|
Plagegeister aller Art und deren Bekämpfung: Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen anWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.09.2015, 17:09 | #1 |
| Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an Nach und nach zeigt AVAST bei mir immer öffters Meldungen mit Bedrohungen um URL:MAL . Er selber findet aber keine Bedrohung mit einem Scan. Bitte um Hilfe Danke! |
01.09.2015, 17:19 | #2 |
/// the machine /// TB-Ausbilder | Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
01.09.2015, 17:51 | #3 |
| Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an frst.txt
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015 durchgeführt von Matthias (Administrator) auf MATTHI (01-09-2015 18:15:24) Gestartet von C:\Users\Matthias\Desktop Geladene Profile: Matthias (Verfügbare Profile: Matthias) Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Transaction Software, D 81829 Munich) C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe (Transaction Software, D 81829 Munich) C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe (Transaction Software, D 81829 Munich) C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe (Apache Software Foundation) C:\Program Files (x86)\EWA net\server\bin\tomcat7.exe (Trace Software International) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe () C:\Program Files (x86)\EWA net\apps\jre\private_jre\bin\java.exe (FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (Intel Corporation) C:\Program Files\PTC\Creo 3.0\M030\Common Files\x86e_win64\cma\Bin\IntelMPI\smpd-intel-4.0.3.009-x64.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe (Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe () C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe (Palm) C:\Program Files\Palm, Inc\novacom\amd64\novacomd.exe (Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe (Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Transaction Software, D 81829 Munich) C:\Program Files (x86)\EWA net\database\TransBase EWA\tbkern32.exe (Transaction Software, D 81829 Munich) C:\Program Files (x86)\EWA net\database\TransBase EWA\tbkern32.exe (Transaction Software, D 81829 Munich) C:\Program Files (x86)\EWA net\database\TransBase EWA\tbkern32.exe (Transaction Software, D 81829 Munich) C:\Program Files (x86)\EWA net\database\TransBase EPC\tbkern32.exe (Transaction Software, D 81829 Munich) C:\Program Files (x86)\EWA net\database\TransBase EPC\tbkern32.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (i-Funbox.com) C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe (Dropbox, Inc.) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Microsoft Corporation) C:\Windows\splwow64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe (Malwarebytes Corp.) C:\Users\Matthias\Desktop\mbar-1.09.2.1008.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Malwarebytes) C:\Users\Matthias\Desktop\mbar\mbar.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE (Microsoft Corporation) C:\Windows\System32\msiexec.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164080 2015-06-27] (IvoSoft) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-31] (AVAST Software) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG) HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [723456 2015-02-05] () HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-04-30] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-04-30] (Adobe Systems Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2508288 2015-02-10] (i-Funbox.com) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-19] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-31] (AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-18] ShortcutTarget: Dropbox.lnk -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ACHTUNG (Richtlinienbeschränkung auf ProxySettings) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{019A3A2A-1F07-49DD-9C51-D1B67A8B66E6}: [NameServer] 192.168.1.1 Tcpip\..\Interfaces\{53E2599E-872A-409C-BAE2-5D72B0FAB318}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{E13CC50E-7169-42C0-9533-D02CE6DB0F90}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{FDC853B5-9ABF-4F0C-A213-F9844B5729A6}: [DhcpNameServer] 192.168.3.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-31] (AVAST Software) BHO: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{5C0D7DB4-707C-4D27-A8B7-B055F5E5868E}\{454A1A7A-5552-4FDC-AB07-A76D113AF25E}.bin [2015-08-06] (Download Protect) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-06-27] (IvoSoft) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-31] (AVAST Software) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated) BHO-x32: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files (x86)\{2BE960DE-4410-40F5-B168-75839C0E76C8}\{6491726D-3031-4D82-B087-801146A9CCB6}.bin [2015-08-06] (Download Protect) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation) BHO-x32: Kein Name -> {E6E66045-E911-4C01-961D-32387BF12768} -> C:\Users\Matthias\AppData\LocalLow\Browser-Security\safe_url.dll Keine Datei BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-06-27] (IvoSoft) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-08-19] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\mpu1y1e4.default FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q= FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.de?hl=de&gl=de FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @ptc.com/IsoView -> C:\Program Files (x86)\Common Files\PTC\npisoview.dll [2014-10-29] (PTC Inc.) FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2014-10-29] (PTC) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-04-30] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems) FF Plugin HKU\S-1-5-21-2155083525-1168965681-3283480890-1001: @spoon.net/Spoon Plugin 3.33 -> C:\Users\Matthias\AppData\Local\Spoon\3.33.8.527\npMozillaSpoonPlugin.dll Keine Datei FF user.js: detected! => C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\mpu1y1e4.default\user.js [2015-08-31] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-29] (Apple Inc.) FF Extension: Kein Name - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\mpu1y1e4.default\Extensions\trash [2015-08-06] FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-08-06] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-05-16] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-05-17] FF HKLM-x32\...\Firefox\Extensions: [{50B55404-8F8E-4D23-8610-0575C3CFDBEF}] - C:\Windows\Installer\{D0B43FB3-75C7-4AC9-9186-73FB77DE4848}\{50B55404-8F8E-4D23-8610-0575C3CFDBEF}.xpi FF Extension: Download Protect - C:\Windows\Installer\{D0B43FB3-75C7-4AC9-9186-73FB77DE4848}\{50B55404-8F8E-4D23-8610-0575C3CFDBEF}.xpi [2015-08-22] Chrome: ======= CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006" CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?client=chrome&q={searchTerms} CHR Profile: C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-22] CHR Extension: (Google Search) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-22] CHR Extension: (Bookmark Manager) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-27] CHR Extension: (Google Wallet) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-22] CHR Extension: (Gmail) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-22] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-08] CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - https://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-31] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-31] (AVAST Software) S2 DnsBlockUpdateSvc; C:\Windows\system32\DnsBlockUpdateSvc.exe [149024 2015-08-06] () R2 EWA net DB Core; C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe [326616 2011-03-09] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert] R2 EWA net DB EPC; C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe [417792 2007-11-27] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert] R2 EWA net DB WIS; C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe [326616 2011-03-09] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert] R2 EWA net Server; C:\Program Files (x86)\EWA net\server\bin\tomcat7.exe [80896 2013-07-02] (Apache Software Foundation) [Datei ist nicht signiert] R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [177152 2014-09-29] (Trace Software International) [Datei ist nicht signiert] R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [794584 2015-06-01] (FileZilla Project) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] R2 impi_smpd; C:\Program Files\PTC\Creo 3.0\M030\Common Files\x86e_win64\cma\Bin\IntelMPI\smpd-intel-4.0.3.009-x64.exe [1611168 2015-07-20] (Intel Corporation) R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation) R2 mitsijm2015; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [968480 2013-10-12] (Autodesk, Inc.) R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation) R2 MyPublicWiFiService; C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [Datei ist nicht signiert] R2 NovacomD; C:\Program Files\Palm, Inc\novacom\amd64\novacomd.exe [72192 2011-06-24] (Palm) [Datei ist nicht signiert] R2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [234632 2014-09-29] (Mentor Graphics Corporation) [Datei ist nicht signiert] S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-11-01] (SolidWorks) [Datei ist nicht signiert] S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH) R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation) R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-04-14] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-31] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-31] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-31] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-31] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-31] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-31] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-31] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-31] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-31] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-31] (AVAST Software) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 fwdrv; C:\Windows\system32\DRIVERS\fwdrv.sys [27840 2014-03-22] (Web Solution Mart) R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-09-01] (Malwarebytes) R1 ndiskhaz; C:\Windows\system32\DRIVERS\ndiskhaz.sys [30536 2012-12-07] (Khalil Azzouzi) S3 nmserial; C:\Windows\system32\DRIVERS\nmserial.sys [75264 2010-01-07] (Windows (R) Codename Longhorn DDK provider) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44784 2013-04-24] (Synaptics Incorporated) S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-01 18:15 - 2015-09-01 18:16 - 00034992 _____ C:\Users\Matthias\Desktop\FRST.txt 2015-09-01 18:15 - 2015-09-01 18:15 - 00000000 ____D C:\FRST 2015-09-01 18:14 - 2015-09-01 18:14 - 02188800 _____ (Farbar) C:\Users\Matthias\Desktop\FRST64.exe 2015-09-01 18:13 - 2015-09-01 18:13 - 00050477 _____ C:\Users\Matthias\Desktop\Defogger.exe 2015-09-01 18:13 - 2015-09-01 18:13 - 00000478 _____ C:\Users\Matthias\Desktop\defogger_disable.log 2015-09-01 18:13 - 2015-09-01 18:13 - 00000000 _____ C:\Users\Matthias\defogger_reenable 2015-09-01 18:07 - 2015-09-01 18:13 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-01 18:07 - 2015-09-01 18:12 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-01 18:07 - 2015-09-01 18:07 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-01 18:07 - 2015-09-01 18:07 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-01 18:03 - 2015-09-01 18:13 - 00000000 ____D C:\Users\Matthias\Desktop\mbar 2015-09-01 18:03 - 2015-09-01 18:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-09-01 18:03 - 2015-09-01 18:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-01 18:03 - 2015-09-01 18:03 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-09-01 18:03 - 2015-09-01 18:03 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-01 18:02 - 2015-09-01 18:02 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Matthias\Desktop\mbar-1.09.2.1008.exe 2015-08-31 12:13 - 2015-08-31 12:13 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2015-08-31 12:13 - 2015-08-31 12:13 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-08-31 12:13 - 2015-08-31 12:13 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-08-31 12:02 - 2015-08-31 12:02 - 00000000 ____D C:\Windows\Sun 2015-08-31 11:33 - 2015-08-31 11:33 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPC 2015-08-31 11:31 - 2015-08-31 11:31 - 00001089 _____ C:\Users\Matthias\Desktop\wlan.JPG - Verknüpfung.lnk 2015-08-31 10:57 - 2015-08-31 12:15 - 00023441 _____ C:\Users\Matthias\ewa_client_2.log 2015-08-31 10:57 - 2015-08-31 10:57 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIS-ASRA 2015-08-22 15:36 - 2015-08-22 15:36 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-06 10:03 - 2015-08-06 10:03 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Grewe Scanner-Interface 7.lnk 2015-08-06 10:03 - 2015-08-06 10:03 - 00001161 _____ C:\Users\Public\Desktop\Grewe Scanner-Interface 7.lnk 2015-08-06 10:03 - 2015-08-06 10:03 - 00000000 ____D C:\Users\Matthias\AppData\Local\Grewe 2015-08-06 10:03 - 2015-08-06 10:03 - 00000000 ____D C:\Program Files (x86)\Grewe 2015-08-06 10:01 - 2015-08-06 10:01 - 00000728 __RSH C:\ProgramData\ntuser.pol 2015-08-06 10:01 - 2015-08-06 10:01 - 00000000 ____D C:\Program Files\{5C0D7DB4-707C-4D27-A8B7-B055F5E5868E} 2015-08-06 10:01 - 2015-08-06 10:01 - 00000000 ____D C:\Program Files (x86)\{2BE960DE-4410-40F5-B168-75839C0E76C8} 2015-08-06 09:59 - 2015-08-06 09:59 - 00471968 _____ C:\Windows\SysWOW64\dns.block 2015-08-06 09:59 - 2015-08-06 09:59 - 00471968 _____ C:\Windows\system32\dns.block 2015-08-06 09:59 - 2015-08-06 09:59 - 00434208 _____ (DnsBlock) C:\Windows\system32\DnsBlockA.dll 2015-08-06 09:59 - 2015-08-06 09:59 - 00433696 _____ (DnsBlock) C:\Windows\system32\DnsBlockB.dll 2015-08-06 09:59 - 2015-08-06 09:59 - 00343584 _____ (DnsBlock) C:\Windows\SysWOW64\DnsBlockB.dll 2015-08-06 09:59 - 2015-08-06 09:59 - 00343584 _____ (DnsBlock) C:\Windows\SysWOW64\DnsBlockA.dll 2015-08-06 09:59 - 2015-08-06 09:59 - 00149024 _____ C:\Windows\system32\DnsBlockUpdateSvc.exe 2015-08-06 09:58 - 2015-08-06 09:58 - 00000000 ____D C:\Program Files (x86)\WEB.DE MailCheck 2015-08-05 15:37 - 2015-08-31 12:16 - 00003516 _____ C:\Windows\PFRO.log ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-01 18:16 - 2014-09-30 18:21 - 00000000 ____D C:\Users\Matthias\Documents\Outlook-Dateien 2015-09-01 18:14 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-09-01 18:13 - 2014-09-30 15:22 - 00000000 ____D C:\Users\Matthias 2015-09-01 18:05 - 2015-07-20 11:08 - 00000000 ____D C:\Users\Matthias\AppData\Local\ClassicShell 2015-09-01 18:05 - 2014-09-30 18:21 - 00000000 ____D C:\Users\Matthias\AppData\Local\0335F7ED-DFDF-4299-93AA-F07A1EA37D36.aplzod 2015-09-01 18:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-09-01 17:59 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-09-01 17:58 - 2015-07-20 14:05 - 01755416 _____ C:\Windows\WindowsUpdate.log 2015-09-01 17:53 - 2014-09-30 17:27 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2155083525-1168965681-3283480890-1001 2015-09-01 17:47 - 2015-02-08 14:29 - 00003098 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2155083525-1168965681-3283480890-1001 2015-09-01 17:47 - 2015-02-08 14:29 - 00000000 ___RD C:\Users\Matthias\OneDrive 2015-09-01 17:41 - 2015-06-22 12:35 - 00000000 ____D C:\Users\Matthias\AppData\Local\CrashDumps 2015-09-01 17:35 - 2014-10-18 16:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-31 19:32 - 2015-06-15 20:20 - 00001250 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001UA.job 2015-08-31 18:03 - 2014-10-23 13:15 - 00000000 ___RD C:\Users\Matthias\Dropbox 2015-08-31 18:03 - 2014-10-23 13:12 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Dropbox 2015-08-31 18:02 - 2014-10-07 17:34 - 00000000 ___RD C:\Users\Matthias\iCloudDrive 2015-08-31 12:29 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2015-08-31 12:26 - 2014-09-30 19:42 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-08-31 12:18 - 2015-05-01 21:52 - 00000637 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-08-31 12:18 - 2014-10-15 07:45 - 00000000 ____D C:\ProgramData\VMware 2015-08-31 12:17 - 2015-07-20 19:56 - 00005700 _____ C:\Windows\setupact.log 2015-08-31 12:17 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-31 12:14 - 2014-09-30 19:42 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-08-31 12:13 - 2014-09-30 19:47 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2015-08-31 11:33 - 2015-07-22 07:22 - 00002313 _____ C:\Users\Matthias\Desktop\EPC.lnk 2015-08-31 11:33 - 2015-07-20 20:05 - 00000102 _____ C:\Users\Matthias\.ewanapi_cookie 2015-08-31 11:31 - 2014-10-01 15:27 - 00038436 _____ C:\Users\Matthias\Desktop\Batteriereport.html 2015-08-31 11:18 - 2015-06-08 14:51 - 00001101 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2015-08-31 11:18 - 2015-02-06 16:55 - 00000842 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-08-31 10:57 - 2015-07-20 20:09 - 00002313 _____ C:\Users\Matthias\Desktop\WIS-ASRA.lnk 2015-08-31 10:23 - 2014-10-01 12:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-08-31 09:51 - 2014-09-30 18:15 - 00000000 ____D C:\Users\Matthias\AppData\Local\Adobe 2015-08-22 16:48 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-08-22 11:51 - 2014-03-18 12:04 - 02038998 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-22 11:51 - 2014-03-18 11:25 - 00857958 _____ C:\Windows\system32\perfh007.dat 2015-08-22 11:51 - 2014-03-18 11:25 - 00195990 _____ C:\Windows\system32\perfc007.dat 2015-08-06 16:30 - 2014-09-30 15:22 - 00000000 ____D C:\Users\Matthias\AppData\Local\Packages 2015-08-06 10:01 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-08-06 09:58 - 2015-07-07 01:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-05 15:36 - 2015-04-27 07:44 - 00000000 ____D C:\Users\Matthias\Documents\Moped Verkäufe 2015-08-05 12:06 - 2015-05-26 15:39 - 00000000 ____D C:\Users\Matthias\Desktop\Tor Browser 2015-08-05 11:20 - 2015-05-21 17:54 - 00000246 _____ C:\Windows\ktel.ini 2015-08-05 11:18 - 2015-05-17 14:14 - 00000000 ____D C:\Users\Matthias\Documents\Citavi 4 2015-08-04 15:18 - 2015-01-14 19:38 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-08-04 15:18 - 2015-01-14 19:38 - 00000975 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-12-02 16:36 - 2014-12-02 16:36 - 0003584 _____ () C:\Users\Matthias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-02 12:00 - 2015-02-02 12:03 - 0000600 _____ () C:\Users\Matthias\AppData\Local\PUTTY.RND 2014-11-25 11:31 - 2015-05-26 12:40 - 0000000 _____ () C:\Users\Matthias\AppData\Local\Temptable.xml 2015-07-10 12:49 - 2015-07-10 12:49 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Einige Dateien in TEMP: ==================== C:\Users\Matthias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk1vh4g.dll C:\Users\Matthias\AppData\Local\Temp\proxy_vole7697117568290905588.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-07-27 02:10 ==================== Ende von FRST.txt ============================ |
01.09.2015, 17:53 | #4 |
| Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015 durchgeführt von Matthias (2015-09-01 18:17:21) Gestartet von C:\Users\Matthias\Desktop Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2155083525-1168965681-3283480890-500 - Administrator - Disabled) Gast (S-1-5-21-2155083525-1168965681-3283480890-501 - Limited - Disabled) Matthias (S-1-5-21-2155083525-1168965681-3283480890-1001 - Administrator - Enabled) => C:\Users\Matthias ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) µTorrent (HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Active@ ISO File Manager (HKLM-x32\...\{5C2D48D7-8CDF-4866-B415-69EBB67E2845}) (Version: 4.0.4 - LSoft Technologies) Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.14 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated) Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AutoCAD Mechanical 2015 - Deutsch (German) (Version: 19.0.48.0 - Autodesk) Hidden AutoCAD Mechanical 2015 - English (Version: 19.0.48.0 - Autodesk) Hidden AutoCAD Mechanical 2015 Language Pack - Deutsch (German) (Version: 19.0.48.0 - Autodesk) Hidden AutoCAD Mechanical 2015 Language Pack - English (Version: 19.0.48.0 - Autodesk) Hidden Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.0.29.1101 - Autodesk) Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk) Autodesk AutoCAD Mechanical 2015 - English (HKLM\...\AutoCAD Mechanical 2015 - English) (Version: 19.0.48.0 - Autodesk) Autodesk AutoCAD Mechanical 2015 Language Pack - Deutsch (German) (HKLM\...\AutoCAD Mechanical 2015 Language Pack - Deutsch (German)) (Version: 19.0.48.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.) Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.51.0 - Autodesk) Autodesk Inventor Content Center Libraries 2015 (Desktop Content) (HKLM\...\{B46DECD1-1964-4EF1-0000-22D71E81877C}) (Version: 19.0.15900.0000 - Autodesk) Autodesk Inventor Professional 2015 - English (HKLM\...\Autodesk Inventor Professional 2015) (Version: 19.0.15900.0000 - Autodesk) Autodesk Inventor Professional 2015 (Version: 19.0.15900.0000 - Autodesk) Hidden Autodesk Inventor Professional 2015 English Language Pack (Version: 19.0.15900.0000 - Autodesk) Hidden Autodesk Inventor Professional 2015 Language Pack - Deutsch (German) (HKLM\...\Autodesk Inventor 2015 Language Pack - Deutsch (German)) (Version: 19.0.15900.0000 - Autodesk) Autodesk Inventor Professional 2015 Language Pack - Deutsch (German) (Version: 19.0.15900.0000 - Autodesk) Hidden Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.9.100 - Autodesk) Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk) Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden Autodesk Revit Interoperability for Inventor 2015 (HKLM\...\Autodesk Revit Interoperability for Inventor 2015) (Version: 15.0.107.0 - Autodesk) Autodesk Revit Interoperability for Inventor 2015 (Version: 15.0.107.0 - Autodesk) Hidden Autodesk Vault Basic 2015 (Client) (HKLM\...\Autodesk Vault Basic 2015 (Client)) (Version: 19.0.49.0 - Autodesk) Autodesk Vault Basic 2015 (Client) (Version: 19.0.49.0 - Autodesk) Hidden Autodesk Vault Basic 2015 (Client) English Language Pack (Version: 19.0.49.0 - Autodesk) Hidden Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.0.7.0 - Vondos Media GmbH) Canon MG4100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series) (Version: - ) CarProKey Version 1.04 (HKLM-x32\...\CarProKey_is1) (Version: 1.04 - CarProKey) CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.5.0.11 - Swiss Academic Software) Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft) Configurator 360 addin (HKLM-x32\...\{8FE324B0-B934-4D68-BAB5-DE2136036237}) (Version: 19.0.11300.9000 - Autodesk, Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Digital Frame Manager (x32 Version: 1.50.000 - BVRP Software) Hidden Document_Installer (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden DReport Viewer 4 (HKLM-x32\...\{6CF895F9-7D93-4B10-8BFC-2188F1EB339A}) (Version: 4.00.0043 - DÖRR EDV-Beratung) DReport Viewer 4 (HKLM-x32\...\{811E4E77-05C8-422E-8077-B9A80BF15C68}) (Version: 4.00.0043 - DÖRR EDV-Beratung) Dropbox (HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.) DWG TrueView 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden Easy ISO Burner 2.10 (HKLM-x32\...\{42F12F02-9AA8-4448-85DE-6F0AB23D705D}_is1) (Version: 2.10 - EasyIsoSoft Company, Inc.) Eco Materials Adviser for Autodesk Inventor 2015 (64-bit) (HKLM\...\{2F7441CB-A646-41F1-B1CB-518AB311138B}) (Version: 5.1.2.0 - Granta Design Limited) EWA (HKLM-x32\...\EWA net) (Version: - ) EWA_net_Admin (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_Client_Applications (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_Core (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_EPC (x32 Version: 1.00.0000 - Daimler) Hidden EWA_net_Server (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_WIS (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_WIS_CaseOnline_Importer (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production) FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.52 - FileZilla Project) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden Grewe Scanner-Interface 7 (HKLM-x32\...\{B1C3F49A-DE7D-1AC1-0913-039C1A8B9B82}) (Version: 7 - Grewe Computertechnik GmbH) Hausverwaltung easy (HKLM-x32\...\{781A6302-3E7A-4ABE-886D-78A65CC84BF7}) (Version: 14.2 - WAREHaus GmbH) HDClone 5.1.4 Free Edition (HKLM\...\Miray.HDClone.Free.5.1.4.1031-{F9C5CFC0-F9D0-4A14-8DAB-CF877115235D}) (Version: 5.1 - Miray Software AG) Heizkosten easy (HKLM-x32\...\{0B0D8382-42D5-4666-92F5-0051FF260C35}) (Version: 10.2 - WAREHaus GmbH) iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.) iFunbox (v2.94.2520.758), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.94.2520.758 - ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version: - Intel Corporation) IPCamSetup (HKLM-x32\...\{02C39DE9-B03A-4FE7-89F9-61E224FE65CC}) (Version: 1.00.0000 - FOSCAM) iSpy (HKLM-x32\...\{59FD7347-2EF6-4A67-ADFF-C029D0D67A7E}) (Version: 6.3.7 - iSpy) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden klickTel Telefon- und Branchenbuch + Rückwärtssuche Herbst 2014 (HKLM-x32\...\{6105FFED-C382-4FC9-B1A9-6523FA104B00}) (Version: 1.00.0000 - telegate MEDIA AG) KMSpico v9.3.2 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - ) Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - ) Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Setup (English) (HKLM\...\{5DDC2234-4B37-45BC-AD33-41F1469B4D83}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Mockup 360 Addin 2015 (HKLM-x32\...\{E4D4242C-FC14-4B4F-B1D9-6760D8C241D5}) (Version: 1.1.0 - Autodesk) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla) MyPublicWiFi 5.1 (HKLM-x32\...\{C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1) (Version: - TRUE Software) Nebenkosten easy professional (HKLM-x32\...\{BD88D49B-15CE-48DF-B24F-4C0BC683EBF2}) (Version: 8.1 - ) Novacomd (HKLM\...\{BA9A297F-0198-4EE8-90CB-F5036C180E1D}) (Version: 1.0.0.76 - Palm, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PreisHai 4.2 (HKLM-x32\...\PreisHai_is1) (Version: - Elmar Denkmann) PTC Creo Direct Version 3.0 Datecode [M030] (HKLM-x32\...\PTC Creo Direct Version 3.0 Datecode [M030]) (Version: 3.0 - PTC) PTC Creo Distributed Services Manager 3.0 [M030] (HKLM-x32\...\PTC Creo Distributed Services Manager 3.0 [M030]) (Version: 3.0 - PTC) PTC Creo Layout Version 3.0 Datecode [M030] (HKLM-x32\...\PTC Creo Layout Version 3.0 Datecode [M030]) (Version: 3.0 - PTC) PTC Creo Options Modeler Version 3.0 Datecode [M030] (HKLM-x32\...\PTC Creo Options Modeler Version 3.0 Datecode [M030]) (Version: 3.0 - PTC) PTC Creo Parametric Version 3.0 Datecode [M030] (HKLM-x32\...\PTC Creo Parametric Version 3.0 Datecode [M030]) (Version: 3.0 - PTC) PTC Creo Platform Agent 3.96 (HKLM-x32\...\{8CD6BE35-0B81-4528-BA2E-4A73ED30F573}) (Version: 3.96.0 - PTC) PTC Creo Simulate Version 3.0 Datecode [M030] (HKLM-x32\...\PTC Creo Simulate Version 3.0 Datecode [M030]) (Version: 3.0 - PTC) PTC Creo Thumbnail Viewer 3.0 (HKLM\...\{31D4219E-F0C8-4471-9E9A-4B5A7DF30BE0}) (Version: 31.14.500 - PTC) PTC Creo View Express 3.0 (HKLM\...\{8D3C0B3F-0830-413A-BF5C-24BCDCF58547}) (Version: 10.2.30.26 - PTC) PTC Diagnostic Tools (HKLM\...\{D8EE1206-5E41-425D-83E7-E6D9886E716D}) (Version: 3.0.0.0 - PTC) PTC Mathcad Prime 3.1 (HKLM\...\{3A4F83E8-C604-4970-8A1F-8963B3507630}) (Version: 3.1.0 - PTC) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.) RufIdent 33 (HKLM-x32\...\RufIdent 33_is1) (Version: - ) S8_Assistant (HKLM-x32\...\{4E890D2A-5101-4F2E-929C-7CFC4DA0FBA0}) (Version: 1.0.0 - Bigflyshark) SimLab iPad Exporter 3.1 for SolidWorks x64 (HKLM\...\{446FC1C7-68C9-434F-A017-F705DE3D5D13}) (Version: 3.1 - SimLab Soft) SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) SOLIDWORKS 2015 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20150-40000-1100-100) (Version: 23.0.0.5020 - SolidWorks Corporation) SOLIDWORKS 2015 x64 Edition SP0 (Version: 23.100.5020 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS 2015 x64 German Resources (Version: 23.100.5020 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Composer 2015 SP0 x64 Edition (Version: 23.00.5020 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS eDrawings 2015 x64 Edition SP0 (Version: 15.0.5013 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Electrical 2015 SP0 x64 Edition (Version: 23.00.5020 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS Explorer 2015 SP0 x64 Edition (Version: 23.00.5020 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Flow Simulation 2015 SP0 x64 Edition (Version: 23.00.5021 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS Inspection 2015 SP0 x64 Edition (Version: 23.00.5020 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS Plastics 2015 SP0 x64 Edition (Version: 23.00.5020 - Dassault Systemes SolidWorks Corp) Hidden SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden Syncios Version 4.2.2 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.2.2 - Anvsoft, Inc.) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - ) TI-Nspire™ Student Software (HKLM-x32\...\{F46F949B-755F-4BEF-A4B9-7B3B73D0104A}) (Version: 3.9.0.463 - Texas Instruments Inc.) Tinypic 3.16 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.16 - E. Fiedler) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk) Vermieten easy (HKLM-x32\...\{713FB416-9DB9-4D45-8E9C-9EC1DD52F887}) (Version: 10.1 - WAREHaus GmbH) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.2 - VMware, Inc) VMware Workstation (Version: 10.0.2 - VMware, Inc.) Hidden WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 1.0.0.0 - 1&1 Mail & Media GmbH) Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI) Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro) Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) (HKLM\...\332CCC08910F1AE2E4D90D25DEDE87E3EF797832) (Version: 10/09/2009 1.0.1 - Palm) Windows Driver Package - Palm (WinUSB) Palm Devices (11/30/2008 1.0.0) (HKLM\...\84713BEB4A2EB4B0E2F1346FDEBFFE94DAB5225D) (Version: 11/30/2008 1.0.0 - Palm) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) Wireshark 1.12.4 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.4 - The Wireshark developer community, hxxp://www.wireshark.org) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppCtrl.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\iDrop.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TI.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppDocView.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppDocView.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxTest.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtCp.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppCtrl.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\SolidObject.Dll () CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\UCxTextBtn.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\UCxTextBtn.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\SolidObject.Dll () CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\BodyReceiver.dll () CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxApprenticeServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ColorButton.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ColorButton.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\AcInetUI.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxInventorUtilities.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DTInterop.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\InvResc.dll (Autodesk) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Matthias\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\InvTXTStack.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DTInterop.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll Keine Datei ==================== Wiederherstellungspunkte ========================= 20-07-2015 11:07:18 Classic Shell wird installiert 26-07-2015 12:27:23 Windows Update 04-08-2015 16:01:59 Geplanter Prüfpunkt 31-08-2015 12:12:31 avast! antivirus system restore point 31-08-2015 12:30:04 Revo Uninstaller Pro's restore point - DNSBlock ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2015-04-15 22:00 - 00004677 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 hxxp://www.adobeereg.com 127.0.0.1 125.252.224.90 127.0.0.1 125.252.224.91 127.0.0.1 hl2rcv.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com Da befinden sich 94 zusätzliche Einträge. ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0B859458-2B3F-4475-BBB9-4A64D524EE45} - System32\Tasks\{2BD98950-43D8-4F53-AC90-C6DB21854A1B} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe" -c --uninstall=1 Task: {160E6AF6-CF85-4FE8-BA93-6A4DDB2C80CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {18F3BBCB-410D-4AD8-8711-EF71507476BC} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {27C6E329-0E01-4094-8B3F-D232BC8FD670} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001UA => C:\Users\Matthias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-15] (Dropbox, Inc.) Task: {42152122-BEE4-47DF-82E6-18239D8D4F6E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {5464B75B-9C82-4524-B1AC-A54CA2DEDC6F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001Core => C:\Users\Matthias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-15] (Dropbox, Inc.) Task: {58BD138D-E5B3-4570-8005-3FC0B126745B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {6026F138-046F-4260-84A0-071FF691B1D7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {68246703-4A4B-4358-9FA1-8048421AEF8D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-31] (AVAST Software) Task: {8BE74C1E-3471-4D2D-9612-2C65B903E7F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {A69AA0FB-B6E5-40FB-8386-B281DDF672E3} - System32\Tasks\AdobeAAMUpdater-1.0-Matthi-Matthias => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {A6F0F595-D274-480F-996A-46CA07C0B1A3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {B904E256-CD4D-4E10-B71B-D43FE5FE6651} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2155083525-1168965681-3283480890-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {B932863E-EB1D-463A-8921-51564C3F06A0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {B9D6A6D9-450B-4836-9B28-63E02E4CD4D8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {C50F65F2-59FD-4F86-8D3E-9766CAC353E9} - System32\Tasks\avastBCLRestartS-1-5-21-2155083525-1168965681-3283480890-1001 => Firefox.exe Task: {DAD99F50-B464-446F-9EB0-E41BAFE3B029} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {DB20433E-D9FF-4D94-BE0C-B02ABD22246C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated) Task: {F0C59CC1-D566-4F6D-B031-0FDE88603FE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {F2D69B78-E159-447F-8D06-E6FDF186569F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {F46E9840-DA64-4294-835F-DD6CF7E06062} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001Core.job => C:\Users\Matthias\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001UA.job => C:\Users\Matthias\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-20 18:09 - 2014-10-30 10:10 - 00045056 _____ () C:\Program Files (x86)\EWA net\apps\jre\private_jre\bin\java.exe 2015-05-02 11:07 - 2013-04-03 15:09 - 00756224 _____ () C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe 2014-04-14 16:04 - 2014-04-14 16:04 - 14407384 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe 2015-01-21 04:06 - 2015-01-21 04:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2015-07-20 11:22 - 2015-07-20 11:22 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll 2015-02-24 20:55 - 2015-02-05 13:21 - 00723456 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe 2015-08-31 12:13 - 2015-08-31 12:13 - 00112640 _____ () C:\Program Files\AVAST Software\Avast\x64\log.dll 2014-01-23 08:05 - 2014-01-23 08:05 - 01424552 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll 2015-07-10 12:07 - 2013-12-22 08:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2015-07-10 12:07 - 2013-12-22 08:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2015-07-20 18:09 - 2014-10-30 10:10 - 00180224 _____ () C:\Program Files (x86)\EWA net\apps\jre\private_jre\bin\server\jvm.dll 2014-04-14 16:41 - 2014-04-14 16:41 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll 2015-08-31 12:13 - 2015-08-31 12:13 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-08-31 12:13 - 2015-08-31 12:13 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-20 18:10 - 2011-03-09 11:48 - 00036864 ____N () C:\Program Files (x86)\EWA net\database\TransBase EWA\polycsr.dll 2015-07-20 18:10 - 2011-03-09 11:48 - 00166912 ____N () C:\Program Files (x86)\EWA net\database\TransBase EWA\libmcrypt.dll 2015-07-20 18:13 - 2005-03-21 16:54 - 00036864 ____N () C:\Program Files (x86)\EWA net\database\TransBase EPC\polycsr.dll 2015-07-20 18:13 - 2007-11-26 17:26 - 00166912 ____N () C:\Program Files (x86)\EWA net\database\TransBase EPC\libmcrypt.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-08-31 18:02 - 2015-08-31 18:02 - 00071168 _____ () c:\users\matthias\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk1vh4g.dll 2015-03-04 23:45 - 2015-08-05 22:49 - 00012800 _____ () C:\Users\Matthias\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 23:45 - 2015-08-05 22:49 - 00779776 _____ () C:\Users\Matthias\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-29 02:34 - 2015-08-05 22:49 - 00056320 _____ () C:\Users\Matthias\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-03-04 23:45 - 2015-08-05 22:49 - 00012288 _____ () C:\Users\Matthias\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2015-04-08 17:19 - 2015-04-08 17:19 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-11-12 00:28 - 2015-01-16 18:07 - 00386560 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll 2014-11-12 00:28 - 2013-03-01 11:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll 2014-11-12 00:28 - 2013-03-01 11:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-24 20:55 - 2014-01-06 12:24 - 00671744 _____ () C:\Program Files (x86)\Syncios\hashab.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2015-04-30 00:16 - 2015-04-30 00:16 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu 2015-09-01 17:39 - 2015-09-01 17:39 - 02961408 _____ () C:\Program Files\AVAST Software\Avast\defs\15090100\algo.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:64FFFDC8 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\Software\Classes\.exe: => <===== ACHTUNG HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\Software\Classes\exefile: <===== ACHTUNG ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist deaktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\StartupFolder: => "GoPro Importer.lnk" HKLM\...\StartupApproved\Run: => "picon" HKLM\...\StartupApproved\Run32: => "Power Manager Startup Utility" HKLM\...\StartupApproved\Run32: => "AdobeCS4ServiceManager" HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\StartupApproved\Run: => "Amazon Music" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [{261A982C-3AF7-4CF4-8C3E-D2BA1FD3D55E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{A4453E3F-53AB-454C-BFE2-9DF464A6F16D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{06829827-2960-452A-A65C-084E7799B2C0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{11E07BBD-1BA8-4CA3-B06D-171DDA2AB56B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{9963D9EB-38CB-430C-A3CC-0B7A149BA853}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{DFB11C97-83AA-4FB3-84D4-6EE3948D352D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{CBBF293C-5895-4B64-8D78-DD93A38A686B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{DF0715E9-FFCE-4EC1-827E-66AA60996E17}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{2FEB28B7-445F-4E10-A936-6D00162FB648}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{465FA801-00E8-4025-8CCD-B73396C31C2F}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{3ADFDA69-BB3E-4982-B4F2-7933D0E3C6F2}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{537BF0C9-6C4F-4549-809D-772F9518F7EE}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{C9C36A68-E236-48DF-8AF8-9B1A5DE7C4CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E7337BDA-3F29-4BDD-980F-D8EE89CEA190}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{26C102DD-A45B-452D-BC33-73986ED9EDF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5879327E-6D12-4D9C-A4FB-C1B4A88CF576}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8595D9EE-69C9-4800-AA26-60E84B8DE2AE}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{CB4F593C-9ED9-4A99-B254-21E122E1FDB5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{C3148EDF-F500-4342-9048-0D7B832FBCF5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{2753814A-8D17-427A-80DF-967C7A166924}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [TCP Query User{8AFBCB73-6827-4CAE-8945-586C61031509}C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe FirewallRules: [UDP Query User{E63F493B-A991-49CA-82D8-C115DB47A38E}C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe FirewallRules: [{61663DFC-68A4-48EA-8144-69B908A7658E}] => (Block) C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe FirewallRules: [{C8CC203B-BE78-4789-AA3E-1BF78D0DBB4F}] => (Block) C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe FirewallRules: [{58E37EA9-38C4-4EE3-876D-926962224D47}] => (Allow) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{D73D9AFB-EEBD-447E-A1EC-E27C549420B2}] => (Allow) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{C7F1C923-7959-4062-AD12-C953F9D238F0}] => (Allow) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{5CD3CDC3-A3B5-4292-AC21-864EE6AF8150}] => (Allow) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{24FB5BF9-54B9-41E4-B9E2-0921FE5D0994}C:\program files (x86)\ipcamsetup\ipcamera.exe] => (Allow) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [UDP Query User{C0FD2B0F-643C-4455-B58B-55A85CE42692}C:\program files (x86)\ipcamsetup\ipcamera.exe] => (Allow) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [{FEBE8EB4-A3DC-4BEE-8E39-F4B2DBF03449}] => (Block) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [{B10F8714-CC5D-44E2-868D-B0E6B2345AE1}] => (Block) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [{A89AF199-DD86-4F0E-8F1C-9BA24090818A}] => (Allow) C:\Users\Matthias\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B53E33A4-831D-4761-834A-312E63E30C8B}] => (Allow) C:\Users\Matthias\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7EF57AA4-19B8-4DEC-A692-685068DBC41C}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe FirewallRules: [{A26A5127-935B-4D44-8F5F-D4F513EB4BF6}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe FirewallRules: [{4AEAB490-3BDE-4F19-B3F0-C6BCFCB3862F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{77682CF8-F22B-4E8D-9814-B209B5DF6FEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{07D78CF3-D4FB-41A5-837B-9FED512A68A7}C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe FirewallRules: [UDP Query User{4DF08B3A-306A-425B-AEAF-FE0B033439C7}C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe FirewallRules: [TCP Query User{6BC88A17-74CA-434A-890A-092E0093C974}C:\program files (x86)\ti education\ti-nspire student software\jre\bin\java.exe] => (Block) C:\program files (x86)\ti education\ti-nspire student software\jre\bin\java.exe FirewallRules: [UDP Query User{68EF89DF-D972-488F-BCCA-6262BA17A610}C:\program files (x86)\ti education\ti-nspire student software\jre\bin\java.exe] => (Block) C:\program files (x86)\ti education\ti-nspire student software\jre\bin\java.exe FirewallRules: [{5CDF2802-5E5F-45C9-97A3-7AF0F872E807}] => (Block) C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe FirewallRules: [{8C01802C-1053-4591-89F9-6022BB73A1F1}] => (Block) C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe FirewallRules: [{31B9E07E-1F6C-4E91-9054-72C037140121}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5362D898-22C7-471B-9E82-2116351BC6B4}] => (Allow) LPort=2869 FirewallRules: [{2F2F00FB-6827-4B8F-860C-6D8249D2E562}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{233B6A40-F270-44DC-AF03-531575417211}C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{6111A2A8-803A-4C5A-8D94-D14E8246B3C6}C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{D0733686-A865-420D-B035-2C19DC5C500D}] => (Block) C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{19F374A6-453C-48BB-9F92-DBBED65B0AA1}] => (Block) C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{8F2A7C26-A7DF-48AC-83C8-5E788C1D414D}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{32E6774F-9288-48A6-9590-76D7EA333829}] => (Allow) LPort=7935 FirewallRules: [{4D8A94E4-D35C-46B4-8A2D-A309A0ADEEEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{129BB2C2-2B92-4D19-8F75-8D6E4CA64E81}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{9F6CF5B7-4333-4004-976E-B61CA59A108C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A970E2AD-0A08-4E63-85B9-EC7B00D8F031}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C4323355-7CEF-4774-913D-01EB70522047}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe FirewallRules: [{E883F5E9-1AC2-46CB-922D-A8E0A9349F23}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe FirewallRules: [TCP Query User{1A8F0B7D-9A0A-4DDB-A4C3-87441F01DD5B}C:\program files (x86)\ispy\ispy\ispy.exe] => (Allow) C:\program files (x86)\ispy\ispy\ispy.exe FirewallRules: [UDP Query User{A3717F72-1025-4C34-AF91-C40AF7EB86A6}C:\program files (x86)\ispy\ispy\ispy.exe] => (Allow) C:\program files (x86)\ispy\ispy\ispy.exe FirewallRules: [{D89FC3BE-EC96-4437-86C3-BD06900FE496}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{59E7A2D1-BA29-44BF-A972-019D607E3521}] => (Allow) LPort=4712 FirewallRules: [{5F3498E2-8BDF-4F8C-9857-A8563F7B8BF6}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{075902F1-A958-4153-9D78-4B8B1B677F9B}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{93A7CF20-76E3-480C-AB1C-DAC17A294392}] => (Allow) LPort=50248 FirewallRules: [TCP Query User{120A280E-D2B7-486C-8F37-E57144DBE4FC}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe FirewallRules: [UDP Query User{7217DE2D-0405-40AD-B4AB-2865AEAEF245}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe FirewallRules: [{827AA1F1-764B-481C-B46A-073C674BEBAB}] => (Allow) C:\Program Files\PTC\Creo 3.0\View Express\i486_nt\obj\productview.exe FirewallRules: [TCP Query User{E99BB43F-85A0-433B-9C19-9F6AA2571467}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe FirewallRules: [UDP Query User{397296EA-0F60-4E66-974F-7562F23DA186}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe FirewallRules: [TCP Query User{C3873A7B-B5C5-4B14-9599-AE0D42BA75CF}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe FirewallRules: [UDP Query User{82CDDCA7-95CA-4253-AD98-76C3BC534941}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe FirewallRules: [TCP Query User{FD9D3FFD-EBA8-43D3-B301-D9F49A0C278F}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\pro_comm_msg.exe FirewallRules: [UDP Query User{04471CC8-3F76-42AB-AE92-E6ACD6EFB127}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\pro_comm_msg.exe FirewallRules: [TCP Query User{EE37C185-2EC9-4F50-817E-3BBCA6824DA4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{969A0FE4-5C73-4E9D-A6A0-708A22D12C68}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{ACF6F87B-42ED-4C48-8429-EF3CBD05E895}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{DEEDCC4D-38F2-4A5E-98B4-E8070D2436F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{9FE2BFE9-1E96-448B-AD0F-E79945A91296}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FD5CEA76-0CF7-4E3A-8847-5527FE746370}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{29E7D355-40FD-48E9-883E-45BC6E5EAFFC}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{A1DE3044-AA93-4251-A105-BDDCEBB6FEDA}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: VMware Virtual Ethernet Adapter for VMnet1 Description: VMware Virtual Ethernet Adapter for VMnet1 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VMware Virtual Ethernet Adapter for VMnet8 Description: VMware Virtual Ethernet Adapter for VMnet8 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: PCI-Kommunikationscontroller (einfach) Description: PCI-Kommunikationscontroller (einfach) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (09/01/2015 05:47:53 PM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost (7864) Instance: Versuch, Datei "C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. Error: (09/01/2015 05:47:43 PM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost (7864) Instance: Versuch, Datei "C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. Error: (09/01/2015 05:41:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: WSHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545040f3 Name des fehlerhaften Moduls: WinStoreUI.dll, Version: 6.3.9600.17819, Zeitstempel: 0x554636a9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000569d9 ID des fehlerhaften Prozesses: 0x1f0c Startzeit der fehlerhaften Anwendung: 0xWSHost.exe0 Pfad der fehlerhaften Anwendung: WSHost.exe1 Pfad des fehlerhaften Moduls: WSHost.exe2 Berichtskennung: WSHost.exe3 Vollständiger Name des fehlerhaften Pakets: WSHost.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WSHost.exe5 Error: (09/01/2015 05:35:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000003d85e ID des fehlerhaften Prozesses: 0x19b8 Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0 Pfad der fehlerhaften Anwendung: GWXUX.exe1 Pfad des fehlerhaften Moduls: GWXUX.exe2 Berichtskennung: GWXUX.exe3 Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5 Error: (09/01/2015 05:34:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 79116781 Error: (09/01/2015 05:34:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 79116781 Error: (09/01/2015 05:34:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/01/2015 12:42:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 61578359 Error: (09/01/2015 12:42:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 61578359 Error: (09/01/2015 12:42:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Systemfehler: ============= Error: (09/01/2015 05:58:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro Error: (09/01/2015 05:50:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Avast Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/31/2015 07:36:18 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (08/31/2015 06:25:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro Error: (08/31/2015 12:41:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro Error: (08/31/2015 12:29:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "DnsBlock Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/31/2015 12:16:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (08/31/2015 12:15:51 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Der Dienst "SOLIDWORKS Electrical Collaborative Server" hat einen ungültigen aktuellen Status gemeldet: 0 Error: (08/31/2015 11:44:21 AM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "MATTHI :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.3 registriert werden. Der Computer mit IP-Adresse 192.168.2.200 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (08/31/2015 11:44:17 AM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "MATTHI :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.3 registriert werden. Der Computer mit IP-Adresse 192.168.2.200 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Microsoft Office: ========================= Error: (09/01/2015 05:47:53 PM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost7864Instance: C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Error: (09/01/2015 05:47:43 PM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost7864Instance: C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Error: (09/01/2015 05:41:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: WSHost.exe6.3.9600.17415545040f3WinStoreUI.dll6.3.9600.17819554636a9c000000500000000000569d91f0c01d0e4cc58514b06C:\Windows\WinStore\WSHost.exeC:\Windows\winstore\WinStoreUI.dlldc41aea8-50bf-11e5-82a6-00234df6675c Error: (09/01/2015 05:35:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.17736550f4336c0000005000000000003d85e19b801d0e4cbd7550fa5C:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dll1aaeb09c-50bf-11e5-82a6-00234df6675c Error: (09/01/2015 05:34:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 79116781 Error: (09/01/2015 05:34:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 79116781 Error: (09/01/2015 05:34:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/01/2015 12:42:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 61578359 Error: (09/01/2015 12:42:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 61578359 Error: (09/01/2015 12:42:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second CodeIntegrity: =================================== Date: 2015-05-20 16:03:14.212 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:13.616 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:12.588 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:12.225 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:11.881 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:10.307 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:09.369 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:08.822 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:08.305 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:07.258 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz Prozentuale Nutzung des RAM: 42% Installierter physikalischer RAM: 8086.02 MB Verfügbarer physikalischer RAM: 4684.28 MB Summe virtueller Speicher: 9366.02 MB Verfügbarer virtueller Speicher: 5302.65 MB ==================== Laufwerke ================================ Drive c: (Win8) (Fixed) (Total:435.95 GB) (Free:195.24 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (Daten) (Fixed) (Total:487.67 GB) (Free:137.98 GB) NTFS Drive e: (Puffer) (Fixed) (Total:7.9 GB) (Free:7.85 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 000620B9) Partition 1: (Not Active) - (Size=487.7 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=435.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=7.9 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
02.09.2015, 12:14 | #5 |
/// TB-Ausbilder | Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen anMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Deaktiviere bitte dein Antivirenprogramm, da es die Entfernung von DownloadProtect blockieren kann. Bitte downloade DownloadProtectCleaner und speichere die Datei auf dem Desktop.
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 4 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 5
Bitte poste mit deiner nächsten Antwort
|
02.09.2015, 18:14 | #6 |
/// the machine /// TB-Ausbilder | Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an
__________________ --> Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an |
03.09.2015, 08:09 | #7 |
/// TB-Ausbilder | Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an |
03.09.2015, 19:42 | #8 |
| Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an bin grad bei schritt drei ... passt das dennoch ? :P mbam: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 03.09.2015 Suchlaufzeit: 19:15 Protokolldatei: mbram.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.03.06 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Matthias Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 462264 Abgelaufene Zeit: 48 Min., 28 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 3 PUP.Optional.FastSearch, C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\mpu1y1e4.default\prefs.js, Gut: (), Schlecht: (searchffv2@gmail.com), Ersetzt,[31511f0cb4d7c0767a7b3b64b84d8a76] PUP.Optional.SearchEngine, C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\mpu1y1e4.default\prefs.js, Gut: (), Schlecht: (searchengine@gmail.com), Ersetzt,[c2c0b378a3e81026a555950a7f86ab55] PUP.Optional.SweetSearch, C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\mpu1y1e4.default\prefs.js, Gut: (), Schlecht: (sweetsearch@gmail.com), Ersetzt,[532fab808506270f7884d0cfc73ebc44] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.0 (08.31.2015:1) OS: Windows 8.1 Pro x64 Ran by Matthias on 03.09.2015 at 20:08:45,11 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer ~~~ Files ~~~ Folders Successfully deleted: [Folder] C:\Users\Matthias\Appdata\Local\crashrpt Successfully deleted: [Folder] C:\Windows\SysWOW64\amd64 Successfully deleted: [Folder] C:\Windows\SysWOW64\x86 ~~~ FireFox Successfully deleted: [Folder] C:\Users\Matthias\AppData\Roaming\mozilla\firefox\profiles\mpu1y1e4.default\extensions\trash Successfully deleted the following from C:\Users\Matthias\AppData\Roaming\mozilla\firefox\profiles\mpu1y1e4.default\prefs.js user_pref(browser.search.searchengine.alias, sweet-page); user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine); user_pref(browser.search.searchengine.name, sweet-page); user_pref(browser.search.searchengine.ptid, cor); user_pref(browser.search.searchengine.uid, WDCXWD10JPVT-00A1YT0_WD-WX91CC1F1460F1460); ~~~ Chrome [C:\Users\Matthias\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Matthias\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Matthias\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Matthias\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 03.09.2015 at 20:28:48,82 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ adcleaner: Code:
ATTFilter # AdwCleaner v5.005 - Bericht erstellt am 03/09/2015 um 19:06:49 # Aktualisiert am 31/08/2015 von Xplode # Datenbank : 2015-08-31.2 [Server] # Betriebssystem : Windows 8.1 Pro (x64) # Benutzername : Matthias - MATTHI # Gestartet von : C:\Users\Matthias\Desktop\AdwCleaner_5.005.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\mpu1y1e4.default\user.js ***** [ Verknüpfungen ] ***** ***** [ Geplante Tasks ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E6E66045-E911-4C01-961D-32387BF12768} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6E66045-E911-4C01-961D-32387BF12768} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E6E66045-E911-4C01-961D-32387BF12768} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E6E66045-E911-4C01-961D-32387BF12768} [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] [-] Schlüssel Gelöscht : HKCU\Software\PRODUCTSETUP [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser-Security [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\PRODUCTSETUP ***** [ Internetbrowser ] ***** [-] [C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Gelöscht : hxxp://www.mystartsearch.com/webfavicon.ico [-] [C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://www.mystartsearch.com/?type=hp&ts=1428483260&from=wpc&uid=WDCXWD10JPVT-00A1YT0_WD-WX91CC1F1460F1460 ************************* :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2194 Bytes] ########## Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015 durchgeführt von Matthias (Administrator) auf MATTHI (03-09-2015 20:33:17) Gestartet von C:\Users\Matthias\Desktop Geladene Profile: Matthias (Verfügbare Profile: Matthias) Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation) C:\Program Files\PTC\Creo 3.0\M030\Common Files\x86e_win64\cma\Bin\IntelMPI\smpd-intel-4.0.3.009-x64.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164080 2015-06-27] (IvoSoft) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-31] (AVAST Software) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG) HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [723456 2015-02-05] () HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-04-30] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-04-30] (Adobe Systems Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2508288 2015-02-10] (i-Funbox.com) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-19] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-31] (AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-18] ShortcutTarget: Dropbox.lnk -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{019A3A2A-1F07-49DD-9C51-D1B67A8B66E6}: [NameServer] 192.168.1.1 Tcpip\..\Interfaces\{E13CC50E-7169-42C0-9533-D02CE6DB0F90}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{FDC853B5-9ABF-4F0C-A213-F9844B5729A6}: [DhcpNameServer] 192.168.3.1 Internet Explorer: ================== HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-31] (AVAST Software) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-06-27] (IvoSoft) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-31] (AVAST Software) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-06-27] (IvoSoft) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-08-19] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\mpu1y1e4.default FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q= FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.de?hl=de&gl=de FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-03] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-03] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @ptc.com/IsoView -> C:\Program Files (x86)\Common Files\PTC\npisoview.dll [2014-10-29] (PTC Inc.) FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2014-10-29] (PTC) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-04-30] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems) FF Plugin HKU\S-1-5-21-2155083525-1168965681-3283480890-1001: @spoon.net/Spoon Plugin 3.33 -> C:\Users\Matthias\AppData\Local\Spoon\3.33.8.527\npMozillaSpoonPlugin.dll Keine Datei FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-29] (Apple Inc.) FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-08-06] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-05-16] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-05-17] Chrome: ======= CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006" CHR Profile: C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-22] CHR Extension: (Google Search) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-22] CHR Extension: (Bookmark Manager) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-27] CHR Extension: (Google Wallet) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-22] CHR Extension: (Gmail) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-22] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-08] CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - https://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-31] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-31] (AVAST Software) S2 EWA net DB Core; C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe [326616 2011-03-09] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert] S2 EWA net DB EPC; C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe [417792 2007-11-27] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert] S2 EWA net DB WIS; C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe [326616 2011-03-09] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert] S2 EWA net Server; C:\Program Files (x86)\EWA net\server\bin\tomcat7.exe [80896 2013-07-02] (Apache Software Foundation) [Datei ist nicht signiert] S2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [177152 2014-09-29] (Trace Software International) [Datei ist nicht signiert] S2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [794584 2015-06-01] (FileZilla Project) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] R2 impi_smpd; C:\Program Files\PTC\Creo 3.0\M030\Common Files\x86e_win64\cma\Bin\IntelMPI\smpd-intel-4.0.3.009-x64.exe [1611168 2015-07-20] (Intel Corporation) R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation) S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S2 mitsijm2015; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [968480 2013-10-12] (Autodesk, Inc.) S2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation) S2 MyPublicWiFiService; C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [Datei ist nicht signiert] S2 NovacomD; C:\Program Files\Palm, Inc\novacom\amd64\novacomd.exe [72192 2011-06-24] (Palm) [Datei ist nicht signiert] S2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [234632 2014-09-29] (Mentor Graphics Corporation) [Datei ist nicht signiert] S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-11-01] (SolidWorks) [Datei ist nicht signiert] S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH) S2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation) R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-04-14] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-31] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-31] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-31] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-31] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-31] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-31] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-31] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-31] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-31] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-31] (AVAST Software) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 fwdrv; C:\Windows\system32\DRIVERS\fwdrv.sys [27840 2014-03-22] (Web Solution Mart) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R1 ndiskhaz; C:\Windows\system32\DRIVERS\ndiskhaz.sys [30536 2012-12-07] (Khalil Azzouzi) S3 nmserial; C:\Windows\system32\DRIVERS\nmserial.sys [75264 2010-01-07] (Windows (R) Codename Longhorn DDK provider) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44784 2013-04-24] (Synaptics Incorporated) S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-03 20:33 - 2015-09-03 20:33 - 00029378 _____ C:\Users\Matthias\Desktop\FRST.txt 2015-09-03 20:32 - 2015-09-03 20:33 - 00000000 ____D C:\Users\Matthias\Desktop\Neuer Ordner 2015-09-03 20:28 - 2015-09-03 20:28 - 00001979 _____ C:\Users\Matthias\Desktop\JRT.txt 2015-09-03 20:08 - 2015-09-03 20:08 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Matthias\Desktop\JRT_7600.exe 2015-09-03 20:07 - 2015-09-03 20:07 - 00001753 _____ C:\Users\Matthias\Desktop\mbram.txt 2015-09-03 19:14 - 2015-09-03 19:14 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-09-03 19:14 - 2015-09-03 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-03 19:14 - 2015-09-03 19:14 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-09-03 19:14 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-09-03 19:14 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-09-03 19:04 - 2015-09-03 19:04 - 01654272 _____ C:\Users\Matthias\Desktop\AdwCleaner_5.005.exe 2015-09-03 18:41 - 2015-08-14 03:50 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-09-03 18:41 - 2015-08-14 03:50 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-03 18:33 - 2015-09-03 18:33 - 00226304 _____ C:\Users\Matthias\Desktop\DownloadProtectCleaner-reboot.exe 2015-09-03 18:33 - 2015-09-03 18:32 - 00327168 _____ C:\Users\Matthias\Desktop\DownloadProtectCleaner.exe 2015-09-01 19:40 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-09-01 19:40 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-09-01 18:43 - 2015-09-01 18:43 - 00013381 _____ C:\Users\Matthias\Desktop\Gmer.txt 2015-09-01 18:19 - 2015-09-01 18:17 - 00380416 _____ C:\Users\Matthias\Desktop\od20uj84.exe 2015-09-01 18:15 - 2015-09-03 20:33 - 00000000 ____D C:\FRST 2015-09-01 18:14 - 2015-09-01 18:14 - 02188800 _____ (Farbar) C:\Users\Matthias\Desktop\FRST64.exe 2015-09-01 18:13 - 2015-09-01 18:13 - 00050477 _____ C:\Users\Matthias\Desktop\Defogger.exe 2015-09-01 18:13 - 2015-09-01 18:13 - 00000478 _____ C:\Users\Matthias\Desktop\defogger_disable.log 2015-09-01 18:13 - 2015-09-01 18:13 - 00000000 _____ C:\Users\Matthias\defogger_reenable 2015-09-01 18:07 - 2015-09-03 20:12 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-01 18:07 - 2015-09-03 19:09 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-01 18:07 - 2015-09-01 18:07 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-01 18:07 - 2015-09-01 18:07 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-01 18:03 - 2015-09-03 19:15 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-01 18:03 - 2015-09-03 19:14 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-01 18:03 - 2015-09-01 18:13 - 00000000 ____D C:\Users\Matthias\Desktop\mbar 2015-09-01 18:03 - 2015-09-01 18:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-09-01 18:03 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-09-01 18:02 - 2015-09-01 18:02 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Matthias\Desktop\mbar-1.09.2.1008.exe 2015-09-01 17:59 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-09-01 17:59 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-09-01 17:59 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-09-01 17:59 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-09-01 17:59 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-09-01 17:59 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-09-01 17:59 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-09-01 17:59 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-09-01 17:59 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-09-01 17:59 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-09-01 17:59 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-09-01 17:59 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-09-01 17:59 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-09-01 17:59 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-09-01 17:59 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-09-01 17:59 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-09-01 17:59 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-09-01 17:59 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-09-01 17:59 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-09-01 17:59 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-09-01 17:59 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-09-01 17:59 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-09-01 17:59 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-09-01 17:59 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-09-01 17:59 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-09-01 17:59 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-09-01 17:59 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-09-01 17:59 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-09-01 17:59 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-09-01 17:59 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-09-01 17:59 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-09-01 17:59 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-09-01 17:59 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-09-01 17:59 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-09-01 17:59 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-09-01 17:59 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-09-01 17:59 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-09-01 17:59 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-09-01 17:59 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-09-01 17:59 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-09-01 17:59 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-09-01 17:59 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-09-01 17:59 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-09-01 17:59 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2015-09-01 17:59 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2015-09-01 17:59 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-09-01 17:59 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2015-09-01 17:59 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2015-09-01 17:59 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2015-09-01 17:59 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-09-01 17:59 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-09-01 17:59 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-09-01 17:59 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-09-01 17:59 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml 2015-09-01 17:51 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-09-01 17:51 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-09-01 17:51 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-09-01 17:51 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-09-01 17:46 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-09-01 17:46 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-09-01 17:45 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-09-01 17:45 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-09-01 17:45 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-09-01 17:45 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-09-01 17:45 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-09-01 17:45 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-09-01 17:45 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-09-01 17:45 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-09-01 17:45 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-09-01 17:45 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-09-01 17:45 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2015-09-01 17:45 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-09-01 17:45 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2015-09-01 17:45 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-09-01 17:45 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-09-01 17:45 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-09-01 17:45 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-09-01 17:45 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-09-01 17:45 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-31 18:13 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-31 18:13 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-31 18:13 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-31 18:13 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-31 18:13 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-31 18:13 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-08-31 18:13 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-31 18:13 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-31 18:13 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-31 18:13 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-31 18:13 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-31 18:13 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-31 12:13 - 2015-08-31 12:13 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2015-08-31 12:13 - 2015-08-31 12:13 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-08-31 12:13 - 2015-08-31 12:13 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-08-31 12:02 - 2015-08-31 12:02 - 00000000 ____D C:\Windows\Sun 2015-08-31 11:33 - 2015-08-31 11:33 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPC 2015-08-31 11:31 - 2015-08-31 11:31 - 00001089 _____ C:\Users\Matthias\Desktop\wlan.JPG - Verknüpfung.lnk 2015-08-31 10:57 - 2015-08-31 12:15 - 00023441 _____ C:\Users\Matthias\ewa_client_2.log 2015-08-31 10:57 - 2015-08-31 10:57 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIS-ASRA 2015-08-22 15:36 - 2015-08-22 15:36 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-06 10:03 - 2015-08-06 10:03 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Grewe Scanner-Interface 7.lnk 2015-08-06 10:03 - 2015-08-06 10:03 - 00001161 _____ C:\Users\Public\Desktop\Grewe Scanner-Interface 7.lnk 2015-08-06 10:03 - 2015-08-06 10:03 - 00000000 ____D C:\Users\Matthias\AppData\Local\Grewe 2015-08-06 10:03 - 2015-08-06 10:03 - 00000000 ____D C:\Program Files (x86)\Grewe 2015-08-06 09:58 - 2015-08-06 09:58 - 00000000 ____D C:\Program Files (x86)\WEB.DE MailCheck 2015-08-05 15:37 - 2015-09-03 18:37 - 00003826 _____ C:\Windows\PFRO.log ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-03 20:32 - 2015-06-15 20:20 - 00001250 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001UA.job 2015-09-03 20:17 - 2015-07-20 14:05 - 01605720 _____ C:\Windows\WindowsUpdate.log 2015-09-03 20:13 - 2014-09-30 17:27 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2155083525-1168965681-3283480890-1001 2015-09-03 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-09-03 19:35 - 2014-10-18 16:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-03 19:12 - 2014-10-23 13:15 - 00000000 ___RD C:\Users\Matthias\Dropbox 2015-09-03 19:12 - 2014-10-23 13:12 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Dropbox 2015-09-03 19:11 - 2014-10-07 17:34 - 00000000 ___RD C:\Users\Matthias\iCloudDrive 2015-09-03 19:10 - 2015-05-01 21:52 - 00000637 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-09-03 19:09 - 2014-10-15 07:45 - 00000000 ____D C:\ProgramData\VMware 2015-09-03 19:08 - 2015-07-20 19:56 - 00005932 _____ C:\Windows\setupact.log 2015-09-03 19:08 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-03 19:06 - 2014-11-01 19:40 - 00000000 ____D C:\AdwCleaner 2015-09-03 18:45 - 2014-03-18 12:04 - 02038998 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-03 18:45 - 2014-03-18 11:25 - 00857958 _____ C:\Windows\system32\perfh007.dat 2015-09-03 18:45 - 2014-03-18 11:25 - 00195990 _____ C:\Windows\system32\perfc007.dat 2015-09-03 18:39 - 2015-07-20 19:55 - 05311136 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-03 18:37 - 2015-01-02 13:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-09-03 18:37 - 2015-01-02 13:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-09-03 18:37 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-09-03 18:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-09-03 18:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-09-03 18:36 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender 2015-09-03 18:36 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-09-03 16:35 - 2014-10-18 16:36 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-09-02 14:39 - 2014-09-30 15:53 - 00000000 ____D C:\Windows\Panther 2015-09-02 14:33 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT 2015-09-02 12:44 - 2015-01-14 19:38 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-09-02 12:44 - 2015-01-14 19:38 - 00000975 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-09-02 12:44 - 2014-10-01 12:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-09-02 08:45 - 2015-06-22 12:35 - 00000000 ____D C:\Users\Matthias\AppData\Local\CrashDumps 2015-09-02 04:32 - 2015-06-15 20:20 - 00001198 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001Core.job 2015-09-01 19:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-09-01 19:42 - 2014-09-30 17:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-09-01 19:42 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-09-01 19:41 - 2014-09-30 17:36 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-01 19:39 - 2015-01-02 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-09-01 19:34 - 2015-02-10 21:56 - 00000000 ____D C:\Windows\system32\MRT 2015-09-01 19:21 - 2015-02-10 21:56 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-09-01 19:18 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini 2015-09-01 19:12 - 2015-04-15 22:04 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-09-01 19:12 - 2015-04-15 22:04 - 00000000 ____D C:\Windows\system32\appraiser 2015-09-01 19:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-01 19:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-01 18:20 - 2014-09-30 18:21 - 00000000 ____D C:\Users\Matthias\Documents\Outlook-Dateien 2015-09-01 18:13 - 2014-09-30 15:22 - 00000000 ____D C:\Users\Matthias 2015-09-01 18:05 - 2015-07-20 11:08 - 00000000 ____D C:\Users\Matthias\AppData\Local\ClassicShell 2015-09-01 18:05 - 2014-09-30 18:21 - 00000000 ____D C:\Users\Matthias\AppData\Local\0335F7ED-DFDF-4299-93AA-F07A1EA37D36.aplzod 2015-09-01 17:47 - 2015-02-08 14:29 - 00003098 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2155083525-1168965681-3283480890-1001 2015-09-01 17:47 - 2015-02-08 14:29 - 00000000 ___RD C:\Users\Matthias\OneDrive 2015-08-31 12:29 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2015-08-31 12:26 - 2014-09-30 19:42 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-08-31 12:14 - 2014-09-30 19:42 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-08-31 12:13 - 2014-09-30 19:47 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2015-08-31 11:33 - 2015-07-22 07:22 - 00002313 _____ C:\Users\Matthias\Desktop\EPC.lnk 2015-08-31 11:33 - 2015-07-20 20:05 - 00000102 _____ C:\Users\Matthias\.ewanapi_cookie 2015-08-31 11:31 - 2014-10-01 15:27 - 00038436 _____ C:\Users\Matthias\Desktop\Batteriereport.html 2015-08-31 11:18 - 2015-06-08 14:51 - 00001101 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2015-08-31 11:18 - 2015-02-06 16:55 - 00000842 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-08-31 10:57 - 2015-07-20 20:09 - 00002313 _____ C:\Users\Matthias\Desktop\WIS-ASRA.lnk 2015-08-31 09:51 - 2014-09-30 18:15 - 00000000 ____D C:\Users\Matthias\AppData\Local\Adobe 2015-08-06 16:30 - 2014-09-30 15:22 - 00000000 ____D C:\Users\Matthias\AppData\Local\Packages 2015-08-06 09:58 - 2015-07-07 01:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-05 15:36 - 2015-04-27 07:44 - 00000000 ____D C:\Users\Matthias\Documents\Moped Verkäufe 2015-08-05 12:06 - 2015-05-26 15:39 - 00000000 ____D C:\Users\Matthias\Desktop\Tor Browser 2015-08-05 11:20 - 2015-05-21 17:54 - 00000246 _____ C:\Windows\ktel.ini 2015-08-05 11:18 - 2015-05-17 14:14 - 00000000 ____D C:\Users\Matthias\Documents\Citavi 4 ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-12-02 16:36 - 2014-12-02 16:36 - 0003584 _____ () C:\Users\Matthias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-02 12:00 - 2015-02-02 12:03 - 0000600 _____ () C:\Users\Matthias\AppData\Local\PUTTY.RND 2014-11-25 11:31 - 2015-05-26 12:40 - 0000000 _____ () C:\Users\Matthias\AppData\Local\Temptable.xml 2015-07-10 12:49 - 2015-07-10 12:49 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Einige Dateien in TEMP: ==================== C:\Users\Matthias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp99ostr.dll C:\Users\Matthias\AppData\Local\Temp\proxy_vole7697117568290905588.dll C:\Users\Matthias\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-01 19:02 ==================== Ende von FRST.txt ============================ |
03.09.2015, 19:43 | #9 |
| Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015 durchgeführt von Matthias (2015-09-03 20:35:12) Gestartet von C:\Users\Matthias\Desktop Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2155083525-1168965681-3283480890-500 - Administrator - Disabled) Gast (S-1-5-21-2155083525-1168965681-3283480890-501 - Limited - Disabled) Matthias (S-1-5-21-2155083525-1168965681-3283480890-1001 - Administrator - Enabled) => C:\Users\Matthias ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) µTorrent (HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Active@ ISO File Manager (HKLM-x32\...\{5C2D48D7-8CDF-4866-B415-69EBB67E2845}) (Version: 4.0.4 - LSoft Technologies) Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.14 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated) Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AutoCAD Mechanical 2015 - Deutsch (German) (Version: 19.0.48.0 - Autodesk) Hidden AutoCAD Mechanical 2015 - English (Version: 19.0.48.0 - Autodesk) Hidden AutoCAD Mechanical 2015 Language Pack - Deutsch (German) (Version: 19.0.48.0 - Autodesk) Hidden AutoCAD Mechanical 2015 Language Pack - English (Version: 19.0.48.0 - Autodesk) Hidden Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.0.29.1101 - Autodesk) Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk) Autodesk AutoCAD Mechanical 2015 - English (HKLM\...\AutoCAD Mechanical 2015 - English) (Version: 19.0.48.0 - Autodesk) Autodesk AutoCAD Mechanical 2015 Language Pack - Deutsch (German) (HKLM\...\AutoCAD Mechanical 2015 Language Pack - Deutsch (German)) (Version: 19.0.48.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.) Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.51.0 - Autodesk) Autodesk Inventor Content Center Libraries 2015 (Desktop Content) (HKLM\...\{B46DECD1-1964-4EF1-0000-22D71E81877C}) (Version: 19.0.15900.0000 - Autodesk) Autodesk Inventor Professional 2015 - English (HKLM\...\Autodesk Inventor Professional 2015) (Version: 19.0.15900.0000 - Autodesk) Autodesk Inventor Professional 2015 (Version: 19.0.15900.0000 - Autodesk) Hidden Autodesk Inventor Professional 2015 English Language Pack (Version: 19.0.15900.0000 - Autodesk) Hidden Autodesk Inventor Professional 2015 Language Pack - Deutsch (German) (HKLM\...\Autodesk Inventor 2015 Language Pack - Deutsch (German)) (Version: 19.0.15900.0000 - Autodesk) Autodesk Inventor Professional 2015 Language Pack - Deutsch (German) (Version: 19.0.15900.0000 - Autodesk) Hidden Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.9.100 - Autodesk) Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk) Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden Autodesk Revit Interoperability for Inventor 2015 (HKLM\...\Autodesk Revit Interoperability for Inventor 2015) (Version: 15.0.107.0 - Autodesk) Autodesk Revit Interoperability for Inventor 2015 (Version: 15.0.107.0 - Autodesk) Hidden Autodesk Vault Basic 2015 (Client) (HKLM\...\Autodesk Vault Basic 2015 (Client)) (Version: 19.0.49.0 - Autodesk) Autodesk Vault Basic 2015 (Client) (Version: 19.0.49.0 - Autodesk) Hidden Autodesk Vault Basic 2015 (Client) English Language Pack (Version: 19.0.49.0 - Autodesk) Hidden Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon MG4100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series) (Version: - ) CarProKey Version 1.04 (HKLM-x32\...\CarProKey_is1) (Version: 1.04 - CarProKey) CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.5.0.11 - Swiss Academic Software) Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft) Configurator 360 addin (HKLM-x32\...\{8FE324B0-B934-4D68-BAB5-DE2136036237}) (Version: 19.0.11300.9000 - Autodesk, Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Digital Frame Manager (x32 Version: 1.50.000 - BVRP Software) Hidden Document_Installer (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden DReport Viewer 4 (HKLM-x32\...\{6CF895F9-7D93-4B10-8BFC-2188F1EB339A}) (Version: 4.00.0043 - DÖRR EDV-Beratung) DReport Viewer 4 (HKLM-x32\...\{811E4E77-05C8-422E-8077-B9A80BF15C68}) (Version: 4.00.0043 - DÖRR EDV-Beratung) Dropbox (HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.) DWG TrueView 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden Easy ISO Burner 2.10 (HKLM-x32\...\{42F12F02-9AA8-4448-85DE-6F0AB23D705D}_is1) (Version: 2.10 - EasyIsoSoft Company, Inc.) Eco Materials Adviser for Autodesk Inventor 2015 (64-bit) (HKLM\...\{2F7441CB-A646-41F1-B1CB-518AB311138B}) (Version: 5.1.2.0 - Granta Design Limited) EWA (HKLM-x32\...\EWA net) (Version: - ) EWA_net_Admin (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_Client_Applications (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_Core (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_EPC (x32 Version: 1.00.0000 - Daimler) Hidden EWA_net_Server (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_WIS (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_WIS_CaseOnline_Importer (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production) FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.52 - FileZilla Project) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden Grewe Scanner-Interface 7 (HKLM-x32\...\{B1C3F49A-DE7D-1AC1-0913-039C1A8B9B82}) (Version: 7 - Grewe Computertechnik GmbH) Hausverwaltung easy (HKLM-x32\...\{781A6302-3E7A-4ABE-886D-78A65CC84BF7}) (Version: 14.2 - WAREHaus GmbH) HDClone 5.1.4 Free Edition (HKLM\...\Miray.HDClone.Free.5.1.4.1031-{F9C5CFC0-F9D0-4A14-8DAB-CF877115235D}) (Version: 5.1 - Miray Software AG) Heizkosten easy (HKLM-x32\...\{0B0D8382-42D5-4666-92F5-0051FF260C35}) (Version: 10.2 - WAREHaus GmbH) iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.) iFunbox (v2.94.2520.758), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.94.2520.758 - ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version: - Intel Corporation) IPCamSetup (HKLM-x32\...\{02C39DE9-B03A-4FE7-89F9-61E224FE65CC}) (Version: 1.00.0000 - FOSCAM) iSpy (HKLM-x32\...\{59FD7347-2EF6-4A67-ADFF-C029D0D67A7E}) (Version: 6.3.7 - iSpy) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden klickTel Telefon- und Branchenbuch + Rückwärtssuche Herbst 2014 (HKLM-x32\...\{6105FFED-C382-4FC9-B1A9-6523FA104B00}) (Version: 1.00.0000 - telegate MEDIA AG) KMSpico v9.3.2 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - ) Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - ) Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Setup (English) (HKLM\...\{5DDC2234-4B37-45BC-AD33-41F1469B4D83}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Mockup 360 Addin 2015 (HKLM-x32\...\{E4D4242C-FC14-4B4F-B1D9-6760D8C241D5}) (Version: 1.1.0 - Autodesk) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla) MyPublicWiFi 5.1 (HKLM-x32\...\{C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1) (Version: - TRUE Software) Nebenkosten easy professional (HKLM-x32\...\{BD88D49B-15CE-48DF-B24F-4C0BC683EBF2}) (Version: 8.1 - ) Novacomd (HKLM\...\{BA9A297F-0198-4EE8-90CB-F5036C180E1D}) (Version: 1.0.0.76 - Palm, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PreisHai 4.2 (HKLM-x32\...\PreisHai_is1) (Version: - Elmar Denkmann) PTC Creo Direct Version 3.0 Datecode [M030] (HKLM-x32\...\PTC Creo Direct Version 3.0 Datecode [M030]) (Version: 3.0 - PTC) PTC Creo Distributed Services Manager 3.0 [M030] (HKLM-x32\...\PTC Creo Distributed Services Manager 3.0 [M030]) (Version: 3.0 - PTC) PTC Creo Layout Version 3.0 Datecode [M030] (HKLM-x32\...\PTC Creo Layout Version 3.0 Datecode [M030]) (Version: 3.0 - PTC) PTC Creo Options Modeler Version 3.0 Datecode [M030] (HKLM-x32\...\PTC Creo Options Modeler Version 3.0 Datecode [M030]) (Version: 3.0 - PTC) PTC Creo Parametric Version 3.0 Datecode [M030] (HKLM-x32\...\PTC Creo Parametric Version 3.0 Datecode [M030]) (Version: 3.0 - PTC) PTC Creo Platform Agent 3.96 (HKLM-x32\...\{8CD6BE35-0B81-4528-BA2E-4A73ED30F573}) (Version: 3.96.0 - PTC) PTC Creo Simulate Version 3.0 Datecode [M030] (HKLM-x32\...\PTC Creo Simulate Version 3.0 Datecode [M030]) (Version: 3.0 - PTC) PTC Creo Thumbnail Viewer 3.0 (HKLM\...\{31D4219E-F0C8-4471-9E9A-4B5A7DF30BE0}) (Version: 31.14.500 - PTC) PTC Creo View Express 3.0 (HKLM\...\{8D3C0B3F-0830-413A-BF5C-24BCDCF58547}) (Version: 10.2.30.26 - PTC) PTC Diagnostic Tools (HKLM\...\{D8EE1206-5E41-425D-83E7-E6D9886E716D}) (Version: 3.0.0.0 - PTC) PTC Mathcad Prime 3.1 (HKLM\...\{3A4F83E8-C604-4970-8A1F-8963B3507630}) (Version: 3.1.0 - PTC) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.) RufIdent 33 (HKLM-x32\...\RufIdent 33_is1) (Version: - ) S8_Assistant (HKLM-x32\...\{4E890D2A-5101-4F2E-929C-7CFC4DA0FBA0}) (Version: 1.0.0 - Bigflyshark) SimLab iPad Exporter 3.1 for SolidWorks x64 (HKLM\...\{446FC1C7-68C9-434F-A017-F705DE3D5D13}) (Version: 3.1 - SimLab Soft) SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) SOLIDWORKS 2015 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20150-40000-1100-100) (Version: 23.0.0.5020 - SolidWorks Corporation) SOLIDWORKS 2015 x64 Edition SP0 (Version: 23.100.5020 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS 2015 x64 German Resources (Version: 23.100.5020 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Composer 2015 SP0 x64 Edition (Version: 23.00.5020 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS eDrawings 2015 x64 Edition SP0 (Version: 15.0.5013 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Electrical 2015 SP0 x64 Edition (Version: 23.00.5020 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS Explorer 2015 SP0 x64 Edition (Version: 23.00.5020 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Flow Simulation 2015 SP0 x64 Edition (Version: 23.00.5021 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS Inspection 2015 SP0 x64 Edition (Version: 23.00.5020 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS Plastics 2015 SP0 x64 Edition (Version: 23.00.5020 - Dassault Systemes SolidWorks Corp) Hidden SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden Syncios Version 4.2.2 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.2.2 - Anvsoft, Inc.) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - ) TI-Nspire™ Student Software (HKLM-x32\...\{F46F949B-755F-4BEF-A4B9-7B3B73D0104A}) (Version: 3.9.0.463 - Texas Instruments Inc.) Tinypic 3.16 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.16 - E. Fiedler) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft) Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk) Vermieten easy (HKLM-x32\...\{713FB416-9DB9-4D45-8E9C-9EC1DD52F887}) (Version: 10.1 - WAREHaus GmbH) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.2 - VMware, Inc) VMware Workstation (Version: 10.0.2 - VMware, Inc.) Hidden WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 1.0.0.0 - 1&1 Mail & Media GmbH) Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI) Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro) Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) (HKLM\...\332CCC08910F1AE2E4D90D25DEDE87E3EF797832) (Version: 10/09/2009 1.0.1 - Palm) Windows Driver Package - Palm (WinUSB) Palm Devices (11/30/2008 1.0.0) (HKLM\...\84713BEB4A2EB4B0E2F1346FDEBFFE94DAB5225D) (Version: 11/30/2008 1.0.0 - Palm) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) Wireshark 1.12.4 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.4 - The Wireshark developer community, hxxp://www.wireshark.org) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppCtrl.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\iDrop.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TI.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppDocView.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppDocView.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxTest.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtCp.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppCtrl.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\SolidObject.Dll () CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\UCxTextBtn.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\UCxTextBtn.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\SolidObject.Dll () CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\BodyReceiver.dll () CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxApprenticeServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ColorButton.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ColorButton.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\AcInetUI.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxInventorUtilities.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DTInterop.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\InvResc.dll (Autodesk) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Matthias\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\InvTXTStack.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DTInterop.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll Keine Datei CustomCLSID: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll Keine Datei ==================== Wiederherstellungspunkte ========================= 04-08-2015 16:01:59 Geplanter Prüfpunkt 31-08-2015 12:12:31 avast! antivirus system restore point 31-08-2015 12:30:04 Revo Uninstaller Pro's restore point - DNSBlock 03-09-2015 20:09:00 JRT Pre-Junkware Removal ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2015-04-15 22:00 - 00004677 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 hxxp://www.adobeereg.com 127.0.0.1 125.252.224.90 127.0.0.1 125.252.224.91 127.0.0.1 hl2rcv.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com Da befinden sich 94 zusätzliche Einträge. ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0B859458-2B3F-4475-BBB9-4A64D524EE45} - System32\Tasks\{2BD98950-43D8-4F53-AC90-C6DB21854A1B} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe" -c --uninstall=1 Task: {160E6AF6-CF85-4FE8-BA93-6A4DDB2C80CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {18F3BBCB-410D-4AD8-8711-EF71507476BC} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {27C6E329-0E01-4094-8B3F-D232BC8FD670} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001UA => C:\Users\Matthias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-15] (Dropbox, Inc.) Task: {42152122-BEE4-47DF-82E6-18239D8D4F6E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {5464B75B-9C82-4524-B1AC-A54CA2DEDC6F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001Core => C:\Users\Matthias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-15] (Dropbox, Inc.) Task: {58BD138D-E5B3-4570-8005-3FC0B126745B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {6026F138-046F-4260-84A0-071FF691B1D7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {68246703-4A4B-4358-9FA1-8048421AEF8D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-31] (AVAST Software) Task: {8651F146-68D7-459F-A80A-7BBA63DF542C} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {8BE74C1E-3471-4D2D-9612-2C65B903E7F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {9083856D-7B95-4968-B5DD-BB1F96192FBE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-09-01] (Microsoft Corporation) Task: {A69AA0FB-B6E5-40FB-8386-B281DDF672E3} - System32\Tasks\AdobeAAMUpdater-1.0-Matthi-Matthias => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {A6F0F595-D274-480F-996A-46CA07C0B1A3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {B904E256-CD4D-4E10-B71B-D43FE5FE6651} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2155083525-1168965681-3283480890-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {B9D6A6D9-450B-4836-9B28-63E02E4CD4D8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {C50F65F2-59FD-4F86-8D3E-9766CAC353E9} - System32\Tasks\avastBCLRestartS-1-5-21-2155083525-1168965681-3283480890-1001 => Firefox.exe Task: {DAD99F50-B464-446F-9EB0-E41BAFE3B029} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {DB20433E-D9FF-4D94-BE0C-B02ABD22246C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-03] (Adobe Systems Incorporated) Task: {F0C59CC1-D566-4F6D-B031-0FDE88603FE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {F2D69B78-E159-447F-8D06-E6FDF186569F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {F46E9840-DA64-4294-835F-DD6CF7E06062} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001Core.job => C:\Users\Matthias\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001UA.job => C:\Users\Matthias\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-01-21 04:06 - 2015-01-21 04:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2015-07-20 11:22 - 2015-07-20 11:22 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-04-14 16:04 - 2014-04-14 16:04 - 14407384 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe 2015-08-31 12:13 - 2015-08-31 12:13 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-08-31 12:13 - 2015-08-31 12:13 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-09-03 17:45 - 2015-09-03 17:45 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090300\algo.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-04-08 17:19 - 2015-04-08 17:19 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-04-14 16:41 - 2014-04-14 16:41 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:64FFFDC8 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\Software\Classes\.exe: => <===== ACHTUNG HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\Software\Classes\exefile: <===== ACHTUNG ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist deaktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\StartupFolder: => "GoPro Importer.lnk" HKLM\...\StartupApproved\Run: => "picon" HKLM\...\StartupApproved\Run32: => "Power Manager Startup Utility" HKLM\...\StartupApproved\Run32: => "AdobeCS4ServiceManager" HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\StartupApproved\Run: => "Amazon Music" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [{261A982C-3AF7-4CF4-8C3E-D2BA1FD3D55E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{A4453E3F-53AB-454C-BFE2-9DF464A6F16D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{06829827-2960-452A-A65C-084E7799B2C0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{11E07BBD-1BA8-4CA3-B06D-171DDA2AB56B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{9963D9EB-38CB-430C-A3CC-0B7A149BA853}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{DFB11C97-83AA-4FB3-84D4-6EE3948D352D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{CBBF293C-5895-4B64-8D78-DD93A38A686B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{DF0715E9-FFCE-4EC1-827E-66AA60996E17}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{2FEB28B7-445F-4E10-A936-6D00162FB648}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{465FA801-00E8-4025-8CCD-B73396C31C2F}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{3ADFDA69-BB3E-4982-B4F2-7933D0E3C6F2}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{537BF0C9-6C4F-4549-809D-772F9518F7EE}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{C9C36A68-E236-48DF-8AF8-9B1A5DE7C4CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E7337BDA-3F29-4BDD-980F-D8EE89CEA190}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{26C102DD-A45B-452D-BC33-73986ED9EDF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5879327E-6D12-4D9C-A4FB-C1B4A88CF576}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8595D9EE-69C9-4800-AA26-60E84B8DE2AE}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{CB4F593C-9ED9-4A99-B254-21E122E1FDB5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{C3148EDF-F500-4342-9048-0D7B832FBCF5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{2753814A-8D17-427A-80DF-967C7A166924}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [TCP Query User{8AFBCB73-6827-4CAE-8945-586C61031509}C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe FirewallRules: [UDP Query User{E63F493B-A991-49CA-82D8-C115DB47A38E}C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe FirewallRules: [{61663DFC-68A4-48EA-8144-69B908A7658E}] => (Block) C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe FirewallRules: [{C8CC203B-BE78-4789-AA3E-1BF78D0DBB4F}] => (Block) C:\users\matthias\appdata\local\jdownloader v2.0\jdownloader2.exe FirewallRules: [{58E37EA9-38C4-4EE3-876D-926962224D47}] => (Allow) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{D73D9AFB-EEBD-447E-A1EC-E27C549420B2}] => (Allow) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{C7F1C923-7959-4062-AD12-C953F9D238F0}] => (Allow) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{5CD3CDC3-A3B5-4292-AC21-864EE6AF8150}] => (Allow) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{24FB5BF9-54B9-41E4-B9E2-0921FE5D0994}C:\program files (x86)\ipcamsetup\ipcamera.exe] => (Allow) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [UDP Query User{C0FD2B0F-643C-4455-B58B-55A85CE42692}C:\program files (x86)\ipcamsetup\ipcamera.exe] => (Allow) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [{FEBE8EB4-A3DC-4BEE-8E39-F4B2DBF03449}] => (Block) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [{B10F8714-CC5D-44E2-868D-B0E6B2345AE1}] => (Block) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [{A89AF199-DD86-4F0E-8F1C-9BA24090818A}] => (Allow) C:\Users\Matthias\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B53E33A4-831D-4761-834A-312E63E30C8B}] => (Allow) C:\Users\Matthias\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7EF57AA4-19B8-4DEC-A692-685068DBC41C}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe FirewallRules: [{A26A5127-935B-4D44-8F5F-D4F513EB4BF6}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe FirewallRules: [{4AEAB490-3BDE-4F19-B3F0-C6BCFCB3862F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{77682CF8-F22B-4E8D-9814-B209B5DF6FEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{07D78CF3-D4FB-41A5-837B-9FED512A68A7}C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe FirewallRules: [UDP Query User{4DF08B3A-306A-425B-AEAF-FE0B033439C7}C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe FirewallRules: [TCP Query User{6BC88A17-74CA-434A-890A-092E0093C974}C:\program files (x86)\ti education\ti-nspire student software\jre\bin\java.exe] => (Block) C:\program files (x86)\ti education\ti-nspire student software\jre\bin\java.exe FirewallRules: [UDP Query User{68EF89DF-D972-488F-BCCA-6262BA17A610}C:\program files (x86)\ti education\ti-nspire student software\jre\bin\java.exe] => (Block) C:\program files (x86)\ti education\ti-nspire student software\jre\bin\java.exe FirewallRules: [{5CDF2802-5E5F-45C9-97A3-7AF0F872E807}] => (Block) C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe FirewallRules: [{8C01802C-1053-4591-89F9-6022BB73A1F1}] => (Block) C:\program files (x86)\ti education\ti-nspire student software\ti-nspire student software.exe FirewallRules: [{31B9E07E-1F6C-4E91-9054-72C037140121}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5362D898-22C7-471B-9E82-2116351BC6B4}] => (Allow) LPort=2869 FirewallRules: [{2F2F00FB-6827-4B8F-860C-6D8249D2E562}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{233B6A40-F270-44DC-AF03-531575417211}C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{6111A2A8-803A-4C5A-8D94-D14E8246B3C6}C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{D0733686-A865-420D-B035-2C19DC5C500D}] => (Block) C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{19F374A6-453C-48BB-9F92-DBBED65B0AA1}] => (Block) C:\users\matthias\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{8F2A7C26-A7DF-48AC-83C8-5E788C1D414D}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{32E6774F-9288-48A6-9590-76D7EA333829}] => (Allow) LPort=7935 FirewallRules: [{4D8A94E4-D35C-46B4-8A2D-A309A0ADEEEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{129BB2C2-2B92-4D19-8F75-8D6E4CA64E81}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{9F6CF5B7-4333-4004-976E-B61CA59A108C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A970E2AD-0A08-4E63-85B9-EC7B00D8F031}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C4323355-7CEF-4774-913D-01EB70522047}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe FirewallRules: [{E883F5E9-1AC2-46CB-922D-A8E0A9349F23}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe FirewallRules: [TCP Query User{1A8F0B7D-9A0A-4DDB-A4C3-87441F01DD5B}C:\program files (x86)\ispy\ispy\ispy.exe] => (Allow) C:\program files (x86)\ispy\ispy\ispy.exe FirewallRules: [UDP Query User{A3717F72-1025-4C34-AF91-C40AF7EB86A6}C:\program files (x86)\ispy\ispy\ispy.exe] => (Allow) C:\program files (x86)\ispy\ispy\ispy.exe FirewallRules: [{D89FC3BE-EC96-4437-86C3-BD06900FE496}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{59E7A2D1-BA29-44BF-A972-019D607E3521}] => (Allow) LPort=4712 FirewallRules: [{5F3498E2-8BDF-4F8C-9857-A8563F7B8BF6}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{075902F1-A958-4153-9D78-4B8B1B677F9B}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{93A7CF20-76E3-480C-AB1C-DAC17A294392}] => (Allow) LPort=50248 FirewallRules: [TCP Query User{120A280E-D2B7-486C-8F37-E57144DBE4FC}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe FirewallRules: [UDP Query User{7217DE2D-0405-40AD-B4AB-2865AEAEF245}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe FirewallRules: [{827AA1F1-764B-481C-B46A-073C674BEBAB}] => (Allow) C:\Program Files\PTC\Creo 3.0\View Express\i486_nt\obj\productview.exe FirewallRules: [TCP Query User{E99BB43F-85A0-433B-9C19-9F6AA2571467}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe FirewallRules: [UDP Query User{397296EA-0F60-4E66-974F-7562F23DA186}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe FirewallRules: [TCP Query User{C3873A7B-B5C5-4B14-9599-AE0D42BA75CF}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe FirewallRules: [UDP Query User{82CDDCA7-95CA-4253-AD98-76C3BC534941}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe FirewallRules: [TCP Query User{FD9D3FFD-EBA8-43D3-B301-D9F49A0C278F}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\pro_comm_msg.exe FirewallRules: [UDP Query User{04471CC8-3F76-42AB-AE92-E6ACD6EFB127}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\pro_comm_msg.exe FirewallRules: [TCP Query User{EE37C185-2EC9-4F50-817E-3BBCA6824DA4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{969A0FE4-5C73-4E9D-A6A0-708A22D12C68}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{29E7D355-40FD-48E9-883E-45BC6E5EAFFC}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{A1DE3044-AA93-4251-A105-BDDCEBB6FEDA}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{839466E6-851F-4050-B8AB-D0D3281EB8DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{2D5319E2-F51A-497E-A781-C6C29D853940}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{BD097B83-8A91-4D69-A51B-C14428A0901B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C886EAFE-CE71-419B-B145-D070907A61EA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: VMware Virtual Ethernet Adapter for VMnet1 Description: VMware Virtual Ethernet Adapter for VMnet1 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VMware Virtual Ethernet Adapter for VMnet8 Description: VMware Virtual Ethernet Adapter for VMnet8 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: PCI-Kommunikationscontroller (einfach) Description: PCI-Kommunikationscontroller (einfach) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (09/03/2015 06:41:43 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (09/03/2015 06:41:36 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (09/02/2015 12:27:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3390 Error: (09/02/2015 12:27:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3390 Error: (09/02/2015 12:27:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/02/2015 08:45:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: WSHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545040f3 Name des fehlerhaften Moduls: WinStoreUI.dll, Version: 6.3.9600.17819, Zeitstempel: 0x554636a9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000569d9 ID des fehlerhaften Prozesses: 0x16cc Startzeit der fehlerhaften Anwendung: 0xWSHost.exe0 Pfad der fehlerhaften Anwendung: WSHost.exe1 Pfad des fehlerhaften Moduls: WSHost.exe2 Berichtskennung: WSHost.exe3 Vollständiger Name des fehlerhaften Pakets: WSHost.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WSHost.exe5 Error: (09/01/2015 05:47:53 PM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost (7864) Instance: Versuch, Datei "C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. Error: (09/01/2015 05:47:43 PM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost (7864) Instance: Versuch, Datei "C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. Error: (09/01/2015 05:41:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: WSHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545040f3 Name des fehlerhaften Moduls: WinStoreUI.dll, Version: 6.3.9600.17819, Zeitstempel: 0x554636a9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000569d9 ID des fehlerhaften Prozesses: 0x1f0c Startzeit der fehlerhaften Anwendung: 0xWSHost.exe0 Pfad der fehlerhaften Anwendung: WSHost.exe1 Pfad des fehlerhaften Moduls: WSHost.exe2 Berichtskennung: WSHost.exe3 Vollständiger Name des fehlerhaften Pakets: WSHost.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WSHost.exe5 Error: (09/01/2015 05:35:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000003d85e ID des fehlerhaften Prozesses: 0x19b8 Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0 Pfad der fehlerhaften Anwendung: GWXUX.exe1 Pfad des fehlerhaften Moduls: GWXUX.exe2 Berichtskennung: GWXUX.exe3 Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5 Systemfehler: ============= Error: (09/03/2015 08:14:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/03/2015 08:13:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/03/2015 08:13:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/03/2015 08:13:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/03/2015 08:13:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "VMware Authorization Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/03/2015 08:13:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/03/2015 08:13:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "VMware DHCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/03/2015 08:13:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/03/2015 08:13:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/03/2015 08:13:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "SQL Server Browser" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office: ========================= Error: (09/03/2015 06:41:43 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (09/03/2015 06:41:36 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (09/02/2015 12:27:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3390 Error: (09/02/2015 12:27:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3390 Error: (09/02/2015 12:27:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/02/2015 08:45:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: WSHost.exe6.3.9600.17415545040f3WinStoreUI.dll6.3.9600.17819554636a9c000000500000000000569d916cc01d0e54ae5039aa6C:\Windows\WinStore\WSHost.exeC:\Windows\winstore\WinStoreUI.dll29e5dd2d-513e-11e5-82a6-00234df6675c Error: (09/01/2015 05:47:53 PM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost7864Instance: C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Error: (09/01/2015 05:47:43 PM) (Source: ESENT) (EventID: 490) (User: ) Description: svchost7864Instance: C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Error: (09/01/2015 05:41:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: WSHost.exe6.3.9600.17415545040f3WinStoreUI.dll6.3.9600.17819554636a9c000000500000000000569d91f0c01d0e4cc58514b06C:\Windows\WinStore\WSHost.exeC:\Windows\winstore\WinStoreUI.dlldc41aea8-50bf-11e5-82a6-00234df6675c Error: (09/01/2015 05:35:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.17736550f4336c0000005000000000003d85e19b801d0e4cbd7550fa5C:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dll1aaeb09c-50bf-11e5-82a6-00234df6675c CodeIntegrity: =================================== Date: 2015-05-20 16:03:14.212 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:13.616 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:12.588 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:12.225 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:11.881 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:10.307 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:09.369 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:08.822 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:08.305 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-20 16:03:07.258 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz Prozentuale Nutzung des RAM: 27% Installierter physikalischer RAM: 8086.02 MB Verfügbarer physikalischer RAM: 5839.68 MB Summe virtueller Speicher: 9366.02 MB Verfügbarer virtueller Speicher: 7205.13 MB ==================== Laufwerke ================================ Drive c: (Win8) (Fixed) (Total:435.95 GB) (Free:203.46 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (Daten) (Fixed) (Total:487.67 GB) (Free:137.95 GB) NTFS Drive e: (Puffer) (Fixed) (Total:7.9 GB) (Free:7.85 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 000620B9) Partition 1: (Not Active) - (Size=487.7 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=435.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=7.9 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
03.09.2015, 19:44 | #10 |
| Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an shourtcut: Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version:31-08-2015 durchgeführt von Matthias (2015-09-03 20:37:01) Gestartet von C:\Users\Matthias\Desktop Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Grewe Scanner-Interface 7.lnk -> C:\Program Files (x86)\Grewe\Scanner-Interface 7\Scanner-Interface.exe (Grewe Computertechnik GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000005}\_SC_Distiller.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000005}\_SC_Acrobat.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk -> C:\Program Files (x86)\Adobe\Adobe Content Viewer\Adobe Content Viewer.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SC_Reader.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk -> C:\Program Files (x86)\Adobe\Adobe Widget Browser\Adobe Widget Browser.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk -> C:\Program Files (x86)\ImgBurn\ImgBurn.exe (LIGHTNING UK!) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk -> C:\Program Files (x86)\Wireshark\Wireshark.exe (The Wireshark developer community, hxxp://www.wireshark.org/) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger\Yahoo! Messenger.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap\Uninstall WinPcap 4.1.3.lnk -> C:\Program Files (x86)\WinPcap\uninstall.exe (Riverbed Technology, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware\Virtual Network Editor.lnk -> C:\Program Files (x86)\VMware\VMware Workstation\vmnetcfg.exe (VMware, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware\VMware Player.lnk -> C:\Program Files (x86)\VMware\VMware Workstation\vmplayer.exe (VMware, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware\VMware Workstation.lnk -> C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe (VMware, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vermieten easy\Datensicherung Komfort.lnk -> C:\Program Files (x86)\Vermieten easy\VMBackup.exe (WAREHaus) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vermieten easy\Fernwartung.lnk -> C:\Program Files (x86)\Vermieten easy\TeamViewerQS_de.exe (TeamViewer) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vermieten easy\Handbuch für Vermieten easy.lnk -> C:\Program Files (x86)\Vermieten easy\Handbuch.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vermieten easy\Vermieten easy.lnk -> C:\Program Files (x86)\Vermieten easy\Vermieteneasy.exe (WAREHaus GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic\Anleitung zu Tinypic.lnk -> C:\Program Files (x86)\Tinypic\AnleitungTinyPic.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic\TinyPic.exe.lnk -> C:\Program Files (x86)\Tinypic\TinyPic.exe (Borland Software Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic\Uninstall Tinypic.lnk -> C:\Program Files (x86)\Tinypic\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools\TI-Nspire Student Software\TI-Nspire Student Software.lnk -> C:\Program Files (x86)\TI Education\TI-Nspire Student Software\TI-Nspire Student Software.exe (Texas Instruments Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syncios\Syncios entfernen.lnk -> C:\Program Files (x86)\Syncios\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syncios\Syncios.lnk -> C:\Program Files (x86)\Syncios\Syncios.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\Assistent zum Kopieren von Einstellungen 2015.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\CopyOptWiz_6FEB7F8E7C4D4368B04FF4F6C1DAEF89.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\Costing Vorlagen-Editor 2015.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\CostgTemplateEdito_137D8099937742FFB4518D04D5BEA705.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\Eigenschaften-Registerkarten-Erstellung 2015.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\PropertyTabBuilder_1F40E9F3993E4F02B14BAC3E685DC9D3.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\Meine Produkte.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut10_09C97FE55E424E9E878903842FA26A35.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\SolidNetWork License Manager 2015.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\swlmwizard_6FEB7F8E7C4D4368B04FF4F6C1DAEF89.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\SOLIDWORKS 2015 Routing Library Manager.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut6_09A22F17AFFA435086E910433E69F955.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\SOLIDWORKS Network Monitor 2015.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\SolidWorksNetworkM_A6340B1E7C4A432C8947F93CD36D44D4.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\SOLIDWORKS Rx 2015.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\i386_SldRxexe_6FEB7F8E7C4D4368B04FF4F6C1DAEF89.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\SOLIDWORKS Taskplaner 2015.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\i386_SwScheduler_5F527AA89BD74B82AA633F386F129FA3.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\SOLIDWORKS Treehouse 2015.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_9B0E37ED3B134323BADA48059EE62D25.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\Toolbox Einstellungen 2015.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut9_C067992FA31C4389965004A38F805658.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015\eDrawings 2015 x64 Edition.lnk -> C:\Program Files\SOLIDWORKS Corp\eDrawings X64 Edition\EModelViewer.exe (Dassault Systèmes SOLIDWORKS Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015\SOLIDWORKS 2015 x64 Edition.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\i386_SldWorks.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015\SOLIDWORKS Electrical.lnk -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\bin\SOLIDWORKSElectrical.exe (Trace Software International) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015\SOLIDWORKS Explorer 2015.lnk -> C:\Windows\Installer\{EACE15FF-59ED-4CBE-B1EB-616F4908745F}\NewShortcut1.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015\SOLIDWORKS Inspection 2015 x64 Edition.lnk -> C:\Windows\Installer\{7FD1E472-DA3B-42B2-937E-0ADDF27BA0E3}\NewShortcut2_AE787B25BD5741CC98313B834CEB2B4F.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015\SOLIDWORKS Inspection Tools\SOLIDWORKS Network License Manager.lnk -> C:\Windows\Installer\{7FD1E472-DA3B-42B2-937E-0ADDF27BA0E3}\NewShortcut3_9B83FFF4DA7E4521A0718FB79BD5F265.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015\SOLIDWORKS Composer 2015\SOLIDWORKS Composer 2015 x64 Edition.lnk -> C:\Windows\Installer\{A3E4CB29-7841-4AF0-AF79-E7CA1DE70436}\NewShortcut1_078C5B102D9C42F78713811E2C7BDF29.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015\SOLIDWORKS Composer 2015\SOLIDWORKS Composer Player 2015 - x64 Edition.lnk -> C:\Windows\Installer\{A3E4CB29-7841-4AF0-AF79-E7CA1DE70436}\NewShortcut1_1.05E8B3F6_C6F0_450A_B0AB_1C0A5E596B61.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015\SOLIDWORKS Composer 2015\SOLIDWORKS Composer Sync 2015 x64 Edition.lnk -> C:\Windows\Installer\{A3E4CB29-7841-4AF0-AF79-E7CA1DE70436}\NewShortcut2_E82635C81A214438B0029F8295EB43AA.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015\SOLIDWORKS Composer 2015\SOLIDWORKS Tools\SOLIDWORKS Network License Manager - x64 Edition.lnk -> C:\Windows\Installer\{A3E4CB29-7841-4AF0-AF79-E7CA1DE70436}\NewShortcut2.32E1E11A_50A8_44E9_98AD_4E00E5B70177.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype für den Desktop.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RufIdent Herbst 2014\Hilfe zu RufIdent.lnk -> C:\Program Files (x86)\RufIdent Herbst 2014\RufIdent.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RufIdent Herbst 2014\RufIdent 33 deinstallieren.lnk -> C:\Program Files (x86)\RufIdent Herbst 2014\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RufIdent Herbst 2014\RufIdent 33.lnk -> C:\Program Files (x86)\RufIdent Herbst 2014\RufIdent.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RufIdent Herbst 2014\RufIdent Online.lnk -> C:\Program Files (x86)\RufIdent Herbst 2014\RufIdent.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro entfernen.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime - Bitte lesen.lnk -> C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\RichText.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\QTPlayer.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Mathcad\PTC Mathcad License Wizard.lnk -> C:\Program Files\PTC\Mathcad Prime 3.1\LicenseWizard.exe (PTC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Mathcad\PTC Mathcad Prime 3.1 XMCD, MCD Converter.lnk -> C:\Program Files\PTC\Mathcad Prime 3.1\WorkSheetConverter.exe (PTC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Mathcad\PTC Mathcad Prime 3.1.lnk -> C:\Program Files\PTC\Mathcad Prime 3.1\MathcadPrime.exe (PTC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Creo\PTC Creo Direct 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Direct\bin\direct.exe (PTC Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Creo\PTC Creo Distributed Services Manager 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\Distributed Services Manager\bin\ptcdsm.exe (PTC Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Creo\PTC Creo Layout 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Layout\bin\layout.exe (PTC Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Creo\PTC Creo Modelcheck 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Parametric\bin\modelcheck.bat () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Creo\PTC Creo Options Modeler 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Options Modeler\bin\optionsmodeler.exe (PTC Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Creo\PTC Creo Parametric 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Parametric\bin\parametric.exe (PTC Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Creo\PTC Creo Simulate 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Simulate\bin\simulate.exe (PTC Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Creo\PTC Creo View Express 3.0.lnk -> C:\Program Files\PTC\Creo 3.0\View Express\bin\pvexpress.exe (PTC Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC\PTC Diagnostic Tools.lnk -> C:\Windows\Installer\{D8EE1206-5E41-425D-83E7-E6D9886E716D}\QAgent_icon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreisHai 4\PreisHai 4 deinstallieren.lnk -> C:\Program Files (x86)\PreisHai4\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreisHai 4\PreisHai 4 Komponententester.lnk -> C:\Program Files (x86)\PreisHai4\hai4komptest.exe (Elmar Denkmann - Software Entwicklung und Vertrieb) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreisHai 4\PreisHai 4.lnk -> C:\Program Files (x86)\PreisHai4\preishai.exe (Elmar Denkmann - Software Entwicklung und Vertrieb) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Deinstallieren.lnk -> C:\Program Files (x86)\Google\Picasa3\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa 3.lnk -> C:\Program Files (x86)\Google\Picasa3\Picasa3.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24 Creator.lnk -> C:\Program Files (x86)\PDF24\pdf24-Creator.exe (Geek Software GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24 Fax.lnk -> C:\Program Files (x86)\PDF24\pdf24-Fax.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nebenkosten easy professional\Datenbank optimieren.lnk -> C:\Program Files (x86)\Nebenkosten easy professional\compress.exe (WAREHaus) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nebenkosten easy professional\Fernwartung.lnk -> C:\Program Files (x86)\Nebenkosten easy professional\TeamViewerQS_de.exe (TeamViewer) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nebenkosten easy professional\Handbuch zum Programm.lnk -> C:\Program Files (x86)\Nebenkosten easy professional\Handbuch.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nebenkosten easy professional\Nebenkosten easy professional.lnk -> C:\Program Files (x86)\Nebenkosten easy professional\Nksprofi2.exe (WAREHaus GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPublicWiFi\MyPublicWiFi entfernen.lnk -> C:\Program Files (x86)\MyPublicWiFi\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPublicWiFi\MyPublicWiFi.lnk -> C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center\Microsoft-Maus- und Tastatur-Center.lnk -> c:\Windows\Installer\{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}\DeviceCenter.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005\Visual Studio Tools\Visual Studio 2005 Remote Debugger (x64).lnk -> C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012\Import and Export Data (64-bit).lnk -> C:\Program Files\Microsoft SQL Server\110\DTS\Binn\DTSWizard.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012\Configuration Tools\SQL Server Error and Usage Reporting.lnk -> C:\Program Files\Microsoft SQL Server\110\Shared\SqlWtsn.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012\Configuration Tools\SQL Server Installation Center (64-bit).lnk -> C:\Program Files\Microsoft SQL Server\110\Setup Bootstrap\SQLServer2012\x64\LandingPage.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008\Configuration Tools\SQL Server Installation Center (64-bit).lnk -> C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\LandingPage.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\Silverlight.Configuration.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\An OneNote 2013 senden.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Database Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Lync-Aufzeichnungs-Manager.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Office 2013 Upload Center.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Office 2013-Spracheinstellungen.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Telemetriedashboard für Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Telemetrieprotokoll für Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk -> C:\Program Files\KMSpico\AutoPico.exe (@ByELDI) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk -> C:\Program Files\KMSpico\KMSELDI.exe (@ByELDI) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk -> C:\Program Files\KMSpico\scripts\Log.cmd () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\klickTel\klickTel Herbst 2014.lnk -> C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Herbst 2014\ktel32.exe (telegate MEDIA AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Herbst 2014 - Inversmonitor.lnk -> C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Herbst 2014\kmon.exe (telegate MEDIA AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\de.lproj\About iTunes.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy\iSpy.lnk -> C:\Windows\Installer\{59FD7347-2EF6-4A67-ADFF-C029D0D67A7E}\_250F25F458EAD933DE1083.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy\iSpyMonitor.lnk -> C:\Windows\Installer\{59FD7347-2EF6-4A67-ADFF-C029D0D67A7E}\_BBAC8316456249826CD3DD.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy\iSpyServer Installer.lnk -> C:\Program Files (x86)\iSpy\iSpy\iSpyServer () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPCamSetup\IP Camera Tool.lnk -> C:\Program Files (x86)\IPCamSetup\IPCamera.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Management and Security\Intel(R) Management and Security Status.lnk -> C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\ImgBurn Read Me.lnk -> C:\Program Files (x86)\ImgBurn\ReadMe.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\ImgBurn.lnk -> C:\Program Files (x86)\ImgBurn\ImgBurn.exe (LIGHTNING UK!) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\Uninstall.lnk -> C:\Program Files (x86)\ImgBurn\uninstall.exe (LIGHTNING UK!) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud-Fotos.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Check New Update.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\links\ifunbox.win32.checkupdate.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\iFunbox x64.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe (i-Funbox.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\iFunbox.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe (i-Funbox.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Online Tutorial.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\links\ifunbox.win32.tutorial.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Uninstall iFunbox.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heizkosten easy\Datenbank optimieren.lnk -> C:\Program Files (x86)\Heizkosten easy\COMPRESS.EXE (WAREHaus) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heizkosten easy\Datensicherung.lnk -> C:\Program Files (x86)\Heizkosten easy\HKBackup.exe (WAREHaus) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heizkosten easy\Fernwartung.lnk -> C:\Program Files (x86)\Heizkosten easy\TeamViewerQS_de.exe (TeamViewer) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heizkosten easy\Handbuch.lnk -> C:\Program Files (x86)\Heizkosten easy\Handbuch.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heizkosten easy\Heizkosten easy.lnk -> C:\Program Files (x86)\Heizkosten easy\Heizkosten.exe (WAREHaus GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heizkosten easy\Kurzanleitung.lnk -> C:\Program Files (x86)\Heizkosten easy\Kurzanleitung.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDClone 5.1.4 Free Edition\Anleitung.lnk -> C:\Program Files (x86)\HDClone 5.1 Free Edition\hdclone.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDClone 5.1.4 Free Edition\Bootdateien.lnk -> C:\Program Files (x86)\HDClone 5.1 Free Edition\bootimages () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDClone 5.1.4 Free Edition\Deinstallieren.lnk -> C:\Program Files (x86)\HDClone 5.1 Free Edition\uninstall.exe (Miray Software AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hausverwaltung easy\Datenbank optimieren.lnk -> C:\Program Files (x86)\Hausverwaltung easy\compress.exe (WAREHaus GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hausverwaltung easy\Datensicherung Komfort.lnk -> C:\Program Files (x86)\Hausverwaltung easy\HVBackup.exe (WAREHaus) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hausverwaltung easy\Fernwartung.lnk -> C:\Program Files (x86)\Hausverwaltung easy\TeamViewerQS_de.exe (TeamViewer) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hausverwaltung easy\Handbuch.lnk -> C:\Program Files (x86)\Hausverwaltung easy\Handbuch.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hausverwaltung easy\Hausverwaltung easy.lnk -> C:\Program Files (x86)\Hausverwaltung easy\Hv.exe (WAREHaus GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hausverwaltung easy\Kurzanleitung.lnk -> C:\Program Files (x86)\Hausverwaltung easy\Kurzanleitung.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Outlook Contact Sync\Google Outlook Contact Sync.lnk -> C:\Program Files (x86)\GContactSync\GContactsSync.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Outlook Contact Sync\Uninstall Google Outlook Contact Sync.lnk -> C:\Program Files (x86)\GContactSync\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server\FileZilla Server Interface.lnk -> C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server\Uninstall.lnk -> C:\Program Files (x86)\FileZilla Server\Uninstall.exe (FileZilla Project) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EWA net\EWA Admin Tool.lnk -> C:\Program Files (x86)\EWA net\ewa_admin\EWAAdmin.exe ( ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\VirtualCloneDrive\Anleitung.lnk -> C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\HelpLauncher.exe (Elaborate Bytes AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\VirtualCloneDrive\Uninstall.lnk -> C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\VirtualCloneDrive\Virtual CloneDrive Revision History.lnk -> C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\manual\changes_vcd.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\VirtualCloneDrive\Virtual CloneDrive.lnk -> C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe (Elaborate Bytes AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyIsoSoft\Easy ISO Burner 2.10.lnk -> C:\Program Files (x86)\EasyIsoSoft\EasyIsoBurner.exe (Easy ISO Soft) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyIsoSoft\UnInstall.lnk -> C:\Program Files (x86)\EasyIsoSoft\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Explorer Einstellungen.lnk -> C:\Program Files\Classic Shell\ClassicExplorerSettings.exe (IvoSoft) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic IE Einstellungen.lnk -> C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Aktualisierung.lnk -> C:\Program Files\Classic Shell\ClassicShellUpdate.exe (IvoSoft) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Hilfe.lnk -> C:\Program Files\Classic Shell\ClassicShell.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Liesmich.lnk -> C:\Program Files\Classic Shell\ClassicShellReadme.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 4\Citavi 4.lnk -> C:\Program Files (x86)\Citavi 4\bin\Citavi.exe (Swiss Academic Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CarProKey\CarProKey.lnk -> C:\Program Files (x86)\CarProKey\CarProKey.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Internet Security.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap\Autodesk ReCap.lnk -> C:\Program Files\Autodesk\Autodesk ReCap\recap.exe (Autodesk) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Autodesk Multi-Sheet Plot.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\Bin32\MSP.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Design Assistant 2015.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtDv.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Inventor View.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\InventorView.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Tools\Add-In Manager.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\AddInMgr.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Tools\Drawing Resource Transfer Wizard.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\Drawing Resource Transfer Wizard.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Tools\Project Editor.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\Ipj.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Tools\Style Library Manager.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\Style Library Manager.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Tools\Task Scheduler.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\TaskScheduler.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Data Management\Autodesk Vault Basic 2015.lnk -> C:\Program Files\Autodesk\Vault Basic 2015\Explorer\Connectivity.Vault.exe (Autodesk) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Data Management\Tools\Autodesk Autoloader 2015 for Vault.lnk -> C:\Program Files\Autodesk\Vault Basic 2015\Explorer\Autoloader.exe (Autodesk) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Data Management\Tools\Autodesk Reference Repair Utility.lnk -> C:\Program Files\Autodesk\Vault Basic 2015\Explorer\ReferenceRepairUtility.exe (Autodesk) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Design Review 2013.lnk -> C:\Program Files (x86)\Autodesk\Autodesk Design Review 2013\DesignReview.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Uninstall Tool.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\Uninstall Tool\R1\UninstallTool.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Content Service\Content Service - Configuration Console.lnk -> C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.Admin.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Application Manager\Autodesk Application Manager.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe (Autodesk Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - English\Attach Digital Signatures - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\AcSignApply.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - English\AutoCAD Mechanical File Migration Utility.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\Acadm\Migration\amdwgmigr19.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - English\Batch Standards Checker - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\DwgCheckStandards.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - English\Reference Manager - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\AdRefMan.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - Deutsch (German)\AutoCAD Mechanical Dienstprogramm für Dateimigration.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\Acadm\Migration\amdwgmigr19.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - Deutsch (German)\Digitale Signaturen anhängen - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\AcSignApply.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - Deutsch (German)\Referenzmanager - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\AdRefMan.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - Deutsch (German)\Stapelweise Standardsprüfung - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\DwgCheckStandards.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe After Effects CS6.lnk -> C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Audition CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Audition CS6\Adobe Audition CS6.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Bridge CS6 (64bit).lnk -> C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe (Adobe Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Bridge CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe (Adobe Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Dreamweaver CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe (Adobe Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Encore CS6.lnk -> C:\Program Files\Adobe\Adobe Encore CS6\Adobe Encore.exe (Adobe Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe ExtendScript Toolkit CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Extension Manager CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Fireworks CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Fireworks CS6\Fireworks.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Flash Builder 4.6.lnk -> C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Flash Professional CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Flash CS6\Flash.exe (Adobe Systems Incorporated.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Illustrator CS6 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Illustrator CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe InDesign CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe InDesign CS6\InDesign.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Media Encoder CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe (Adobe Systems, Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Photoshop CS6 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Photoshop CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Prelude CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Prelude CS6\Adobe Prelude.exe (Adobe Systems, Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe Premiere Pro CS6.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe (Adobe Systems, Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6\Adobe SpeedGrade CS6.lnk -> C:\Program Files\Adobe\Adobe SpeedGrade CS6\bin\SpeedGrade.exe (Adobe® - hxxp://www.adobe.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2\Adobe LiveCycle Designer ES2.lnk -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Designer 9.0\FormDesigner.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO File Manager\Active@ ISO File Manager.lnk -> C:\Program Files (x86)\LSoft Technologies\Active ISO File Manager\ActiveISO.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO File Manager\Users Guide.lnk -> C:\Program Files (x86)\LSoft Technologies\Active ISO File Manager\ActiveIso.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files (x86)\7-Zip\7zFM.exe (Igor Pavlov) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files (x86)\7-Zip\7-zip.chm () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Matthias\Documents () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Matthias\Pictures () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk -> C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe (VMware, Inc.) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\Links\Desktop.lnk -> C:\Users\Matthias\Desktop () Shortcut: C:\Users\Matthias\Links\Downloads.lnk -> D:\Downloads\Downloads () Shortcut: C:\Users\Matthias\Links\Dropbox.lnk -> C:\Users\Matthias\Dropbox () Shortcut: C:\Users\Matthias\Links\iCloud Drive.lnk -> C:\Users\Matthias\iCloudDrive () Shortcut: C:\Users\Matthias\Links\jdownloads.lnk -> C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Libraries\jdownloads.library-ms () Shortcut: C:\Users\Matthias\Favorites\EWA net\EWA Admin Tool.lnk -> C:\Program Files (x86)\EWA net\ewa_admin\EWAAdmin.exe ( ) Shortcut: C:\Users\Matthias\Documents\Inventor\Autoloader.ipj.lnk -> C:\Users\Public\Documents\Autodesk\Vault Basic 2015\Samples\Autoloader\Inventor 2015\Padlock\Autoloader.ipj () Shortcut: C:\Users\Matthias\Documents\Inventor\Default.lnk -> C:\Users\Public\Documents\Autodesk\Inventor 2015\Default.ipj () Shortcut: C:\Users\Matthias\Documents\Inventor\Designs_R2012.ipj.lnk -> C:\Users\Public\Documents\Autodesk\Vault Basic 2015\Samples\Inventor 2014\Padlock\Designs.ipj () Shortcut: C:\Users\Matthias\Documents\Inventor\Designs_R2013.ipj.lnk -> C:\Users\Public\Documents\Autodesk\Vault Basic 2015\Samples\Inventor 2015\Padlock\Designs.ipj () Shortcut: C:\Users\Matthias\Documents\Erlen3\Abrechungen\Programme\Hausverwaltung easy.lnk -> C:\Program Files (x86)\Hausverwaltung easy\Hv.exe (WAREHaus GmbH) Shortcut: C:\Users\Matthias\Documents\Erlen3\Abrechungen\Programme\Heizkosten easy.lnk -> C:\Program Files (x86)\Heizkosten easy\Heizkosten.exe (WAREHaus GmbH) Shortcut: C:\Users\Matthias\Documents\Erlen3\Abrechungen\Programme\Nebenkosten easy professional.lnk -> C:\Program Files (x86)\Nebenkosten easy professional\Nksprofi2.exe (WAREHaus GmbH) Shortcut: C:\Users\Matthias\Documents\Erlen3\Abrechungen\Programme\Vermieten easy.lnk -> C:\Program Files (x86)\Vermieten easy\Vermieteneasy.exe (WAREHaus GmbH) Shortcut: C:\Users\Matthias\Desktop\Batteriestatus.lnk -> C:\Windows\Batteriestatus.bat () Shortcut: C:\Users\Matthias\Desktop\JDownloader 2.lnk -> C:\Users\Matthias\AppData\Local\JDownloader v2.0\JDownloader2.exe (AppWork GmbH) Shortcut: C:\Users\Matthias\Desktop\PreisHai 4.lnk -> C:\Program Files (x86)\PreisHai4\preishai.exe (Elmar Denkmann - Software Entwicklung und Vertrieb) Shortcut: C:\Users\Matthias\Desktop\Start Tor Browser.lnk -> C:\Users\Matthias\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Matthias\Desktop\TinyPic.lnk -> C:\Program Files (x86)\Tinypic\TinyPic.exe (Borland Software Corporation) Shortcut: C:\Users\Matthias\Desktop\wlan.JPG - Verknüpfung.lnk -> C:\Users\Matthias\Desktop\wlan.JPG () Shortcut: C:\Users\Matthias\Desktop\µTorrent.lnk -> C:\Users\Matthias\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) Shortcut: C:\Users\Matthias\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Matthias\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Matthias\Desktop\SolidWorks\eDrawings 2015 x64 Edition.lnk -> C:\Program Files\SOLIDWORKS Corp\eDrawings X64 Edition\EModelViewer.exe (Dassault Systèmes SOLIDWORKS Corp.) Shortcut: C:\Users\Matthias\Desktop\SolidWorks\SOLIDWORKS 2015 x64 Edition.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\i386_SldWorks.exe (Flexera Software LLC) Shortcut: C:\Users\Matthias\Desktop\SolidWorks\SOLIDWORKS Composer 2015 x64 Edition.lnk -> C:\Windows\Installer\{A3E4CB29-7841-4AF0-AF79-E7CA1DE70436}\NewShortcut11_5A389E0C2ACE4223874DC02220D4D515.exe (Flexera Software LLC) Shortcut: C:\Users\Matthias\Desktop\SolidWorks\SOLIDWORKS Composer Player 2015 - x64 Edition.lnk -> C:\Windows\Installer\{A3E4CB29-7841-4AF0-AF79-E7CA1DE70436}\NewShortcut11_1.05E8B3F6_C6F0_450A_B0AB_1C0A5E596B61.exe (Flexera Software LLC) Shortcut: C:\Users\Matthias\Desktop\SolidWorks\SOLIDWORKS Composer Sync 2015 x64 Edition.lnk -> C:\Windows\Installer\{A3E4CB29-7841-4AF0-AF79-E7CA1DE70436}\NewShortcut21_3FD3389B7D614DE3825F9F16736139B9.exe (Flexera Software LLC) Shortcut: C:\Users\Matthias\Desktop\SolidWorks\SOLIDWORKS Electrical.lnk -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\bin\SOLIDWORKSElectrical.exe (Trace Software International) Shortcut: C:\Users\Matthias\Desktop\SolidWorks\SOLIDWORKS Explorer 2015.lnk -> C:\Windows\Installer\{EACE15FF-59ED-4CBE-B1EB-616F4908745F}\NewShortcut3_2723AB6ADE8640EEAA77EC7E47C4DF34.exe (Flexera Software LLC) Shortcut: C:\Users\Matthias\Desktop\SolidWorks\SOLIDWORKS Inspection 2015 x64 Edition.lnk -> C:\Windows\Installer\{7FD1E472-DA3B-42B2-937E-0ADDF27BA0E3}\NewShortcut1_B420C9E791B148AB9CB47D6FC10B01A0.exe (Flexera Software LLC) Shortcut: C:\Users\Matthias\Desktop\Creo\PTC Creo Direct 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Direct\bin\direct.exe (PTC Inc.) Shortcut: C:\Users\Matthias\Desktop\Creo\PTC Creo Distributed Services Manager 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\Distributed Services Manager\bin\ptcdsm.exe (PTC Inc.) Shortcut: C:\Users\Matthias\Desktop\Creo\PTC Creo Layout 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Layout\bin\layout.exe (PTC Inc.) Shortcut: C:\Users\Matthias\Desktop\Creo\PTC Creo Modelcheck 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Parametric\bin\modelcheck.bat () Shortcut: C:\Users\Matthias\Desktop\Creo\PTC Creo Options Modeler 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Options Modeler\bin\optionsmodeler.exe (PTC Inc.) Shortcut: C:\Users\Matthias\Desktop\Creo\PTC Creo Parametric 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Parametric\bin\parametric.exe (PTC Inc.) Shortcut: C:\Users\Matthias\Desktop\Creo\PTC Creo Simulate 3.0 M030.lnk -> C:\Program Files\PTC\Creo 3.0\M030\Simulate\bin\simulate.exe (PTC Inc.) Shortcut: C:\Users\Matthias\Desktop\Creo\PTC Mathcad Prime 3.1.lnk -> C:\Program Files\PTC\Mathcad Prime 3.1\MathcadPrime.exe (PTC) Shortcut: C:\Users\Matthias\Desktop\Autocad\Autodesk Design Review 2013.lnk -> C:\Program Files (x86)\Autodesk\Autodesk Design Review 2013\DesignReview.exe (Autodesk, Inc.) Shortcut: C:\Users\Matthias\Desktop\Autocad\Autodesk Inventor Professional 2015.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) Shortcut: C:\Users\Matthias\Desktop\Autocad\Autodesk ReCap.lnk -> C:\Program Files\Autodesk\Autodesk ReCap\recap.exe (Autodesk) Shortcut: C:\Users\Matthias\Desktop\Autocad\Autodesk Vault Basic 2015.lnk -> C:\Program Files\Autodesk\Vault Basic 2015\Explorer\Connectivity.Vault.exe (Autodesk) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Matthias\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Matthias\Documents () Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Matthias\Pictures () Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Matthias\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk -> C:\Users\Matthias\AppData\Local\Popcorn Time\Uninstall.exe (Popcorn Official) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Deinstallationsprogramm.lnk -> C:\Users\Matthias\AppData\Local\JDownloader v2.0\Uninstall JDownloader.exe (AppWork GmbH) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk -> C:\Users\Matthias\AppData\Local\JDownloader v2.0\JDownloader2Update.exe (AppWork GmbH) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2.lnk -> C:\Users\Matthias\AppData\Local\JDownloader v2.0\JDownloader2.exe (AppWork GmbH) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Matthias\Dropbox () Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\SendTo\PDF24 Creator.lnk -> C:\Program Files (x86)\PDF24\pdf24-DocTool.exe (Geek Software GmbH) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk -> C:\Program Files (x86)\ImgBurn\ImgBurn.exe (LIGHTNING UK!) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iSpy.lnk -> C:\Program Files (x86)\iSpy\iSpy\iSpy.exe (www.ispyconnect.com) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader 2.lnk -> C:\Users\Matthias\AppData\Local\JDownloader v2.0\JDownloader2.exe (AppWork GmbH) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk -> C:\Program Files (x86)\Google\Picasa3\Picasa3.exe (Google Inc.) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PreisHai.lnk -> C:\Program Files (x86)\PreisHai4\preishai.exe (Elmar Denkmann - Software Entwicklung und Vertrieb) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PTC Mathcad Prime 3.1.lnk -> C:\Program Files\PTC\Mathcad Prime 3.1\MathcadPrime.exe (PTC) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SOLIDWORKS 2015 x64 Edition.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\i386_SldWorks.exe (Flexera Software LLC) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SOLIDWORKS Explorer 2015.lnk -> C:\Windows\Installer\{EACE15FF-59ED-4CBE-B1EB-616F4908745F}\NewShortcut1.exe (Flexera Software LLC) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk -> C:\Program Files (x86)\Wireshark\Wireshark.exe (The Wireshark developer community, hxxp://www.wireshark.org/) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Matthias\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) Shortcut: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Matthias\AppData\Roaming\help_images_otherUI\help_images_otherUI\help_images_local\eDrawings 2015 x64 Edition.lnk -> C:\Program Files\SOLIDWORKS Corp\eDrawings X64 Edition\EModelViewer.exe (Dassault Systèmes SOLIDWORKS Corp.) Shortcut: C:\Users\Matthias\AppData\Roaming\Autodesk\DWG TrueView 2015 - English\R13\enu\Plotters\Add-A-Plotter Wizard.lnk -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\addplwiz.exe (Autodesk, Inc.) Shortcut: C:\Users\Matthias\AppData\Roaming\Autodesk\DWG TrueView 2015 - English\R13\enu\Plotters\Plot Styles\Add-A-Plot Style Table Wizard.lnk -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\styshwiz.exe (Autodesk, Inc.) Shortcut: C:\Users\Matthias\AppData\Roaming\Autodesk\AutoCAD Mechanical 2015\R20.0\enu\Plotters\Plot Styles\Add-A-Plot Style Table Wizard.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\styshwiz.exe (Autodesk, Inc.) Shortcut: C:\Users\Matthias\AppData\Roaming\Autodesk\AutoCAD Mechanical 2015\R20.0\deu\Plotters\Plot Styles\Assistent zum Hinzufügen einer Plotstiltabelle.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\styshwiz.exe (Autodesk, Inc.) Shortcut: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe (Adobe Systems Incorporated) Shortcut: C:\Users\Public\Desktop\CarProKey.lnk -> C:\Program Files (x86)\CarProKey\CarProKey.exe () Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) Shortcut: C:\Users\Public\Desktop\Citavi 4.lnk -> C:\Program Files (x86)\Citavi 4\bin\Citavi.exe (Swiss Academic Software) Shortcut: C:\Users\Public\Desktop\Easy ISO Burner 2.10.lnk -> C:\Program Files (x86)\EasyIsoSoft\EasyIsoBurner.exe (Easy ISO Soft) Shortcut: C:\Users\Public\Desktop\FileZilla Server Interface.lnk -> C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project) Shortcut: C:\Users\Public\Desktop\Grewe Scanner-Interface 7.lnk -> C:\Program Files (x86)\Grewe\Scanner-Interface 7\Scanner-Interface.exe (Grewe Computertechnik GmbH) Shortcut: C:\Users\Public\Desktop\iFunbox.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe (i-Funbox.com) Shortcut: C:\Users\Public\Desktop\ImgBurn.lnk -> C:\Program Files (x86)\ImgBurn\ImgBurn.exe (LIGHTNING UK!) Shortcut: C:\Users\Public\Desktop\IP Camera Tool.lnk -> C:\Program Files (x86)\IPCamSetup\IPCamera.exe () Shortcut: C:\Users\Public\Desktop\iSpy.lnk -> C:\Program Files (x86)\iSpy\iSpy\iSpy.exe (www.ispyconnect.com) Shortcut: C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\MyPublicWiFi.lnk -> C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe () Shortcut: C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group) Shortcut: C:\Users\Public\Desktop\RufIdent 33.lnk -> C:\Program Files (x86)\RufIdent Herbst 2014\RufIdent.exe () Shortcut: C:\Users\Public\Desktop\S8_Assistant.lnk -> C:\Program Files (x86)\Bigflyshark\S8_Assistant\S8_Assistant.exe (Bigflyshark) Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe () Shortcut: C:\Users\Public\Desktop\Syncios.lnk -> C:\Program Files (x86)\Syncios\Syncios.exe () Shortcut: C:\Users\Public\Desktop\TeamViewer 10.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) Shortcut: C:\Users\Public\Desktop\Telefon- und Branchenbuch + Rückwärtssuche Herbst 2014.lnk -> C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Herbst 2014\ktel32.exe (telegate MEDIA AG) Shortcut: C:\Users\Public\Desktop\TI-Nspire Student Software.lnk -> C:\Program Files (x86)\TI Education\TI-Nspire Student Software\TI-Nspire Student Software.exe (Texas Instruments Incorporated) Shortcut: C:\Users\Public\Desktop\Virtual CloneDrive.lnk -> C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe (Elaborate Bytes AG) Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\Users\Public\Desktop\VMware Workstation.lnk -> C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe (VMware, Inc.) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Tools\Exchange App Manager.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\AppManager.exe (Autodesk) -> Inventor /u hxxp://apps.exchange.autodesk.com/apps/v1/homepage?productline=INVPROSA&release=2013&utm_source=inproduct&utm_medium=appmanager ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe (Adobe Systems Incorporated) -> --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vermieten easy\Vermieten easy deinstallieren.lnk -> C:\Program Files (x86)\Vermieten easy\{713FB416-9DB9-4D45-8E9C-9EC1DD52F887}\AKDeInstall.exe () -> /x ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools\TI-Nspire Student Software\Run TI-Nspire Student Software Diagnostics.lnk -> C:\Program Files (x86)\TI Education\TI-Nspire Student Software\TI-Diagnostics\TI-Diagnostic.exe (Texas Instruments Incorporated) -> -p=33 -v=3.9.0.463 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools\TI-Nspire Student Software\Uninstall TI-Nspire Student Software.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {F46F949B-755F-4BEF-A4B9-7B3B73D0104A} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015\SOLIDWORKS Leistungstest 2015.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut8_5A81956D53B84FDF978DC28E95329263.exe (Flexera Software LLC) -> "-bm" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Installations-Manager\Nach Aktualisierungen suchen.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installations-Manager\CheckForUpdates\sldCheckForUpdates.exe (Dassault Systèmes SolidWorks Corp.) -> /check 0 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Installations-Manager\SOLIDWORKS Hintergrund-Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installations-Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.) -> /launch_from 3 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} /qf ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa Photo Viewer konfigurieren.lnk -> C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe (Google Inc.) -> /reconfig ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012\Configuration Tools\SQL Server Configuration Manager.lnk -> C:\Windows\SysWOW64\mmc.exe (Microsoft Corporation) -> /32 C:\Windows\SysWOW64\SQLServerManager11.msc ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe () -> /design ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk -> C:\Program Files\KMSpico\UninsHs.exe (Han-soft) -> /u0=KMSpico ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\klickTel\klickTel Herbst 2014 - Suchassistent.lnk -> C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Herbst 2014\ktel32.exe (telegate MEDIA AG) -> ASSISTENT ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) -> -tab update ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) -> -tab about ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy\iSpy (Silent Start).lnk -> C:\Windows\Installer\{59FD7347-2EF6-4A67-ADFF-C029D0D67A7E}\_00A34A97D55247D1D09CCE.exe () -> -silent ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy\Reset iSpy.lnk -> C:\Windows\Installer\{59FD7347-2EF6-4A67-ADFF-C029D0D67A7E}\_3C5D7355E7A7F29333DED1.exe () -> -reset ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy\Uninstall iSpy.lnk -> C:\Windows\Installer\{59FD7347-2EF6-4A67-ADFF-C029D0D67A7E}\_78DC059EB11D6C96A194A5.exe () -> /u={59FD7347-2EF6-4A67-ADFF-C029D0D67A7E} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPCamSetup\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{02C39DE9-B03A-4FE7-89F9-61E224FE65CC}\setup.exe (Acresso Software Inc. ) -> -runfromtemp -l0x0409 /UNINSTALL ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\E-Mails.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Erinnerungen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iPhone suchen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Kalender.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> keynote ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Kontakte.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notizen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> numbers ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> pages ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heizkosten easy\Heizkosten easy deinstallieren.lnk -> C:\Program Files (x86)\Heizkosten easy\{0B0D8382-42D5-4666-92F5-0051FF260C35}\AKDeInstall.exe () -> /x ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDClone 5.1.4 Free Edition\HDClone starten.lnk -> C:\Program Files (x86)\HDClone 5.1 Free Edition\hdclone.exe (Miray Software AG) -> run ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDClone 5.1.4 Free Edition\Notfall-Medium erstellen.lnk -> C:\Program Files (x86)\HDClone 5.1 Free Edition\hdclone.exe (Miray Software AG) -> install ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server\Start FileZilla Server.lnk -> C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (FileZilla Project) -> /start ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server\Stop FileZilla Server.lnk -> C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (FileZilla Project) -> /stop ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EWA net\Update EPC net.lnk -> C:\Program Files (x86)\EWA net\ewa_admin\EWAAdmin.exe ( ) -> /epc ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EWA net\Update WIS net.lnk -> C:\Program Files (x86)\EWA net\ewa_admin\EWAAdmin.exe ( ) -> /wis ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DWG TrueView 2015 - English\DWG TrueView 2015 - English.lnk -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.) -> /language "en-US" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Start Menü Einstellungen.lnk -> C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft) -> -settings ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG4100 series\MP Drivers Deinstallieren.lnk -> C:\Windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series\DelDrv64.exe (CANON INC.) -> /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series /L0x0007 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast SafeZone.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) -> /sfzonebrowser ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Autodesk Inventor Professional 2015 - Deutsch (German).lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) -> /language=DEU ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\Autodesk Inventor Professional 2015 - English.lnk -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) -> /language=ENU ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Inventor 2015\License Transfer Utility - Inventor 2015.lnk -> C:\Program Files\Common Files\Autodesk Shared\AdLM\R9\LTU.exe (Autodesk, Inc.) -> 797G1 2015.0.0.F -d SA -l en-US ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 360.lnk -> C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) -> /browseLocal ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - English\AutoCAD 2015 - English - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) -> /p <<VANILLA>> /product ACADM /language "en-US" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - English\AutoCAD Mechanical 2015 - English.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) -> /p <<ACADMPP>> /product ACADM /language "en-US" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - English\License Transfer Utility - AutoCAD Mechanical.lnk -> C:\Program Files\Common Files\Autodesk Shared\AdLM\R9\LTU.exe (Autodesk, Inc.) -> 206G1 2015.0.0.F -d SA -l en-US ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - English\Reset Settings to Default - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\AdMigrator.exe (Autodesk, Inc.) -> /reset /product ACADM /language "en-US" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - English\Migrate Custom Settings\Export AutoCAD 2015 Settings - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\AdMigrator.exe (Autodesk, Inc.) -> /e /product ACADM /language "en-US" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - English\Migrate Custom Settings\Import AutoCAD 2015 Settings - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\AdMigrator.exe (Autodesk, Inc.) -> /i /product ACADM /language "en-US" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - Deutsch (German)\AutoCAD 2015 - Deutsch (German) - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) -> /p <<VANILLA>> /product ACADM /language "de-DE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - Deutsch (German)\AutoCAD Mechanical 2015 - Deutsch (German).lnk -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) -> /p <<ACADMPP>> /product ACADM /language "de-DE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - Deutsch (German)\Dienstprogramm zur Lizenzübertragung - AutoCAD Mechanical.lnk -> C:\Program Files\Common Files\Autodesk Shared\AdLM\R9\LTU.exe (Autodesk, Inc.) -> 206G1 2015.0.0.F -d SA -l de-DE ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - Deutsch (German)\Einstellungen auf Vorgabe zurücksetzen - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\AdMigrator.exe (Autodesk, Inc.) -> /reset /product ACADM /language "de-DE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - Deutsch (German)\Benutzerdefinierte Einstellungen migrieren\AutoCAD 2015 Einstellungen exportieren - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\AdMigrator.exe (Autodesk, Inc.) -> /e /product ACADM /language "de-DE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Mechanical 2015 - Deutsch (German)\Benutzerdefinierte Einstellungen migrieren\AutoCAD 2015 Einstellungen importieren - AutoCAD Mechanical.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\AdMigrator.exe (Autodesk, Inc.) -> /i /product ACADM /language "de-DE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Matthias\Favorites\EWA net\Update EPC net.lnk -> C:\Program Files (x86)\EWA net\ewa_admin\EWAAdmin.exe ( ) -> /epc ShortcutWithArgument: C:\Users\Matthias\Favorites\EWA net\Update WIS net.lnk -> C:\Program Files (x86)\EWA net\ewa_admin\EWAAdmin.exe ( ) -> /wis ShortcutWithArgument: C:\Users\Matthias\Desktop\EPC.lnk -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe (Oracle Corporation) -> -localfile "C:\Users\Matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\364965e6-240910b2" ShortcutWithArgument: C:\Users\Matthias\Desktop\Popcorn Time.lnk -> C:\Users\Matthias\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe () -> . ShortcutWithArgument: C:\Users\Matthias\Desktop\WIS-ASRA.lnk -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe (Oracle Corporation) -> -localfile "C:\Users\Matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\788cda5b-1e0421f2" ShortcutWithArgument: C:\Users\Matthias\Desktop\Autocad\AutoCAD Mechanical 2015 - Deutsch (German).lnk -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) -> /p <<ACADMPP>> /product ACADM /language "de-DE" ShortcutWithArgument: C:\Users\Matthias\Desktop\Autocad\Autodesk 360.lnk -> C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) -> /browseLocal ShortcutWithArgument: C:\Users\Matthias\Desktop\Autocad\DWG TrueView 2015 - English.lnk -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.) -> /language "en-US" ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk -> C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft) -> -togglenew ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIS-ASRA\WIS-ASRA.lnk -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe (Oracle Corporation) -> -localfile "C:\Users\Matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\788cda5b-1e0421f2" ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk -> C:\Users\Matthias\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe () -> . ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPC\EPC.lnk -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe (Oracle Corporation) -> -localfile "C:\Users\Matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\364965e6-240910b2" ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto: ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Autodesk\AutoCAD Mechanical 2015\R20.0\enu\Plotters\Add-A-Plotter Wizard.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\addplwiz.exe (Autodesk, Inc.) -> /LANGUAGE en-US ShortcutWithArgument: C:\Users\Matthias\AppData\Roaming\Autodesk\AutoCAD Mechanical 2015\R20.0\deu\Plotters\Assistent zum Hinzufügen eines Plotters.lnk -> C:\Program Files\Autodesk\AutoCAD 2015\addplwiz.exe (Autodesk, Inc.) -> /LANGUAGE de-DE ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Popcorn Time\Popcorn Time.lnk -> C:\Users\Matthias\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe () -> . ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D} ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Matthias\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Public\Desktop\HDClone.lnk -> C:\Program Files (x86)\HDClone 5.1 Free Edition\hdclone.exe (Miray Software AG) -> run ShortcutWithArgument: C:\Users\Public\Desktop\Telefon- und Branchenbuch + Rückwärtssuche Herbst 2014 - Suchassistent.lnk -> C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Herbst 2014\ktel32.exe (telegate MEDIA AG) -> ASSISTENT InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap\WinPcap Web Site.url -> hxxp://www.winpcap.org/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syncios\Syncios im Internet.url -> hxxp://www.syncios.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro im Internet.url -> hxxp://www.revouninstallerpro.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreisHai 4\eBay Startseite.url -> hxxp://www.preishai-online.de/scripts/gotoebay.php InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreisHai 4\PreisHai Startseite.url -> hxxp://www.preishai-online.de InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EWA net\DamageCode Direct.url -> hxxp://localhost:9000/WIS-net/ssl.jnlp InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EWA net\EWA net.url -> hxxp://localhost:9000/EWA-net InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EWA net\Log files (Installer).url -> file:///C:\Program Files (x86)\EWA net\install\log\log.00 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EWA net\Log files (Server).url -> file:///C:\Program Files (x86)\EWA net\logs InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EWA net\Server Documentation.url -> file:///C:\Program Files (x86)\EWA net\docs InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner InternetURL: C:\Users\Matthias\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Matthias\Favorites\EWA net\DamageCode Direct.url -> hxxp://localhost:9000/WIS-net/ssl.jnlp InternetURL: C:\Users\Matthias\Favorites\EWA net\EWA net.url -> hxxp://localhost:9000/EWA-net InternetURL: C:\Users\Matthias\Favorites\EWA net\Log files (Installer).url -> C:\Program Files (x86)\EWA net\install\log\log.00 InternetURL: C:\Users\Matthias\Favorites\EWA net\Log files (Server).url -> C:\Program Files (x86)\EWA net\logs InternetURL: C:\Users\Matthias\Favorites\EWA net\Server Documentation.url -> C:\Program Files (x86)\EWA net\docs InternetURL: C:\Users\Matthias\Dropbox\actiator win und office\^^More downloads here.URL -> hxxp://thumperdc.com/ InternetURL: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 0 InternetURL: C:\Users\Matthias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay Startseite.url -> hxxp://www.preishai-online.de/scripts/gotoebay.php ==================== Ende von Shortcut.txt ============================= |
04.09.2015, 17:39 | #11 |
/// the machine /// TB-Ausbilder | Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen anESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
08.09.2015, 08:09 | #12 |
| Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an eset log file: Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=104375dc76983142b638ab6b2b7b2d96 # end=init # utc_time=2015-09-05 04:32:25 # local_time=2015-09-05 06:32:25 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 25619 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=104375dc76983142b638ab6b2b7b2d96 # end=updated # utc_time=2015-09-05 04:37:36 # local_time=2015-09-05 06:37:36 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=104375dc76983142b638ab6b2b7b2d96 # engine=25619 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-09-07 11:34:21 # local_time=2015-09-08 01:34:21 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 370674 11078265 0 0 # scanned=644795 # found=38 # cleaned=0 # scan_time=25004 sh=C3DEFA5E775E1CE7EEA8FAE67FA3E504A513DF4F ft=1 fh=eb3ef09612dbcc7f vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchCH.dll.vir" sh=7F80338F92F336DF2F747EE304EA99F98733D7EF ft=1 fh=a20bcc0e72d988a6 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchFF.dll.vir" sh=5D628376391A827A818B0A079B64EE457AE9B82A ft=1 fh=c71c0011e2e7a7a5 vn="Variante von Win32/ELEX.DH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowserAction.dll.vir" sh=34560DDE92CC541AE16932D02887F5CE880DC4C8 ft=1 fh=e95166d450b773b3 vn="Variante von Win32/ELEX.CY evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\CmdShell.exe.vir" sh=1C88A7C4FD5E9BBE5F558AB731149EC1E59A67AC ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ffsearch_toolbar!1.0.0.1031.xpi.vir" sh=A71D8EBDBF6DB1BF2092D520DBD79481F74F141C ft=1 fh=e8458438005d3d26 vn="Variante von Win32/ELEX.DK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\HPNotify.exe.vir" sh=948691DF20AD5F76AEBE6CE8DBA1F967C8B6BD0F ft=1 fh=fe4bd6b5ea25d889 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\IeWatchDog.dll.vir" sh=30A0B06E5FCAD6ED80904CCE0D7E1381168083DB ft=1 fh=294b55fbb91ab494 vn="Variante von Win32/ELEX.EE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ProtectService.exe.vir" sh=AD657A3DC5DBF10DF06ED9F94DEF410FCC9429F9 ft=1 fh=ae00004d8419e992 vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\SupTab.dll.vir" sh=BC1B05BBDB2BC3A743024BDC383FEC73E739FC75 ft=1 fh=8c967fa647c8d677 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir" sh=33A99658CA8F63F9947AA2348031AE35B5E2385F ft=1 fh=c71c0011223ea8ae vn="Variante von Win32/SProtector.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SystemProtract\SystemProtract(52).dll.vir" sh=F679F9CF95C7ABEEA0FEA1B1C1AFA1076E2B2F79 ft=0 fh=0000000000000000 vn="Android/Exploit.Towel.A Trojaner" ac=I fn="C:\FTV\apps\tr.apk" sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\Redist\PDFCreator-1_7_3_setup.exe" sh=F679F9CF95C7ABEEA0FEA1B1C1AFA1076E2B2F79 ft=0 fh=0000000000000000 vn="Android/Exploit.Towel.A Trojaner" ac=I fn="C:\Users\Matthias\Amazon Fire TV\adbfw108\adbfw108\tr.apk" sh=1A0D15A71AA582EE0A6D0D933C5AA1CD36B5B983 ft=0 fh=0000000000000000 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c.zip" sh=D5466CC80BED67DBF688A0C987B68896DFCB9317 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="C:\Users\Matthias\Documents\Stardiagnose\mb1.rar" sh=AE4EAFC1CF807665A47997494958FF86DE8F9485 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="C:\Users\Matthias\Documents\Stardiagnose\Stardiagnose.rar" sh=CFE58EF11C552810BA654A84659203E5BD1E4866 ft=0 fh=0000000000000000 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c\DTLite4491-0356.rar" sh=E750C443A83F9B135B499E7917C5A93120384BB3 ft=1 fh=4eedbac881d1fc72 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c\DTLite4491-0356\DTLite4491-0356.exe" sh=E9E82EE3996A3186DCC54D08751028360DF5A4B7 ft=1 fh=c1c00422780e76d0 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="C:\Users\Matthias\Documents\Stardiagnose\Keygenmegatool\Megatool1.vmp.exe" sh=1E33765B1EA1C8699B4966098DA8FB3273DF8580 ft=1 fh=92ec1bcccc612745 vn="Variante von Win32/InstallCore.ZD evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Downloads\FileZilla_Server-0_9_52_1(1).exe" sh=2A0A11AF4E5DDE7D16EC8AD2D2E17CC192090D3F ft=1 fh=92ec1bcc1c5cabdb vn="Variante von Win32/InstallCore.ZD evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Downloads\FileZilla_Server-0_9_52_1(2).exe" sh=ACFF4BBCC49456D6F457D1F20917C2AFD5BF8DAE ft=1 fh=044b26bfffd7cdd6 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Downloads\Fotosizer - CHIP-Installer.exe" sh=89DB1C8E39361D82F4506E856EC74EB2E655CD8A ft=1 fh=0e9075e94c8be8a2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Downloads\Free Video to iPhone Converter - CHIP-Installer.exe" sh=13BB3854C0EE095D6C9D7D32F591EC6F64A91D62 ft=1 fh=7f42206db3bfedf5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Downloads\Free Virtual Keyboard - CHIP-Installer.exe" sh=33AEEB8A207E5D67360F11D6925FE8F838AA1CF3 ft=0 fh=0000000000000000 vn="Android/Exploit.Towel.A Trojaner" ac=I fn="D:\Downloads\Downloads\FTV v0.30.zip" sh=B067FDF0A4DD8A89A05290244A0ACF2E490F63E7 ft=1 fh=dcd287dfbc8f0efe vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="D:\Downloads\Downloads\grewe-scanner-interface-7.0.3-setup.exe" sh=87339FF49EBA45F1696E3C3CD1DB617D4D72F6D5 ft=1 fh=e64bdc3ea2123de5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Downloads\HDClone - CHIP-Installer.exe" sh=7B555F3A63522A474FDCA32CEFDF67B0251741BE ft=0 fh=0000000000000000 vn="Win32/Injector.AAMW Trojaner" ac=I fn="D:\Downloads\Downloads\K.J_121026.zip" sh=D356EA0DCE173810E8AA27F9EA3C2FC2E88596E8 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.MultiPlug.ED Anwendung" ac=I fn="D:\Downloads\Downloads\pe-guard-21.zip" sh=C4F625530D6B00CE10E3DA36E2CD57E30E066611 ft=0 fh=0000000000000000 vn="Win32/OutBrowse.BU evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Downloads\pe-guard-21_crack.zip" sh=37FCCA952EE77CE05361B2DD379E4409E21E0612 ft=1 fh=09a6715d3d2c8517 vn="Variante von Win32/SoftonicDownloader.G evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Downloads\SoftonicDownloader_fuer_picsizer.exe" sh=F8A3696BC9BB2948E88ACDB3F7C794E3D48695BE ft=1 fh=2062030c9f1bd6fb vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Downloads\WinSetupFromUSB - CHIP-Installer.exe" sh=F679F9CF95C7ABEEA0FEA1B1C1AFA1076E2B2F79 ft=0 fh=0000000000000000 vn="Android/Exploit.Towel.A Trojaner" ac=I fn="D:\Downloads\Downloads\FTV v0.30\FTV\apps\tr.apk" sh=17C240B57DEBF4F22A261713B21D3AFC3B64513D ft=1 fh=866aa4f745cb8c5d vn="Win32/Injector.AAMW Trojaner" ac=I fn="D:\Downloads\Downloads\K.J_121026\K.J_121026.exe" sh=825C3A1E5B1767E46E6B3E81E79E8048472BA57B ft=1 fh=c71c001123d0bca9 vn="Variante von Win32/Adware.MultiPlug.ED Anwendung" ac=I fn="D:\Downloads\Downloads\pe-guard-21\setup.exe" sh=11C771BF9E235EA2ED153BC45AE01F3CB33AA1DB ft=1 fh=98a5af9279537ea6 vn="Win32/OutBrowse.BU evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Downloads\pe-guard-21_crack\setup.exe" sh=9A7FB8EB958D8486E690B9AF177541A34093E51E ft=0 fh=0000000000000000 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\jdownloads\SW15SP0\SW15SP0\Solidworks_2015_SP0_Full_DVD2.iso" Code:
ATTFilter Results of screen317's Security Check version 1.008 x64 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender avast! Antivirus Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` iSpy Java 8 Update 31 Java version 32-bit out of Date! Adobe Flash Player 18.0.0.232 Adobe Reader XI Mozilla Firefox (39.0) ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast afwServ.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015 durchgeführt von Matthias (Administrator) auf MATTHI (08-09-2015 08:50:04) Gestartet von C:\Users\Matthias\Desktop Geladene Profile: Matthias (Verfügbare Profile: Matthias) Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation) C:\Program Files\PTC\Creo 3.0\M030\Common Files\x86e_win64\cma\Bin\IntelMPI\smpd-intel-4.0.3.009-x64.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164080 2015-06-27] (IvoSoft) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-31] (AVAST Software) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG) HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [723456 2015-02-05] () HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-04-30] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-04-30] (Adobe Systems Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2508288 2015-02-10] (i-Funbox.com) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-19] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-31] (AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-18] ShortcutTarget: Dropbox.lnk -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{019A3A2A-1F07-49DD-9C51-D1B67A8B66E6}: [NameServer] 192.168.1.1 Tcpip\..\Interfaces\{E13CC50E-7169-42C0-9533-D02CE6DB0F90}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{FDC853B5-9ABF-4F0C-A213-F9844B5729A6}: [DhcpNameServer] 192.168.3.1 Internet Explorer: ================== HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2155083525-1168965681-3283480890-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-2155083525-1168965681-3283480890-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-31] (AVAST Software) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-06-27] (IvoSoft) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-31] (AVAST Software) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-06-27] (IvoSoft) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-08-19] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\mpu1y1e4.default FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q= FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.de?hl=de&gl=de FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-03] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-03] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @ptc.com/IsoView -> C:\Program Files (x86)\Common Files\PTC\npisoview.dll [2014-10-29] (PTC Inc.) FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2014-10-29] (PTC) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-04-30] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems) FF Plugin HKU\S-1-5-21-2155083525-1168965681-3283480890-1001: @spoon.net/Spoon Plugin 3.33 -> C:\Users\Matthias\AppData\Local\Spoon\3.33.8.527\npMozillaSpoonPlugin.dll Keine Datei FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-29] (Apple Inc.) FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-08-06] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-05-16] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-05-17] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006" CHR Profile: C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-22] CHR Extension: (Google Search) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-22] CHR Extension: (Bookmark Manager) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-27] CHR Extension: (Google Wallet) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-22] CHR Extension: (Gmail) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-22] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-08] CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - https://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-31] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-31] (AVAST Software) S2 EWA net DB Core; C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe [326616 2011-03-09] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert] S2 EWA net DB EPC; C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe [417792 2007-11-27] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert] S2 EWA net DB WIS; C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe [326616 2011-03-09] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert] S2 EWA net Server; C:\Program Files (x86)\EWA net\server\bin\tomcat7.exe [80896 2013-07-02] (Apache Software Foundation) [Datei ist nicht signiert] S2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [177152 2014-09-29] (Trace Software International) [Datei ist nicht signiert] S2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [794584 2015-06-01] (FileZilla Project) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] R2 impi_smpd; C:\Program Files\PTC\Creo 3.0\M030\Common Files\x86e_win64\cma\Bin\IntelMPI\smpd-intel-4.0.3.009-x64.exe [1611168 2015-07-20] (Intel Corporation) R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation) S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S2 mitsijm2015; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [968480 2013-10-12] (Autodesk, Inc.) S2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation) S2 MyPublicWiFiService; C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [Datei ist nicht signiert] S2 NovacomD; C:\Program Files\Palm, Inc\novacom\amd64\novacomd.exe [72192 2011-06-24] (Palm) [Datei ist nicht signiert] S2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [234632 2014-09-29] (Mentor Graphics Corporation) [Datei ist nicht signiert] S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-11-01] (SolidWorks) [Datei ist nicht signiert] S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH) S2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation) R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-04-14] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-31] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-31] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-31] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-31] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-31] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-31] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-31] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-31] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-31] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-31] (AVAST Software) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 fwdrv; C:\Windows\system32\DRIVERS\fwdrv.sys [27840 2014-03-22] (Web Solution Mart) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R1 ndiskhaz; C:\Windows\system32\DRIVERS\ndiskhaz.sys [30536 2012-12-07] (Khalil Azzouzi) S3 nmserial; C:\Windows\system32\DRIVERS\nmserial.sys [75264 2010-01-07] (Windows (R) Codename Longhorn DDK provider) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44784 2013-04-24] (Synaptics Incorporated) S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-08 08:50 - 2015-09-08 08:50 - 00000000 _____ C:\Users\Matthias\Desktop\FRST.txt 2015-09-08 08:49 - 2015-09-08 08:49 - 00000000 ____D C:\Users\Matthias\Desktop\FRST-OlderVersion 2015-09-08 08:43 - 2015-09-08 08:43 - 00008766 _____ C:\Users\Matthias\Desktop\esetonline.txt 2015-09-05 18:34 - 2015-09-05 18:34 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-09-05 18:32 - 2015-09-05 18:32 - 00000000 ____D C:\Program Files (x86)\ESET 2015-09-03 20:37 - 2015-09-03 20:37 - 00100099 _____ C:\Users\Matthias\Desktop\Shortcut.txt 2015-09-03 20:35 - 2015-09-03 20:37 - 00095228 _____ C:\Users\Matthias\Desktop\Addition.txt 2015-09-03 20:32 - 2015-09-08 08:49 - 00000000 ____D C:\Users\Matthias\Desktop\Neuer Ordner 2015-09-03 20:28 - 2015-09-03 20:28 - 00001979 _____ C:\Users\Matthias\Desktop\JRT.txt 2015-09-03 20:08 - 2015-09-03 20:08 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Matthias\Desktop\JRT_7600.exe 2015-09-03 20:07 - 2015-09-03 20:07 - 00001753 _____ C:\Users\Matthias\Desktop\mbram.txt 2015-09-03 19:14 - 2015-09-03 19:14 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-09-03 19:14 - 2015-09-03 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-03 19:14 - 2015-09-03 19:14 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-09-03 19:14 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-09-03 19:14 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-09-03 19:04 - 2015-09-03 19:04 - 01654272 _____ C:\Users\Matthias\Desktop\AdwCleaner_5.005.exe 2015-09-03 18:41 - 2015-08-14 03:50 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-09-03 18:41 - 2015-08-14 03:50 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-03 18:33 - 2015-09-03 18:33 - 00226304 _____ C:\Users\Matthias\Desktop\DownloadProtectCleaner-reboot.exe 2015-09-03 18:33 - 2015-09-03 18:32 - 00327168 _____ C:\Users\Matthias\Desktop\DownloadProtectCleaner.exe 2015-09-01 19:40 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-09-01 19:40 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-09-01 18:43 - 2015-09-01 18:43 - 00013381 _____ C:\Users\Matthias\Desktop\Gmer.txt 2015-09-01 18:19 - 2015-09-01 18:17 - 00380416 _____ C:\Users\Matthias\Desktop\od20uj84.exe 2015-09-01 18:15 - 2015-09-08 08:50 - 00000000 ____D C:\FRST 2015-09-01 18:14 - 2015-09-08 08:49 - 02190336 _____ (Farbar) C:\Users\Matthias\Desktop\FRST64.exe 2015-09-01 18:13 - 2015-09-01 18:13 - 00050477 _____ C:\Users\Matthias\Desktop\Defogger.exe 2015-09-01 18:13 - 2015-09-01 18:13 - 00000478 _____ C:\Users\Matthias\Desktop\defogger_disable.log 2015-09-01 18:13 - 2015-09-01 18:13 - 00000000 _____ C:\Users\Matthias\defogger_reenable 2015-09-01 18:07 - 2015-09-08 08:12 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-01 18:07 - 2015-09-07 18:12 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-01 18:07 - 2015-09-01 18:07 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-01 18:07 - 2015-09-01 18:07 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-01 18:03 - 2015-09-03 19:15 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-01 18:03 - 2015-09-03 19:14 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-01 18:03 - 2015-09-01 18:13 - 00000000 ____D C:\Users\Matthias\Desktop\mbar 2015-09-01 18:03 - 2015-09-01 18:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-09-01 18:03 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-09-01 18:02 - 2015-09-01 18:02 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Matthias\Desktop\mbar-1.09.2.1008.exe 2015-09-01 17:59 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-09-01 17:59 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-09-01 17:59 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-09-01 17:59 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-09-01 17:59 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-09-01 17:59 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-09-01 17:59 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-09-01 17:59 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-09-01 17:59 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-09-01 17:59 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-09-01 17:59 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-09-01 17:59 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-09-01 17:59 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-09-01 17:59 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-09-01 17:59 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-09-01 17:59 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-09-01 17:59 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-09-01 17:59 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-09-01 17:59 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-09-01 17:59 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-09-01 17:59 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-09-01 17:59 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-09-01 17:59 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-09-01 17:59 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-09-01 17:59 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-09-01 17:59 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-09-01 17:59 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-09-01 17:59 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-09-01 17:59 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-09-01 17:59 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-09-01 17:59 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-09-01 17:59 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-09-01 17:59 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-09-01 17:59 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-09-01 17:59 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-09-01 17:59 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-09-01 17:59 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-09-01 17:59 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-09-01 17:59 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-09-01 17:59 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-09-01 17:59 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-09-01 17:59 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-09-01 17:59 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-09-01 17:59 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2015-09-01 17:59 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2015-09-01 17:59 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-09-01 17:59 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2015-09-01 17:59 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2015-09-01 17:59 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2015-09-01 17:59 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-09-01 17:59 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-09-01 17:59 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-09-01 17:59 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-09-01 17:59 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml 2015-09-01 17:51 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-09-01 17:51 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-09-01 17:51 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-09-01 17:51 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-09-01 17:46 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-09-01 17:46 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-09-01 17:45 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-09-01 17:45 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-09-01 17:45 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-09-01 17:45 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-09-01 17:45 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-09-01 17:45 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-09-01 17:45 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-09-01 17:45 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-09-01 17:45 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-09-01 17:45 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-09-01 17:45 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2015-09-01 17:45 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-09-01 17:45 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2015-09-01 17:45 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-09-01 17:45 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-09-01 17:45 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-09-01 17:45 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-09-01 17:45 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-09-01 17:45 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-31 18:13 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-31 18:13 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-31 18:13 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-31 18:13 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-31 18:13 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-31 18:13 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-08-31 18:13 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-31 18:13 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-31 18:13 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-31 18:13 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-31 18:13 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-31 18:13 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-31 12:13 - 2015-08-31 12:13 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2015-08-31 12:13 - 2015-08-31 12:13 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-08-31 12:13 - 2015-08-31 12:13 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-08-31 12:02 - 2015-08-31 12:02 - 00000000 ____D C:\Windows\Sun 2015-08-31 11:33 - 2015-08-31 11:33 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPC 2015-08-31 11:31 - 2015-08-31 11:31 - 00001089 _____ C:\Users\Matthias\Desktop\wlan.JPG - Verknüpfung.lnk 2015-08-31 10:57 - 2015-08-31 12:15 - 00023441 _____ C:\Users\Matthias\ewa_client_2.log 2015-08-31 10:57 - 2015-08-31 10:57 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIS-ASRA ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-08 08:42 - 2015-07-20 14:05 - 01930752 _____ C:\Windows\WindowsUpdate.log 2015-09-08 08:35 - 2014-10-18 16:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-08 08:32 - 2015-06-15 20:20 - 00001250 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001UA.job 2015-09-08 08:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-09-08 04:32 - 2015-06-15 20:20 - 00001198 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155083525-1168965681-3283480890-1001Core.job 2015-09-08 02:00 - 2014-09-30 18:15 - 00000000 ____D C:\Users\Matthias\AppData\Local\Adobe 2015-09-07 18:24 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-09-05 18:40 - 2014-09-30 17:27 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2155083525-1168965681-3283480890-1001 2015-09-05 18:35 - 2014-10-23 13:12 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Dropbox 2015-09-05 18:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-09-03 19:12 - 2014-10-23 13:15 - 00000000 ___RD C:\Users\Matthias\Dropbox 2015-09-03 19:11 - 2014-10-07 17:34 - 00000000 ___RD C:\Users\Matthias\iCloudDrive 2015-09-03 19:10 - 2015-05-01 21:52 - 00000637 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-09-03 19:09 - 2014-10-15 07:45 - 00000000 ____D C:\ProgramData\VMware 2015-09-03 19:08 - 2015-07-20 19:56 - 00005932 _____ C:\Windows\setupact.log 2015-09-03 19:08 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-03 19:06 - 2014-11-01 19:40 - 00000000 ____D C:\AdwCleaner 2015-09-03 18:45 - 2014-03-18 12:04 - 02038998 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-03 18:45 - 2014-03-18 11:25 - 00857958 _____ C:\Windows\system32\perfh007.dat 2015-09-03 18:45 - 2014-03-18 11:25 - 00195990 _____ C:\Windows\system32\perfc007.dat 2015-09-03 18:39 - 2015-07-20 19:55 - 05311136 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-03 18:37 - 2015-08-05 15:37 - 00003826 _____ C:\Windows\PFRO.log 2015-09-03 18:37 - 2015-01-02 13:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-09-03 18:37 - 2015-01-02 13:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-09-03 18:37 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-09-03 18:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-09-03 18:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-09-03 18:36 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender 2015-09-03 18:36 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-09-03 16:35 - 2014-10-18 16:36 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-09-02 14:39 - 2014-09-30 15:53 - 00000000 ____D C:\Windows\Panther 2015-09-02 14:33 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT 2015-09-02 12:44 - 2015-01-14 19:38 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-09-02 12:44 - 2015-01-14 19:38 - 00000975 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-09-02 12:44 - 2014-10-01 12:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-09-02 08:45 - 2015-06-22 12:35 - 00000000 ____D C:\Users\Matthias\AppData\Local\CrashDumps 2015-09-01 19:42 - 2014-09-30 17:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-09-01 19:41 - 2014-09-30 17:36 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-01 19:39 - 2015-01-02 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-09-01 19:34 - 2015-02-10 21:56 - 00000000 ____D C:\Windows\system32\MRT 2015-09-01 19:21 - 2015-02-10 21:56 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-09-01 19:18 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini 2015-09-01 19:12 - 2015-04-15 22:04 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-09-01 19:12 - 2015-04-15 22:04 - 00000000 ____D C:\Windows\system32\appraiser 2015-09-01 19:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-01 19:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-01 18:20 - 2014-09-30 18:21 - 00000000 ____D C:\Users\Matthias\Documents\Outlook-Dateien 2015-09-01 18:13 - 2014-09-30 15:22 - 00000000 ____D C:\Users\Matthias 2015-09-01 18:05 - 2015-07-20 11:08 - 00000000 ____D C:\Users\Matthias\AppData\Local\ClassicShell 2015-09-01 18:05 - 2014-09-30 18:21 - 00000000 ____D C:\Users\Matthias\AppData\Local\0335F7ED-DFDF-4299-93AA-F07A1EA37D36.aplzod 2015-09-01 17:47 - 2015-02-08 14:29 - 00003098 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2155083525-1168965681-3283480890-1001 2015-09-01 17:47 - 2015-02-08 14:29 - 00000000 ___RD C:\Users\Matthias\OneDrive 2015-08-31 12:29 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2015-08-31 12:26 - 2014-09-30 19:42 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-08-31 12:14 - 2014-09-30 19:42 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-08-31 12:13 - 2014-09-30 19:47 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2015-08-31 12:13 - 2014-09-30 19:42 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2015-08-31 11:33 - 2015-07-22 07:22 - 00002313 _____ C:\Users\Matthias\Desktop\EPC.lnk 2015-08-31 11:33 - 2015-07-20 20:05 - 00000102 _____ C:\Users\Matthias\.ewanapi_cookie 2015-08-31 11:31 - 2014-10-01 15:27 - 00038436 _____ C:\Users\Matthias\Desktop\Batteriereport.html 2015-08-31 11:18 - 2015-06-08 14:51 - 00001101 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2015-08-31 11:18 - 2015-02-06 16:55 - 00000842 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-08-31 10:57 - 2015-07-20 20:09 - 00002313 _____ C:\Users\Matthias\Desktop\WIS-ASRA.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-12-02 16:36 - 2014-12-02 16:36 - 0003584 _____ () C:\Users\Matthias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-02 12:00 - 2015-02-02 12:03 - 0000600 _____ () C:\Users\Matthias\AppData\Local\PUTTY.RND 2014-11-25 11:31 - 2015-05-26 12:40 - 0000000 _____ () C:\Users\Matthias\AppData\Local\Temptable.xml 2015-07-10 12:49 - 2015-07-10 12:49 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Einige Dateien in TEMP: ==================== C:\Users\Matthias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp99ostr.dll C:\Users\Matthias\AppData\Local\Temp\proxy_vole7697117568290905588.dll C:\Users\Matthias\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-01 19:02 ==================== Ende von FRST.txt ============================ |
08.09.2015, 18:33 | #13 |
/// the machine /// TB-Ausbilder | Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an Java updaten. Funde entfernen wir jetzt. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\FTV\apps\tr.apk C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\Redist\PDFCreator-1_7_3_setup.exe C:\Users\Matthias\Amazon Fire TV\adbfw108\adbfw108\tr.apk C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c.zip C:\Users\Matthias\Documents\Stardiagnose\mb1.rar C:\Users\Matthias\Documents\Stardiagnose\Stardiagnose.rar C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c\DTLite4491-0356.rar C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c\DTLite4491-0356\DTLite4491-0356.exe C:\Users\Matthias\Documents\Stardiagnose\Keygenmegatool\Megatool1.vmp.exe D:\Downloads\Downloads\FileZilla_Server-0_9_52_1(1).exe D:\Downloads\Downloads\FileZilla_Server-0_9_52_1(2).exe D:\Downloads\Downloads\Fotosizer - CHIP-Installer.exe D:\Downloads\Downloads\Free Video to iPhone Converter - CHIP-Installer.exe D:\Downloads\Downloads\Free Virtual Keyboard - CHIP-Installer.exe D:\Downloads\Downloads\FTV v0.30.zip D:\Downloads\Downloads\grewe-scanner-interface-7.0.3-setup.exe D:\Downloads\Downloads\HDClone - CHIP-Installer.exe D:\Downloads\Downloads\K.J_121026.zip D:\Downloads\Downloads\pe-guard-21.zip D:\Downloads\Downloads\pe-guard-21_crack.zip D:\Downloads\Downloads\SoftonicDownloader_fuer_picsizer.exe D:\Downloads\Downloads\WinSetupFromUSB - CHIP-Installer.exe D:\Downloads\Downloads\FTV v0.30\FTV\apps\tr.apk D:\Downloads\Downloads\K.J_121026\K.J_121026.exe D:\Downloads\Downloads\pe-guard-21\setup.exe D:\Downloads\Downloads\pe-guard-21_crack\setup.exe D:\Downloads\jdownloads\SW15SP0\SW15SP0\Solidworks_2015_SP0_Full_DVD2.iso Emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde: Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung: Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
09.09.2015, 09:26 | #14 |
| Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an fixlog.txt Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-09-2015 durchgeführt von Matthias (2015-09-09 09:42:36) Run:1 Gestartet von C:\Users\Matthias\Desktop\FRST-OlderVersion Geladene Profile: Matthias (Verfügbare Profile: Matthias) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** C:\FTV\apps\tr.apk C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\Redist\PDFCreator-1_7_3_setup.exe C:\Users\Matthias\Amazon Fire TV\adbfw108\adbfw108\tr.apk C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c.zip C:\Users\Matthias\Documents\Stardiagnose\mb1.rar C:\Users\Matthias\Documents\Stardiagnose\Stardiagnose.rar C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c\DTLite4491-0356.rar C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c\DTLite4491-0356\DTLite4491-0356.exe C:\Users\Matthias\Documents\Stardiagnose\Keygenmegatool\Megatool1.vmp.exe D:\Downloads\Downloads\FileZilla_Server-0_9_52_1(1).exe D:\Downloads\Downloads\FileZilla_Server-0_9_52_1(2).exe D:\Downloads\Downloads\Fotosizer - CHIP-Installer.exe D:\Downloads\Downloads\Free Video to iPhone Converter - CHIP-Installer.exe D:\Downloads\Downloads\Free Virtual Keyboard - CHIP-Installer.exe D:\Downloads\Downloads\FTV v0.30.zip D:\Downloads\Downloads\grewe-scanner-interface-7.0.3-setup.exe D:\Downloads\Downloads\HDClone - CHIP-Installer.exe D:\Downloads\Downloads\K.J_121026.zip D:\Downloads\Downloads\pe-guard-21.zip D:\Downloads\Downloads\pe-guard-21_crack.zip D:\Downloads\Downloads\SoftonicDownloader_fuer_picsizer.exe D:\Downloads\Downloads\WinSetupFromUSB - CHIP-Installer.exe D:\Downloads\Downloads\FTV v0.30\FTV\apps\tr.apk D:\Downloads\Downloads\K.J_121026\K.J_121026.exe D:\Downloads\Downloads\pe-guard-21\setup.exe D:\Downloads\Downloads\pe-guard-21_crack\setup.exe D:\Downloads\jdownloads\SW15SP0\SW15SP0\Solidworks_2015_SP0_Full_DVD2.iso Emptytemp: ***************** C:\FTV\apps\tr.apk => erfolgreich verschoben C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\Redist\PDFCreator-1_7_3_setup.exe => erfolgreich verschoben C:\Users\Matthias\Amazon Fire TV\adbfw108\adbfw108\tr.apk => erfolgreich verschoben C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c.zip => erfolgreich verschoben C:\Users\Matthias\Documents\Stardiagnose\mb1.rar => erfolgreich verschoben C:\Users\Matthias\Documents\Stardiagnose\Stardiagnose.rar => erfolgreich verschoben C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c\DTLite4491-0356.rar => erfolgreich verschoben C:\Users\Matthias\Documents\Stardiagnose\Archive-2c2c\DTLite4491-0356\DTLite4491-0356.exe => erfolgreich verschoben C:\Users\Matthias\Documents\Stardiagnose\Keygenmegatool\Megatool1.vmp.exe => erfolgreich verschoben D:\Downloads\Downloads\FileZilla_Server-0_9_52_1(1).exe => erfolgreich verschoben D:\Downloads\Downloads\FileZilla_Server-0_9_52_1(2).exe => erfolgreich verschoben D:\Downloads\Downloads\Fotosizer - CHIP-Installer.exe => erfolgreich verschoben D:\Downloads\Downloads\Free Video to iPhone Converter - CHIP-Installer.exe => erfolgreich verschoben D:\Downloads\Downloads\Free Virtual Keyboard - CHIP-Installer.exe => erfolgreich verschoben D:\Downloads\Downloads\FTV v0.30.zip => erfolgreich verschoben D:\Downloads\Downloads\grewe-scanner-interface-7.0.3-setup.exe => erfolgreich verschoben D:\Downloads\Downloads\HDClone - CHIP-Installer.exe => erfolgreich verschoben D:\Downloads\Downloads\K.J_121026.zip => erfolgreich verschoben D:\Downloads\Downloads\pe-guard-21.zip => erfolgreich verschoben D:\Downloads\Downloads\pe-guard-21_crack.zip => erfolgreich verschoben D:\Downloads\Downloads\SoftonicDownloader_fuer_picsizer.exe => erfolgreich verschoben D:\Downloads\Downloads\WinSetupFromUSB - CHIP-Installer.exe => erfolgreich verschoben D:\Downloads\Downloads\FTV v0.30\FTV\apps\tr.apk => erfolgreich verschoben D:\Downloads\Downloads\K.J_121026\K.J_121026.exe => erfolgreich verschoben D:\Downloads\Downloads\pe-guard-21\setup.exe => erfolgreich verschoben D:\Downloads\Downloads\pe-guard-21_crack\setup.exe => erfolgreich verschoben D:\Downloads\jdownloads\SW15SP0\SW15SP0\Solidworks_2015_SP0_Full_DVD2.iso => erfolgreich verschoben EmptyTemp: => 1.9 GB temporäre Dateien entfernt. Das System musste neu gestartet werden.. ==== Ende von Fixlog 09:47:32 ==== Code:
ATTFilter # DelFix v1.011 - Datei am 09/09/2015 um 10:22:55 erstellt # Aktualisiert am 18/08/2015 von Xplode # Benutzer : Matthias - MATTHI # Betriebssystem : Windows 8.1 Pro (64 bits) ~ Entferne die Bereinigungsprogramme ... Gelöscht : C:\FRST Gelöscht : C:\AdwCleaner Gelöscht : C:\Users\Matthias\Desktop\FRST-OlderVersion Gelöscht : C:\Users\Matthias\Desktop\mbar Gelöscht : C:\Users\Matthias\Desktop\Addition.txt Gelöscht : C:\Users\Matthias\Desktop\AdwCleaner_5.005.exe Gelöscht : C:\Users\Matthias\Desktop\Defogger.exe Gelöscht : C:\Users\Matthias\Desktop\defogger_disable.log Gelöscht : C:\Users\Matthias\Desktop\defogger_enable.log Gelöscht : C:\Users\Matthias\Desktop\DownloadProtectCleaner-reboot.exe Gelöscht : C:\Users\Matthias\Desktop\DownloadProtectCleaner.exe Gelöscht : C:\Users\Matthias\Desktop\FRST.txt Gelöscht : C:\Users\Matthias\Desktop\FRST64.exe Gelöscht : C:\Users\Matthias\Desktop\JRT.txt Gelöscht : C:\Users\Matthias\Desktop\JRT_7600.exe Gelöscht : C:\Users\Matthias\Desktop\mbram.txt Gelöscht : C:\Users\Matthias\Desktop\Shortcut.txt Gelöscht : HKLM\SOFTWARE\AdwCleaner ########## - EOF - ########## Code:
ATTFilter # DelFix v1.011 - Datei am 09/09/2015 um 10:24:59 erstellt # Aktualisiert am 18/08/2015 von Xplode # Benutzer : Matthias - MATTHI # Betriebssystem : Windows 8.1 Pro (64 bits) ~ Aktiviere die Benutzerkontensteuerung ... OK ~ Entferne die Bereinigungsprogramme ... Gelöscht : C:\Users\Matthias\Desktop\FRST-OlderVersion ~ Erstelle ein Backup der Registrierungsdatenbank ... OK ~ Lösche die Wiederherstellungspunkte ... Gelöscht : RP #100 [Geplanter Prüfpunkt | 08/04/2015 14:01:59] Gelöscht : RP #101 [avast! antivirus system restore point | 08/31/2015 10:12:31] Gelöscht : RP #103 [Revo Uninstaller Pro's restore point - DNSBlock | 08/31/2015 10:30:04] Gelöscht : RP #104 [JRT Pre-Junkware Removal | 09/03/2015 18:09:00] Gelöscht : RP #105 [Windows Update | 09/07/2015 16:23:44] Gelöscht : RP #106 [DCInstallRestorePoint | 09/09/2015 07:37:06] Gelöscht : RP #108 [Revo Uninstaller Pro's restore point - Malwarebytes Anti-Malware Version 2.1.8.1057 | 09/09/2015 07:58:21] Ein neuer Wiederherstellungspunkt wurde erstellt ! ~ Stelle die Systemeinstellungen wieder her ... OK ########## - EOF - ########## |
10.09.2015, 08:39 | #15 |
/// the machine /// TB-Ausbilder | Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an fertig
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Auch bei mir Zeigt AVAST immer öffters URL:MAL Bedrohungs Meldungen an |
avast, bedrohungen, crazy, danke, gen, hilfe, meldungen, url:mal |