| |
| |||||||
Log-Analyse und Auswertung: Computer wird langsam und will ständig ein Java-Update durchführen. Virenfund nach scan.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
20.01.2014, 15:27
| #1 |
| |  Computer wird langsam und will ständig ein Java-Update durchführen. Virenfund nach scan. Hallo, vorweg vielen Dank für die ausführlichen Beschreibungen!! Ich habe folgendes Problem: Mein Rechner wollte in der letzten Zeit jeden Tag mindestens ein Java-Update ausführen. Nachdem ich mir zuerst nichts dabei gedacht habe, stellte ich doch fest, dass das System merklich langsamer wurde. Ich führte Sonntag einen vollständigen Scan mit Avira Free Antivirus durch und folgte anschließend eurer Beschreibung und erstellte die von euch gewünschten Protokolle. Der Virenscanner fand einige Viren und verschob drei in einen Quarantäneordner. Vor dem Scan mit "Gemer" habe ich allerdings den Virenscanner deinstalliert, weil ich diesen nicht deaktivieren konnte. Dies ist im Verlaufsprotokoll vermerkt. Ansonsten hoffe ich, dass ich alles richtig befolgt habe. Die Protokolle sehen wie folgt aus: Protokoll Avira Free Antivirus befindet sich auf Grund der Länge im Anhang. Die Protokolle von FRST sehen wie folgt aus: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 04
Ran by MarcoD (administrator) on MARCOD-PC on 20-01-2014 08:11:34
Running from C:\Users\MarcoD\Desktop\Defrogger
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Atheros Communications, Inc.) C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.1929.1134_x64__8wekyb3d8bbwe\onenoteim.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
() C:\Users\MarcoD\Desktop\Defrogger\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM-x32\...\Run: [jswtrayutil] - "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640 2013-12-20] (APN)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.)
Startup: C:\Users\MarcoD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.heise.de/ct/artikel/Remix-it-2063603.html
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCE62E11B57D5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,en-US;q=0.5,en;q=0.3
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=ba839e380000000000000015af726f1f
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\MarcoD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2013-10-28]
CHR Extension: (Google Docs) - C:\Users\MarcoD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-28]
CHR Extension: (Google Drive) - C:\Users\MarcoD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-28]
CHR Extension: (YouTube) - C:\Users\MarcoD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-28]
CHR Extension: (Google-Suche) - C:\Users\MarcoD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-28]
CHR Extension: (Google Wallet) - C:\Users\MarcoD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (Google Mail) - C:\Users\MarcoD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-28]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-12-20]
==================== Services (Whitelisted) =================
U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
U2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
U2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [906536 2013-10-18] (AnchorFree Inc.)
U3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-10-16] ()
U2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-10-18] ()
U2 jswpbapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe [241664 2012-03-26] (Atheros Communications, Inc.)
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
U2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [307488 2012-10-16] ()
U2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-17] (Avira Operations GmbH & Co. KG)
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
U1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2013-10-16] (AnchorFree Inc.)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
U3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
U3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U1 UimBus; C:\Windows\System32\drivers\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
U1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
U1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-20 08:11 - 2014-01-20 08:11 - 00000000 ____D C:\FRST
2014-01-20 08:09 - 2014-01-20 08:09 - 00000474 _____ C:\Users\MarcoD\Desktop\defogger_disable.log
2014-01-20 08:09 - 2014-01-20 08:09 - 00000000 _____ C:\Users\MarcoD\defogger_reenable
2014-01-20 08:07 - 2014-01-20 08:11 - 00000000 ____D C:\Users\MarcoD\Desktop\Defrogger
2014-01-20 07:31 - 2014-01-20 07:31 - 00000000 ____D C:\Users\MarcoD\Desktop\AntivirProtokoll
2014-01-19 20:15 - 2014-01-19 23:07 - 00000000 ____D C:\Users\MarcoD\Desktop\Praktikumsorganisation
2014-01-19 14:24 - 2014-01-19 14:24 - 00296096 _____ C:\WINDOWS\Minidump\011914-17437-01.dmp
2014-01-19 14:07 - 2014-01-19 14:07 - 00292472 _____ C:\WINDOWS\Minidump\011914-17109-01.dmp
2014-01-18 19:28 - 2014-01-18 19:28 - 00296144 _____ C:\WINDOWS\Minidump\011814-18187-01.dmp
2014-01-18 04:50 - 2014-01-18 04:50 - 00296152 _____ C:\WINDOWS\Minidump\011814-17078-01.dmp
2014-01-17 23:34 - 2014-01-19 23:06 - 00000000 ____D C:\Users\MarcoD\Desktop\Praktikumsbetreuung
2014-01-17 17:11 - 2014-01-17 17:11 - 00000000 ___RD C:\Users\MarcoD\Documents\Notes
2014-01-17 15:11 - 2014-01-17 15:11 - 00296152 _____ C:\WINDOWS\Minidump\011714-17296-01.dmp
2014-01-16 11:47 - 2014-01-16 11:47 - 00296120 _____ C:\WINDOWS\Minidump\011614-17062-01.dmp
2014-01-15 17:46 - 2014-01-15 17:46 - 00000000 ____D C:\Users\MarcoD\Desktop\BilderHamburg
2014-01-15 16:31 - 2014-01-15 16:31 - 00000000 ____D C:\Users\MarcoD\Desktop\EmailAdressen
2014-01-15 16:17 - 2014-01-15 16:17 - 00000000 ____D C:\Users\MarcoD\Desktop\Termine
2014-01-15 12:15 - 2014-01-15 12:15 - 00292952 _____ C:\WINDOWS\Minidump\011514-17203-01.dmp
2014-01-15 07:02 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-15 07:02 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 07:02 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 07:02 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 07:02 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 07:02 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 07:02 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 07:02 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 07:02 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 07:02 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 07:02 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-15 06:59 - 2014-01-15 06:59 - 00000000 ____D C:\Users\MarcoD\Documents\OneNote-Notizbücher
2014-01-15 06:57 - 2014-01-15 06:57 - 00296120 _____ C:\WINDOWS\Minidump\011514-16953-01.dmp
2014-01-14 16:08 - 2014-01-14 16:08 - 00296088 _____ C:\WINDOWS\Minidump\011414-17078-01.dmp
2014-01-14 14:55 - 2014-01-14 14:55 - 00296016 _____ C:\WINDOWS\Minidump\011414-17218-01.dmp
2014-01-14 09:11 - 2014-01-14 09:11 - 00296040 _____ C:\WINDOWS\Minidump\011414-17156-01.dmp
2014-01-13 22:11 - 2014-01-13 22:11 - 01458680 _____ C:\Users\MarcoD\Desktop\Vertretungsplan_pdf - Google Drive.mht
2014-01-13 14:27 - 2014-01-13 14:27 - 00292088 _____ C:\WINDOWS\Minidump\011314-17234-01.dmp
2014-01-13 08:53 - 2014-01-13 08:53 - 00296152 _____ C:\WINDOWS\Minidump\011314-17625-01.dmp
2014-01-12 11:45 - 2014-01-12 11:45 - 00296128 _____ C:\WINDOWS\Minidump\011214-17828-01.dmp
2014-01-11 15:08 - 2014-01-11 15:08 - 00296120 _____ C:\WINDOWS\Minidump\011114-16937-01.dmp
2014-01-11 11:00 - 2014-01-11 11:00 - 00289920 _____ C:\WINDOWS\Minidump\011114-17093-01.dmp
2014-01-10 20:23 - 2014-01-10 20:23 - 00296104 _____ C:\WINDOWS\Minidump\011014-17078-01.dmp
2014-01-10 18:32 - 2014-01-14 18:35 - 00000000 ____D C:\Users\MarcoD\Desktop\LSE Alt
2014-01-10 13:46 - 2014-01-10 13:46 - 00291032 _____ C:\WINDOWS\Minidump\011014-16859-01.dmp
2014-01-10 07:25 - 2014-01-10 07:25 - 00296088 _____ C:\WINDOWS\Minidump\011014-17671-01.dmp
2014-01-10 06:58 - 2014-01-10 06:58 - 00296088 _____ C:\WINDOWS\Minidump\011014-8875-01.dmp
2014-01-09 16:14 - 2014-01-12 19:39 - 00000000 ____D C:\Users\MarcoD\Desktop\KlausurenanHelga
2014-01-09 13:03 - 2014-01-09 13:03 - 00294528 _____ C:\WINDOWS\Minidump\010914-8656-01.dmp
2014-01-07 13:56 - 2014-01-07 13:56 - 00830326 _____ C:\Users\MarcoD\Desktop\Lehrerzimmer Arbeiten und Klausuren Anzahl und Dauer 2013_14_php.mht
2014-01-07 10:25 - 2014-01-07 10:30 - 00000000 ____D C:\Users\MarcoD\Desktop\hp8600
2014-01-04 19:44 - 2014-01-07 14:00 - 00000000 ____D C:\Users\MarcoD\Desktop\Klausur8und11PDFAuswertung
2014-01-04 18:03 - 2014-01-04 18:03 - 00002028 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-01-04 18:03 - 2014-01-04 18:03 - 00000000 ____D C:\Program Files (x86)\HP
2014-01-04 18:02 - 2014-01-04 18:03 - 06123336 _____ C:\Users\MarcoD\Desktop\HPPSdr.exe
2014-01-04 18:02 - 2014-01-04 18:02 - 06123336 _____ C:\Users\MarcoD\Downloads\HPPSdr.exe
2013-12-31 14:33 - 2013-12-31 14:33 - 00004633 _____ C:\Users\MarcoD\Desktop\AufgabeFlüsse.ggb
==================== One Month Modified Files and Folders =======
2014-01-20 08:11 - 2014-01-20 08:11 - 00000000 ____D C:\FRST
2014-01-20 08:11 - 2014-01-20 08:07 - 00000000 ____D C:\Users\MarcoD\Desktop\Defrogger
2014-01-20 08:09 - 2014-01-20 08:09 - 00000474 _____ C:\Users\MarcoD\Desktop\defogger_disable.log
2014-01-20 08:09 - 2014-01-20 08:09 - 00000000 _____ C:\Users\MarcoD\defogger_reenable
2014-01-20 08:09 - 2013-10-26 20:48 - 00000000 ____D C:\Users\MarcoD
2014-01-20 08:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-20 07:39 - 2013-03-28 19:04 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-20 07:31 - 2014-01-20 07:31 - 00000000 ____D C:\Users\MarcoD\Desktop\AntivirProtokoll
2014-01-20 06:42 - 2013-10-26 20:45 - 01935255 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-20 02:45 - 2013-10-26 21:08 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B21ED4F7-B563-4994-AD1E-7B12D346DC76}
2014-01-19 23:07 - 2014-01-19 20:15 - 00000000 ____D C:\Users\MarcoD\Desktop\Praktikumsorganisation
2014-01-19 23:06 - 2014-01-17 23:34 - 00000000 ____D C:\Users\MarcoD\Desktop\Praktikumsbetreuung
2014-01-19 20:18 - 2013-09-30 05:14 - 01686150 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-19 20:18 - 2013-09-30 04:56 - 00726688 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-19 20:18 - 2013-09-30 04:56 - 00151380 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-19 18:06 - 2013-03-28 18:56 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3059932948-4090955212-1715894310-1001
2014-01-19 17:39 - 2013-03-28 19:04 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 14:25 - 2013-10-26 21:05 - 00000000 __RDO C:\Users\MarcoD\SkyDrive
2014-01-19 14:24 - 2014-01-19 14:24 - 00296096 _____ C:\WINDOWS\Minidump\011914-17437-01.dmp
2014-01-19 14:24 - 2013-11-04 18:14 - 391306265 _____ C:\WINDOWS\MEMORY.DMP
2014-01-19 14:24 - 2013-11-04 18:14 - 00000000 ____D C:\WINDOWS\Minidump
2014-01-19 14:24 - 2013-10-26 20:46 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 14:24 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-19 14:07 - 2014-01-19 14:07 - 00292472 _____ C:\WINDOWS\Minidump\011914-17109-01.dmp
2014-01-18 20:41 - 2013-10-02 14:13 - 00000000 ____D C:\Users\MarcoD\Desktop\MatheKlasse8d2013
2014-01-18 19:28 - 2014-01-18 19:28 - 00296144 _____ C:\WINDOWS\Minidump\011814-18187-01.dmp
2014-01-18 04:50 - 2014-01-18 04:50 - 00296152 _____ C:\WINDOWS\Minidump\011814-17078-01.dmp
2014-01-18 04:50 - 2013-09-29 20:04 - 00004200 _____ C:\WINDOWS\PFRO.log
2014-01-17 17:11 - 2014-01-17 17:11 - 00000000 ___RD C:\Users\MarcoD\Documents\Notes
2014-01-17 15:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-17 15:11 - 2014-01-17 15:11 - 00296152 _____ C:\WINDOWS\Minidump\011714-17296-01.dmp
2014-01-16 11:59 - 2013-08-22 15:46 - 00348098 _____ C:\WINDOWS\setupact.log
2014-01-16 11:47 - 2014-01-16 11:47 - 00296120 _____ C:\WINDOWS\Minidump\011614-17062-01.dmp
2014-01-15 19:11 - 2013-03-28 21:13 - 00000000 ____D C:\Users\MarcoD\Desktop\WORDII
2014-01-15 18:39 - 2013-07-17 09:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-15 18:38 - 2013-03-30 12:22 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 17:46 - 2014-01-15 17:46 - 00000000 ____D C:\Users\MarcoD\Desktop\BilderHamburg
2014-01-15 17:24 - 2013-03-28 21:13 - 00000000 ____D C:\Users\MarcoD\Desktop\WORDDateien
2014-01-15 17:08 - 2013-11-10 19:50 - 00000000 ____D C:\Users\MarcoD\Desktop\WORDII1
2014-01-15 17:07 - 2013-09-12 20:35 - 00000000 ____D C:\Users\MarcoD\Desktop\MatheLK2013Q1
2014-01-15 16:52 - 2013-10-02 13:53 - 00000000 ____D C:\Users\MarcoD\Desktop\MatheKurseBeginn2013
2014-01-15 16:31 - 2014-01-15 16:31 - 00000000 ____D C:\Users\MarcoD\Desktop\EmailAdressen
2014-01-15 16:17 - 2014-01-15 16:17 - 00000000 ____D C:\Users\MarcoD\Desktop\Termine
2014-01-15 14:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-15 14:46 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2014-01-15 13:19 - 2013-03-28 19:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 12:15 - 2014-01-15 12:15 - 00292952 _____ C:\WINDOWS\Minidump\011514-17203-01.dmp
2014-01-15 06:59 - 2014-01-15 06:59 - 00000000 ____D C:\Users\MarcoD\Documents\OneNote-Notizbücher
2014-01-15 06:59 - 2013-03-28 17:08 - 00000000 ___RD C:\Users\MarcoD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-15 06:57 - 2014-01-15 06:57 - 00296120 _____ C:\WINDOWS\Minidump\011514-16953-01.dmp
2014-01-14 18:35 - 2014-01-10 18:32 - 00000000 ____D C:\Users\MarcoD\Desktop\LSE Alt
2014-01-14 16:08 - 2014-01-14 16:08 - 00296088 _____ C:\WINDOWS\Minidump\011414-17078-01.dmp
2014-01-14 14:55 - 2014-01-14 14:55 - 00296016 _____ C:\WINDOWS\Minidump\011414-17218-01.dmp
2014-01-14 09:11 - 2014-01-14 09:11 - 00296040 _____ C:\WINDOWS\Minidump\011414-17156-01.dmp
2014-01-13 22:11 - 2014-01-13 22:11 - 01458680 _____ C:\Users\MarcoD\Desktop\Vertretungsplan_pdf - Google Drive.mht
2014-01-13 14:27 - 2014-01-13 14:27 - 00292088 _____ C:\WINDOWS\Minidump\011314-17234-01.dmp
2014-01-13 08:53 - 2014-01-13 08:53 - 00296152 _____ C:\WINDOWS\Minidump\011314-17625-01.dmp
2014-01-12 19:39 - 2014-01-09 16:14 - 00000000 ____D C:\Users\MarcoD\Desktop\KlausurenanHelga
2014-01-12 11:45 - 2014-01-12 11:45 - 00296128 _____ C:\WINDOWS\Minidump\011214-17828-01.dmp
2014-01-11 15:08 - 2014-01-11 15:08 - 00296120 _____ C:\WINDOWS\Minidump\011114-16937-01.dmp
2014-01-11 11:00 - 2014-01-11 11:00 - 00289920 _____ C:\WINDOWS\Minidump\011114-17093-01.dmp
2014-01-10 20:23 - 2014-01-10 20:23 - 00296104 _____ C:\WINDOWS\Minidump\011014-17078-01.dmp
2014-01-10 18:23 - 2013-03-28 21:28 - 00000000 ____D C:\Users\MarcoD\Desktop\VERWALTUNG
2014-01-10 18:18 - 2013-12-15 22:27 - 00000000 ____D C:\Users\MarcoD\Desktop\Überstunden
2014-01-10 13:46 - 2014-01-10 13:46 - 00291032 _____ C:\WINDOWS\Minidump\011014-16859-01.dmp
2014-01-10 07:25 - 2014-01-10 07:25 - 00296088 _____ C:\WINDOWS\Minidump\011014-17671-01.dmp
2014-01-10 06:58 - 2014-01-10 06:58 - 00296088 _____ C:\WINDOWS\Minidump\011014-8875-01.dmp
2014-01-09 13:03 - 2014-01-09 13:03 - 00294528 _____ C:\WINDOWS\Minidump\010914-8656-01.dmp
2014-01-07 14:00 - 2014-01-04 19:44 - 00000000 ____D C:\Users\MarcoD\Desktop\Klausur8und11PDFAuswertung
2014-01-07 13:56 - 2014-01-07 13:56 - 00830326 _____ C:\Users\MarcoD\Desktop\Lehrerzimmer Arbeiten und Klausuren Anzahl und Dauer 2013_14_php.mht
2014-01-07 10:30 - 2014-01-07 10:25 - 00000000 ____D C:\Users\MarcoD\Desktop\hp8600
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-04 18:03 - 2014-01-04 18:03 - 00002028 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-01-04 18:03 - 2014-01-04 18:03 - 00000000 ____D C:\Program Files (x86)\HP
2014-01-04 18:03 - 2014-01-04 18:02 - 06123336 _____ C:\Users\MarcoD\Desktop\HPPSdr.exe
2014-01-04 18:03 - 2013-10-26 20:45 - 00000000 ____D C:\ProgramData\HP
2014-01-04 18:02 - 2014-01-04 18:02 - 06123336 _____ C:\Users\MarcoD\Downloads\HPPSdr.exe
2013-12-31 18:44 - 2013-11-10 19:51 - 00000000 ____D C:\Users\MarcoD\Desktop\BilderII1
2013-12-31 18:44 - 2013-03-28 21:10 - 00000000 ____D C:\Users\MarcoD\Desktop\BILDERII
2013-12-31 14:33 - 2013-12-31 14:33 - 00004633 _____ C:\Users\MarcoD\Desktop\AufgabeFlüsse.ggb
2013-12-30 08:21 - 2013-03-29 02:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\MarcoD\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 14:44
==================== End Of Log ============================
und die Addition.txt-Datei kommt jetzt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 04
Ran by MarcoD at 2014-01-20 08:12:27
Running from C:\Users\MarcoD\Desktop\Defrogger
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03 - Adobe Systems Incorporated)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2949 - APN, LLC)
Bing-Desktop (x32 Version: 1.3.171.0 - Microsoft Corporation)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Canon Utilities Solution Menu (x32 Version: - )
Free M4a to MP3 Converter 8.0 (x32 Version: - ManiacTools.com)
GeoGebra 4.2 (x32 Version: 4.2.60.0 - International GeoGebra Institute)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hotspot Shield 3.19 (x32 Version: 3.19 - AnchorFree Inc.)
iCloud (Version: 2.1.2.8 - Apple Inc.)
iTunes (Version: 11.0.5.5 - Apple Inc.)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
LibreOffice 4.0.3.3 (x32 Version: 4.0.3.3 - The Document Foundation)
Magical Jelly Bean KeyFinder (x32 Version: 2.0.9.8 - Magical Jelly Bean)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Maintenance Service (x32 Version: 24.2.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
NETGEAR WNA1100 N150 Wireless USB Adapter (x32 Version: 2.1.0.1 - NETGEAR)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
Paragon Backup & Recovery™ 2013 Free (x32 Version: 90.00.0003 - Paragon Software)
Texmaker (x32 Version: - )
TrueCrypt (x32 Version: 7.1a - TrueCrypt Foundation)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
Wacom (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (Version: 2.1.0.2 - Wacom Technology Corp.)
==================== Restore Points =========================
30-12-2013 08:27:12 Geplanter Prüfpunkt
06-01-2014 13:56:13 Geplanter Prüfpunkt
14-01-2014 17:05:13 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4B9C09AB-D977-4157-916B-11AFB6989624} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {67810075-9A65-4C08-B5C9-3535F7E2BBE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B4E62DD-59BB-4A30-A7AF-643C5177E50A} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-04-05] (Apple Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A880AA0-861D-496A-A12C-79BAD39AF0A9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-01-15] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-05 11:58 - 2013-04-05 11:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2013-03-28 20:02 - 2012-12-11 13:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-12-12 16:01 - 2013-12-12 16:02 - 01656488 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.1929.1134_x64__8wekyb3d8bbwe\Office.UI.Xaml.OneNote.dll
2013-12-12 16:01 - 2013-12-12 16:02 - 04902056 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.1929.1134_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2013-10-28 17:24 - 2013-10-28 17:23 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-18 23:16 - 2013-10-18 23:16 - 00902952 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2013-07-13 17:22 - 2012-10-11 12:30 - 00372736 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2013-07-13 17:22 - 2012-10-11 12:28 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\MarcoD\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
Der angeforderte Dienst wurde bereits gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.
==================== Memory info ===========================
Percentage of memory in use: 67%
Total physical RAM: 3070.18 MB
Available physical RAM: 999.34 MB
Total Pagefile: 6534.82 MB
Available Pagefile: 2727.89 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:48.74 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:931.41 GB) (Free:87.79 GB) NTFS
Drive k: () (Removable) (Total:3.76 GB) (Free:3.75 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 1CFB6398)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C07E8AC8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 6 (Size: 4 GB) (Disk ID: 6E652072)
No partition Table on disk 6.
==================== End Of Log ============================
Gmer hat folgendes Protokoll erstellt, nachdem ich das Internet beendet hatte und leider auch den Virenscanner deinstalliert habe: Code:
ATTFilter GMER 2.1.19322 - hxxp://www.gmer.net
Rootkit scan 2014-01-20 14:58:23
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000029 Samsung_SSD_840_Series rev.DXT07B0Q 232,89GB
Running: gmer.exe; Driver: C:\Users\MarcoD\AppData\Local\Temp\uwdyypog.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff9600016f700 15 bytes [00, EA, 0F, 02, 00, 7F, 6F, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff9600016f710 11 bytes [00, 1F, FC, FF, 80, 52, DE, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Tablet\Pen\Pen_Tablet.exe[2584] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ffc12cb169a 4 bytes [CB, 12, FC, 7F]
.text C:\Program Files\Tablet\Pen\Pen_Tablet.exe[2584] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ffc12cb16a2 4 bytes [CB, 12, FC, 7F]
.text C:\Program Files\Tablet\Pen\Pen_Tablet.exe[2584] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ffc12cb181a 4 bytes [CB, 12, FC, 7F]
.text C:\Program Files\Tablet\Pen\Pen_Tablet.exe[2584] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ffc12cb1832 4 bytes [CB, 12, FC, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[7592] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ffc12cb169a 4 bytes [CB, 12, FC, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[7592] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ffc12cb16a2 4 bytes [CB, 12, FC, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[7592] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ffc12cb181a 4 bytes [CB, 12, FC, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[7592] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ffc12cb1832 4 bytes [CB, 12, FC, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [528:552] fffff960008df4d0
---- Services - GMER 2.1 ----
Service C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (*** hidden *** ) [AUTO] AntiVirSchedulerService <-- ROOTKIT !!!
Service C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (*** hidden *** ) [AUTO] AntiVirService <-- ROOTKIT !!!
Service C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (*** hidden *** ) [AUTO] AntiVirWebService <-- ROOTKIT !!!
Service system32\DRIVERS\avgntflt.sys (*** hidden *** ) [AUTO] avgntflt <-- ROOTKIT !!!
Service system32\DRIVERS\avipbb.sys (*** hidden *** ) [SYSTEM] avipbb <-- ROOTKIT !!!
Service system32\DRIVERS\avkmgr.sys (*** hidden *** ) [SYSTEM] avkmgr <-- ROOTKIT !!!
Service system32\DRIVERS\avnetflt.sys (*** hidden *** ) [AUTO] avnetflt <-- ROOTKIT !!!
Service C:\Program Files (x86)\Windows Defender\MsMpEng.exe (*** hidden *** ) [MANUAL] WinDefend <-- ROOTKIT !!!
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{79D4F6F6-A6CF-4C62-9263-466AD3D43182}\Connection@Name isatap.fritz.box
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -745601255
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService@Type 16
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService@ImagePath "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService@DisplayName Avira Planer
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService@Group NetworkProvider
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService@WOW64 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService@ObjectName LocalSystem
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService@FailureActions 0x80 0x51 0x01 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService@Description Dienst zur Steuerung von Avira Free Antivirus Pr?fauftr?gen und Updates.
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirSchedulerService
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService@Type 16
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService@ImagePath "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService@DisplayName Avira Echtzeit-Scanner
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService@WOW64 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService@ObjectName LocalSystem
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService@FailureActions 0x80 0x51 0x01 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService@Description Bietet permanenten Schutz vor Viren und Malware mit der Avira Suchengine.
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirService
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService@Type 16
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService@ImagePath "C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService@DisplayName Avira Browser-Schutz
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService@DependOnService AntiVirService?
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService@WOW64 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService@ObjectName LocalSystem
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService@FailureActions 0x80 0x51 0x01 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService@Description Bietet Webbrowsern permanenten Schutz vor Viren und Malware mit der Avira Suchengine.
Reg HKLM\SYSTEM\CurrentControlSet\Services\AntiVirWebService
Reg HKLM\SYSTEM\CurrentControlSet\Services\avgntflt@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\avgntflt\Instances\avgntflt
Reg HKLM\SYSTEM\CurrentControlSet\Services\avgntflt\Instances\avgntflt@Altitude 320500
Reg HKLM\SYSTEM\CurrentControlSet\Services\avgntflt\Instances\avgntflt@Flags 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\avgntflt
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@Start 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@ImagePath \SystemRoot\system32\DRIVERS\avipbb.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@DisplayName avipbb
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@WOW64 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@Description Avira Security Enhancement Driver
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@Group Avira
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@Tag 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@DebugFlags 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@DependOnService avkmgr
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@AviraRegAcl 0xE7 0x2D 0xA1 0x9F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@AviraFileAcl 0xE7 0x2D 0xA1 0x9F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb@InternalFlags 81
Reg HKLM\SYSTEM\CurrentControlSet\Services\avipbb
Reg HKLM\SYSTEM\CurrentControlSet\Services\avkmgr@Start 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\avkmgr
Reg HKLM\SYSTEM\CurrentControlSet\Services\avnetflt
Reg HKLM\SYSTEM\CurrentControlSet\Services\avnetflt@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\avnetflt@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\avnetflt@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\avnetflt@ImagePath \SystemRoot\system32\DRIVERS\avnetflt.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\avnetflt@DisplayName avnetflt
Reg HKLM\SYSTEM\CurrentControlSet\Services\avnetflt@WOW64 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\avnetflt@Description Avira WFP Network Driver
Reg HKLM\SYSTEM\CurrentControlSet\Services\avnetflt@UseInjectThread 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\avnetflt
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Avira Antivirus
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Avira Antivirus@CategoryMessageFile C:\Program Files (x86)\Avira\AntiVir Desktop\avevtrc.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Avira Antivirus@EventMessageFile C:\Program Files (x86)\Avira\AntiVir Desktop\avevtrc.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Avira Antivirus@TypesSupported 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Avira Antivirus@CategoryCount 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\System\avgntflt
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\System\avgntflt@TypesSupported 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\System\avgntflt@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\avgntflt.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\System\avgntflt@CategoryCount 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\System\avgntflt@CategoryMessageFile C:\WINDOWS\SYSTEM32\drivers\avgntflt.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{79D4F6F6-A6CF-4C62-9263-466AD3D43182}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{79D4F6F6-A6CF-4C62-9263-466AD3D43182}@DefunctTimestamp 0x17 0x24 0xD8 0x52 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 2897
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 826
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@Group _Early-Launch
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@ImagePath \SystemRoot\system32\drivers\WdBoot.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@ImagePath \SystemRoot\system32\drivers\WdFilter.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter
Reg HKLM\SYSTEM\CurrentControlSet\Services\WinDefend@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\WinDefend
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\iexplore@Count 22689
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\iexplore@Blocked 22689
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}\iexplore@Count 28862
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}\iexplore@Blocked 28862
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore@Count 22554
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore@Blocked 22554
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7}\iexplore@Count 23269
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7}\iexplore@Blocked 22689
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore@Count 22554
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore@Blocked 22554
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014011320140120
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014011320140120@CachePrefix :2014011320140120:
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014011320140120@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014011320140120
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014011320140120@CacheOptions 11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014011320140120@CacheRepair 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014011320140120@CacheLimit 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@PolicyDocumentLastRefresh 0x7B 0xF8 0xE3 0x88 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsBandwidthBucketDrainTime 0x08 0x78 0x75 0xA3 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsRequestBucketDrainTime 0x35 0x5C 0x45 0x40 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsLargeRequestBucketDrainTime 0x35 0x5C 0x45 0x40 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherBandwidthBucketCounter 59186
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherRequestBucketCounter 246
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastOtherRequestBucketDrainTime 0x35 0x5C 0x45 0x40 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalBandwidthBucketCounter 256378
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastGlobalBandwidthBucketDrainTime 0x27 0x6D 0xB9 0x92 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalRequestBucketCounter 246
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastGlobalRequestBucketDrainTime 0x35 0x5C 0x45 0x40 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastUploadTime 0xC8 0xE7 0x24 0x41 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData@PendingOperations 60
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\bestofmediagroup.tomshardware_vsk5ceyf850a0-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\booking.com.booking.com_kan823tth5akw-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\BrowserChoice_cw5n1h2txyewy-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\c27eb4ba.dropbox_xbfy0k16fey96-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\checkpoint.vpn_cw5n1h2txyewy-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\energyschweizag.energyradio_j028rhm5gx59m-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\everimagingco.limited.fotor_7mgsahepr4x5w-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\evernote.evernote_q4d96b2w5wcc2-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\f5.vpn.client_cw5n1h2txyewy-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\filemanager_cw5n1h2txyewy-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\idgtechmediagmbh.pc-welt_ks81z24avvce2-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\junipernetworks.junospulsevpn_cw5n1h2txyewy-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.bingfinance_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.bingfoodanddrink_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.binghealthandfitness_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.bingmaps_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.bingnews_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.bingsports_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.bingtravel_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.bingweather_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.helpandtips_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.media.playreadyclient.2_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.media.playreadyclient_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.mocamera_cw5n1h2txyewy-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.office.onenote_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.reader_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.skypeapp_kzf8qxf38zg5c-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.vclibs.110.00_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.vclibs.120.00_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.windowsalarms_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.windowscalculator_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.windowscommunicationsapps_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.windowsreadinglist_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.windowsscan_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.windowssoundrecorder_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.winjs.1.0_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\Microsoft.WinJS.2.0.Preview_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.winjs.2.0_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\Microsoft.WinJS.Preview.1_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.xboxlivegames_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.zunemusic_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\microsoft.zunevideo_8wekyb3d8bbwe-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\n-tvnachrichtenfernseheng.n-tvnachrichten_hf9cm24zcg85p-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\prosiebensat.1digitalgmbh.prosieben_fzbtnr0mjybby-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\sonicwall.mobileconnect_cw5n1h2txyewy-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\stimulsoft.stimulsoftdesigner_h0v4psr6pkrd6-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\vevollc.vevo_q6c550x48bf80-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\wetter.comag.wetter.com_4trx7dm9mtcw2-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\windows.immersivecontrolpanel_cw5n1h2txyewy-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\winstore_cw5n1h2txyewy-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\zattooeuropaag.zattoolivetv_cwpjhwd4pd0ma-0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\accessibility@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\aep@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\appsync@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\backstack@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\commandprompt@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\credentials@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\emojimfu@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\explorer@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\homegroup@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\imejpn@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\imekor@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\inputpersonalization@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\inputsettings@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\language@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\lockscreen@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\moimechs@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\mouse@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\narrator@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\openwith@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\osk@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\picturepasswordpicture@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\screenmagnifier@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\secondarytiles@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\slideshow@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\spellingdictionary@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\startlayout@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\startpersonalization@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\storepurchaseinformation@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\taskbar@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\tethering@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\theme@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\userlibraries@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\usertile@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\windowcolorization@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\wireless@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\001a1179.windows8einfhrung_7wr7kgwejpwsm@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\17655dreamteammobile.gmaps_drr96ftsfk4j0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\18953it.mike.microsoftofficechannel_yendmgv45ybgr@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\35124netzkino.netzkino_843rhjq2hbnd4@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\35227ca4b1ec.youtubeplayer_vz2dsdkbwapd8@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\3718.12514fb00dc68_8aydmnc5fg7fe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\41914orangefloatstudio.mangaflow_c69rw3w0wadsy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\53566anas.windows8tipsandinfo_gsx96snbj04n8@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\ad2f1837.hpprintercontrol_v10z8vjag6ke6@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\amazon.com.amazon_343d40qqvtj1t@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\audialsag.audialsradio_3eby6px24ctcy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\axelspringerag.bildtablet_3hvdpzcjm2jp6@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\bestofmediagroup.tomshardware_vsk5ceyf850a0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\booking.com.booking.com_kan823tth5akw@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\browserchoice_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\c27eb4ba.dropbox_xbfy0k16fey96@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\checkpoint.vpn_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\energyschweizag.energyradio_j028rhm5gx59m@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\everimagingco.limited.fotor_7mgsahepr4x5w@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\evernote.evernote_q4d96b2w5wcc2@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\f5.vpn.client_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\filemanager_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\idgtechmediagmbh.pc-welt_ks81z24avvce2@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\junipernetworks.junospulsevpn_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.bingfinance_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.bingfoodanddrink_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.binghealthandfitness_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.bingmaps_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.bingnews_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.bingsports_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.bingtravel_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.bingweather_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.helpandtips_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.media.playreadyclient.2_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.mocamera_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.office.onenote_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.reader_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.skypeapp_kzf8qxf38zg5c@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.vclibs.110.00_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.vclibs.120.00_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.windowsalarms_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.windowscalculator_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.windowscommunicationsapps_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.windowsreadinglist_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.windowsscan_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.windowssoundrecorder_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.winjs.1.0_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\Microsoft.WinJS.2.0.Preview_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.winjs.2.0_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\Microsoft.WinJS.Preview.1_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.xboxlivegames_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.zunemusic_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\microsoft.zunevideo_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\n-tvnachrichtenfernseheng.n-tvnachrichten_hf9cm24zcg85p@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-001a1179.windows8einfhrung_7wr7kgwejpwsm@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-17655dreamteammobile.gmaps_drr96ftsfk4j0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-18953it.mike.microsoftofficechannel_yendmgv45ybgr@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-35124netzkino.netzkino_843rhjq2hbnd4@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-35227ca4b1ec.youtubeplayer_vz2dsdkbwapd8@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-3718.12514fb00dc68_8aydmnc5fg7fe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-41914orangefloatstudio.mangaflow_c69rw3w0wadsy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-53566anas.windows8tipsandinfo_gsx96snbj04n8@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-ad2f1837.hpprintercontrol_v10z8vjag6ke6@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-amazon.com.amazon_343d40qqvtj1t@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-audialsag.audialsradio_3eby6px24ctcy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-axelspringerag.bildtablet_3hvdpzcjm2jp6@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-bestofmediagroup.tomshardware_vsk5ceyf850a0@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-booking.com.booking.com_kan823tth5akw@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-browserchoice_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-c27eb4ba.dropbox_xbfy0k16fey96@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-checkpoint.vpn_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-energyschweizag.energyradio_j028rhm5gx59m@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-everimagingco.limited.fotor_7mgsahepr4x5w@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-evernote.evernote_q4d96b2w5wcc2@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-f5.vpn.client_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-filemanager_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-idgtechmediagmbh.pc-welt_ks81z24avvce2@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-junipernetworks.junospulsevpn_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.bingfinance_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.bingfoodanddrink_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.binghealthandfitness_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.bingmaps_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.bingnews_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.bingsports_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.bingtravel_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.bingweather_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.helpandtips_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.media.playreadyclient.2_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.mocamera_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.office.onenote_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.reader_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.skypeapp_kzf8qxf38zg5c@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.vclibs.110.00_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.vclibs.120.00_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.windowsalarms_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.windowscalculator_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.windowscommunicationsapps_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.windowsreadinglist_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.windowsscan_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.windowssoundrecorder_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.winjs.1.0_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\Notifications-Microsoft.WinJS.2.0.Preview_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.winjs.2.0_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\Notifications-Microsoft.WinJS.Preview.1_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.xboxlivegames_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.zunemusic_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-microsoft.zunevideo_8wekyb3d8bbwe@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-n-tvnachrichtenfernseheng.n-tvnachrichten_hf9cm24zcg85p@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-prosiebensat.1digitalgmbh.prosieben_fzbtnr0mjybby@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-sonicwall.mobileconnect_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-stimulsoft.stimulsoftdesigner_h0v4psr6pkrd6@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-vevollc.vevo_q6c550x48bf80@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-wetter.comag.wetter.com_4trx7dm9mtcw2@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-windows.immersivecontrolpanel_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-winstore_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-zattooeuropaag.zattoolivetv_cwpjhwd4pd0ma@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\prosiebensat.1digitalgmbh.prosieben_fzbtnr0mjybby@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\sonicwall.mobileconnect_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\stimulsoft.stimulsoftdesigner_h0v4psr6pkrd6@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\vevollc.vevo_q6c550x48bf80@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\wetter.comag.wetter.com_4trx7dm9mtcw2@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\windows.immersivecontrolpanel_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\winstore_cw5n1h2txyewy@PendingOperations 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\zattooeuropaag.zattoolivetv_cwpjhwd4pd0ma@PendingOperations 0
---- EOF - GMER 2.1 ----
Ich bedanke mich schon für jede Form der Hilfe und hoffe, dass ich den Anweisungen gefolgt bin. Viele Grüße Marco Viele |
| Themen zu Computer wird langsam und will ständig ein Java-Update durchführen. Virenfund nach scan. |
| 32 bit, 4d36e972-e325-11ce-bfc1-08002be10318, antivirus, askbar, bonjour, computer, converter, desktop, diagnostics, homepage, hotspot, langsam, malware, minidump, mozilla, netgear, object, problem, pup.optional.opencandy, registry, rundll, schutz, security, software, svchost.exe, system, tablet, win32/adware.pricepeep.a, win32/speedingupmypc.b, win32k.sys, windowsapps |
Baum-Darstellung