Trojaner-Board - Ambworks nicht zu löschen

Additional.txt:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2017 01

Ran by moxito (20-06-2017 21:29:37)

Running from C:\Users\moxito\Desktop

Windows 10 Enterprise Version 1607 (X64) (2016-10-10 23:15:08)

Boot Mode: Normal

==========================================================
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-1078665582-1449517287-1295239923-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1078665582-1449517287-1295239923-503 - Limited - Disabled)

Guest (S-1-5-21-1078665582-1449517287-1295239923-501 - Limited - Enabled)

HomeGroupUser$ (S-1-5-21-1078665582-1449517287-1295239923-1005 - Limited - Enabled)

moxito (S-1-5-21-1078665582-1449517287-1295239923-1001 - Administrator - Enabled) => C:\Users\moxito
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Baidu Antivirus (Enabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB}
 

==================== Installed Programs ======================
 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.4 - )

360 Browser (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\360Browser) (Version: 7.5.2.108 - 360 Security Center)

7-Zip 16.02 (HKLM-x32\...\7-Zip) (Version: 16.02 - Igor Pavlov)

8GadgetPack (HKLM-x32\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)

Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)

Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)

Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)

Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)

Ansel (Version: 382.33 - NVIDIA Corporation) Hidden

AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.6.0 - SlySoft)

ApoDispatchConfigurator (Version: 2.3.1401 - Nahimic) Hidden

AudioLaunchpadConfigurator (Version: 2.3.1401 - Nahimic) Hidden

Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.148966 - Baidu, Inc.)

Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1607.1801 - Micro-Star International Co., Ltd.)

Battery Calibration (x32 Version: 1.0.1607.1801 - Micro-Star International Co., Ltd.) Hidden

BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.78.6323 - BlueStack Systems, Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)

CCTalk (HKLM-x32\...\CCTalk) (Version: 6.0.0.1 - www.hujiang.com, Inc.)

CheckDevicesConfigurator (Version: 2.3.1401 - Nahimic) Hidden

Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)

CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1705.3101 - Micro-Star International Co., Ltd.)

Dragon Center (x32 Version: 1.2.1705.3101 - Micro-Star International Co., Ltd.) Hidden

Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 2.0.1605.2701 - Micro-Star International Co., Ltd.)

Dragon Gaming Center (x32 Version: 2.0.1605.2701 - Micro-Star International Co., Ltd.) Hidden

DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)

Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)

Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)

FRN Client 2014 (HKLM-x32\...\FRN Client_is1) (Version:  - Free Radio Network)

FRN Server 2014 (HKLM-x32\...\FRN Server_is1) (Version:  - Free Radio Network)

Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )

Hauppauge WinTV 8 (HKLM-x32\...\Hauppauge WinTV 8) (Version: v8.0.34284 (CD 5.1 AAC) - Hauppauge Computer Works)

Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1605.0601 - Micro-Star International Co., Ltd.)

Help Desk (x32 Version: 1.0.1605.0601 - Micro-Star International Co., Ltd.) Hidden

Intel Extreme Tuning Utility (HKLM-x32\...\{281badd0-7e11-494b-bdf7-34d6a2615c3c}) (Version: 6.2.0.19 - Intel Corporation)

Intel Extreme Tuning Utility (x32 Version: 6.2.0.19 - Intel Corporation) Hidden

Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden

Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)

Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)

Java 8 Update 112 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)

Killer Bandwidth Control Filter Driver (Version: 1.1.56.1122 - Rivet Networks) Hidden

Killer E220x Drivers (Version: 1.1.56.1122 - Rivet Networks) Hidden

Killer Network Manager (Version: 1.1.56.1122 - Rivet Networks) Hidden

Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.56.1122 - Rivet Networks)

Killer Wireless-AC Drivers (Version: 1.1.56.1122 - Rivet Networks) Hidden

K-Lite Mega Codec Pack 11.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP)

Kodi (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Kodi) (Version:  - XBMC-Foundation)

LauncherSetup (Version: 2.3.1401 - Nahimic) Hidden

LAV Filters 0.68.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1 - Hendrik Leppkes)

LenovoUsbDriver 1.1.9 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.9 - Lenovo)

Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)

Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

MKVToolNix 6.9.1 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 6.9.1 - Moritz Bunkus)

Nahimic 2 (HKLM-x32\...\{05c7b70a-5d25-419a-9b71-76900393b641}) (Version: 2.3.14 - Nahimic)

Nahimic2UISetup (Version: 2.3.1401 - Nahimic) Hidden

Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1031}) (Version: 8.0.182 - Nero AG)

NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )

Nitro Reader 5 (HKLM\...\{1DF310B2-0BE7-4CD7-8FCF-54B1ADB067D3}) (Version: 5.5.6.21 - Nitro)

NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)

NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)

NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden

NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden

NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden

Oracle VM VirtualBox 5.1.10 (HKLM\...\{57682F33-488A-4065-8255-C3681A2B6F4E}) (Version: 5.1.10 - Oracle Corporation)

Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

PlayReady PC Runtime amd64 (HKLM\...\{2E0C1D31-8FEC-411E-97FB-6E56BD429A98}) (Version: 1.3.10 - Microsoft Corporation)

ProductDaemonSetup (Version: 2.3.1401 - Nahimic) Hidden

ProductNSConfigurator (Version: 2.3.1401 - Nahimic) Hidden

QQ International (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)

QQ音乐2016 (HKLM-x32\...\QQMusic) (Version: 12.97.3627.1201 - 腾讯科技（深圳）有限公司)

QTranslate 5.7.0.3 (HKLM-x32\...\QTranslate) (Version: 5.7.0.3 - QuestSoft)

QT语音 (HKLM-x32\...\QT语音) (Version: 11.43.0.17707.483 - 腾讯科技（深圳）有限公司)

Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 12.0.0.102 - Qualcomm Atheros)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8053 - Realtek Semiconductor Corp.)

Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)

SCM (HKLM\...\{E3CE9EC1-7244-4846-A383-6BF0B172917A}) (Version: 13.015.12097 - Application)

SDR-RADIO.com (V2) (HKLM-x32\...\SDR-RADIO.com (V2)) (Version:  - )

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden

SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden

SonicMapperConfigurator (Version: 2.3.1401 - Nahimic) Hidden

SteelSeries Engine 3.10.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.10.2 - SteelSeries ApS)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.22.4 - Synaptics Incorporated)

TalkTV (HKLM-x32\...\{F768F6BA-F164-4599-BC26-DCCFC2F71983}_is1) (Version: 4.1.3 - TalkTV)

Technotrend Viewer (HKLM-x32\...\TT-Viewer_is1) (Version:  - CM&V)

The Bat! Professional v3.99.29 (HKLM-x32\...\{CA8D1F57-1D54-463F-A97D-9D740EBBD285}) (Version: 3.99.29 - Ritlabs)

TomTom HOME (HKLM-x32\...\{3C595537-D968-48D5-AAB1-CCB2E90FA59A}) (Version: 2.9.94 - Ihr Firmenname)

UFR II Printer Driver Uninstaller (HKLM\...\Canon UFR II Printer Driver) (Version: 5, 4, 0, 0 - Canon Inc.)

UIInstallUpgrade (Version: 2.3.1401 - Nahimic) Hidden

UltraMon (HKLM\...\{D4E62D29-31A1-4938-8CB7-7D275C1AEAC6}) (Version: 3.3.0 - Realtime Soft Ltd)

Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)

Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)

VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden

VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.0.18997 - VMware, Inc)

VMware Workstation (x32 Version: 8.0.0.18997 - VMware, Inc.) Hidden

Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)

Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)

Windows-Treiberpaket - MediaTek Inc. (wdm_usb) Ports  (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.)

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

Wondershare Video Converter Ultimate(Build 9.0.0.4) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 9.0.0.4 - Wondershare Software)

XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)

Youtube Downloader HD v. 2.9.9.30 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)

YY version 1.0 (HKLM-x32\...\{76E0BCEF-DBB1-4257-8230-6DE2310E4813}_is1) (Version: 1.0 - Joe)

YY8 (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\YY8) (Version: 8.3.0.2 - 多玩游戏网)

Zattoo Live TV (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\6e425e00e7cd59c7) (Version: 1.0.0.51 - Zattoo Europa AG)

央视影音 (HKLM-x32\...\{07F79EE3-1012-40BF-BEE7-A07EE6C284DC}_is1) (Version: 4.0.8.0 - 中国网络电视台)

搜狗拼音输入法 8.0正式版 (HKLM-x32\...\Sogou Input) (Version: 8.0.0.8381 - Sogou.com)

有道词典 (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\有道词典) (Version: 6.3 - 网易公司)

百度云管家 (HKLM-x32\...\百度云管家) (Version: 5.4.9 - 百度在线网络技术（北京）有限公司)

腾讯QQ (HKLM-x32\...\{052CFB79-9D62-42E3-8A15-DE66C2C97C3E}) (Version: 8.6.18804.0 - 腾讯科技(深圳)有限公司)

腾讯TM2009 (HKLM-x32\...\{260706D6-56D3-41E8-9183-DC4DF54B7F4B}) (Version: 1.41.1287.0 - 腾讯科技(深圳)有限公司)
 

==================== Custom CLSID (Whitelisted): ==========================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)

CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)

CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{2E445E22-1A5F-4C84-B963-BB65D07C1FB3}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{40C842B5-9E7D-4FBD-8E05-021F4B6F5CA5}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{A5110465-0F43-4586-9DEC-73DCC0CBCF08}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
 

==================== Scheduled Tasks (Whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

Task: {066AC61E-1658-4034-8524-C0F15BD63338} - System32\Tasks\gsrun.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\gsrun.exe [2016-10-13] ()

Task: {06F7876A-D01A-42DE-B0BB-34D3F2C31961} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)

Task: {07B42A73-B318-4361-8F73-910851DAA954} - System32\Tasks\me.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\me.exe [2016-10-13] ()

Task: {1195CE57-9B94-42B6-BD81-89095373206D} - System32\Tasks\MeLogo_{67679FCB-7ECA-4db5-B5AE-E6B4E178D0BA} => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\me.exe [2016-10-13] ()

Task: {1574B4F0-4EB0-481D-B3D6-875944676A34} - \{057E7D47-7D0A-0A7A-7911-0E040E78110C} -> No File <==== ATTENTION

Task: {25DED191-9070-42A0-9253-062048019AE6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)

Task: {32F11BBA-6316-404F-9DC7-B8F7FE491A05} - System32\Tasks\{ED9A9CD4-5A31-2B7F-2D3D-2F4634FF2C3B} => C:\ProgramData\{EB8ACCE0-5C21-7B4B-7EE8-1C19ABAD4F85}\3B2BA978-8C80-1ED3-88ED-20DA0EEA8994.exe <==== ATTENTION

Task: {3BCE144F-14C8-4842-8A53-661187BBC8A0} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2017-01-13] ()

Task: {3E407DC0-759C-44BB-88AC-AF6AC6A3A08B} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2017-01-13] ()

Task: {41607316-F1F1-4C25-B261-37C521ABF4CA} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]

Task: {4220DF88-E589-414A-B2EA-098D3E0E6500} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [2017-05-31] (Micro-Star International Co., Ltd.)

Task: {47435CE5-D1F2-4C13-A77E-DEADE332ED23} - System32\Tasks\{F7B708E3-B402-CC93-0235-FB6400AF3F41} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\58bca3a8\52456f97.dll" <==== ATTENTION

Task: {4E03935F-200C-45FD-9C69-7E21824D8529} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)

Task: {52CC2439-C048-4BE9-B616-C6A62EBF5D60} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)

Task: {743767E4-92ED-4EB8-BDE6-031C7AC9E9EC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)

Task: {77B29FB4-A203-4C87-AD47-184CA218CF3C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)

Task: {7AD8FA13-DAA9-47B8-A54D-CF5009AB44F4} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"

Task: {84F0B267-E639-40B1-8A5B-C527E0D0D998} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)

Task: {8D282348-DBD4-4BD7-9A44-95F8462FC27E} - System32\Tasks\yyplayer.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\yyplayer.exe [2016-10-13] ()

Task: {9D1A54AF-76A4-4C5F-9C7B-76B3A8E071FD} - System32\Tasks\HuanjuGameUpdate => C:\Users\moxito\AppData\Roaming\duowan\yygame\popup\bin\hjGameUpdate.exe [2017-05-21] (YY Inc.)

Task: {B86BD242-2DD2-49F3-A8FC-C7DFFF24FEF0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)

Task: {BB0CB973-6950-4BF2-A895-DAB4D24C13C2} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavUpdater.exe [2017-01-28] (Baidu, Inc.)

Task: {BB5B22AA-238A-4B32-8984-B8A3F29072CE} - System32\Tasks\yygamestore.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\yygamestore.exe [2016-10-13] ()

Task: {C54E8752-58C3-4FA0-9D33-A0404C058363} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [2017-01-13] ()

Task: {CB33CC10-7C4E-4BB2-9E8B-6E9E3DE606AD} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2016-05-06] (Micro-Star International Co., Ltd.)

Task: {CC5DB9A6-FD83-429B-82E0-B343682013B5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)

Task: {CDDE24C0-6063-4256-96AD-7C83C1F684C8} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation)

Task: {D4BCAAFF-C409-468A-8CF1-FCF6B4054779} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {F2852D36-A114-43F8-BD54-1577764A3D45} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-18] (Adobe Systems Incorporated)

Task: {F68E41E9-0104-4361-A8EE-6CCD3F70FFA2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\WINDOWS\Tasks\HuanjuGameUpdate.job => C:\Users\moxito\AppData\Roaming\duowan\yygame\popup\bin\hjGameUpdate.exe
 

==================== Shortcuts & WMI ========================
 

(The entries could be listed to be restored or removed.)
 
 

==================== Loaded Modules (Whitelisted) ==============
 

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2017-06-16 17:51 - 2017-06-03 12:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2015-05-19 10:11 - 2015-05-19 10:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe

2017-06-20 21:04 - 2017-05-25 14:11 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

2016-09-27 13:26 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2011-08-22 17:34 - 2011-08-22 17:34 - 11837440 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

2016-11-25 16:45 - 2016-11-25 16:44 - 00048568 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordStrokeHelper64.dll

2017-01-13 10:53 - 2017-01-13 10:53 - 00218296 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll

2017-01-13 10:53 - 2017-01-13 10:53 - 00289976 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll

2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll

2014-01-22 10:44 - 2014-01-22 10:44 - 00075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll

2017-01-13 10:49 - 2017-01-13 10:49 - 00705208 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe

2017-01-13 10:50 - 2017-01-13 10:50 - 02054328 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe

2017-01-13 10:54 - 2017-01-13 10:54 - 00513208 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe

2014-09-30 02:51 - 2014-09-30 02:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe

2016-11-25 16:45 - 2016-11-25 16:45 - 02515520 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoDictHelper.exe

2016-07-26 11:07 - 2017-06-16 22:06 - 01052192 _____ () C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\yundetectservice.exe

2016-11-28 14:45 - 2015-09-27 11:25 - 00035840 _____ () C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\FritzBoxTraffic1013.gadget\FritzBoxTrafficMonitorLib.dll

2016-11-25 16:45 - 2016-11-25 16:44 - 00192952 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoWSH.exe

2017-01-16 21:50 - 2017-01-16 21:50 - 01977448 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.webrunlogin\65547\yyqlogin.exe

2017-01-28 04:16 - 2017-01-28 04:16 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\HipsLogger.dll

2017-01-28 04:16 - 2017-01-28 04:16 - 00370672 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BNetOp.dll

2017-01-28 04:16 - 2017-01-28 04:16 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\sqlite.dll

2017-01-28 04:16 - 2015-05-28 13:44 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\dark.dll

2016-11-25 00:13 - 2011-08-23 14:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll

2016-12-09 16:53 - 2016-12-09 10:21 - 00368128 _____ () c:\programdata\microsoft\visualstudio\14.0\2052\msmg.dll

2011-08-22 17:23 - 2011-08-22 17:23 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll

2015-06-24 02:07 - 2015-06-24 02:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

2016-09-27 13:26 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

2017-01-13 10:48 - 2017-01-13 10:48 - 00189112 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2DevProps.dll

2017-01-13 10:46 - 2017-01-13 10:46 - 00262840 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2OSD.dll

2016-11-25 16:45 - 2016-11-25 16:44 - 00042936 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordStrokeHelper32.dll

2016-10-30 19:55 - 2016-10-30 19:55 - 00108544 __RSH () C:\Program Files (x86)\SlySoft\AnyDVD\BRD.dll

2016-11-25 16:45 - 2016-11-25 16:44 - 00095936 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\CrashRpt.dll

2016-11-25 16:45 - 2016-11-25 16:45 - 34880064 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\libcef.dll

2016-11-25 16:45 - 2016-11-25 16:45 - 03795520 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\v8.dll

2016-11-25 16:44 - 2016-11-25 16:44 - 01577912 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\Stable\Acrobat2Dict.dll

2016-11-25 16:45 - 2016-11-25 16:45 - 01874496 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\ffmpegsumo.dll

2017-06-12 12:13 - 2017-06-12 12:13 - 04623088 _____ () C:\Program Files (x86)\YY\8.24.0.2\QtGui4.dll

2017-06-12 12:13 - 2017-06-12 12:13 - 01570544 _____ () C:\Program Files (x86)\YY\8.24.0.2\QtCore4.dll

2017-06-12 12:13 - 2017-06-12 12:13 - 00034544 _____ () C:\Program Files (x86)\YY\8.24.0.2\imageformats\qgif4.dll

2017-06-12 12:13 - 2017-06-12 12:13 - 00034544 _____ () C:\Program Files (x86)\YY\8.24.0.2\imageformats\qico4.dll

2017-06-12 12:13 - 2017-06-12 12:13 - 00164592 _____ () C:\Program Files (x86)\YY\8.24.0.2\imageformats\qjpeg4.dll

2017-06-12 12:13 - 2017-06-12 12:13 - 00122608 _____ () C:\Program Files (x86)\YY\8.24.0.2\imageformats\qwebp4.dll

2017-06-12 12:13 - 2017-06-12 12:13 - 02014960 _____ () C:\Program Files (x86)\YY\8.24.0.2\udbauthsdk.dll

2017-06-12 12:13 - 2017-06-12 12:13 - 00197360 _____ () C:\Program Files (x86)\YY\8.24.0.2\deviceinfokit.dll

2017-06-12 12:13 - 2017-06-12 12:13 - 00537328 _____ () C:\Program Files (x86)\YY\8.24.0.2\sqlite3.DLL

2017-01-28 01:12 - 2017-01-28 01:12 - 00345704 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.enthall\131584\enthall.dll

2017-05-21 20:52 - 2017-05-21 20:52 - 00682088 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gameproxy\131098\yygameproxy.dll

2016-08-23 18:25 - 2016-08-23 18:25 - 00220352 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.pip\131600\hzhwrapper.dll

2016-08-23 18:26 - 2016-08-23 18:26 - 00355008 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.vipfeelings2\196611\vipfeelingsapp.dll

2016-08-23 18:25 - 2016-08-23 18:25 - 00198848 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.garbagecleaner\196622\yygarbagecleaner.dll

2016-12-05 20:22 - 2016-12-05 20:22 - 00366184 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamelivecard\131329\gamelivecard.dll

2017-04-12 15:05 - 2017-04-10 03:52 - 00306176 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\business\logingiftbag\logingiftbag-20170410.dll

2017-04-05 11:21 - 2017-04-05 11:21 - 00159848 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamesmilies\66309\yygamesmilies.dll

2016-08-23 18:25 - 2016-08-23 18:25 - 00174184 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamechannel\197387\gamechannelapp.dll

2016-08-23 18:25 - 2016-08-23 18:25 - 00108136 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamenotify\66312\yygamenotify.dll

2017-04-25 19:17 - 2017-04-25 19:17 - 02669160 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.vip\131115\yyvip.dll

2016-08-23 18:26 - 2016-08-23 18:26 - 00145512 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.videoondemand\65544\videoondemand.dll

2016-12-05 20:23 - 2016-12-05 20:23 - 00091240 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yycgame\65800\yycgame.dll

2016-08-23 18:25 - 2016-08-23 18:25 - 00026304 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamechannelbaby\65537\gamechannelbaby.dll

2016-08-23 18:26 - 2016-08-23 18:26 - 00028776 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.apphelper\66304\apphelper.dll

2016-12-05 20:22 - 2016-12-05 20:22 - 00161384 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamestore\198152\gamestore.dll

2017-01-16 21:50 - 2017-01-16 21:50 - 00027752 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.webrunlogin\65547\webrunlogin.dll

2017-04-05 11:21 - 2017-04-05 11:21 - 00353384 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yyhgl\65792\yyhgl.dll

2017-04-05 11:21 - 2017-04-05 11:21 - 00070760 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yyhgl\65792\browsersdk.dll

2017-04-05 11:21 - 2017-04-05 11:21 - 00128104 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yyhgl\65792\clientcommon.dll

2017-04-05 11:21 - 2017-04-05 11:21 - 00062056 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yyhgl\65792\ipctransfer.dll

2016-12-05 20:22 - 2016-12-05 20:22 - 00042088 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yyext\65541\yyext.dll

2017-06-16 15:50 - 2017-06-16 15:50 - 00021096 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.cefdev\65554\yycefdev.dll

2017-06-16 15:49 - 2017-06-16 15:49 - 00142952 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.zhiniuassist\66320\zhiniuassist.dll

2017-01-16 21:49 - 2017-01-16 21:49 - 00068200 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.dxchecker\65545\dxchecker.dll

2017-01-28 04:16 - 2017-01-28 04:16 - 00277488 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\Pulgin_Dark_DeleteFileTip.dll

2017-06-20 21:25 - 2017-06-20 21:25 - 00089656 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\zlib.dll

2017-06-20 21:25 - 2017-06-20 21:25 - 00138808 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libexpatw.dll

2017-06-20 21:25 - 2017-06-20 21:25 - 00155192 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\lua.dll

2017-06-20 21:25 - 2017-06-20 21:25 - 00159288 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libpng.dll

2017-06-20 21:25 - 2017-06-20 21:25 - 00286264 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libjpegturbo.dll

2017-06-20 21:25 - 2017-06-20 21:25 - 00495160 _____ () C:\Program Files (x86)\Tencent\QQIntl\Plugin\com.tencent.audiovideo\Bin\VP8.dll

2017-06-20 21:25 - 2017-06-20 21:25 - 00941624 _____ () C:\Program Files (x86)\Tencent\QQIntl\Plugin\com.tencent.audiovideo\Bin\TRAE.DLL

2017-01-19 22:20 - 2014-08-28 09:49 - 00887624 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\libglesv2.dll

2017-01-19 22:20 - 2014-08-28 09:49 - 00110408 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\libegl.dll

2017-01-19 22:20 - 2014-05-29 14:46 - 04055504 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\pdf.dll

2017-01-19 22:20 - 2014-08-29 09:29 - 01875784 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\ffmpegsumo.dll
 

==================== Alternate Data Streams (Whitelisted) =========
 

(If an entry is included in the fixlist, only the ADS will be removed.)
 
 

==================== Safe Mode (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== Association (Whitelisted) ===============
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 

==================== Internet Explorer trusted/restricted ===============
 

(If an entry is included in the fixlist, it will be removed from the registry.)
 
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2015-07-10 13:04 - 2017-01-28 01:43 - 00001006 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 

127.0.0.1       down.baidu2016.com

127.0.0.1       123.sogou.com

127.0.0.1       www.czzsyzgm.com

127.0.0.1       www.czzsyzxl.com

127.0.0.1       union.baidu2019.com
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Control Panel\Desktop\\Wallpaper -> 

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

HKLM\...\StartupApproved\StartupFolder: => "WinTV Recording Status.lnk"

HKLM\...\StartupApproved\Run: => "MRT"

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Malware (cleanup)"

HKLM\...\StartupApproved\Run32: => "ProductUpdater"

HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"

HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\StartupFolder: => "CCTalk.lnk"

HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "CNTV-CBox"

HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "CBoxService"

HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "YYAssistant"

HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
 

==================== FirewallRules (Whitelisted) ===============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

FirewallRules: [{DE39C442-3DC6-4243-A674-02F31C37F9E7}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [{ACFB4839-4B17-4430-B6F0-8C234D1C509B}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [UDP Query User{CEFCF085-AC3C-4B1C-B0FF-2C51D1AD339C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [TCP Query User{53F4CB2C-7672-4F31-A2F9-62989417793F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [{43A23B75-74E8-4875-9A65-CC0CCECF0F3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{2F86D7C7-F739-4A76-A3A9-0C34651FED92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{FBA342AE-35EE-4750-910F-CE78E00118EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{BB2C5D8C-7E1E-4324-AB48-78593709BE80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{844B361F-D871-4C06-987B-462B094C2573}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{2061BD21-6061-422C-8523-065687C533FE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{A359A2C1-C028-4350-A631-F496D5477FB0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{71FA7AB2-9E15-46F8-A963-D82667A03415}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{C48FC8B7-1DC6-4455-B699-CE06502CDB2F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

FirewallRules: [{7150BA5F-B30A-4D64-B823-F89DE0A830BD}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe

FirewallRules: [{B310D159-F3F2-45EB-A5FE-953947A4BE1D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

FirewallRules: [{B881DE74-70F2-4EBA-8025-04098ED82486}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe

FirewallRules: [{C7AF81E2-2AB8-4951-8285-CFDC1AD3079B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{AEB5BA9D-F104-4486-9BB2-DE7FB73A14C9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{0D600F81-A48E-4F61-8E6C-C1080833002A}] => (Block) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe

FirewallRules: [{7D07C0F1-7085-4E51-B4F5-02EFB9979BD6}] => (Block) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe

FirewallRules: [UDP Query User{6D500D6D-0622-493B-8922-7B6C6AC6594D}C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe] => (Allow) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe

FirewallRules: [TCP Query User{0CE7BE09-640F-4DEF-9446-12028651A4B2}C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe] => (Allow) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe

FirewallRules: [{3875BA83-5C8C-4DB6-9A2A-465B7C93CFDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{478080CB-538B-43CE-9228-EB1DFBEB573F}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe

FirewallRules: [{E7E6FE5A-C0F8-4573-86A1-C3BBC3E1FEE1}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe

FirewallRules: [{E3AC73CB-85FD-4BFE-93E7-0937E4C71984}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe

FirewallRules: [{55BB1B60-D077-4E19-B71F-7E53DA95C475}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe

FirewallRules: [{33751988-263F-4609-9C75-E0A3788542AC}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe

FirewallRules: [{D53BA843-D88B-46F3-987C-7E82CA24861D}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe

FirewallRules: [{770B7A06-DB83-4087-9819-D33F8A3590CF}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe

FirewallRules: [{8D482EBE-AA6E-411A-B90A-C8FFC0CE9FC6}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe

FirewallRules: [{99831EB5-9E79-4FC7-B2B3-BD6C88B049FC}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe

FirewallRules: [{50431C4D-6CC7-4F91-9FD6-160DA53EC800}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe

FirewallRules: [{29441021-B130-4DCB-8A2C-98E3654EAB8E}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe

FirewallRules: [{83B2C97B-D8EC-4022-A2D2-E92E7D323D85}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe

FirewallRules: [TCP Query User{2B248973-D5C1-4568-B90F-508D8AE0D0E6}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Block) C:\program files (x86)\wintv\wintv8\wintv8.exe

FirewallRules: [UDP Query User{D34EC77D-ABF0-40A4-8D31-1EB46795B998}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Block) C:\program files (x86)\wintv\wintv8\wintv8.exe

FirewallRules: [{DF707D42-B066-4440-A290-76C3782F7D20}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe

FirewallRules: [{CBCC3D60-D1D0-45D6-B4BF-24B3FA51CC7A}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe

FirewallRules: [{791391FB-26F6-4455-ABAB-F0CC178163D2}] => (Allow) C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe

FirewallRules: [{D422F381-3BB5-46FF-A8DB-07A9F1C39410}] => (Allow) C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe

FirewallRules: [{9BD45F0A-D4CC-4CEA-84E6-0DB37326C47F}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe

FirewallRules: [{EC9E85AA-6E4F-4F46-ACB9-73FDA2D4D21B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe

FirewallRules: [{77FDE012-D87A-44AD-B6D0-94B3A9B6FC22}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

FirewallRules: [{CEF220D9-C4B8-43AF-B1AD-AF5F286B2E19}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

FirewallRules: [{928F44AB-072E-40CC-BA43-E6BC9320A81B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

FirewallRules: [{856ACEC8-3599-4335-BBCC-62BBCD61DC6D}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

FirewallRules: [{83F1A492-987E-4799-BFC4-B2190523875C}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.17\Bin\QTalk.exe

FirewallRules: [{AB07117A-6A25-427D-8370-FBA11D71F3C4}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.17\Bin\QTalk.exe

FirewallRules: [{73B22CDE-F42F-48D0-ABDE-CEBDEA261561}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe

FirewallRules: [{BD10F1F2-821D-4AA7-A5BB-6517CEAFD0EB}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe

FirewallRules: [{C2AF2505-834E-4CF7-8AD4-EFCF2489688A}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe

FirewallRules: [{E0794B69-C90C-45A5-A33D-073392938B3D}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe

FirewallRules: [TCP Query User{FF9524A3-306C-4072-987A-3B52600DAE87}C:\program files (x86)\duowan\yy\yy.exe] => (Allow) C:\program files (x86)\duowan\yy\yy.exe

FirewallRules: [UDP Query User{7198139F-6FC4-485D-969C-3974742B20E1}C:\program files (x86)\duowan\yy\yy.exe] => (Allow) C:\program files (x86)\duowan\yy\yy.exe

FirewallRules: [{46AD7F9B-EA90-441C-92A4-C625FD5AFC3D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe

FirewallRules: [{7D63BBB3-557E-4FA0-A0B1-3311761D7245}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe

FirewallRules: [{004FC471-A249-4476-9233-97837F5DC187}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe

FirewallRules: [{E9CB61D5-2A6F-4D36-B053-46B9A4E82DD6}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe

FirewallRules: [{41BD44A0-3B8E-4D2F-984C-DB0A9747D92C}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe

FirewallRules: [{38F6F4C3-06C7-4F2C-A56A-223A528AAC34}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe

FirewallRules: [{016D1F2C-DA2F-4B0A-B5AC-920F9726FFC1}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe

FirewallRules: [{2456EF25-4F38-43D0-96F8-E95CD2D91E31}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe

FirewallRules: [{0E1C2F32-B86C-4260-BD9C-38FCF76181A8}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe

FirewallRules: [{E11CDFE4-AEFB-409A-9947-2082963FDB2D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe

FirewallRules: [{A803234B-AF31-471F-AB88-14763ED74CBB}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe

FirewallRules: [{DA0F938A-CD7A-43F0-A86F-68651FBC84D8}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe

FirewallRules: [{1B840E50-2AD0-4D3E-BDC8-366478D56844}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe

FirewallRules: [{E8B5E362-0CBF-409B-AECA-041D925C0C92}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe

FirewallRules: [{9B0C0FF5-8CF3-4601-A9A8-5FEB03062501}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe

FirewallRules: [{A8C0E650-29AC-4198-8ECC-3A7D52D166A4}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe

FirewallRules: [{5D4FE374-A1CE-49E0-AF1D-EE024A7E8DEE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe

FirewallRules: [{7769A548-F7A8-4E30-8C27-7978B0141D90}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe

FirewallRules: [{5773DC5E-741B-4A49-AFAC-5ECDDAECCBDE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe

FirewallRules: [{C307F899-B1CE-4AA9-BA01-4FF5450FBAF5}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe

FirewallRules: [{022A31EF-B2B8-4297-8E3F-675C15DE94AC}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe

FirewallRules: [{AE75BACB-263F-4C0F-87AA-7247D82B0CBF}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe

FirewallRules: [{1D5162A3-4235-4D03-B504-C4F4F7246E53}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe

FirewallRules: [{901D2A03-DABD-474A-8B3D-976A205B8422}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe

FirewallRules: [{2F3B86E9-CE22-4695-85F4-3B6BDFED3C5A}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe

FirewallRules: [{514EE4BC-9EEE-4677-B4D2-4D9E74321D29}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe

FirewallRules: [{ED1E880D-383C-44C1-92D3-E8CA804F9221}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe

FirewallRules: [{4448BD80-0766-4AF6-8BF2-10B269418FE3}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe

FirewallRules: [{1A995BD3-762A-4327-9D40-39043A72168A}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe

FirewallRules: [{4DC55797-A6D6-4594-BB8E-45CBFF359500}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe

FirewallRules: [{C2EC3A64-8BB9-4E9D-8749-82C9ED99F790}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe

FirewallRules: [{79E67A5E-81D2-4B24-900A-233B96A73BCD}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe

FirewallRules: [{F565A5A4-9F6D-4DED-B6BC-5014E9671545}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe

FirewallRules: [{3A531803-0279-4217-B535-4982A56D73A7}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe

FirewallRules: [{53783036-D1FC-440D-B36B-DF723723216D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe

FirewallRules: [{BA595CB8-3A7C-478F-8D36-16E98FFF5B57}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe

FirewallRules: [{3ECCB7EE-F978-42BC-A9B6-325DD4BA322B}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe

FirewallRules: [{601CC53D-79DA-4246-B7EB-07C2D086FFD0}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe

FirewallRules: [{29D7ADFD-4772-4B73-9C4D-BEF485E987EE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe

FirewallRules: [{99554E8E-DC9F-4433-8FC8-B9C134B75403}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe

FirewallRules: [{B4E4F695-34B7-4187-9F9F-E9AEEC55D094}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe

FirewallRules: [{90B48959-73E8-483B-9EF6-4F660EB44F70}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe

FirewallRules: [{A21AA5AE-676B-4D0A-9946-9F8F5DD222B4}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe

FirewallRules: [{1BBF2246-CD1C-4829-AD1A-E8CAEBA612A9}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe

FirewallRules: [{BA93C79E-F926-497B-89EF-492E13588D7D}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe

FirewallRules: [{B2C4F98E-6E0C-489A-A744-6BD5BAD22C18}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe

FirewallRules: [{54347CA7-88C3-4931-B431-E80A289FEA32}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe

FirewallRules: [{368F75CF-9388-47ED-B631-65B1C9668E86}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe

FirewallRules: [{2E09659B-6EA8-4509-BC8B-89A1F52CAED7}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe

FirewallRules: [{F7F9C92B-2D60-4A82-833E-ECD3CB8D7997}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe

FirewallRules: [{50607091-02F0-4003-A9C1-3AB89E5D2947}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe

FirewallRules: [{0CD70842-A679-4531-AAB3-E5E8015B373D}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe

FirewallRules: [TCP Query User{DF0986B7-F5B9-4CA4-8466-7CD4AF2AE0AF}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe

FirewallRules: [UDP Query User{882FA26D-CF07-4B30-82CD-8BDCC1312631}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe

FirewallRules: [TCP Query User{7C43F587-F429-4292-92AF-457A3B96BA15}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe

FirewallRules: [UDP Query User{6A47CEE3-C601-4D40-938B-E151D69CCA2A}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe

FirewallRules: [{5FC1A2E4-E23E-4A40-8F68-9680094BC070}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe

FirewallRules: [{D3B507C3-11FC-4106-A76D-846E68EC90C3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

FirewallRules: [{4863C59D-1DEA-4C40-9654-2F0C1BE2FB76}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe

FirewallRules: [{55C29EA5-B451-4E41-83DF-E6531186E441}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

FirewallRules: [TCP Query User{D6E5B159-2B74-4272-BAA1-7E51AB84F86C}C:\qvodplayer\qvodterminal.exe] => (Allow) C:\qvodplayer\qvodterminal.exe

FirewallRules: [UDP Query User{013196D6-20C5-4A65-8551-6D06065B5FB1}C:\qvodplayer\qvodterminal.exe] => (Allow) C:\qvodplayer\qvodterminal.exe

FirewallRules: [{8B68AAEF-669D-4F39-9BED-3160EC00A152}] => (Block) C:\qvodplayer\qvodterminal.exe

FirewallRules: [{5509BB12-DE0F-4487-9212-24E34F0F30BE}] => (Block) C:\qvodplayer\qvodterminal.exe

FirewallRules: [TCP Query User{FF62CBB6-700E-4F9C-823F-965C666AEFDF}C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe] => (Allow) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe

FirewallRules: [UDP Query User{60F6CF78-C495-4A2A-8B47-575F834CEF9C}C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe] => (Allow) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe

FirewallRules: [{CE84693F-1ADB-43AB-9A38-A2B0DDCB0BD6}] => (Block) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe

FirewallRules: [{2B529D50-00F9-4652-BC7E-8C5985B5576D}] => (Block) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe

FirewallRules: [TCP Query User{148B2AF4-E62B-4350-925B-8BEA76CF35B3}C:\program files (x86)\cntv\cbox\bin\cbox.exe] => (Allow) C:\program files (x86)\cntv\cbox\bin\cbox.exe

FirewallRules: [UDP Query User{04A34041-F5A8-4533-A5FD-C6118F2D79DA}C:\program files (x86)\cntv\cbox\bin\cbox.exe] => (Allow) C:\program files (x86)\cntv\cbox\bin\cbox.exe

FirewallRules: [{12586A64-FF12-4ECA-BB97-9D1067A5F11B}] => (Block) C:\program files (x86)\cntv\cbox\bin\cbox.exe

FirewallRules: [{22C4E24C-9B6C-47A9-8A26-D689334469FC}] => (Block) C:\program files (x86)\cntv\cbox\bin\cbox.exe

FirewallRules: [TCP Query User{76EFBE6B-1CAC-4061-A316-9D6E1710301A}C:\users\moxito\downloads\airspy\sdrsharp.exe] => (Allow) C:\users\moxito\downloads\airspy\sdrsharp.exe

FirewallRules: [UDP Query User{CE976857-156C-43F3-B42E-582F49119166}C:\users\moxito\downloads\airspy\sdrsharp.exe] => (Allow) C:\users\moxito\downloads\airspy\sdrsharp.exe

FirewallRules: [{E7CEAF8F-6ECC-478E-AF60-ED369F6364BB}] => (Block) C:\users\moxito\downloads\airspy\sdrsharp.exe

FirewallRules: [{159669FB-3C82-427F-85E5-6C0405FA89B9}] => (Block) C:\users\moxito\downloads\airspy\sdrsharp.exe

FirewallRules: [TCP Query User{AE9DD382-6F3E-4994-9FA4-DA38D03EBFA3}C:\program files\sdr-radio-pro.com\sdrconsole.exe] => (Allow) C:\program files\sdr-radio-pro.com\sdrconsole.exe

FirewallRules: [UDP Query User{21B4A0EA-47F8-424B-974C-230C570B2E6D}C:\program files\sdr-radio-pro.com\sdrconsole.exe] => (Allow) C:\program files\sdr-radio-pro.com\sdrconsole.exe

FirewallRules: [{D8C7869F-BC2B-4962-861A-23350B75163F}] => (Block) C:\program files\sdr-radio-pro.com\sdrconsole.exe

FirewallRules: [{1CE19DF8-01E3-43C7-BDE4-321B25C28B45}] => (Block) C:\program files\sdr-radio-pro.com\sdrconsole.exe

FirewallRules: [{2378DA66-4690-4BE1-AA12-B2762255FED3}] => (Allow) C:\Users\moxito\AppData\Roaming\Tencent\QQ\STemp\SetupEx0\QQSetupEx.exe

FirewallRules: [{C4451068-39BD-428B-B0AE-E4CEB549A5E4}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe

FirewallRules: [{8283DF27-E8D8-404E-9CF8-22CBAF6061CC}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\auclt.exe

FirewallRules: [{644D8DC8-C47A-4C1D-89A7-DF5E8ACE7BE0}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maLauncher.exe

FirewallRules: [{58123EF6-29C8-4276-A308-ED2A9A86B1FC}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maUpdat.exe

FirewallRules: [{97B0CABD-78AA-407D-B7A2-A86F79BED1B6}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\135\tencentdl.exe

FirewallRules: [{D9D9C92B-573F-4F40-ADAD-823B83F8E41F}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\135\bugreport_xf.exe

FirewallRules: [{11AB198E-D6B0-42AA-9662-F5496BBD0387}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\QzoneMusic.exe

FirewallRules: [{157E434D-102F-4E56-8ADF-F49896ECAB96}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\QzoneMusic.exe

FirewallRules: [{DA5D3FD0-F9C0-40D0-8517-9611B98F8937}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\qqminidl.exe

FirewallRules: [{FA7BDB2A-B22C-4EFB-ADC2-7D566C0572F8}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQMiniDLUI.exe

FirewallRules: [{E770A729-2BE4-4189-BD71-0BD9967B1896}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQGameUpUI.exe

FirewallRules: [{2B08D25C-C48F-4302-9B51-2F9C1AD2F7E6}] => (Allow) C:\Users\Public\Documents\Tencent\QQGameMicro\QQGameMicro.exe

FirewallRules: [{C4455ADD-005F-4DC2-BB48-81C50375766E}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusicExternal.exe

FirewallRules: [{D3CACE26-0333-4EA3-9C55-F3AE95CAA573}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\moleplugin\tadb.exe

FirewallRules: [{21BDBBDE-297A-478F-9B2D-34C39FEA3DD5}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusic.exe

FirewallRules: [{D630DBBE-4A30-4AFD-9E28-F3583EFF4E9E}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQMusic\QQMusicService.exe

FirewallRules: [{65BB453F-B20A-4272-9477-C6F08359162A}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusicUp.exe

FirewallRules: [TCP Query User{247D4396-0D31-4F31-A892-084C41B75164}C:\program files (x86)\tencent\tm2008\bin\tm.exe] => (Allow) C:\program files (x86)\tencent\tm2008\bin\tm.exe

FirewallRules: [UDP Query User{92886B66-0227-4ED8-A533-E83C7C9706EA}C:\program files (x86)\tencent\tm2008\bin\tm.exe] => (Allow) C:\program files (x86)\tencent\tm2008\bin\tm.exe

FirewallRules: [TCP Query User{5507FF27-196C-4493-9C74-B09525F5413B}C:\program files (x86)\yy\yy.exe] => (Allow) C:\program files (x86)\yy\yy.exe

FirewallRules: [UDP Query User{1112C62E-F3A6-4843-8972-62BD0CEFF9E2}C:\program files (x86)\yy\yy.exe] => (Allow) C:\program files (x86)\yy\yy.exe

FirewallRules: [{0AE31196-BBF9-44D8-981B-AB04C98CEB4C}] => (Block) C:\program files (x86)\yy\yy.exe

FirewallRules: [{8167C8B9-F43D-43EA-B143-8F332F565158}] => (Block) C:\program files (x86)\yy\yy.exe

FirewallRules: [TCP Query User{1F74AD5B-43D2-4D18-9122-78BBF7F43C8E}C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe] => (Allow) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe

FirewallRules: [UDP Query User{A12C75E4-10F9-41E1-BA3B-B1162AA9825B}C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe] => (Allow) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe

FirewallRules: [{EC1A9325-2130-47B6-90F7-212BFE14681F}] => (Block) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe

FirewallRules: [{990EB6F9-48F5-4D1C-86EE-1546944CF64C}] => (Block) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe

FirewallRules: [{A1669814-B791-42D3-9D61-2365CCA66991}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQDownload\119\Tencentdl.exe

FirewallRules: [{0463F3FA-9EC4-4D66-821E-0084F9DB4401}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQDownload\119\Tencentdl.exe
 

==================== Restore Points =========================
 

16-06-2017 18:09:25 Windows Update

20-06-2017 21:00:03 JRT Pre-Junkware Removal
 

==================== Faulty Device Manager Devices =============
 

Name: Intel(R) Management Engine Interface 

Description: Intel(R) Management Engine Interface 

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: MEIx64

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/20/2017 09:26:54 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\yy\8.24.0.2\yyLDVideo.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (06/20/2017 09:26:53 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\yy\8.24.0.2\BugReport.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (06/20/2017 09:26:52 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\yy\8.22.0.2\yyLDVideo.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (06/20/2017 09:26:51 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\yy\8.22.0.2\BugReport.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (06/20/2017 09:26:51 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\yy\yylauncher.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (06/20/2017 09:26:20 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\duowan\yy\8.22.0.2\yyLDVideo.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (06/20/2017 09:26:19 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\duowan\yy\8.22.0.2\BugReport.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (06/20/2017 09:26:18 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\duowan\yy\8.18.0.1\yyLDVideo.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (06/20/2017 09:26:17 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\duowan\yy\yylauncher.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (06/20/2017 09:26:17 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\duowan\yy\8.18.0.1\BugReport.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 
 

System errors:

=============

Error: (06/20/2017 09:16:38 PM) (Source: DCOM) (EventID: 10010) (User: MSI)

Description: Der Server "App.AppX76q4xtxwbj16z0zkyp0pnwtt6m850rvk.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (06/20/2017 09:14:40 PM) (Source: DCOM) (EventID: 10010) (User: MSI)

Description: Der Server "App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (06/20/2017 09:14:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "NT AUTHORITY\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID 

{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}

 und der APPID 

{F72671A9-012C-4725-9D2F-2A4D32D65169}

 im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 

Error: (06/20/2017 09:11:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet: 

Ein an das System angeschlossenes Gerät funktioniert nicht.
 

Error: (06/20/2017 09:11:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet: 

Ein an das System angeschlossenes Gerät funktioniert nicht.
 

Error: (06/20/2017 09:11:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet: 

Ein an das System angeschlossenes Gerät funktioniert nicht.
 

Error: (06/20/2017 09:11:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet: 

Ein an das System angeschlossenes Gerät funktioniert nicht.
 

Error: (06/20/2017 09:11:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet: 

Ein an das System angeschlossenes Gerät funktioniert nicht.
 

Error: (06/20/2017 09:11:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet: 

Ein an das System angeschlossenes Gerät funktioniert nicht.
 

Error: (06/20/2017 09:11:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet: 

Ein an das System angeschlossenes Gerät funktioniert nicht.
 
 

CodeIntegrity:

===================================

  Date: 2016-10-26 14:29:14.952

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-10-26 14:20:37.498

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-10-26 13:12:20.412

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-10-26 03:05:20.720

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-10-11 14:58:24.531

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-10-11 14:40:48.352

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-10-11 14:18:53.408

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i7-5950HQ CPU @ 2.90GHz

Percentage of memory in use: 12%

Total physical RAM: 32723.28 MB

Available physical RAM: 28770.79 MB

Total Virtual: 67539.28 MB

Available Virtual: 63191.09 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:951.82 GB) (Free:464.7 GB) NTFS

Drive d: (data) (Fixed) (Total:912.3 GB) (Free:69.36 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 953.9 GB) (Disk ID: 524198F9)
 

Partition: GPT.
 

========================================================

Disk: 1 (Size: 931.5 GB) (Disk ID: 52419B1B)
 

Partition: GPT.
 

==================== End of Addition.txt ============================
Jetzt nochmal neu gestartet, dieses Popup bleibt bestehen:

Kann ich hier keinen Screenshot einstellen?

Also, nochmal nachgeforscht, das Problem wird generiert von einem Autostart-Eintrag, der Prozess heißt "yfftpack", nicht zu verwechseln mit YY!

Den Eintrag aus der Registry gelöscht, damit ist der Spuk vorbei erstmal.

advcleaner sollte sich weniger darum bemühen, Sougou- und Tencent Produkte zu löschen, die sind millionenfach im Einsatz und tun nichts weiter, als sie sollen. Dafür sollte man sich vielleicht mal um das yfftpack kümmern!