerry System -> Keine Datei <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ExtFixer13197.job => C:\windows\TEMP\41844_updater.exeq/url='hxxp:/xml.localxpath.net/apps/cr/1060-4030_ElectroLyrics.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ExtFixer2078.job => C:\windows\TEMP\41844_updater.exep/url='hxxp:/xml.localxpath.net/apps/cr/1060-4030_ElectroLyrics.exe <==== ACHTUNG
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [120]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_0refresh-2076883145 [2686]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_1write-1878237577 [2686]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_2adress_book2-609010338 [2686]
CMD: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32" /v fst_de_19 /f
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
Hosts:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    :folderfind
    lollipop
    ElectroLyrics
    HDWallPaper
    Corner Sunshine
    MPC AdCleaner
    MPC Desktop
    MPC Cleaner
    pc speed up
    APN-Stub

    :regfind
    lollipop
    ElectroLyrics
    HDWallPaper
    Corner Sunshine
    MPC AdCleaner
    MPC Desktop
    MPC Cleaner
    pc speed up
    APN-Stub
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

caloda 20.09.2016 21:32
Ach, ist das herrlich, den Browser zu öffnen und nicht von Müll begrüßt zu werden :applaus:


Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2016
durchgeführt von HP (20-09-2016 21:48:26) Run:1
Gestartet von C:\Users\HP\Desktop
Geladene Profile: HP & UpdatusUser (Verfügbare Profile: HP & UpdatusUser)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-3930845653-3837040866-4171826123-1004 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
Toolbar: HKLM-x32 - Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
FF Plugin HKU\S-1-5-21-3930845653-3837040866-4171826123-1001: @mail.ru/GameCenter -> C:\Users\HP\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll [Keine Datei]
FF Extension: (Kein Name) - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta351\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha256\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2543\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4549\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8521\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff [nicht gefunden]
CHR HKLM-x32\...\Chrome\Extension: [ffffoobpkbfcfibdgopmebhlghaiiamk] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ch\WebexpEnhancedV1alpha38.crx <nicht gefunden>
C:\Program Files (x86)\WebexpEnhancedV1
C:\Users\HP\AppData\Local\Kabeghtjerpoing
C:\Users\HP\Desktop\Die Installation von keygen - Free Download fortsetzen.lnk
C:\Program Files (x86)\Qotachcoerduk
C:\Users\HP\AppData\Local\clucadomqenayfehuent
C:\Users\HP\Downloads\*CHIP-Installer.exe
Unlock: C:\WINDOWS\system32\Drivers\etc\hosts
C:\WINDOWS\system32\Drivers\etc\hosts
Task: {710F6622-7749-4122-80E5-BC696171976F} - System32\Tasks\ExtFixer13197 => C:\windows\TEMP\41844_updater.exe <==== ACHTUNG
Task: {9ABBC3D1-DB15-4BAB-9397-BAE1EE87DAF1} - System32\Tasks\ExtFixer2078 => C:\windows\TEMP\41844_updater.exe <==== ACHTUNG
Task: {C463C7B7-3AAB-4778-8630-C3D74C672124} - System32\Tasks\{731C0D96-12CF-47EF-B0BF-E54A152EB958} => pcalua.exe -a "C:\Program Files (x86)\Cinema-Plus-1.2\Uninstall.exe" -c /fcp=1
Task: {DE278E01-1E60-465E-A5CB-E857CDF8F5D2} - \Perotainghernerry System -> Keine Datei <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ExtFixer13197.job => C:\windows\TEMP\41844_updater.exeq/url='hxxp:/xml.localxpath.net/apps/cr/1060-4030_ElectroLyrics.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ExtFixer2078.job => C:\windows\TEMP\41844_updater.exep/url='hxxp:/xml.localxpath.net/apps/cr/1060-4030_ElectroLyrics.exe <==== ACHTUNG
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [120]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_0refresh-2076883145 [2686]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_1write-1878237577 [2686]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_2adress_book2-609010338 [2686]
CMD: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32" /v fst_de_19 /f
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
Hosts:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
       
*****************

Prozess erfolgreich geschlossen.
"HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Wert erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Schlüssel nicht gefunden.
"HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\MozillaPlugins\@mail.ru/GameCenter" => Schlüssel erfolgreich entfernt
C:\Users\HP\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll => nicht gefunden.
C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff => nicht gefunden.
FF Extension: (Kein Name) - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [nicht gefunden] => nicht gefunden
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ff => nicht gefunden.
FF Extension: (Kein Name) - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ff [nicht gefunden] => nicht gefunden
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta351\ff => nicht gefunden.
FF Extension: (Kein Name) - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta351\ff [nicht gefunden] => nicht gefunden
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha256\ff => nicht gefunden.
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha256\ff [nicht gefunden] => nicht gefunden
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2543\ff => nicht gefunden.
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2543\ff [nicht gefunden] => nicht gefunden
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4549\ff => nicht gefunden.
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4549\ff [nicht gefunden] => nicht gefunden
C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8521\ff => nicht gefunden.
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8521\ff [nicht gefunden] => nicht gefunden
C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff => nicht gefunden.
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff [nicht gefunden] => nicht gefunden
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ffffoobpkbfcfibdgopmebhlghaiiamk" => Schlüssel erfolgreich entfernt
"C:\Program Files (x86)\WebexpEnhancedV1" => nicht gefunden.
C:\Users\HP\AppData\Local\Kabeghtjerpoing => erfolgreich verschoben
C:\Users\HP\Desktop\Die Installation von keygen - Free Download fortsetzen.lnk => erfolgreich verschoben
C:\Program Files (x86)\Qotachcoerduk => erfolgreich verschoben
C:\Users\HP\AppData\Local\clucadomqenayfehuent => erfolgreich verschoben

=========== "C:\Users\HP\Downloads\*CHIP-Installer.exe" ==========

C:\Users\HP\Downloads\7 Zip 32 Bit - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\HP\Downloads\OpenOffice - CHIP-Installer.exe => erfolgreich verschoben

========= Ende -> "C:\Users\HP\Downloads\*CHIP-Installer.exe" ========

"C:\WINDOWS\system32\Drivers\etc\hosts" => wurde entsperrt
C:\WINDOWS\system32\Drivers\etc\hosts => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{710F6622-7749-4122-80E5-BC696171976F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{710F6622-7749-4122-80E5-BC696171976F}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\ExtFixer13197 => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ExtFixer13197" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9ABBC3D1-DB15-4BAB-9397-BAE1EE87DAF1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9ABBC3D1-DB15-4BAB-9397-BAE1EE87DAF1}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\ExtFixer2078 => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ExtFixer2078" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C463C7B7-3AAB-4778-8630-C3D74C672124}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C463C7B7-3AAB-4778-8630-C3D74C672124}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{731C0D96-12CF-47EF-B0BF-E54A152EB958} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{731C0D96-12CF-47EF-B0BF-E54A152EB958}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE278E01-1E60-465E-A5CB-E857CDF8F5D2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE278E01-1E60-465E-A5CB-E857CDF8F5D2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Perotainghernerry System" => Schlüssel erfolgreich entfernt
C:\WINDOWS\Tasks\ExtFixer13197.job => erfolgreich verschoben
C:\WINDOWS\Tasks\ExtFixer2078.job => erfolgreich verschoben
C:\ProgramData\Temp => ":373E1720" ADS erfolgreich entfernt.
C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website => ":TASKICON_0refresh-2076883145" ADS erfolgreich entfernt.
C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website => ":TASKICON_1write-1878237577" ADS erfolgreich entfernt.
C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website => ":TASKICON_2adress_book2-609010338" ADS erfolgreich entfernt.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32" /v fst_de_19 /f =========

Der Vorgang wurde erfolgreich beendet.


========= Ende von CMD: =========


========= dir "%ProgramFiles%" =========

 Datentr„ger in Laufwerk C: ist OS
 Volumeseriennummer: 6A36-7D25

 Verzeichnis von C:\Program Files

14.09.2016  00:36    <DIR>          .
14.09.2016  00:36    <DIR>          ..
03.09.2016  16:47    <DIR>          Akai Pro
15.01.2015  13:55    <DIR>          Bohemia Interactive
05.10.2012  22:05    <DIR>          Bonjour
03.09.2016  16:48    <DIR>          Common Files
30.08.2016  23:43    <DIR>          eLicenser
05.10.2012  21:57    <DIR>          Hewlett-Packard
05.10.2012  21:58    <DIR>          IDT
05.10.2012  21:59    <DIR>          Intel
14.09.2016  10:08    <DIR>          Internet Explorer
27.04.2015  00:07    <DIR>          iPod
27.04.2015  00:08    <DIR>          iTunes
11.07.2014  04:03    <DIR>          MSBuild
11.07.2014  16:17    <DIR>          NVIDIA Corporation
20.09.2013  11:17    <DIR>          Online Services
11.07.2014  04:03    <DIR>          Reference Assemblies
03.09.2016  16:48    <DIR>          Steinberg
03.11.2015  13:02    <DIR>          Windows Defender
17.04.2015  23:09    <DIR>          Windows Mail
17.04.2015  23:09    <DIR>          Windows Media Player
17.04.2015  23:09    <DIR>          Windows Multimedia Platform
11.07.2014  03:34    <DIR>          Windows NT
17.04.2015  23:09    <DIR>          Windows Photo Viewer
17.04.2015  23:09    <DIR>          Windows Portable Devices
17.04.2015  23:06    <DIR>          WindowsPowerShell
04.09.2016  23:54    <DIR>          WinRAR
              0 Datei(en),              0 Bytes
              27 Verzeichnis(se), 624.364.089.344 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist OS
 Volumeseriennummer: 6A36-7D25

 Verzeichnis von C:\Program Files (x86)

20.09.2016  21:48    <DIR>          .
20.09.2016  21:48    <DIR>          ..
25.04.2016  12:05    <DIR>          1C
18.02.2014  23:59    <DIR>          3DO
30.08.2016  19:32    <DIR>          7-Zip
03.09.2016  16:47    <DIR>          Akai Pro
07.01.2015  18:17    <DIR>          AnVir Task Manager Free
27.04.2015  00:06    <DIR>          Apple Software Update
15.01.2015  14:09    <DIR>          Bing Bar Installer
05.10.2012  22:05    <DIR>          Bonjour
12.01.2015  20:13    <DIR>          Chicago1930
06.09.2016  18:42    <DIR>          Common Files
05.10.2012  22:06    <DIR>          Connected Music powered by Universal Music Group
18.04.2016  16:07    <DIR>          Core Design
05.10.2012  22:11    <DIR>          CyberLink
30.08.2016  23:44    <DIR>          eLicenser
27.09.2013  19:50    <DIR>          Google
28.04.2016  00:25    <DIR>          GTA2
19.04.2016  15:26    <DIR>          Hammer & Sichel
05.10.2012  22:15    <DIR>          Hewlett-Packard
05.10.2012  22:05    <DIR>          HPConnectedMusic
05.10.2012  21:59    <DIR>          Intel
14.09.2016  10:08    <DIR>          Internet Explorer
27.04.2015  00:07    <DIR>          iTunes
19.04.2016  14:06    <DIR>          LEGO Media
07.01.2015  19:01    <DIR>          Malwarebytes Anti-Malware
05.10.2012  22:02    <DIR>          Microsoft Office
05.10.2012  22:13    <DIR>          Microsoft SQL Server Compact Edition
22.08.2013  17:36    <DIR>          Microsoft.NET
11.07.2014  04:03    <DIR>          MSBuild
29.04.2016  22:18    <DIR>          Nival Interactive
11.07.2014  16:17    <DIR>          NVIDIA Corporation
20.09.2013  11:17    <DIR>          Online Services
15.01.2015  13:57    <DIR>          OpenAL
17.11.2015  00:01    <DIR>          OpenOffice 4
07.01.2015  18:27    <DIR>          PDFaVVIewEr
11.07.2014  04:03    <DIR>          Reference Assemblies
23.05.2016  13:55    <DIR>          Rockstar Games
04.08.2014  12:40    <DIR>          ShowWords
20.09.2016  17:10    <DIR>          Steam
05.09.2016  00:29    <DIR>          Steinberg
05.10.2012  22:15    <DIR>          SymSilent
30.08.2016  23:44    <DIR>          Syncrosoft
07.01.2015  21:54    <DIR>          Unchecky
29.09.2013  17:32    <DIR>          VideoLAN
03.11.2015  13:02    <DIR>          Windows Defender
05.10.2012  22:13    <DIR>          Windows Live
17.04.2015  23:06    <DIR>          Windows Mail
17.04.2015  23:06    <DIR>          Windows Media Player
17.04.2015  23:06    <DIR>          Windows Multimedia Platform
22.08.2013  17:36    <DIR>          Windows NT
17.04.2015  23:06    <DIR>          Windows Photo Viewer
17.04.2015  23:06    <DIR>          Windows Portable Devices
22.08.2013  17:36    <DIR>          WindowsPowerShell
              0 Datei(en),              0 Bytes
              54 Verzeichnis(se), 624.364.089.344 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Datentr„ger in Laufwerk C: ist OS
 Volumeseriennummer: 6A36-7D25

 Verzeichnis von C:\ProgramData

03.09.2016  16:16    <DIR>          Ableton
03.09.2016  16:48    <DIR>          Akai
27.04.2015  00:06    <DIR>          Apple
27.04.2015  00:07    <DIR>          Apple Computer
06.09.2016  17:22    <DIR>          AVAST Software
06.09.2016  17:22    <DIR>          Avg
06.09.2016  17:22    <DIR>          Avira
17.04.2016  22:05    <DIR>          CyberLink
27.04.2015  00:08    <DIR>          E1864A66-75E3-486a-BD95-D1B7D99A84A7
30.08.2016  23:45    <DIR>          eLicenser
05.10.2012  22:21    <DIR>          Hewlett-Packard
17.11.2013  22:29    <DIR>          InstallMate
05.10.2012  22:06    <DIR>          install_clap
05.10.2012  21:59    <DIR>          Intel
27.05.2014  08:50    <DIR>          Logs
07.01.2015  19:01    <DIR>          Malwarebytes
20.09.2016  13:06    <DIR>          Malwarebytes' Anti-Malware (portable)
20.09.2013  11:20              141 Microsoft.SqlServer.Compact.351.64.bc
19.07.2014  20:06    <DIR>          Norton
05.10.2012  22:14    <DIR>          NortonInstaller
20.09.2016  13:52    <DIR>          NVIDIA
11.07.2014  03:16    <DIR>          NVIDIA Corporation
11.07.2014  23:34    <DIR>          Oracle
03.09.2016  16:48    <DIR>          Package Cache
07.01.2015  18:52    <DIR>          PDFaVVIewEr
11.07.2014  03:24    <DIR>          PRICache
20.09.2013  20:50    <DIR>          Recovery
17.04.2015  23:06    <DIR>          regid.1991-06.com.microsoft
11.07.2014  03:29    <DIR>          SoundResearch
30.08.2016  23:23    <DIR>          Steinberg
11.07.2014  23:34    <DIR>          Sun
30.08.2016  23:45    <DIR>          Syncrosoft
19.07.2014  20:08    <DIR>          Temp
25.10.2015  07:51    <DIR>          TP-LINK
06.09.2016  17:19    <DIR>          Unchecky
05.10.2012  22:00    <DIR>          {AFF99647-6D64-46F2-934A-F12F468037F6}
              1 Datei(en),            141 Bytes
              35 Verzeichnis(se), 624.364.085.248 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Datentr„ger in Laufwerk C: ist OS
 Volumeseriennummer: 6A36-7D25

 Verzeichnis von C:\Users\HP\AppData\Roaming

20.09.2016  13:03    <DIR>          .
20.09.2016  13:03    <DIR>          ..
03.09.2016  16:30    <DIR>          Ableton
20.09.2013  11:17    <DIR>          Adobe
27.04.2015  00:13    <DIR>          Apple Computer
18.09.2016  16:04    <DIR>          Audacity
17.04.2016  22:05    <DIR>          CyberLink
05.09.2016  00:54    <DIR>          Desktop
24.05.2016  00:35    <DIR>          dvdcss
18.04.2015  11:58    <DIR>          HeroesAndGeneralsDesktop
26.09.2013  15:02    <DIR>          Hewlett-Packard
11.07.2014  16:03    <DIR>          Identities
06.09.2014  14:10    <DIR>          IDT
04.06.2016  15:34    <DIR>          InstallShield Installation Information
26.09.2013  15:28    <DIR>          Macromedia
18.04.2015  12:05    <DIR>          NVIDIA
17.11.2015  00:02    <DIR>          OpenOffice
06.09.2016  17:20    <DIR>          Profiles
20.09.2016  16:38    <DIR>          Spotify
05.09.2016  00:29    <DIR>          Steinberg
30.08.2016  23:21    <DIR>          Steinberg Installation Updater
17.09.2016  23:30    <DIR>          vlc
28.03.2014  09:18              157 WB.CFG
17.04.2016  22:14    <DIR>          WebApp
04.09.2016  23:54    <DIR>          WinRAR
              1 Datei(en),            157 Bytes
              24 Verzeichnis(se), 624.364.081.152 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Datentr„ger in Laufwerk C: ist OS
 Volumeseriennummer: 6A36-7D25

 Verzeichnis von C:\Users\HP\AppData\Local

20.09.2016  21:48    <DIR>          .
20.09.2016  21:48    <DIR>          ..
23.08.2016  20:43    <DIR>          Adobe
30.10.2015  20:50    <DIR>          Akamai
17.08.2016  22:54    <DIR>          Anno Online
07.01.2015  18:18    <DIR>          AnVir
27.04.2015  00:06    <DIR>          Apple
27.04.2015  00:09    <DIR>          Apple Computer
27.09.2013  19:48    <DIR>          Apps
15.01.2015  20:16    <DIR>          ArmA Demo
11.07.2014  16:03    <DIR>          assembly
30.08.2016  20:39    <DIR>          Audacity
31.10.2015  16:19    <DIR>          CEF
04.05.2016  00:08    <DIR>          Cyberlink
08.09.2016  01:15    <DIR>          Diagnostics
27.08.2016  10:30    <DIR>          ElevatedDiagnostics
25.08.2016  13:50    <DIR>          FalloutNV
27.09.2013  19:50    <DIR>          Google
20.09.2013  11:19    <DIR>          Hewlett-Packard
11.02.2014  18:27    <DIR>          HPConnectedMusic
08.09.2016  00:25    <DIR>          Microsoft
31.10.2015  12:52    <DIR>          Packages
20.09.2013  11:17    <DIR>          Power2Go8
06.10.2013  21:38    <DIR>          Programs
20.09.2016  21:48    <DIR>          Spotify
17.04.2015  23:29    <DIR>          Steam
30.08.2016  23:41    <DIR>          Steinberg Installation Updater
20.09.2016  21:48    <DIR>          Temp
18.02.2014  12:22    <DIR>          VirtualStore
              0 Datei(en),              0 Bytes
              29 Verzeichnis(se), 624.364.064.768 Bytes frei

========= Ende von CMD: =========

Hosts erfolgreich wiederhergestellt.

========= RemoveProxy: =========

HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 16777216 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 200380496 B
Java, Flash, Steam htmlcache => 375712184 B
Windows/system/drivers => 164678263 B
Edge => 0 B
Chrome => 1136745488 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 511126 B
systemprofile32 => 6727877 B
LocalService => 346274 B
NetworkService => 4308254 B
HP => 14161142023 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 15 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:52:15 ====



Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 22:11 on 20/09/2016 by HP
Administrator - Elevation successful

========== folderfind ==========

Searching for "lollipop"
C:\AdwCleaner\Quarantine\C\Users\HP\AppData\Local\lollipop        d------        [16:50 07/01/2015]

Searching for "ElectroLyrics"
No folders found.

Searching for "HDWallPaper"
No folders found.

Searching for "Corner Sunshine"
No folders found.

Searching for "MPC AdCleaner"
No folders found.

Searching for "MPC Desktop"
No folders found.

Searching for "MPC Cleaner"
No folders found.

Searching for "pc speed up"
No folders found.

Searching for "APN-Stub"
No folders found.

========== regfind ==========

Searching for "lollipop"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\342a9b8b_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_7676&subsys_103c2ada&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speakertopology/00010001|\Device\HarddiskVolume4\Users\HP\AppData\Local\Lollipop\Lollipop.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\6ca6205c_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_7676&subsys_103c2ada&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speakertopology/00010001|\Device\HarddiskVolume4\Users\HP\AppData\Local\Lollipop\lollipop_11221407.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e747e742_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_7676&subsys_103c2ada&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speakertopology/00010001|\Device\HarddiskVolume4\Users\HP\AppData\Local\Lollipop\lollipop_10260726.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Classes\Applications\lollipop_11221407.exe]
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\342a9b8b_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_7676&subsys_103c2ada&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speakertopology/00010001|\Device\HarddiskVolume4\Users\HP\AppData\Local\Lollipop\Lollipop.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\6ca6205c_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_7676&subsys_103c2ada&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speakertopology/00010001|\Device\HarddiskVolume4\Users\HP\AppData\Local\Lollipop\lollipop_11221407.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e747e742_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_7676&subsys_103c2ada&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speakertopology/00010001|\Device\HarddiskVolume4\Users\HP\AppData\Local\Lollipop\lollipop_10260726.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Classes\Applications\lollipop_11221407.exe]
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001_Classes\Applications\lollipop_11221407.exe]
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\342a9b8b_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_7676&subsys_103c2ada&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speakertopology/00010001|\Device\HarddiskVolume4\Users\HP\AppData\Local\Lollipop\Lollipop.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\6ca6205c_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_7676&subsys_103c2ada&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speakertopology/00010001|\Device\HarddiskVolume4\Users\HP\AppData\Local\Lollipop\lollipop_11221407.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e747e742_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_7676&subsys_103c2ada&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speakertopology/00010001|\Device\HarddiskVolume4\Users\HP\AppData\Local\Lollipop\lollipop_10260726.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_11221407]
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_11221407]
"DisplayName"="Lollipop"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_11221407]
"UninstallString"="C:\Users\UpdatusUser\appdata\local\lollipop\lollipop_11221407.bat"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_11221407]
"DisplayIcon"="C:\Users\UpdatusUser\appdata\local\lollipop\logo.ico"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_11221407]
"Publisher"="Lollipop Network, S.L."

Searching for "ElectroLyrics"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\ElectroLyrics-1]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\ElectroLyrics-1\Manifest]
"Name"="ElectroLyrics-1"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\ElectroLyrics-1\Manifest]
"Description"="ElectroLyrics will allow you to display lyrics for your favorite songs alongside any Youtube music video"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ElectroLyrics-1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ElectroLyrics-1]
"DisplayName"="ElectroLyrics-1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ElectroLyrics-1]
"DisplayIcon"="C:\Program Files (x86)\ElectroLyrics-1\utils.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ElectroLyrics-1]
"UninstallString"="C:\Program Files (x86)\ElectroLyrics-1\Uninstall.exe /fromcontrolpanel=1"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\AppDataLow\Software\ElectroLyrics-1]
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\AppDataLow\Software\ElectroLyrics-1\Manifest]
"Name"="ElectroLyrics-1"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\AppDataLow\Software\ElectroLyrics-1\Manifest]
"Description"="ElectroLyrics will allow you to display lyrics for your favorite songs alongside any Youtube music video"

Searching for "HDWallPaper"
[HKEY_LOCAL_MACHINE\SOFTWARE\HDWallpaper]

Searching for "Corner Sunshine"
No data found.

Searching for "MPC AdCleaner"
No data found.

Searching for "MPC Desktop"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe.FriendlyAppName"="MPC Desktop Application"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe.FriendlyAppName"="MPC Desktop Application"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe.FriendlyAppName"="MPC Desktop Application"

Searching for "MPC Cleaner"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe.FriendlyAppName"="MPC Desktop Application"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe.ApplicationCompany"="DotC United Inc"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe.FriendlyAppName"="MPC Desktop Application"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe.ApplicationCompany"="DotC United Inc"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe.FriendlyAppName"="MPC Desktop Application"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe.ApplicationCompany"="DotC United Inc"

Searching for "pc speed up"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Cinema-Plus-1.2\Plugins\91]
"JavaScript"="(function(K){var y=[].slice;var x={};var a=function(ap){if(typeof ap=="string"&&typeof ap.trim=="function"){return ap.trim();}return ap==null?"":ap.toString().replace(/^\s+/,"").replace(/\s+$/,"");};function f(ap){var aq=x[ap]={},ar,at;ap=ap.split(/\s+/);for(ar=0,at=ap.length;ar<at;ar++){aq[ap[ar]]=true;}return aq;}var F=function(ap,aq){var at=[];for(var ar=0;ar<ap.length;ar++){if(ar in ap){var au=aq(ap[ar],ar,ap);if(au!=null){at.push(au);}}}return at;};var ab=function(at,aw,ar){var aq,au=0,av=at.length,ap=av===undefined||appAPI.utils.isFunction(at);if(ar){if(ap){for(aq in at){if(aw.apply(at[aq],ar)===false){break;}}}else{for(;au<av;){if(aw.apply(at[au++],ar)===false){break;}}}}else{if(ap){for(aq in at){if(aw.call(at[aq],aq,at[aq])===false){break;}}}else{for(;au<av;){if(aw.call(at[au],au,at[au++])===false){break;}}}}return at;};
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Cinema-Plus-1.2\Plugins\91]
"JavaScript"="(function(K){var y=[].slice;var x={};var a=function(ap){if(typeof ap=="string"&&typeof ap.trim=="function"){return ap.trim();}return ap==null?"":ap.toString().replace(/^\s+/,"").replace(/\s+$/,"");};function f(ap){var aq=x[ap]={},ar,at;ap=ap.split(/\s+/);for(ar=0,at=ap.length;ar<at;ar++){aq[ap[ar]]=true;}return aq;}var F=function(ap,aq){var at=[];for(var ar=0;ar<ap.length;ar++){if(ar in ap){var au=aq(ap[ar],ar,ap);if(au!=null){at.push(au);}}}return at;};var ab=function(at,aw,ar){var aq,au=0,av=at.length,ap=av===undefined||appAPI.utils.isFunction(at);if(ar){if(ap){for(aq in at){if(aw.apply(at[aq],ar)===false){break;}}}else{for(;au<av;){if(aw.apply(at[au++],ar)===false){break;}}}}else{if(ap){for(aq in at){if(aw.call(at[aq],aq,at[aq])===false){break;}}}else{for(;au<av;){if(aw.call(at[au],au,a
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Cinema-Plus-1.2\Plugins\91]
"JavaScript"="(function(K){var y=[].slice;var x={};var a=function(ap){if(typeof ap=="string"&&typeof ap.trim=="function"){return ap.trim();}return ap==null?"":ap.toString().replace(/^\s+/,"").replace(/\s+$/,"");};function f(ap){var aq=x[ap]={},ar,at;ap=ap.split(/\s+/);for(ar=0,at=ap.length;ar<at;ar++){aq[ap[ar]]=true;}return aq;}var F=function(ap,aq){var at=[];for(var ar=0;ar<ap.length;ar++){if(ar in ap){var au=aq(ap[ar],ar,ap);if(au!=null){at.push(au);}}}return at;};var ab=function(at,aw,ar){var aq,au=0,av=at.length,ap=av===undefined||appAPI.utils.isFunction(at);if(ar){if(ap){for(aq in at){if(aw.apply(at[aq],ar)===false){break;}}}else{for(;au<av;){if(aw.apply(at[au++],ar)===false){break;}}}}else{if(ap){for(aq in at){if(aw.call(at[aq],aq,at[aq])===false){break;}}}else{for(;au<av;){if(aw.call(at[au],au,at[au++])=

Searching for "APN-Stub"
No data found.

Searching for "        "
[HKEY_CURRENT_USER\Software\AppDataLow\Software\ElectroLyrics-1\Plugins\104]
"JavaScript"="if (typeof appAPI.internal.monetization === "undefined") {
    appAPI.internal.monetization = {};
}
if (typeof appAPI.internal.monetization.plugins === "undefined") {
    appAPI.internal.monetization.plugins = {};
}

appAPI.internal.monetization.plugins[104] = function() {

        if (typeof appAPI.internal.monetization.verticals !== "undefined") {
                if (!appAPI.internal.monetization.verticals.shopping){
                        return;
                }
        }

var permanentData = {gui:[],actions:[]};
var permanentCache = ["c822c1b63853ed273b89687ac505f9fa","738aa8d3bc02eb8712acd0eb2cf6dfd5","2351f600bf62102c56b3941c39225683","16524241cd11b1b1c6b3ab30874047d6","241fe8af1e038118cd817048a65f803e","5ed33f7008771c9d49e3716aeaeca581","e50173d2983f028042965a37357931fc","8e1b7a68ae2f404bfafaafd53d293cde","dc29a383b9b0932dbd9f75e4af9b51f5","f4c4b31d11e30ca1511d807c10cd68f3","8862aa846eeafd1f61c5ad22580d0148","b53e20c91b81ec25a6d06d4cf351d0b2","1f89d526fc52417e16d99b9f069
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ConnectedSearch]
"StyleSetCache"="{"Condition":{}, "PropertySets":[
                    {"ConditionArgs":[], "PropertyValueMap":{}}
                  ]}"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Cinema-Plus-1.2\Plugins\119]
"JavaScript"="appAPI.internal.monetization = appAPI.internal.monetization || {};
if (typeof appAPI.internal.monetization.plugins === "undefined") { appAPI.internal.monetization.plugins = {}; }

appAPI.internal.monetization.plugins[119] = function() {


(function($,e,b){var c="hashchange",h=document,f,g=$.event.special,i=h.documentMode,d="on"+c in e&&(i===b||i>7);function a(j){j=j||location.href;return"#"+j.replace(/^[^#]*#?(.*)$/,"$1")}$.fn[c]=function(j){return j?this.bind(c,j):this.trigger(c)};$.fn[c].delay=50;g[c]=$.extend(g[c],{setup:function(){if(d){return false}$(f.start)},teardown:function(){if(d){return false}$(f.stop)}});f=(function(){var j={},p,m=a(),k=function(q){return q},l=k,o=k;j.start=function(){p||n()};j.stop=function(){p&&clearTimeout(p);p=b};function n(){var r=a(),q=o(m);if(r!==m){l(m=r,q);$(e).trigger(c)}else{if(q!==m){loc
[HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0]
"SerialNumber"="9VPGCJGQ            "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{B74BFC31-7F27-4529-8F74-E0C37793F097}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{78D8CC82-372F-44e4-B70C-8944DB7BCC24}">
                <Descriptor descriptorID="{ABE23B46-7F9F-495b-B4A9-87F41743727F}"/>
                <Descriptor descriptorID="{4BDB9E0D-53CF-4a28-865F-B315818E7627}"/>
                <Descriptor descriptorID="{27202CE3-EB93-49bc-A570-23AEBCC2A742}"/>
                <Descriptor descriptorID="{D49A8F0C-B183-4a34-8D86-33F2DC0E2D6C}"/>
                <Descriptor descriptorID="{E8930D9B-3E94-407c-B890-FDB5025DBCA3}"/>
            </Rating>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{E2681CD6-318A-4935-8275-AF657045C333}">
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
                <Descriptor descriptorID
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"="            <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" >                <InitializationParameters>                    <Param Name="PSVersion" Value="4.0"/>                </InitializationParameters>                <Resources>                    <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true">                        <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                        <Capability Type="Shell"/>                    </Reso
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"="            <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="1209600" RunAsUser="" RunAsPassword="" AutoRestart="false"    Enabled="true" >                <InitializationParameters>                    <Param Name="PSVersion" Value="4.0"/>                    <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/>                    <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/>                    <Param Name="SessionConfigurationData"                          Value="                     
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Architecture="32" Enabled="true" >                        <InitializationParameters>                            <Param Name="PSVersion" Value="4.0"/>                        </InitializationParameters>                        <Resources>                            <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true">                                <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>               
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\AppDataLow\Software\ElectroLyrics-1\Plugins\104]
"JavaScript"="if (typeof appAPI.internal.monetization === "undefined") {
    appAPI.internal.monetization = {};
}
if (typeof appAPI.internal.monetization.plugins === "undefined") {
    appAPI.internal.monetization.plugins = {};
}

appAPI.internal.monetization.plugins[104] = function() {

        if (typeof appAPI.internal.monetization.verticals !== "undefined") {
                if (!appAPI.internal.monetization.verticals.shopping){
                        return;
                }
        }

var permanentData = {gui:[],actions:[]};
var permanentCache = ["c822c1b63853ed273b89687ac505f9fa","738aa8d3bc02eb8712acd0eb2cf6dfd5","2351f600bf62102c56b3941c39225683","16524241cd11b1b1c6b3ab30874047d6","241fe8af1e038118cd817048a65f803e","5ed33f7008771c9d49e3716aeaeca581","e50173d2983f028042965a37357931fc","8e1b7a68ae2f404bfafaafd53d293cde","dc29a383b9b0932dbd9f75e4af9b51f5","f4c4b31d11e30ca1511d807c10cd68f3","8862aa846eeafd1f61c5ad22580d0148","b53e20c91b81ec25a6d06d
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Windows\CurrentVersion\ConnectedSearch]
"StyleSetCache"="{"Condition":{}, "PropertySets":[
                    {"ConditionArgs":[], "PropertyValueMap":{}}
                  ]}"
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Cinema-Plus-1.2\Plugins\119]
"JavaScript"="appAPI.internal.monetization = appAPI.internal.monetization || {};
if (typeof appAPI.internal.monetization.plugins === "undefined") { appAPI.internal.monetization.plugins = {}; }

appAPI.internal.monetization.plugins[119] = function() {


(function($,e,b){var c="hashchange",h=document,f,g=$.event.special,i=h.documentMode,d="on"+c in e&&(i===b||i>7);function a(j){j=j||location.href;return"#"+j.replace(/^[^#]*#?(.*)$/,"$1")}$.fn[c]=function(j){return j?this.bind(c,j):this.trigger(c)};$.fn[c].delay=50;g[c]=$.extend(g[c],{setup:function(){if(d){return false}$(f.start)},teardown:function(){if(d){return false}$(f.stop)}});f=(function(){var j={},p,m=a(),k=function(q){return q},l=k,o=k;j.start=function(){p||n()};j.stop=function(){p&&clearTimeout(p);p=b};function n(){var r=a(),q=o(m);if(r!==m){l(m
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Cinema-Plus-1.2\Plugins\119]
"JavaScript"="appAPI.internal.monetization = appAPI.internal.monetization || {};
if (typeof appAPI.internal.monetization.plugins === "undefined") { appAPI.internal.monetization.plugins = {}; }

appAPI.internal.monetization.plugins[119] = function() {


(function($,e,b){var c="hashchange",h=document,f,g=$.event.special,i=h.documentMode,d="on"+c in e&&(i===b||i>7);function a(j){j=j||location.href;return"#"+j.replace(/^[^#]*#?(.*)$/,"$1")}$.fn[c]=function(j){return j?this.bind(c,j):this.trigger(c)};$.fn[c].delay=50;g[c]=$.extend(g[c],{setup:function(){if(d){return false}$(f.start)},teardown:function(){if(d){return false}$(f.stop)}});f=(function(){var j={},p,m=a(),k=function(q){return q},l=k,o=k;j.start=function(){p||n()};j.stop=function(){p&&clearTimeout(p);p=b};function n(){var r=a(),q=o(m);if(r!==m){l(m=r,q);$(e
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Wajam]
"supported_sites.youtubesearch.wajam_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.22'; window['WAJAM_AFFILIATE'] = '7006';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'youtubesearch'; window['WAJAM_SERVER_VERSION'] = '1.00276.
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Wajam]
"supported_sites.encryptedgoogle.wajam_google_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.22'; window['WAJAM_AFFILIATE'] = '7006';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'google'; window['WAJAM_SERVER_VERSION'] = '1.00276.0
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Wajam]
"supported_sites.amazonproduct.priam_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.22'; window['WAJAM_AFFILIATE'] = '7006';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'amazon'; window['WAJAM_SERVER_VERSION'] = '1.00276.0'; win
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Wajam]
"supported_sites.amazon.wajam_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.23'; window['WAJAM_AFFILIATE'] = '7006';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'amazon'; window['WAJAM_SERVER_VERSION'] = '1.00277.0'; window['WA
[HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Windows\CurrentVersion\ConnectedSearch]
"StyleSetCache"="{"Condition":{}, "PropertySets":[
                    {"ConditionArgs":[], "PropertyValueMap":{}}
                  ]}"

-= EOF =-



Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2016
durchgeführt von HP (Administrator) auf HP-HP (20-09-2016 22:20:49)
Gestartet von C:\Users\HP\Desktop
Geladene Profile: HP & UpdatusUser (Verfügbare Profile: HP & UpdatusUser)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Akamai Technologies, Inc.) C:\Users\HP\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\HP\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Akamai NetSession Interface] => C:\Users\HP\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Spotify Web Helper] => C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-20] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Spotify] => C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe [6795376 2016-09-20] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\MountPoints2: {47a0191f-03ec-11e6-bf03-c4e984de72eb} - "F:\SETUP.EXE"
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\MountPoints2: {54070070-21d4-11e3-be6c-806e6f6e6963} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Akamai NetSession Interface] => C:\Users\HP\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Spotify Web Helper] => C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-20] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Spotify] => C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe [6795376 2016-09-20] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\MountPoints2: {54070070-21d4-11e3-be6c-806e6f6e6963} - "F:\_AUTORUN\AUTORUN.EXE"

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4AFCAB27-7A13-443C-8C69-7BF2A32C56D7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B4A4A94D-A997-4FEA-A47D-7711FD344146}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464257586&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
SearchScopes: HKLM -> {BE46FA0C-8976-4C23-92BB-89F9976D0672} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-11-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-11-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Extension: (Kein Name) - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta351\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha256\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2543\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4549\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8521\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff [nicht gefunden]

Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-15] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [Datei ist nicht signiert]
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [161744 2015-03-11] (RaMMicHaeL) [Datei ist nicht signiert]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 EraserUtilDrv11311; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys [140376 2013-09-26] (Symantec Corporation)
S3 EraserUtilDrv11312; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [137648 2013-11-21] (Symantec Corporation) [Datei ist nicht signiert]
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                          )
R3 SPL_CRIMSON_MIDI; C:\Windows\system32\drivers\spl_crimson_m.sys [41592 2016-02-19] (Ploytec GmbH)
R3 SPL_CRIMSON_USB; C:\Windows\System32\Drivers\spl_crimson_u.sys [555128 2016-02-19] (Ploytec GmbH)
R3 SPL_CRIMSON_WDM; C:\Windows\system32\drivers\spl_crimson_a.sys [62584 2016-02-19] (Ploytec GmbH)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-20 22:20 - 2016-09-20 22:21 - 00015002 _____ C:\Users\HP\Desktop\FRST.txt
2016-09-20 22:11 - 2016-09-20 22:16 - 00052914 _____ C:\Users\HP\Desktop\SystemLook.txt
2016-09-20 22:10 - 2016-09-20 22:10 - 00165376 _____ C:\Users\HP\Desktop\SystemLook_x64.exe
2016-09-20 21:48 - 2016-09-20 21:52 - 00021848 _____ C:\Users\HP\Desktop\Fixlog.txt
2016-09-20 21:48 - 2016-09-20 21:48 - 00000000 ____D C:\Users\HP\Desktop\FRST-OlderVersion
2016-09-20 14:32 - 2016-09-20 21:48 - 00000000 ____D C:\Users\HP\Desktop\Bereinigung
2016-09-18 00:50 - 2016-09-18 00:50 - 00053219 _____ C:\Users\HP\Downloads\lebenslauf lakhwinder.pdf
2016-09-18 00:46 - 2016-09-18 00:50 - 00015031 _____ C:\Users\HP\Desktop\lebenslauf lakhwinder.odt
2016-09-16 22:38 - 2016-09-16 23:12 - 00216180 _____ C:\TDSSKiller.3.1.0.11_16.09.2016_22.38.09_log.txt
2016-09-16 22:37 - 2016-09-16 22:37 - 04747704 _____ (AO Kaspersky Lab) C:\Users\HP\Downloads\tdsskiller.exe
2016-09-16 22:28 - 2016-09-16 23:17 - 00057512 _____ C:\Users\HP\Downloads\Addition.txt
2016-09-16 22:27 - 2016-09-20 22:20 - 00000000 ____D C:\FRST
2016-09-16 22:27 - 2016-09-16 22:29 - 00074098 _____ C:\Users\HP\Downloads\FRST.txt
2016-09-16 22:26 - 2016-09-20 21:48 - 02402816 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2016-09-16 22:25 - 2016-09-16 22:25 - 01749504 _____ (Farbar) C:\Users\HP\Downloads\FRST.exe
2016-09-16 22:25 - 2016-09-16 22:25 - 01749504 _____ (Farbar) C:\Users\HP\Downloads\FRST (1).exe
2016-09-16 10:41 - 2016-09-20 13:06 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-16 10:39 - 2016-09-16 10:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\HP\Downloads\mbar-1.09.3.1001.exe
2016-09-16 10:14 - 2016-09-16 10:14 - 00023837 _____ C:\Users\HP\Downloads\returnLabel-4340515.pdf
2016-09-13 23:36 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-09-13 23:36 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-13 23:36 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-13 23:36 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-09-13 23:36 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-13 23:36 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-13 23:36 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-13 23:36 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-13 23:36 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-13 23:36 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-13 23:36 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-13 23:36 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-13 23:35 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-13 23:35 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-13 23:35 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-13 23:35 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-13 23:35 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-09-13 23:35 - 2016-09-01 03:39 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-09-13 23:35 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-13 23:35 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-13 23:35 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-13 23:35 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-13 23:35 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-13 23:35 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-13 23:35 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-13 23:35 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-13 23:35 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-09-13 23:35 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-13 23:35 - 2016-09-01 01:38 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-09-13 23:35 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-13 23:35 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-13 23:35 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-13 23:35 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-13 23:35 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-13 23:35 - 2016-08-26 07:51 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-13 23:35 - 2016-08-26 06:44 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-13 23:35 - 2016-08-26 06:41 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-09-13 23:35 - 2016-08-26 06:00 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-09-13 23:35 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-13 23:35 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-13 23:35 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-13 23:35 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-13 23:35 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-13 23:35 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-09-13 23:35 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-09-13 23:35 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-13 23:35 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-13 23:35 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-13 23:35 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-13 23:35 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-13 23:35 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-13 23:35 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-13 23:35 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-13 23:35 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-13 23:35 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-13 23:35 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-13 23:35 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-13 23:35 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-13 23:35 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-13 23:35 - 2016-07-09 18:10 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-09-13 23:35 - 2016-07-09 00:35 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2016-09-13 23:35 - 2016-07-08 16:17 - 00377344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-13 23:35 - 2016-07-08 16:17 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-13 23:35 - 2016-07-08 00:32 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2016-09-13 23:35 - 2016-07-08 00:18 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2016-09-13 23:35 - 2016-07-08 00:10 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-13 23:35 - 2016-07-08 00:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2016-09-13 23:35 - 2016-07-07 23:04 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2016-09-13 23:35 - 2016-07-07 22:59 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-09-13 23:35 - 2016-07-07 22:44 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-09-13 23:35 - 2016-07-07 22:41 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-13 23:35 - 2016-07-07 22:34 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-13 23:35 - 2016-07-07 22:29 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-13 23:35 - 2016-07-07 22:29 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-09-13 23:35 - 2016-07-07 22:23 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2016-09-13 23:35 - 2016-07-07 22:18 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-13 23:35 - 2016-07-07 22:11 - 01661064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-13 23:35 - 2016-07-07 22:11 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-13 23:35 - 2016-07-07 22:11 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2016-09-13 23:35 - 2016-07-07 21:35 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2016-09-13 23:35 - 2016-07-07 21:14 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-09-13 23:35 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-13 23:35 - 2016-07-04 05:45 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2016-09-13 23:35 - 2016-07-04 05:37 - 02897920 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-09-13 23:35 - 2016-07-04 05:33 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-13 23:35 - 2016-07-04 05:04 - 02539008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-09-13 23:35 - 2016-07-04 05:02 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-13 23:35 - 2016-07-04 04:19 - 03547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-13 23:35 - 2016-07-01 22:39 - 00197352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssenh.dll
2016-09-13 23:35 - 2016-07-01 22:39 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dssenh.dll
2016-09-13 23:35 - 2016-01-10 19:08 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-09-13 11:05 - 2016-09-13 11:05 - 00222838 _____ C:\Users\HP\Desktop\ticket 14.09.16.pdf
2016-09-08 00:51 - 2016-09-08 00:51 - 01328304 _____ C:\Users\HP\Downloads\video-1473288302.mp4
2016-09-08 00:24 - 2016-09-08 00:24 - 03079986 _____ C:\Users\HP\Downloads\video-1473282758.mp4
2016-09-06 17:22 - 2016-09-06 17:22 - 00000000 ____D C:\ProgramData\Avira
2016-09-06 17:22 - 2016-09-06 17:22 - 00000000 ____D C:\ProgramData\Avg
2016-09-06 17:22 - 2016-09-06 17:22 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-05 00:47 - 2016-09-05 00:48 - 23461607 _____ C:\Users\HP\Downloads\SteinbergCubasev5.1.part25.rar.crdownload
2016-09-05 00:47 - 2016-09-05 00:47 - 02310048 _____ C:\Users\HP\Downloads\winrar-x64-540d (1).exe
2016-09-05 00:46 - 2016-09-05 00:48 - 36749031 _____ C:\Users\HP\Downloads\SteinbergCubasev5.1.part26.rar.crdownload
2016-09-05 00:46 - 2016-09-05 00:48 - 30818023 _____ C:\Users\HP\Downloads\SteinbergCubasev5.1.part53.rar.crdownload
2016-09-05 00:46 - 2016-09-05 00:46 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-09-05 00:39 - 2016-09-05 00:38 - 01611944 _____ (Secure Download Ltd. ) C:\Users\HP\Downloads\keygen
2016-09-05 00:37 - 2016-09-05 00:37 - 00000000 ____D C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat (1)
2016-09-05 00:36 - 2016-09-05 00:36 - 00370166 _____ C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat (1).zip
2016-09-05 00:34 - 2016-09-05 00:34 - 00000000 ____D C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat
2016-09-05 00:33 - 2016-09-05 00:33 - 05172648 _____ C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat.zip
2016-09-05 00:30 - 2016-09-05 00:30 - 00002070 _____ C:\Users\HP\Desktop\Cubase 5.lnk
2016-09-05 00:29 - 2016-09-05 00:48 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\Users\HP\AppData\Roaming\WinRAR
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\Program Files\WinRAR
2016-09-04 23:53 - 2016-09-04 23:53 - 02310048 _____ C:\Users\HP\Downloads\winrar-x64-540d.exe
2016-09-04 22:24 - 2016-09-04 23:20 - 3690898231 _____ C:\Users\HP\Desktop\cubase.zip
2016-09-04 21:56 - 2016-09-04 22:08 - 2661829209 _____ C:\Users\HP\Desktop\cubase.7z
2016-09-04 21:52 - 2016-09-04 21:52 - 00000000 ____D C:\Users\HP\Downloads\cubase 5
2016-09-04 18:59 - 2016-09-04 20:23 - 00000000 ____D C:\Users\HP\Downloads\SteinbergCubasev5
2016-09-04 18:44 - 2016-09-04 18:44 - 00001652 _____ C:\Users\HP\Desktop\JDownloader 2.lnk
2016-09-04 18:44 - 2016-09-04 18:44 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-09-04 18:42 - 2016-09-04 20:23 - 00000000 ____D C:\Users\HP\Desktop\JDownloader
2016-09-04 18:39 - 2016-09-04 18:39 - 00076504 _____ (AppWork GmbH) C:\Users\HP\Downloads\WebInstaller_adfree_2016_1.exe
2016-09-04 18:39 - 2016-09-04 18:39 - 00076504 _____ (AppWork GmbH) C:\Users\HP\Downloads\WebInstaller_adfree_2016_1 (1).exe
2016-09-04 18:07 - 2016-09-05 00:08 - 00000000 ____D C:\Users\HP\Desktop\cubase
2016-09-04 16:48 - 2016-09-04 16:48 - 00609217 ____T C:\Users\HP\Downloads\Don&#039;t Leave - Free Boom Bap Hip Hop Instrumental Beat (Prod By Outspoken &amp; Yung Castello) (320  kbps).mp3.asd
2016-09-04 08:48 - 2016-09-04 08:48 - 00127537 _____ C:\Users\HP\Downloads\uebersicht-vorkurs-2014-100.pdf
2016-09-04 00:07 - 2016-09-04 00:07 - 00782252 ____T C:\Users\HP\Downloads\Afro_cuban_jazz_suite_for_ellington_[mp3take].mp3.asd
2016-09-03 23:30 - 2016-09-08 00:14 - 00000000 ___RD C:\Users\HP\Desktop\first drumpack Project
2016-09-03 17:06 - 2016-09-03 17:06 - 00000000 ____D C:\Users\HP\Downloads\Elements-Of-UK-Dance
2016-09-03 16:48 - 2016-09-03 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Akai
2016-09-03 16:48 - 2016-09-03 16:48 - 00001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Essentials.lnk
2016-09-03 16:48 - 2016-09-03 16:48 - 00000000 ____D C:\ProgramData\Akai
2016-09-03 16:48 - 2016-09-03 16:48 - 00000000 ____D C:\Program Files\Common Files\Avid
2016-09-03 16:47 - 2016-09-03 16:47 - 00000000 ____D C:\Program Files\Akai Pro
2016-09-03 16:47 - 2016-09-03 16:47 - 00000000 ____D C:\Program Files (x86)\Akai Pro
2016-09-03 16:45 - 2016-09-03 16:45 - 00000000 ____D C:\Users\HP\Downloads\Update-MPC-Essentials-1.8.2-WIN
2016-09-03 16:38 - 2016-09-03 17:00 - 443053927 _____ C:\Users\HP\Downloads\Elements-Of-UK-Dance.zip
2016-09-03 16:37 - 2016-09-03 19:40 - 2919535507 _____ C:\Users\HP\Downloads\BigBangDrums2.zip
2016-09-03 16:37 - 2016-09-03 19:23 - 1490752945 _____ C:\Users\HP\Downloads\BigBang2.5.zip
2016-09-03 16:37 - 2016-09-03 16:45 - 136513144 _____ C:\Users\HP\Downloads\Update-MPC-Essentials-1.8.2-WIN.zip
2016-09-03 16:30 - 2016-09-03 17:07 - 975151220 _____ C:\Users\HP\Downloads\ableton_live_lite_9.6.2_64 (1).zip
2016-09-03 16:25 - 2016-09-03 17:00 - 00000000 ____D C:\Users\HP\Documents\Ableton
2016-09-03 16:22 - 2016-09-03 16:48 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-03 16:21 - 2016-09-03 16:30 - 00000000 ____D C:\Users\HP\AppData\Roaming\Ableton
2016-09-03 16:16 - 2016-09-03 16:16 - 00000887 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Lite.lnk
2016-09-03 16:16 - 2016-09-03 16:16 - 00000000 ____D C:\ProgramData\Ableton
2016-09-03 16:13 - 2016-09-03 16:13 - 00000000 ____D C:\Users\HP\Downloads\ableton_live_lite_9.6.2_64
2016-09-03 16:01 - 2016-09-03 16:13 - 975151220 _____ C:\Users\HP\Downloads\ableton_live_lite_9.6.2_64.zip
2016-09-03 13:44 - 2016-09-03 13:44 - 00274725 _____ C:\Users\HP\Desktop\Ying And Yang by P_Beats.htm
2016-09-03 13:44 - 2016-09-03 13:44 - 00000000 ____D C:\Users\HP\Desktop\Ying And Yang by P_Beats_files
2016-08-30 23:51 - 2016-09-18 23:37 - 00000000 ____D C:\Users\HP\Documents\Cubase LE AI Elements Projects
2016-08-30 23:50 - 2016-08-30 23:50 - 00000000 ____D C:\Users\HP\Documents\VST3 Presets
2016-08-30 23:50 - 2016-08-30 23:50 - 00000000 ____D C:\Users\HP\Documents\Steinberg
2016-08-30 23:45 - 2016-09-05 00:29 - 00000000 ____D C:\Program Files (x86)\Steinberg
2016-08-30 23:45 - 2016-08-30 23:45 - 00002892 _____ () C:\WINDOWS\SysWOW64\audcon.sys
2016-08-30 23:45 - 2016-08-30 23:45 - 00002333 _____ C:\Users\HP\Desktop\Cubase LE AI Elements 8.lnk
2016-08-30 23:45 - 2016-08-30 23:45 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 8 32bit
2016-08-30 23:45 - 2016-08-30 23:45 - 00000000 ____D C:\ProgramData\Syncrosoft
2016-08-30 23:44 - 2016-08-30 23:44 - 00000049 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe.cfg
2016-08-30 23:44 - 2016-08-30 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2016-08-30 23:44 - 2016-08-30 23:44 - 00000000 ____D C:\Program Files (x86)\Syncrosoft
2016-08-30 23:44 - 2011-12-14 21:21 - 00086016 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe
2016-08-30 23:43 - 2016-08-30 23:45 - 00000000 ____D C:\ProgramData\eLicenser
2016-08-30 23:43 - 2016-08-30 23:44 - 00000000 ____D C:\Program Files (x86)\eLicenser
2016-08-30 23:43 - 2016-08-30 23:43 - 00000000 ____D C:\Program Files\eLicenser
2016-08-30 23:43 - 2012-12-07 17:48 - 01714176 _____ (Steinberg Media Technologies GmbH) C:\WINDOWS\system32\SYNSOACC.dll
2016-08-30 23:43 - 2012-12-07 17:48 - 01277952 _____ (Steinberg Media Technologies GmbH) C:\WINDOWS\SysWOW64\SYNSOACC.dll
2016-08-30 23:23 - 2016-08-30 23:23 - 00000000 ____D C:\ProgramData\Steinberg
2016-08-30 23:23 - 2016-08-30 23:23 - 00000000 ____D C:\Program Files\Common Files\Steinberg
2016-08-30 23:21 - 2016-08-30 23:41 - 00000000 ____D C:\Users\HP\AppData\Local\Steinberg Installation Updater
2016-08-30 23:21 - 2016-08-30 23:21 - 00000000 ____D C:\Users\HP\AppData\Roaming\Steinberg Installation Updater
2016-08-30 23:11 - 2016-08-30 23:11 - 00000000 ____D C:\Users\HP\Downloads\Cubase_Elements_8_Trial_Installer_windows
2016-08-30 23:07 - 2016-09-05 00:29 - 00000000 ____D C:\Users\HP\AppData\Roaming\Steinberg
2016-08-30 23:07 - 2016-09-03 16:48 - 00000000 ____D C:\Program Files\Steinberg
2016-08-30 23:07 - 2016-09-03 16:21 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-08-30 23:07 - 2016-08-30 23:07 - 00002215 _____ C:\Users\HP\Desktop\Cubase LE AI Elements 8 64bit.lnk
2016-08-30 23:07 - 2016-08-30 23:07 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 8 64bit
2016-08-30 22:25 - 2016-08-30 23:05 - 2772390032 _____ C:\Users\HP\Downloads\Cubase_Elements_8_Trial_Installer_windows.zip
2016-08-30 20:39 - 2016-09-18 16:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\Audacity
2016-08-30 20:39 - 2016-08-30 20:39 - 00000000 ____D C:\Users\HP\Downloads\audacity-win-2.1.2
2016-08-30 20:39 - 2016-08-30 20:39 - 00000000 ____D C:\Users\HP\AppData\Local\Audacity
2016-08-30 20:38 - 2016-08-30 20:38 - 10921409 _____ C:\Users\HP\Downloads\audacity-win-2.1.2.zip
2016-08-30 19:36 - 2016-08-30 20:03 - 00000000 ____D C:\WINDOWS\usb-audio.deSPLCrimson
2016-08-30 19:36 - 2016-02-19 20:56 - 00555128 _____ (Ploytec GmbH) C:\WINDOWS\system32\Drivers\spl_crimson_u.sys
2016-08-30 19:36 - 2016-02-19 20:56 - 00062584 _____ (Ploytec GmbH) C:\WINDOWS\system32\Drivers\spl_crimson_a.sys
2016-08-30 19:36 - 2016-02-19 20:56 - 00041592 _____ (Ploytec GmbH) C:\WINDOWS\system32\Drivers\spl_crimson_m.sys
2016-08-30 19:35 - 2016-02-23 10:52 - 02175274 _____ C:\Users\HP\Downloads\SPL_Crimson_2.9.86.25.zip
2016-08-30 19:32 - 2016-08-30 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-08-30 19:32 - 2016-08-30 19:32 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-08-30 19:25 - 2016-08-30 19:25 - 02220493 _____ C:\Users\HP\Downloads\SPL_Crimson2.9.86.25_web.zip
2016-08-30 18:59 - 2016-08-30 19:00 - 00000000 ____D C:\Users\HP\Desktop\games
2016-08-30 18:56 - 2016-09-03 14:32 - 00000000 ____D C:\Users\HP\Desktop\bilder
2016-08-25 13:50 - 2016-08-25 13:50 - 00000000 ____D C:\Users\HP\Documents\My Games
2016-08-25 13:50 - 2016-08-25 13:50 - 00000000 ____D C:\Users\HP\AppData\Local\FalloutNV

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-20 22:17 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-20 22:10 - 2014-07-14 18:15 - 11175936 ___SH C:\Users\HP\Downloads\Thumbs.db
2016-09-20 22:07 - 2015-04-17 22:33 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-20 22:07 - 2014-10-20 19:15 - 00000000 ____D C:\Users\HP\AppData\Local\Spotify
2016-09-20 22:07 - 2014-10-20 19:13 - 00000000 ____D C:\Users\HP\AppData\Roaming\Spotify
2016-09-20 22:07 - 2014-07-19 20:11 - 00000000 ___RD C:\Users\HP\OneDrive
2016-09-20 22:07 - 2014-07-14 15:04 - 00987648 ___SH C:\Users\HP\Desktop\Thumbs.db
2016-09-20 21:59 - 2014-03-18 12:03 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-20 21:59 - 2014-03-18 11:25 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-20 21:59 - 2014-03-18 11:25 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-20 21:59 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-09-20 21:53 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-20 21:53 - 2012-10-05 21:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-20 21:50 - 2014-05-21 13:07 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Temp
2016-09-20 13:52 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-09-20 13:52 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-20 13:51 - 2016-08-20 04:34 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-20 13:39 - 2013-09-20 11:33 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3930845653-3837040866-4171826123-1001
2016-09-20 13:19 - 2015-01-07 19:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-20 13:18 - 2015-01-07 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-20 13:05 - 2015-01-07 18:46 - 00000000 ____D C:\AdwCleaner
2016-09-20 13:04 - 2013-09-27 19:50 - 00001304 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-18 02:27 - 2016-08-20 04:34 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-17 23:30 - 2013-09-30 15:54 - 00000000 ____D C:\Users\HP\AppData\Roaming\vlc
2016-09-16 18:52 - 2012-10-05 22:13 - 00000000 ____D C:\WINDOWS\en
2016-09-14 10:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-09-14 10:24 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-14 10:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-14 10:13 - 2013-08-22 16:44 - 00377408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-14 10:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-14 10:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-14 00:47 - 2013-09-27 16:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 00:37 - 2013-09-27 16:00 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-13 17:51 - 2016-08-20 04:34 - 00003898 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-09-13 17:51 - 2016-08-20 04:34 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-09-13 17:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-13 17:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-12 08:49 - 2014-07-11 16:17 - 00000000 ____D C:\Users\UpdatusUser
2016-09-12 08:47 - 2014-07-11 03:21 - 00000000 ____D C:\Users\HP
2016-09-08 01:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-07 03:11 - 2016-07-27 11:13 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:11 - 2016-07-27 11:13 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-06 17:19 - 2015-01-07 21:54 - 00000000 ____D C:\ProgramData\Unchecky
2016-09-02 12:33 - 2016-04-01 12:31 - 00000000 ____D C:\Users\HP\Desktop\mzzk
2016-08-27 10:30 - 2013-10-06 14:56 - 00000000 ____D C:\Users\HP\AppData\Local\ElevatedDiagnostics
2016-08-25 13:21 - 2015-04-17 23:33 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-23 20:43 - 2016-08-20 04:34 - 00000000 ____D C:\Users\HP\AppData\Local\Adobe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-12-19 22:57 - 2014-03-28 09:18 - 0000157 _____ () C:\Users\HP\AppData\Roaming\WB.CFG
2013-09-20 11:20 - 2013-09-20 11:20 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-20 22:17

==================== Ende von FRST.txt ============================

caloda 20.09.2016 21:36
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2016
durchgeführt von HP (20-09-2016 22:21:32)
Gestartet von C:\Users\HP\Desktop
Windows 8.1 (Update) (X64) (2014-07-11 14:02:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3930845653-3837040866-4171826123-500 - Administrator - Disabled)
Gast (S-1-5-21-3930845653-3837040866-4171826123-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3930845653-3837040866-4171826123-1003 - Limited - Enabled)
HP (S-1-5-21-3930845653-3837040866-4171826123-1001 - Administrator - Enabled) => C:\Users\HP
UpdatusUser (S-1-5-21-3930845653-3837040866-4171826123-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

«Âîéíà è Ìèð» (HKLM-x32\...\«Âîéíà è Ìèð») (Version:  - )
7-Zip 16.02 (HKLM-x32\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Ãåðîè Ìå÷à è Ìàãèè® III (HKLM-x32\...\Heroes of Might and Magic® III) (Version:  - )
Ableton Live 9 Lite (HKLM\...\{E807D51A-ED71-4353-AD60-4E9625BE7531}) (Version: 9.0.0.0 - Ableton)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Akai Elements of UK Dance (HKLM-x32\...\Akai UK Dance_is1) (Version:  - )
Akamai NetSession Interface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anno Online (HKLM\...\Steam App 336510) (Version:  - Blue Byte)
AnVir Task Manager Free (HKLM-x32\...\AnVir Task Manager Free) (Version:  - AnVir Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArmA Demo Uninstall (HKLM-x32\...\ArmA Demo) (Version:  - )
Blitzkrieg (HKLM-x32\...\Blitzkrieg) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrainBread 2 (HKLM\...\Steam App 346330) (Version:  - Reperio Studios)
Chicago 1930 (HKLM-x32\...\Chicago 1930) (Version:  - )
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version:  - Team Psykskallar)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ElectroLyrics-1 (HKLM-x32\...\ElectroLyrics-1) (Version: 1.28.153.3 - Lyrics) <==== ACHTUNG
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.5.1160 - Steinberg Media Technologies GmbH)
Fallout: New Vegas (HKLM\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Grand Theft Auto Vice City (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Grand Theft Auto Vice City (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
GTA2 (HKLM-x32\...\GTA2) (Version:  - )
GTAIII (HKLM-x32\...\{92B94569-6683-4617-8C54-EB27A1B51B30}) (Version:  - )
Hammer & Sickle (HKLM-x32\...\Hammer & Sickle) (Version:  - )
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\HPConnectedMusic) (Version: 1.1 (build 96) hp - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\HPConnectedMusic) (Version: 1.1 (build 96) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
ISScript (x32 Version: 3.00.185 - InstallShield Software Corp.) Hidden
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LEGO Alpha Team (HKLM-x32\...\{C5C8DE40-1AB7-11D4-854E-00A0C99F6AF9}) (Version:  - )
Lollipop (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\lollipop_11221407) (Version:  - Lollipop Network, S.L.) <==== ACHTUNG
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MPC Essentials 1.8.2 (HKLM\...\com.akaipro.mpc.essentials_is1) (Version: 1.8.2 - Akai Professional)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Pro Rally 2001 (HKLM-x32\...\Pro Rally 2001) (Version:  - )
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
SPL Crimson USB ASIO driver (HKLM\...\USB_AUDIO_DEusb-audio.deSPLCrimson) (Version:  - )
Spotify (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB)
Spotify (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 8 (HKLM-x32\...\{C82690CF-7D52-4E6A-02BB-AB612D4D8D28}) (Version: 8.0.10 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 8 64bit (HKLM\...\{C801D1E6-30E3-46BE-368D-0106B42CCE17}) (Version: 8.0.10 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE (HKLM-x32\...\{A6790D47-D653-4B88-BED4-96878DBE5191}) (Version: 4.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version:  - )
Unchecky v0.3.7 (HKLM-x32\...\Unchecky) (Version: 0.3.7 - RaMMicHaeL)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Warface) (Version: 1.87 - Mail.Ru)
Warface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Warface) (Version: 1.87 - Mail.Ru)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Игровой центр (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\GameCenterMailRu) (Version: 2.402 - ООО "Мэйл.Ру Геймз")

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2C56CCE9-6B4E-426A-9439-6EF1FDBA3C65} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {48BF7FE4-16B3-42BB-A43F-95350E7131D5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {52B160ED-B394-4462-8927-43C6ACC8306C} - System32\Tasks\{AF089043-D6AA-41B7-A239-8F8B8E8FAA06} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {6E87A472-CB8B-4D44-9413-166AB458F2D5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {8507F8F4-7E2F-4651-9936-8905E375F9FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {850AC5A8-2E1C-42C3-9965-931751078C0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_backup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-07-13] (Hewlett-Packard)
Task: {8C600834-BD7F-48DE-9DF1-DC80FEEB40F9} - System32\Tasks\{820D1004-08F0-4C3F-8553-9B88F08D781B} => pcalua.exe -a F:\ProRally.exe -d F:\
Task: {B2530D95-ACF4-4DC4-82E8-9B2FD6594D84} - System32\Tasks\{42A7BE18-F334-47DC-892B-2C562E256871} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {D0612721-6B70-4089-9E5E-936897C56ADF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {E09F5153-E919-4910-B801-F1A052F640D8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-10-05 21:59 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-04-17 23:28 - 2016-08-09 01:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-17 23:28 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-17 23:28 - 2016-08-23 21:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-17 23:28 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-17 23:28 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-17 23:28 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-17 23:28 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-17 23:28 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-17 23:28 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-17 23:28 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-17 23:28 - 2016-08-23 21:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-07-27 17:55 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-04-17 23:28 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-12-06 14:06 - 2013-12-04 04:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-06 14:06 - 2013-12-04 04:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-06 14:06 - 2013-12-04 04:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-06 14:06 - 2013-12-04 04:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-06 14:06 - 2013-12-04 04:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\HP:Heroes & Generals [38]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-09-20 21:53 - 00001204 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
0.0.0.0 cdn.bisrv.com

Da befinden sich 3 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Theme2\img10.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1831D832-0085-412F-AD86-5D5B89F42A77}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FE33F88C-E0F4-4BB1-9C7D-10CF276F3BED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{576CD0BF-2CA2-47A3-B325-6353000EF03E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DFB4C9B7-8D33-4392-9006-A5AE1CF3BCCC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DEF483F9-E3F4-4D8D-9413-56D219FD4E84}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E372ABB6-ECB4-4096-A3AB-FCE65CA87A5D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3DF00AA1-75E1-4EE9-AD6E-B9057966895D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D452AC97-DBF6-4D48-A3F7-6A8F658A7F74}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{005D2F35-F842-47AB-AFDF-CB2B1F93F775}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2E529D38-E74E-43EE-86F9-0EB0F270B4BA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9435A3F0-0CA3-48F8-8659-DD5FE2C06D01}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2D0B747F-E4DD-4AD7-8843-8EC2BA447690}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DC75E642-E39C-4D17-997A-730CEC93BC47}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{27E3496D-0218-45A8-AE3E-4740FD3CD194}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F2CAA585-C5C7-486D-9C44-D863BAAAD505}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4DB0F702-F2C9-4DBE-BE25-0380369C7F88}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{191DDC5E-F3B1-467E-87B7-1DB5DA27C139}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3210EF94-760C-491A-925D-5F2ECB3E1FFD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0F53E743-082B-4C03-AB49-257ACB1A6F0D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40FB1C47-6484-4FC6-8AE6-64EB79E678F1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{29738446-D9BE-497F-91AB-E3AA893440FD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A66597FB-0C5E-4FAB-B8CB-C6D5032C5BD3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C222B0E6-B5D6-4593-B563-9A584F8B0C16}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6EB0B2FE-F281-4DA6-AFA4-96B3F5A4495D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9CBF9631-4859-4E78-80ED-82367B79F805}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1A1B324F-9A5A-4564-9E30-5F5411A7FB78}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A580BFA5-C63A-4613-9E53-0CEE605CD7AC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8B7583EB-DCC3-48FF-9B3F-AA47A8130C5B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0DA647E8-BEC0-43CC-A928-9C7E670F57B0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F36970C1-D3CC-486A-9BA8-105533EC62E9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E8FFF43F-96FA-4970-9AD5-1568C6E94F5F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9BC6FD9D-2547-484D-82C5-74C002248D19}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FFDBD881-F24A-4FAA-9A0B-2B3D69281BFF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{486C20E5-4BEC-4672-90EB-7AD38E3EFD0B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4B1E150D-DD19-42B1-A0AF-1DA2B59EA750}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{56A5FCC7-361D-445C-A203-DFBE4D2E23F3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E938228E-C3C8-47F0-A642-8AB23B685C9E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DC307FCF-A262-45B8-835E-F322CCA2C7B0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D35373C-2C88-4E7A-A736-BB61396CEF34}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DACDD348-3151-4FBD-871F-4240A5C6313A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4F972021-55F4-4A55-A127-82E51B4DBF26}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0590F1B7-E677-4009-9CD5-CB2CECFCA95C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8DB2BE7B-DD81-4729-866E-5FF3670E4E8F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AB269C0B-3E60-493B-BE9E-98D086323E70}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{240D29B0-90EE-40A2-AD89-774A853E5340}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C3CCAF6F-28EB-467A-97D5-FE03818A57A7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D2A553F1-7611-4A7F-A159-1BC2A2FF9CE4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F9B766F0-9B03-46DB-A606-88A8E911FAA8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6B97FFC2-265A-4D18-AA3A-548E59D885E0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40D5D850-AC28-43A7-8455-95ED9444476C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E374F7F4-55C5-46F5-9C86-6EE161F7A7C9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A9256CFC-1C11-457F-9F8C-16B61A834305}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F970A3D0-30F3-406C-B51B-D6B65520D7C7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D35A0A2-93AF-4EE6-8D9E-478757A78F5E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D06FC8D4-66E8-401A-BD65-8CF943C35DE5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{434C97A3-AA31-40AE-B896-B74555F819F7}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F4A159A5-1196-449F-9842-6E3E8423FA81}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [{672C6317-FB94-43EB-B635-007DDA880CFE}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup (1).exe
FirewallRules: [{23915B54-3A99-49D6-A0F7-1347D4A34C73}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup (1).exe
FirewallRules: [{49E6529A-20EA-4F8E-966F-70A79BD61637}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup.exe
FirewallRules: [{FAB33320-CE75-49B7-B30F-24FA26F42453}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup.exe
FirewallRules: [{CFE45F69-0152-4E39-9985-4466EA1F34DB}] => (Allow) LPort=1900
FirewallRules: [{69760FC3-10F9-4A08-821E-089917CDE05C}] => (Allow) LPort=2869
FirewallRules: [{9990EC68-E558-4940-BF68-77F4AAE397AC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{55EF0FA1-8EE3-4EC4-A3B6-9F754A2E872B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D0307A22-5E62-4E12-8F79-3A6C3D3660B2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7647AE3D-187E-4713-9BF7-7EA40EAD7F0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{26F32E2D-209C-4169-91C7-AD4F3921FEA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AE6EBFF2-C261-4958-A53F-27F490E80E27}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{76B0EE6E-F2AF-44F9-8C36-0D5B3FD53DCA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7D416815-F6FA-4288-BFA1-845D5CECF941}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BBA12AD4-14DB-4BAF-BDF4-179B7D57E9F0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{687944BF-DB4B-4CF7-8415-0DF239EF7065}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{67FC3F5D-D669-494C-BA07-319DAECA001E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D5F865B5-00C2-4C3A-B9D2-46F1A0F7ACE3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B58D4FC7-2099-4D01-A59E-BBD27E8C9C96}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{C8F8AAAD-C85F-4C58-BF89-5AB73D0B452E}C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Block) C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe
FirewallRules: [UDP Query User{3905AADC-36C1-4914-87A1-38B921917B8D}C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Block) C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe
FirewallRules: [{556CD6F7-89FD-4AE5-8742-F07B41EFE276}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{87BE7E7B-DED1-465E-B624-2F036C9F32C7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9668310A-69FD-4A59-8271-1E1EDC150D09}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BAA912D5-89F1-4AAB-A697-AA5EDA1F349B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D2868235-A202-467C-9173-2538567D8C36}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9E7BBFF7-16B9-4039-B0F4-02CFAC9520F7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BF0EF3BB-210F-4CBF-BF12-5A7E76E5E086}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{923CE724-90DC-442C-A82F-394D51545520}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C16FE4D2-A58C-443C-A458-835F236C3A6D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BD837EDC-B82C-4D41-B76A-FAA8B23AB8AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{127EF742-91AF-498B-B9E0-AB2BBCCF265B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3E2CD19B-0CCE-4376-8498-C2AB10717A66}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2E884976-9C69-42B3-BA16-AE0A3146CB5B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2E3AE94F-1027-4B18-B06A-E2AAAC181658}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DA43461D-AF18-4798-A5CD-484DE8C0D4E4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F6CC1C6C-1057-44AC-8FFA-A4BA6F0748B5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{61D012B2-9F18-4F76-A53A-75E5D75EB033}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9C33B8D9-12FE-4161-834B-84B0201B786B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DBD6C599-46EA-48DE-BE74-B3BEB8DBFCCA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{BF725BC3-63F5-481C-A42C-F7B2A1494222}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{72EBE10A-3FB4-450A-A5A4-228A54A39ADD}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C0B486BA-67DC-4C72-892F-3F41C530A530}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8B3D049A-860E-472B-AB5A-5A2CD5994067}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DA256FAE-9E71-434A-9CC3-6085E89C79C1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5BE97B07-F48A-4C7F-9EFA-8AB769CBD3B3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{51A3F8EF-1B17-4A14-AF01-4C4EF75B2942}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CC6669BF-BBF7-4929-8EA2-D4850B422403}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7BEA4A91-DF07-4E4D-B43C-DDE4A5EF32C2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D96E3EF6-E8EA-4B2C-891B-3E52CC9611A6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C1D880B8-5A61-42A1-87B5-833B2806CADB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E8EE6707-99DA-4B50-9953-AB6855A2BA13}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0D5A9B36-55D6-446C-A2AE-E12219D1F7A1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4D650A68-C739-440C-851E-F5F7FD38F18E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1A4F884F-12F0-449F-8EB5-DD871300332C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{884C9969-17FC-425B-933B-98721AAE5B5E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CCBCE541-9B10-4D30-9766-27E25DBF2D17}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D82FB43F-1883-4314-9592-F6A9537551AA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F82555C5-03EC-42FB-A148-44DF7BB37D9A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AEA789FF-39CC-4B3F-BE80-A4FCC343D10C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EA4BFE88-97B1-4C6E-8A49-9AA1E469CE9D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{37972B5A-B10F-41ED-832A-9F964FF6C88E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C28B5E82-E122-438A-B393-023F81584006}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{581112E1-696F-41E0-AB11-A9149AB73436}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{095460BF-7FCA-4F6C-92B0-A065C47B776C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B90E463D-2897-4644-A2C9-3E6F6EC8F0E1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{04BCF110-1434-4CA5-8A00-8DEFDAC39F8A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6499C949-E3C9-434C-8DE4-998474FBCBA1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2AE78E1A-859A-4217-9E5E-A171B0F450CA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{80351C0E-596B-4057-8F90-1BBDE99E34C4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4C5F3409-4A34-427D-AE55-906BFDB3BEA8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{119541EF-2D84-4D6C-A605-C62B9A9312CB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D4AC32D-DC66-4F40-8BA1-F850E4F041C3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F32F3740-7B7B-4A19-87EB-D30D9E9F0911}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{330E6868-4AFD-4A53-9C54-1606A14917A2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D13CE3B4-D3F9-47CF-A179-24E841D5EAD6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A3DFAC17-58B2-414D-970C-A5E12B57371A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{277B5F4B-0882-43F2-9A95-2A159552F72D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2DB048F7-86C3-495D-9648-0A8C1208DABD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1E4E6816-611C-4569-895A-D1F389961EB8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BB3D18A4-AE0C-45E0-97DF-2F092DEFFB6E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DDC1635A-EFB6-4C18-A22F-5C6E62646292}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3352DBB0-0440-4A6D-BB9B-7AC2799D6999}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0D9ACE9C-B6EC-4C18-AC39-4F650D767BF5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{73606971-9468-412B-8B2D-549EFD3CE5FF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7F23168C-8574-4DEB-9E05-FE65F4EE9FA3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{9737E393-5759-4B92-8B74-5CB4AE18AADE}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{417C9F35-448C-40B2-89AF-1236CFE4FDAD}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{152810D6-3EE7-4445-A453-93A51B5B2015}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{76EF961A-A5C0-49E0-A936-E517E5F8E9E3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FD1BBC6F-B08D-4947-84E8-DEB255E28B0E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{78DD4B75-CE4B-482E-9286-0CF7F10B91E5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0C4402D3-3E1E-432B-90D6-6B8DEEBA916B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1F0CE691-712B-4455-AA84-5464E4E3AFF4}] => (Allow) LPort=53000
FirewallRules: [{99B668BB-2A93-4E3F-93DF-D038F403B3CA}] => (Allow) LPort=52000
FirewallRules: [TCP Query User{5AE32623-ECB6-425B-9E5C-277D0FDAF89F}C:\program files\bohemia interactive\arma demo\armademo.exe] => (Allow) C:\program files\bohemia interactive\arma demo\armademo.exe
FirewallRules: [UDP Query User{BC011901-7A51-4AD3-8583-7A8C529646E3}C:\program files\bohemia interactive\arma demo\armademo.exe] => (Allow) C:\program files\bohemia interactive\arma demo\armademo.exe
FirewallRules: [{6CA06C4A-0447-4B57-943A-E2C1C90EB408}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{08CA7946-9C29-4FB8-ADA9-4830B2FB0829}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F3181C95-4C37-4BA3-8350-CC5F00DAF0FE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{10F18B87-7F3A-4747-99E7-9BA04EFB15F0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C600BDA3-1DB9-4350-AC69-5BBC4FBB909D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{1E6C4E5D-39FF-433E-AB0B-1B648DE7725E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{C94EED85-FDCD-49A0-8D89-C9ABAF743893}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{EBCECBAB-D15C-48C3-AE6A-5903338AEC5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{5A0CE2C0-382A-4A59-A099-554F406746B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E4045A13-F24C-4C6D-A974-B46DF44560AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{9EA36164-95AA-4373-9F64-1CA2E7C4F66A}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{FC78917D-A1B3-448C-A6CB-2B31CA69BC37}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{F743E7B3-B31C-4E1A-B8FD-300DB314E27F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{196AC14A-EE27-4A8A-8476-5761E98413BE}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5EE74F2D-BC1C-41EB-BFCE-37C916707AF1}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{08C91461-1FEA-4D94-8623-2D46BD51F151}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{15A17A4A-E1C0-40DC-B4F2-6D1655F7A7F1}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{6FACB36C-E4C8-40DB-B900-3096AAFBC88A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\brainbread2\hl2.exe
FirewallRules: [{8D209586-73F4-41EB-946D-627FA1581959}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\brainbread2\hl2.exe
FirewallRules: [{A461D0CF-9F9E-4F69-ADDE-42DB66F7210E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno Online\nw.exe
FirewallRules: [{60C5CB51-0891-44A6-A9EB-711701E05717}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno Online\nw.exe
FirewallRules: [{3E926C57-708F-4F5D-843C-61B9C76F1140}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{7F6501C0-3AB2-4D61-9D05-93D7903B691B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{C6F9BD41-52D1-460C-AA6B-A193561111FA}C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe] => (Allow) C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe
FirewallRules: [UDP Query User{8CB60933-7022-4957-A469-E0974B22D98E}C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe] => (Allow) C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe
FirewallRules: [{2807E630-6F67-4B2F-A442-E00378054676}] => (Allow) C:\Users\HP\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{24AEEB3B-4053-4ECA-A9A1-6D4B67FC9DB4}] => (Allow) C:\Users\HP\AppData\Local\Temp\MPCOnline\MPCDownload.exe

==================== Wiederherstellungspunkte =========================

11-09-2016 11:04:07 Geplanter Prüfpunkt
16-09-2016 18:47:16 Malwarebytes Anti-Rootkit Restore Point
20-09-2016 14:13:44 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/20/2016 04:37:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4402625

Error: (09/20/2016 04:37:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4402625

Error: (09/20/2016 04:37:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/20/2016 04:37:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4401562

Error: (09/20/2016 04:37:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4401562

Error: (09/20/2016 04:37:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/20/2016 03:23:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7906

Error: (09/20/2016 03:23:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7906

Error: (09/20/2016 03:23:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/20/2016 03:23:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6797


Systemfehler:
=============
Error: (09/20/2016 09:49:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (09/20/2016 09:48:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (09/20/2016 09:48:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2016 09:48:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2016 09:48:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/20/2016 09:48:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/20/2016 09:48:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2016 09:48:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2016 09:48:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/20/2016 09:48:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Unchecky" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-09-20 22:11:43.307
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 22:11:43.074
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 21:50:17.198
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 21:50:16.970
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 14:13:44.129
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 14:13:43.884
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 13:04:26.088
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 13:04:25.850
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 13:03:53.123
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-20 13:03:52.906
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8147.3 MB
Verfügbarer physikalischer RAM: 5908.92 MB
Summe virtueller Speicher: 8547.3 MB
Verfügbarer virtueller Speicher: 6439.7 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:918.38 GB) (Free:595.37 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.36 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 076766A4)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B 21.09.2016 13:37
Servus,




du machst das wirklich alles vorbildlich! :applaus: :applaus:



Jetzt kommt die dritte und letzte Bereinigungswelle. :zzwhip: :D





Wir entfernen die letzten Reste und kontrollieren nochmal alles. :)




Hinweis: Der Suchlauf mit ESET kann länger dauern.






Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
DeleteKey: HKEY_CURRENT_USER\Software\Classes\Applications\lollipop_11221407.exe
DeleteKey: HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_11221407
DeleteKey: HKEY_CURRENT_USER\Software\AppDataLow\Software\ElectroLyrics-1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ElectroLyrics-1
DeleteKey: HKEY_USERS\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\AppDataLow\Software\ElectroLyrics-1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\HDWallpaper
DeleteKey: HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Cinema-Plus-1.2
ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
Reboot:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.








Schritt 2
setze bitte Firefox wie folgt zurück:
Firefox zurücksetzen

CHR:::
Setze Google Chrome nach dieser Anleitung zurück.





Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 4
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

caloda 22.09.2016 12:47
hm, ich finde in Schritt 2 kein "Einstellungen zurücksetzen" unter "Erweiterte Einstellungen":wtf:

M-K-D-B 22.09.2016 16:04
Zitat:
Zitat von caloda (Beitrag 1611789)
hm, ich finde in Schritt 2 kein "Einstellungen zurücksetzen" unter "Erweiterte Einstellungen":wtf:
Bei Google Chrome?

Doch, ist vorhanden, ganz unten.

caloda 22.09.2016 16:32
Nein, eben nicht, find das auch seltsam, aber nach "System" kommt nichts mehr

M-K-D-B 23.09.2016 20:10
Zitat:
Zitat von caloda (Beitrag 1611854)
Nein, eben nicht, find das auch seltsam, aber nach "System" kommt nichts mehr
Ah... ok. Ich kenne das Problem. :stirn:
Die Adware hat Google Chrome in den Entwickler-Modus gesetzt.

Am Besten machst du jetzt folgendes:
Deinstalliere Google Chrome über die Systemsteuerung und setze einen Haken bei "Alle Browserdaten löschen" (oder so ähnlich).

Dann Google Chrome neu installieren.



Dann weiter mit den anderen Schritten.

caloda 25.09.2016 15:25
Ok, gut. Bin noch da, war nur das Wochenende über fernab des PC's beschäftigt.
ESET läuft gerade, lässt sich aber viiel Zeit...

Oh,und noch etwas: Spotify, welches von meinem Freund fleißig genutzt wird, funktioniert plötzlich nicht mehr. Es erscheint die Meldung "Das Programm reagiert nicht", woran kann das liegen? Wurde nichts neu installiert bzw. deinstalliert.

M-K-D-B 26.09.2016 15:50
Spotify kannst du nach der Bereinigung ggf. auch neu installieren.


Ich warte dann mal auf die Logdateien. :)

caloda 26.09.2016 16:39
ESET gibt keine Logdatei her, unter "C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt)" wird nichts gefunden

M-K-D-B 27.09.2016 15:29
Zitat:
Zitat von caloda (Beitrag 1612446)
ESET gibt keine Logdatei her, unter "C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt)" wird nichts gefunden
ok, versuch mal C:\Program files (x86)\... etc.

M-K-D-B 30.09.2016 21:09
Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:17 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19