| |
| |||||||
Alles rund um Windows: Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher ParameterWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
01.10.2015, 20:16
| #1 |
 |  Problem: Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter Hallo wenn ich mein Notebook starte, erscheint bei mir 2mal die Fehlermeldung: RunDLL Problem bei Starten von RunDLL Falscher Parameter. Ok Ich im Anhang 2 Screenshots wo diese fehlerhaften Dateien sein könnten, jedoch kann ich diese nicht löschen --> sreenshot 3 ! sreenshot 4 von Fehlermeldung! BITTE um Hilfe!  DANKE  |
|
01.10.2015, 21:45
| #2 |
| /// Malwareteam   |  Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter Anleitung / Hilfe ja das lass auch mal lieber bleiben haha, hat einen Grund, dass du die nicht so einfach löschen kannst. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
|
02.10.2015, 06:11
| #3 |
| | Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter Details Hallo!
__________________ okey alles klar..! (; und danke ersmals für die schnelle Hilfe! anbei die zwei .txt Dateien! FRST.text Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
durchgeführt von Users (Administrator) auf CILLIVANILLI (02-10-2015 07:00:57)
Gestartet von C:\Users\Users\Desktop
Geladene Profile: Users (Verfügbare Profile: Users)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Nemetschek Allplan Systems GmbH) C:\Program Files\Nemetschek\AllplanUpdateLauncher 2015\AllplanUpdateLauncher.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\Temp\EAF09D3B-4333-4C7E-8C63-CA65D9EB6530\DismHost.exe
(Nemetschek Allplan Systems GmbH) C:\Program Files\Nemetschek\Allplan\Prg\NemDownloadHandler.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\Battery\BatteryTest.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\Run: [FreeVideoDownloader] => C:\Program Files (x86)\33download.com\Free Video Downloader\FreeVideoDownloader.exe
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\Run: [Only-search] => C:\Users\Users\AppData\Local\onlysearch\onlysearch\1.3.15.4\onlysearch.exe
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [185632 2015-09-06] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164192 2015-09-06] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164192 2015-09-06] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ensureXpScr.bat [2013-06-07] ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60502;https=127.0.0.1:60502
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{83E2D362-8275-4B99-9FBF-97D752721744}: [DhcpNameServer] 40.22.1.201 40.22.1.203
Tcpip\..\Interfaces\{B9B84E17-2E36-4EA7-A782-B1B85CCE0E18}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
SearchScopes: HKLM -> {2DAE3666-9192-4129-A7A7-B9C31D092CEA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=146&itype=n&ver=14368&tm=526&src=ds&p={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=146&itype=n&ver=14368&tm=526&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2015-09-25] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-09-25] (Microsoft Corporation)
BHO: SalesCheaCkerr -> {fddf94d2-7b86-4391-8eec-55c969e22056} -> C:\Program Files (x86)\SalesCheaCkerr\GKMETqcjDg1jlm.x64.dll Keine Datei
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2015-09-25] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2015-09-25] (Microsoft Corporation)
BHO-x32: SalesCheaCkerr -> {fddf94d2-7b86-4391-8eec-55c969e22056} -> C:\Program Files (x86)\SalesCheaCkerr\GKMETqcjDg1jlm.dll Keine Datei
Toolbar: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Users\AppData\Roaming\Mozilla\Firefox\Profiles\a7t4eu8f.default
FF SearchEngineOrder.1: default-search.net
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-09-25] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-09-25] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2015-09-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Users\AppData\Roaming\Mozilla\Firefox\Profiles\a7t4eu8f.default\user.js [2014-12-23]
FF Extension: Lightbeam - C:\Users\Users\AppData\Roaming\Mozilla\Firefox\Profiles\a7t4eu8f.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-08-23]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-30]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR Profile: C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (leess2pay) - C:\Users\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcpbbafbpelokceiflmbppflgnfimhkc [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-30] (Adobe Systems) [Datei ist nicht signiert]
R2 AllplanUpdateLauncher 2015; C:\Program Files\Nemetschek\AllplanUpdateLauncher 2015\AllplanUpdateLauncher.exe [16680 2014-10-30] (Nemetschek Allplan Systems GmbH)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2836056 2015-09-09] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 HPSLPSVC; C:\Users\Users\AppData\Local\Temp\7zS5411\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67224 2014-06-17] (Robert McNeel & Associates)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 a090c46f; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\SystemsUp\SystemsUp.dll",serv
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-22] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20912 2012-10-26] (AVG Technologies CZ, s.r.o.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-28] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S1 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X]
R3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-02 07:00 - 2015-10-02 07:01 - 00000000 ____D C:\FRST
2015-10-02 07:00 - 2015-10-02 07:00 - 02192384 _____ (Farbar) C:\Users\Users\Desktop\FRST64.exe
2015-10-02 07:00 - 2015-10-02 07:00 - 00023027 _____ C:\Users\Users\Desktop\FRST.txt
2015-10-01 22:08 - 2015-10-01 22:08 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-10-01 22:08 - 2015-10-01 22:08 - 00000000 ____D C:\WINDOWS\system32\NV
2015-10-01 21:35 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-10-01 21:35 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-10-01 21:33 - 2015-10-01 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-01 21:32 - 2015-10-01 21:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-01 21:32 - 2015-08-10 20:15 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-10-01 21:32 - 2015-08-10 20:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-10-01 21:32 - 2015-08-10 20:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-10-01 21:32 - 2015-08-10 19:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-10-01 21:32 - 2015-08-10 18:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-10-01 21:32 - 2015-08-10 18:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-10-01 21:32 - 2015-08-07 23:41 - 07460168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 21:32 - 2015-08-07 23:40 - 01736520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-10-01 21:32 - 2015-08-07 23:40 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-10-01 21:32 - 2015-08-07 23:40 - 01134752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-10-01 21:32 - 2015-08-07 23:40 - 00686960 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2015-10-01 21:32 - 2015-08-07 23:40 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2015-10-01 21:32 - 2015-08-07 16:13 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-10-01 21:32 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2015-10-01 21:32 - 2015-08-06 18:47 - 04710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-10-01 21:32 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2015-10-01 21:32 - 2015-08-06 18:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2015-10-01 21:32 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-10-01 21:32 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-10-01 21:32 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-10-01 21:32 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-10-01 21:32 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-10-01 21:31 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-10-01 21:31 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-10-01 21:31 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-10-01 21:31 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-10-01 21:31 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-10-01 21:31 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-10-01 21:31 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-10-01 21:31 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 21:31 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-10-01 21:31 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-10-01 21:31 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 21:31 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-01 21:31 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-10-01 21:31 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-10-01 21:31 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-10-01 21:31 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-10-01 21:31 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-10-01 21:31 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-10-01 21:31 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-10-01 21:31 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-10-01 21:31 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-10-01 21:31 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-10-01 21:31 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-10-01 21:31 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-10-01 21:31 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-10-01 21:31 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-10-01 21:31 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-10-01 21:31 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-10-01 21:31 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-10-01 21:31 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-10-01 21:31 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-10-01 21:31 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-10-01 21:31 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-10-01 21:31 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-10-01 21:31 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-10-01 21:31 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-10-01 21:31 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-10-01 21:31 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-10-01 21:31 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-10-01 21:31 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-10-01 21:31 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-10-01 21:31 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-10-01 21:31 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-10-01 21:31 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-10-01 21:31 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-10-01 21:31 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-10-01 21:31 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-10-01 21:31 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-10-01 21:31 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-10-01 21:31 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-10-01 21:31 - 2014-10-29 05:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-10-01 21:31 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-10-01 21:31 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-10-01 21:31 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-10-01 21:31 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-10-01 21:31 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-10-01 21:31 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-10-01 21:31 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-10-01 21:31 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-10-01 21:31 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-10-01 21:31 - 2014-10-17 06:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-10-01 21:31 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 21:30 - 2015-07-16 20:58 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll
2015-10-01 20:28 - 2014-02-08 20:34 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2015-10-01 20:28 - 2014-02-08 20:34 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2015-10-01 20:22 - 2015-10-01 20:39 - 00000000 ____D C:\Users\Users\Documents\PASSFOTO
2015-10-01 20:20 - 2015-10-01 20:20 - 00000000 ____D C:\Users\Users\Desktop\DRUCKEN
2015-10-01 18:38 - 2015-10-01 18:38 - 00000000 ____D C:\Users\Users\AppData\Roaming\Nemetschek
2015-09-26 09:07 - 2015-09-26 09:07 - 00000000 ____D C:\Users\Users\AppData\Local\Nemetschek_Allplan_System
2015-09-25 20:05 - 2015-10-01 22:07 - 00003104 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3447733779-4191765115-1278922627-1002
2015-09-25 20:05 - 2015-09-25 20:05 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-09-25 20:05 - 2015-07-17 15:51 - 00984448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:51 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00901264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-09-25 20:05 - 2015-07-17 15:47 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-09-25 19:57 - 2015-09-25 19:57 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2015-09-25 19:57 - 2015-09-25 19:57 - 00002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2015-09-25 19:57 - 2015-09-25 19:57 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2015-09-25 19:57 - 2015-09-25 19:57 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2015-09-25 19:57 - 2015-09-25 19:57 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2015-09-25 19:57 - 2015-09-25 19:57 - 00002434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2015-09-25 19:57 - 2015-09-25 19:57 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2015-09-25 19:57 - 2015-09-25 19:57 - 00002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-09-25 19:57 - 2015-09-25 19:57 - 00002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-09-25 19:57 - 2015-09-25 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2015-09-25 19:56 - 2015-09-25 19:56 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-24 18:41 - 2015-09-24 18:41 - 00327920 _____ C:\Users\Users\Documents\Dokument.ndw
2015-09-24 18:41 - 2015-09-24 18:41 - 00000000 ____D C:\Users\Users\Documents\Allplan
2015-09-24 18:30 - 2015-09-24 18:30 - 00001907 _____ C:\Users\Public\Desktop\Allmenu 2015.lnk
2015-09-24 18:30 - 2015-09-24 18:30 - 00001900 _____ C:\Users\Public\Desktop\Allplan 2015.lnk
2015-09-24 18:30 - 2015-09-24 18:30 - 00000000 ____D C:\Users\Users\Documents\Nemetschek
2015-09-24 18:27 - 2015-10-02 06:59 - 00000646 _____ C:\WINDOWS\Tasks\WebContent AutoUpdate 2015.job
2015-09-24 18:27 - 2015-09-26 08:58 - 00000490 _____ C:\WINDOWS\Tasks\AutoUpdate Allplan 2015.job
2015-09-24 18:27 - 2015-09-25 10:07 - 00000000 ____D C:\Users\Users\AppData\Local\Nemetschek
2015-09-24 18:27 - 2015-09-24 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nemetschek
2015-09-24 18:27 - 2015-09-24 18:27 - 00003634 _____ C:\WINDOWS\System32\Tasks\WebContent AutoUpdate 2015
2015-09-24 18:27 - 2015-09-24 18:27 - 00003142 _____ C:\WINDOWS\System32\Tasks\AutoUpdate Allplan 2015
2015-09-24 18:05 - 2015-09-24 18:05 - 00000000 ____D C:\WINDOWS\Crystal
2015-09-24 18:05 - 2014-10-07 10:30 - 05350912 _____ (Seagate Software, Inc.) C:\WINDOWS\SysWOW64\crpe32.dll
2015-09-24 18:05 - 2014-10-07 10:30 - 00679424 _____ (Seagate Software, Inc.) C:\WINDOWS\SysWOW64\cr2c70de.dll
2015-09-24 18:05 - 2014-10-07 10:30 - 00413184 _____ (Seagate Software, Inc) C:\WINDOWS\SysWOW64\cpeaut32.dll
2015-09-24 18:05 - 2014-10-07 10:30 - 00183296 _____ (Seagate Software, Information Management Group, Inc.) C:\WINDOWS\SysWOW64\crpaig32.dll
2015-09-24 18:05 - 2014-10-07 10:30 - 00171520 _____ (Seagate Software, Inc) C:\WINDOWS\SysWOW64\P2smon.dll
2015-09-24 18:05 - 2014-10-07 10:30 - 00018944 _____ ( ) C:\WINDOWS\SysWOW64\implode.dll
2015-09-24 18:05 - 2014-10-07 10:29 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2015-09-24 18:05 - 2014-10-07 10:29 - 01047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2015-09-24 18:05 - 2014-10-07 10:29 - 00244232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX
2015-09-24 18:05 - 2014-10-07 10:29 - 00224016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2015-09-24 18:05 - 2014-10-07 10:29 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Comdlg32.ocx
2015-09-24 18:05 - 2014-10-07 10:29 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstdfmt.dll
2015-09-24 18:05 - 2014-10-07 10:29 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Atl71.dll
2015-09-24 18:05 - 2014-10-07 10:29 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2015-09-24 18:05 - 2014-10-07 10:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2015-09-24 18:05 - 2014-10-07 10:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2015-09-24 18:05 - 2014-10-07 10:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2015-09-24 18:05 - 2014-10-07 10:29 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2015-09-24 18:05 - 2014-10-07 10:29 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL
2015-09-24 18:03 - 2015-09-24 18:27 - 00000000 ____D C:\ProgramData\Nemetschek
2015-09-24 18:03 - 2015-09-24 18:27 - 00000000 ____D C:\Program Files\Nemetschek
2015-09-24 18:03 - 2015-09-24 18:03 - 00000000 ____D C:\Daten
2015-09-24 17:59 - 2015-09-24 17:59 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-09-24 17:59 - 2015-09-24 17:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-09-24 17:59 - 2015-09-24 17:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-09-19 13:03 - 2015-10-01 20:24 - 00000000 ____D C:\Users\Users\Desktop\FH GREENBUILDING WS15-16
2015-09-18 18:15 - 2015-09-18 18:15 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-09-18 18:15 - 2014-03-18 05:00 - 00406016 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMCB.DLL
2015-09-15 15:55 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-15 15:55 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-15 15:55 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-15 15:55 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-15 15:55 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-15 15:55 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-15 15:55 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-15 15:55 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-15 15:55 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-15 15:55 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-15 15:55 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-15 15:55 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-15 15:55 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-15 15:55 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-15 15:45 - 2015-09-15 15:45 - 00009171 _____ C:\Users\Users\Documents\FH Campus Wien - Datenblatt für Studierende.htm
2015-09-15 15:45 - 2015-09-15 15:45 - 00000000 ____D C:\Users\Users\Documents\FH Campus Wien - Datenblatt für Studierende-Dateien
2015-09-12 17:56 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-12 17:56 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-12 17:56 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-12 17:56 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-12 17:56 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-12 17:56 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-12 17:56 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-12 17:56 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-12 17:56 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-12 17:56 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-12 17:56 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-12 17:56 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-12 17:55 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-12 17:55 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-12 17:55 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-12 17:55 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-12 17:55 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-12 17:55 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-12 17:55 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-12 17:55 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-12 17:55 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-12 17:55 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-12 17:55 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-12 17:55 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-12 17:55 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-12 17:55 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-12 17:55 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-12 17:55 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-12 17:55 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-12 17:55 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-12 17:55 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-12 17:55 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-12 17:55 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-12 17:55 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-12 17:55 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-12 17:55 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-12 17:55 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-12 17:55 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-12 17:55 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-12 17:55 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-12 17:55 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-12 17:55 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-12 17:55 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-12 17:55 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-12 17:55 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-12 17:55 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-12 17:55 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-12 17:55 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-12 17:55 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-12 17:55 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-12 17:55 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-12 17:55 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-12 17:55 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-12 17:55 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-12 17:55 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-12 17:55 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-12 17:55 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-12 17:55 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-12 17:55 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-12 17:55 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-12 17:55 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-12 17:55 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-12 17:55 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-12 17:55 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-12 17:55 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-09 23:55 - 2015-09-09 23:55 - 00627288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00430264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00381128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00325232 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00257736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00235632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00080984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2015-09-06 06:31 - 2015-09-06 06:31 - 17625848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-09-06 06:31 - 2015-09-06 06:31 - 15139256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-09-06 06:30 - 2015-09-06 06:30 - 00948832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-09-06 06:29 - 2015-09-06 06:29 - 30496400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-09-06 06:29 - 2015-09-06 06:29 - 16160424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-09-06 06:29 - 2015-09-06 06:29 - 13277448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-09-06 06:29 - 2015-09-06 06:29 - 00040080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-09-06 06:28 - 2015-09-06 06:28 - 22959248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-09-06 06:28 - 2015-09-06 06:28 - 11063440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-09-06 06:28 - 2015-09-06 06:28 - 00164192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-09-06 06:28 - 2015-09-06 06:28 - 00159376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-09-06 06:28 - 2015-09-06 06:28 - 00137424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-09-06 06:27 - 2015-09-06 06:27 - 01069896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-09-06 06:27 - 2015-09-06 06:27 - 01061520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-09-06 06:27 - 2015-09-06 06:27 - 00991888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-09-06 06:26 - 2015-09-06 06:26 - 15902640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-09-06 06:26 - 2015-09-06 06:26 - 12886592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-09-06 06:26 - 2015-09-06 06:26 - 01906832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435382.dll
2015-09-06 06:26 - 2015-09-06 06:26 - 01566536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435382.dll
2015-09-06 06:26 - 2015-09-06 06:26 - 00985232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-09-06 06:25 - 2015-09-06 06:25 - 14512608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-09-06 06:25 - 2015-09-06 06:25 - 11846744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-09-06 06:25 - 2015-09-06 06:25 - 02943800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-09-06 06:25 - 2015-09-06 06:25 - 02611000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-09-06 06:20 - 2015-09-06 06:20 - 42740536 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-09-06 06:20 - 2015-09-06 06:20 - 37759104 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-09-06 06:19 - 2015-09-06 06:19 - 03017608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-09-06 04:44 - 2015-09-06 04:44 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-02 07:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-02 06:55 - 2014-10-12 01:29 - 00000000 ___RD C:\Users\Users\OneDrive
2015-10-02 06:55 - 2014-10-11 16:32 - 01583507 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-02 06:55 - 2013-11-14 22:28 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-01 22:08 - 2014-11-13 11:04 - 00000000 ____D C:\Users\Users\AppData\Local\NVIDIA Corporation
2015-10-01 22:06 - 2014-09-24 08:17 - 01984420 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-01 22:06 - 2014-09-24 07:43 - 00843606 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-01 22:06 - 2014-09-24 07:43 - 00192300 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-01 22:03 - 2014-10-12 01:23 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-01 22:01 - 2013-08-22 16:46 - 00355303 _____ C:\WINDOWS\setupact.log
2015-10-01 22:00 - 2015-04-13 13:44 - 00000342 _____ C:\WINDOWS\Tasks\HPCeeScheduleForUsers.job
2015-10-01 22:00 - 2014-09-23 23:06 - 00158394 _____ C:\WINDOWS\PFRO.log
2015-10-01 22:00 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-01 22:00 - 2012-12-28 04:20 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-01 21:58 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2015-10-01 21:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-10-01 21:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-10-01 21:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-10-01 21:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-10-01 21:52 - 2014-10-11 16:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-10-01 21:44 - 2013-05-31 04:42 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3447733779-4191765115-1278922627-1002
2015-10-01 21:36 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-01 21:32 - 2014-09-18 20:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-01 21:29 - 2013-08-20 12:28 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-01 21:21 - 2013-11-14 22:28 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-01 20:46 - 2013-05-31 04:35 - 00000000 ____D C:\Users\Users\AppData\Local\Packages
2015-10-01 20:41 - 2013-08-19 19:50 - 00000000 ____D C:\Users\Users\Documents\Dokumente
2015-10-01 20:40 - 2010-06-25 14:32 - 00000000 ____D C:\Users\Users\Documents\MusicMAMAhandy
2015-10-01 20:39 - 2015-09-01 16:03 - 00000000 ____D C:\Users\Users\Documents\samsung
2015-10-01 20:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-01 20:35 - 2012-12-28 04:26 - 00000000 ____D C:\Program Files\Bonjour
2015-10-01 20:34 - 2013-12-20 22:28 - 00000000 ____D C:\Users\Users\AppData\Local\Boss Media
2015-10-01 20:34 - 2013-12-20 22:28 - 00000000 ____D C:\ProgramData\Boss Media
2015-10-01 20:33 - 2012-10-27 17:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-01 20:31 - 2013-05-31 12:53 - 00000000 ____D C:\Users\Users\AppData\Local\CyberLink
2015-10-01 20:31 - 2012-10-27 17:23 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-10-01 20:29 - 2015-09-01 16:00 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2015-10-01 20:26 - 2014-10-11 14:08 - 00000000 ____D C:\Users\Users\Documents\NDU MMC UNI
2015-10-01 18:40 - 2015-03-06 12:11 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BCA760A7-DCF5-48E8-B7CE-42201E846A60}
2015-09-30 17:51 - 2014-10-30 12:28 - 00360448 ___SH C:\Users\Users\Desktop\Thumbs.db
2015-09-30 17:48 - 2013-05-31 12:53 - 00000000 ____D C:\Users\Users\Documents\Youcam
2015-09-30 17:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-27 16:30 - 2015-07-05 18:30 - 00000000 ____D C:\Program Files\Microsoft Office
2015-09-27 16:26 - 2013-08-31 19:05 - 00000179 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-09-25 20:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-23 10:29 - 2013-08-20 12:28 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-15 17:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-15 16:25 - 2013-08-19 20:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-15 15:41 - 2013-08-22 16:44 - 00543840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-15 03:18 - 2015-03-12 19:49 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2015-03-12 19:49 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-12 18:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-12 18:17 - 2014-09-24 08:00 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-06 06:28 - 2013-10-27 09:04 - 00185632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-09-06 06:19 - 2013-10-27 09:03 - 03415688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-09-06 05:45 - 2013-10-27 09:04 - 01110768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-09-02 20:15 - 2013-05-31 04:37 - 00000000 ____D C:\Users\Users\AppData\Local\Hewlett-Packard
2015-09-02 20:15 - 2012-10-27 17:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-09-02 19:52 - 2012-10-27 17:34 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-09-02 13:02 - 2015-03-02 23:21 - 00103936 ___SH C:\Users\Users\Downloads\Thumbs.db
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-02-10 12:31 - 2015-04-15 11:43 - 0000020 _____ () C:\Users\Users\AppData\Roaming\appdataFr3.bin
2013-08-29 19:24 - 2013-09-06 12:36 - 0000064 _____ () C:\Users\Users\AppData\Roaming\LiveSupport.exe_log.txt
2013-08-29 19:24 - 2013-09-06 13:14 - 0000092 _____ () C:\Users\Users\AppData\Roaming\regsvr32.exe_log.txt
2014-07-05 02:13 - 2014-07-05 02:13 - 0000838 _____ () C:\Users\Users\AppData\Local\recently-used.xbel
2013-05-31 04:38 - 2013-05-31 04:38 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\TEMP\DSETUP.dll
C:\Users\TEMP\dsetup32.dll
C:\Users\TEMP\DXSETUP.exe
Einige Dateien in TEMP:
====================
C:\Users\Users\AppData\Local\Temp\Extract.exe
C:\Users\Users\AppData\Local\Temp\HPPSdr.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-01 20:14
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-09-2015
durchgeführt von Users (2015-10-02 07:02:51)
Gestartet von C:\Users\Users\Desktop
Windows 8.1 (X64) (2014-10-11 23:22:57)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3447733779-4191765115-1278922627-500 - Administrator - Disabled)
Gast (S-1-5-21-3447733779-4191765115-1278922627-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3447733779-4191765115-1278922627-1004 - Limited - Enabled)
Users (S-1-5-21-3447733779-4191765115-1278922627-1002 - Administrator - Enabled) => C:\Users\Users
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
General Runtime Files for Allplan 2015-1-6 (x32 Version: 1.8.1.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Allplan 2015-1-6 x64 (Version: 1.5.0.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Nemetschek Softlock 2006 (x32 Version: 1.4.0.0 - Nemetschek) Hidden
General Runtime Files for Nemetschek Softlock 2006 64 (Version: 1.3.0.0 - Nemetschek) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{2DEDBE5B-D538-43F3-83A7-B037D6B51A89}) (Version: 4.2.8.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{5AAB470B-88CE-4158-AEF1-EB8DAB4CDFCF}) (Version: 1.2.1.0 - Hewlett-Packard)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.9.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.4229.1024 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{A047101C-A3AE-4FAD-802F-01C965079F66}) (Version: 11.1.3010.3 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Nemetschek Allplan 2015 (HKLM-x32\...\{2D6C562A-839E-4D16-903C-A5987EB61948}) (Version: 2015.0 - Nemetschek Allplan Systems GmbH)
Nemetschek SoftLock 2006 (HKLM-x32\...\{7262D0C8-41CC-4F75-8383-A6C7C61D7FC6}) (Version: 1.26.55 - Nemetschek)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.4229.1024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4229.1024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.4229.1024 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
ReconstructMe 2.1.348 (HKLM-x32\...\{50A45D0E-60B2-4D96-9A57-B2A5E9711B67}) (Version: 2.1.348 - Profactor GmbH)
Rhinoceros 5 (64-bit) (HKLM\...\{820B0C99-172C-4A1D-B598-5E37C540800A}) (Version: 5.9.40617.14345 - Robert McNeel & Associates)
Rhinoceros 5 (HKLM-x32\...\{1D8C9866-FBD3-448F-8F3D-BEF271931C14}) (Version: 5.9.40617.14345 - Robert McNeel & Associates)
Rhinoceros 5 Help Media (HKLM-x32\...\{E42CF82B-C897-4E9D-B8C4-DE63FF0A28D7}) (Version: 5.7.31022.19295 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (de-DE) (HKLM-x32\...\{DE557CCE-B72F-4375-8156-E2F61840C215}) (Version: 5.7.31022.19295 - Robert McNeel & Associates)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WinRAR 5.20 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.4 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Users\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
01-10-2015 20:29:57 Konfiguriert PhotoDirector
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04AD2C42-AF3D-4BA5-B628-DE5F5EDBFD12} - System32\Tasks\AutoUpdate Allplan 2015 => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2014-10-30] (Nemetschek Allplan Systems GmbH)
Task: {05C48943-A4C7-494C-82A9-1D9374CE1E8B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {0D87F05C-37E5-460D-94D6-01D428752A14} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {1CEFD840-AB51-46D2-B60A-749063D3F39B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-12] (CyberLink)
Task: {2C1C563B-B454-4062-89A3-CC0BBDD4551D} - System32\Tasks\StPrsSW => C:\Users\Users\AppData\Roaming\StPrsSW\stprss.exe [2015-01-19] ()
Task: {39BD4B3B-180B-424A-81A2-276209C534B4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {3B8AFC15-68D7-42F2-82E3-4BF91023C2AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14] (Google Inc.)
Task: {402F50E3-3D6F-4DC0-8574-FE035A62AB56} - System32\Tasks\WebContent AutoUpdate 2015 => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2014-10-30] (Nemetschek Allplan Systems GmbH)
Task: {43EEA08C-56C5-4C34-8E77-7DD163CCC9C1} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe ,Command701 update2 <==== ACHTUNG
Task: {5942FCB4-776B-4511-AE64-62219068BBC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-09-25] (Microsoft Corporation)
Task: {6369C258-4AE0-467B-BB63-12AF4F35B723} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-09-09] (Microsoft Corporation)
Task: {7132D491-E062-473D-8F90-BE7412C7055E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {772E2B49-3099-4D4E-B6F6-CE31B8CA70A6} - System32\Tasks\HPCeeScheduleForUsers => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {7DCEFE3B-71ED-466D-A9C6-D63E07ACD31E} - System32\Tasks\avaxvavya => C:\Users\UpdatusUser\AppData\Local\avaxvavya\avaxvavya.exe <==== ACHTUNG
Task: {9DBF8E72-6960-4779-B269-41B3DA3CC66E} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3447733779-4191765115-1278922627-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {9E3437B8-A47A-4E77-BF1C-27E11F9FA907} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {A3C204F6-2709-4B68-84EA-9EEC6B5BE573} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {AA85F292-8EB6-482B-B570-4CB4188B555B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-09-08] (Hewlett-Packard)
Task: {ACA405C2-7374-46A6-8084-6AA758EA2128} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-23] (Adobe Systems Incorporated)
Task: {AFD7DEA9-01C6-4948-A753-E71C183612E7} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe ,Command701 update3 <==== ACHTUNG
Task: {B366219A-459D-4D32-B671-551E01046685} - System32\Tasks\{B75C3B33-5133-4F65-A9F8-F4CCAD445232} => pcalua.exe -a "C:\Program Files (x86)\ParetoLogic\PCHA\uninstall.exe"
Task: {B538DA68-4D82-4C5C-9932-C98229E37114} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-09-09] (Microsoft Corporation)
Task: {C0A254F2-9541-4EFE-B9AB-20E3CB5A15AB} - System32\Tasks\avaxvbxvgx => C:\Users\UpdatusUser\AppData\Local\avaxvbxvgx\avaxvbxvgx.exe <==== ACHTUNG
Task: {C37B62BD-320B-4F40-B7B5-85AD2774839C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14] (Google Inc.)
Task: {CCC80F2C-01F7-4339-BA5E-997CB6FBE22C} - System32\Tasks\SMupdate1 => Rundll32.exe ,Command701 update1 <==== ACHTUNG
Task: {CDB4093D-5CEE-4031-ABD9-8CC7100B4893} - System32\Tasks\{6D382CF6-6DC9-4099-A3F7-3282A7DFA184} => pcalua.exe -a C:\Users\Users\Pictures\installcasino.exe -d C:\Users\Users\Pictures
Task: {F401A95C-9983-4577-A77E-D265EAAD2D87} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-09-08] (Hewlett-Packard)
Task: {FBA4A076-E241-4E96-8300-D21C1B796A24} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-09-25] (Microsoft Corporation)
Task: {FDA9D8D6-0B84-4A8C-B4FC-0726F91B9243} - \EPUpdater -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoUpdate Allplan 2015.job => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe7/f C:\Daten\Nemetschek\Allplan\Std\AllplanUpdate.inf
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForUsers.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\WebContent AutoUpdate 2015.job => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe…/f C:\Daten\Nemetschek\Allplan\Std\AllplanUpdate.inf /one http:/autoupdate.allplan.com/Updates/Allplan/MyPlan/2015/WebContent.upd
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-25 19:45 - 2015-09-09 22:33 - 00162880 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00120224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00048544 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-10-27 09:03 - 2015-09-06 06:26 - 00020624 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-12-28 04:19 - 2015-08-07 02:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-04 13:57 - 2015-07-04 13:57 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-08-31 13:36 - 2015-08-31 13:36 - 00044544 _____ () C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2015.828.1.1_x64__8kea50m9krsh2\CalendarApp.BackgroundTasks.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00134144 _____ () C:\WINDOWS\system32\WinMetadata\Windows.ApplicationModel.winmd
2015-08-31 13:36 - 2015-08-31 13:36 - 00175616 _____ () C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2015.828.1.1_x64__8kea50m9krsh2\CalendarApp.Common.DLL
2015-08-31 13:36 - 2015-08-31 13:36 - 00058880 _____ () C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2015.828.1.1_x64__8kea50m9krsh2\CalendarApp.Model.DLL
2013-08-22 09:19 - 2013-08-22 08:54 - 00112640 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Networking.winmd
2012-12-28 04:22 - 2013-08-31 19:22 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-09-06 06:26 - 2015-09-06 06:26 - 00022144 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\Users\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Users\Documents\Psychotherapie.eml:OECustomProperty
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Users\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "ensureXpScr.bat"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\StartupApproved\Run: => "Badoo Desktop"
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\StartupApproved\Run: => "AVG-Secure-Search-Update_0814av"
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\StartupApproved\Run: => "Speech Recognition"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{402DDAFF-1B49-4851-A3FB-78FE575C0280}] => (Allow) LPort=52000
FirewallRules: [UDP Query User{E42BB864-483C-4448-AC39-E6B082C0BA03}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [TCP Query User{4059AFED-004B-4B14-89F4-598D5ADEBB72}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{B4789BA1-9289-4EE0-BB06-200D6D9B3885}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [TCP Query User{4042EE88-8273-4A22-B4CA-D9B66D11C9E2}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{D01E7074-5F57-4ED9-B83E-718D612DB2F0}C:\users\users\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\users\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E8057C1F-A4E6-419A-A208-A3FDD991230E}C:\users\users\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\users\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8101A3B1-DF6B-48D6-A3FD-29B37C02C5AB}] => (Allow) C:\Program Files\avgemca.exe
FirewallRules: [{C7798981-EA7B-4730-ACA6-2C38EF73307E}] => (Allow) C:\Program Files\avgemca.exe
FirewallRules: [{E0C2730F-6106-4FC4-BF09-13507652AB37}] => (Allow) C:\Program Files\avgdiagex.exe
FirewallRules: [{E4E0DC7C-6C77-4DC3-AFA7-C5BB63503D5C}] => (Allow) C:\Program Files\avgdiagex.exe
FirewallRules: [{C903C2B9-3B3C-464E-A745-AB8C0BE4B21D}] => (Allow) C:\Program Files\avgnsa.exe
FirewallRules: [{C2BD14DD-8DBB-4BB4-B1EA-38A8F5C4284E}] => (Allow) C:\Program Files\avgnsa.exe
FirewallRules: [UDP Query User{E0EB152A-A8A1-452B-98CE-C4490A51F8A7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{98964D68-BEA1-4156-B5AB-EAE8F70915B5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E6AEB5D0-2E02-4440-8ED0-445D4D0A1C34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C09ABD54-4795-4311-B217-64B759AAC999}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{42F423E3-CDCF-46E2-9C78-973113ACE8D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B64DFFEA-CA20-4C9F-9D59-0624C9DFBA79}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E953F6F-235E-45BA-8D09-98BF3E28BAFF}] => (Allow) C:\Program Files\avgemca.exe
FirewallRules: [{4E798BB2-8C5B-4A8F-A181-4C53E66C7169}] => (Allow) C:\Program Files\avgemca.exe
FirewallRules: [{03E389A6-1DE0-4C9D-B5F5-E4073874C0BC}] => (Allow) C:\Program Files\avgdiagex.exe
FirewallRules: [{8A1AE224-8FD9-4E14-BBD3-A4DF0EE06C65}] => (Allow) C:\Program Files\avgdiagex.exe
FirewallRules: [{C9F134DC-CEB6-4F0B-A5A7-E9A404FA8B2F}] => (Allow) C:\Program Files\avgnsa.exe
FirewallRules: [{BDC6C4EF-F58A-4534-9719-FF4A3D8D427F}] => (Allow) C:\Program Files\avgnsa.exe
FirewallRules: [UDP Query User{44D48EAE-8C13-4235-B0F1-C99DF10743B8}C:\users\users\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\users\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{72121E1D-2705-4AD5-9001-08FEFABEFA9B}C:\users\users\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\users\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{0F5CAFA1-6DFF-4887-BB18-13C8B1D51756}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8C503A77-4C78-4227-96CA-C74FE451FA14}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7788C1B5-700B-45FE-A808-62591A916190}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{512B21FA-6800-42DF-80AC-215321062E1F}] => (Allow) C:\Users\Users\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BC9BDC14-9689-4AC5-8974-967A58E93021}] => (Allow) C:\Users\Users\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{71C1ADED-CEAD-40E4-96D9-C327E3227E7D}] => (Allow) C:\Program Files\avgmfapx.exe
FirewallRules: [{06AB2545-3038-4613-A34D-9B0B90ECD7AF}] => (Allow) C:\Program Files\avgmfapx.exe
FirewallRules: [{564ED369-CBD0-4660-8FF7-75C57D145E36}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{AEE9AE26-4986-48F9-BEFF-D88E6E9601B4}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{5393A771-643C-4D13-8399-785862928802}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{FAC8A741-9335-499C-BD72-89EEB7E1F26F}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{F1148F5E-633C-475B-A62B-52A10E88B862}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{F52665D3-09A7-4684-80EE-B0CC22C4D865}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{C27AEC41-1CB2-4A3B-8D82-D903935C2AB9}] => (Allow) LPort=1900
FirewallRules: [{1E9D910C-A211-4D37-9307-CFF8EE2E8432}] => (Allow) LPort=2869
FirewallRules: [{51D66EC0-9BFD-46E4-BD29-183F04753815}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4E14E79F-D8A8-4610-A98E-6C753EF8D690}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FCB4CC8B-9FFA-4E90-BD66-A7BF93F9F164}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS5364\HPDiagnosticCoreUI.exe
FirewallRules: [{31DBE879-7211-42A2-9897-FA68B7BA2A7A}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS5364\HPDiagnosticCoreUI.exe
FirewallRules: [{E03ADB5C-9698-49DF-A6C2-D944E876F606}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS5411\hppiw.exe
FirewallRules: [{5546EDC0-EF3D-4B81-94FF-FA4F6C1B27F5}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS5411\hppiw.exe
FirewallRules: [{76EC47E5-38C5-48C9-B111-13773C72AEAA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F72C1516-237B-4313-A915-6A19756FFB85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B4814E82-7850-479C-A64E-907D50272413}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1E0A4BB7-AD22-4506-98CB-9BB9A114147A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4E46CEFE-9B1A-4368-B85F-1C415C534D47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C1E161AF-6D0A-4320-BEF7-51370BCBC829}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4A8F2BD-A4AE-4325-AD52-0F7ABC0B3EE6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1BA88C12-2147-43D1-8E05-D0DF22148E25}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{8289F4FF-2CD9-4709-B026-029426F7A058}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{52F2146D-CF80-45F6-AA3D-979D1A12BB2D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D25F243B-3B30-462C-82F8-4AEF0D21AE66}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F77DE390-3EBC-4D75-B408-7F03AC075A4F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{9DDAEDBB-64AA-4315-8FCF-60EA73A224AB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{8A08AE00-E4DF-432B-87CE-A2D92F05F5A0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{844E80AB-D671-484A-A95D-C4D775DC1475}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS57BE\HPDiagnosticCoreUI.exe
FirewallRules: [{2AC1368F-31DF-4D76-B6A0-158F6989CDCF}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS57BE\HPDiagnosticCoreUI.exe
FirewallRules: [{027DCDC3-47B8-4D32-A460-C3FA5284FD5E}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS580A\HPDiagnosticCoreUI.exe
FirewallRules: [{206CEED4-3FA7-4DD6-AC30-72B57F32F014}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS580A\HPDiagnosticCoreUI.exe
FirewallRules: [{409CCDD3-F40C-4395-A6C6-CD16B35AFBD0}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS748F\hppiw.exe
FirewallRules: [{CEAF1563-8AD3-46A5-86D1-D506AB56C620}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS748F\hppiw.exe
FirewallRules: [{E3DA3DCB-9F62-4D00-B212-638A5FE63F26}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS332B\HPDiagnosticCoreUI.exe
FirewallRules: [{53FB456B-504A-4B78-85F0-50A93DA6963C}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS332B\HPDiagnosticCoreUI.exe
FirewallRules: [{643740E6-73C7-463A-A4BB-F16704BDA9AA}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS36DF\hppiw.exe
FirewallRules: [{C59D3DF1-F303-4772-8B8A-563891DC1142}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS36DF\hppiw.exe
FirewallRules: [{70FC0154-B22A-4C1C-88F3-3178B3FFD7B7}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS4E6F\HPDiagnosticCoreUI.exe
FirewallRules: [{56644EFC-CEA7-4EA6-B72B-3685E2C2CAF6}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS4E6F\HPDiagnosticCoreUI.exe
FirewallRules: [{6F552B24-0D51-40CC-96FD-74F86E0C3931}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{7093F432-1E5D-405D-AFCA-8D89A9722429}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5F9D5442-07B9-43E5-9B09-7DDC2DB397FF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{89FAF7D8-3D01-4A7A-B5AE-43C54C04C6BF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{47B2C729-5C42-4118-8260-71A24AB58268}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4C3880A8-C306-4230-9807-D71D7A60BFB7}] => (Allow) C:\Users\Users\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A259D3C4-07D6-4F69-81D9-06CAE442D10C}] => (Allow) LPort=53000
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/01/2015 10:04:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.5.9.1002, Zeitstempel: 0x5065e128
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x069f5895
ID des fehlerhaften Prozesses: 0x7b4
Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0
Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1
Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2
Berichtskennung: IAStorDataMgrSvc.exe3
Vollständiger Name des fehlerhaften Pakets: IAStorDataMgrSvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IAStorDataMgrSvc.exe5
Error: (10/01/2015 10:04:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (10/01/2015 09:39:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.17904, Zeitstempel: 0x557b0ffa
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000082cfbe
ID des fehlerhaften Prozesses: 0x1470
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5
Error: (10/01/2015 06:38:03 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (09/29/2015 06:50:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 36063453
Error: (09/29/2015 06:50:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 36063453
Error: (09/29/2015 06:50:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/26/2015 10:42:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
Error: (09/26/2015 10:42:42 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (09/26/2015 10:42:42 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
Systemfehler:
=============
Error: (10/01/2015 10:06:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 1203.
Error: (10/01/2015 10:06:17 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 1203.
Error: (10/01/2015 10:05:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 1203.
Error: (10/01/2015 10:04:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/01/2015 10:01:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SystemsUp erreicht.
Error: (09/30/2015 07:03:52 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 1203.
Error: (09/30/2015 07:03:22 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 1203.
Error: (09/30/2015 07:02:52 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 1203.
Error: (09/29/2015 07:13:21 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 1203.
Error: (09/29/2015 07:12:51 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 1203.
CodeIntegrity:
===================================
Date: 2014-11-13 14:19:23.283
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 14:19:23.173
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 10:37:48.797
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 10:37:48.687
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 10:34:17.698
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 10:34:17.574
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 10:06:50.617
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 10:06:50.507
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 09:30:29.739
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 09:30:29.645
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8084.27 MB
Verfügbarer physikalischer RAM: 6006.86 MB
Summe virtueller Speicher: 9364.27 MB
Verfügbarer virtueller Speicher: 7250.66 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:678.25 GB) (Free:508.51 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (RECOVERY) (Fixed) (Total:19.17 GB) (Free:2.4 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: BBC99B85)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
02.10.2015, 10:58
| #4 |
| /// Malwareteam | Lösung: Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
02.10.2015, 11:05
| #5 |
| | Wie Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter Vielen Dank!! Ist kein problem und vielen Dank für die Mühe!!  Liebe Grüße |
|
02.10.2015, 16:37
| #6 | |
| /// Malwareteam | Wo Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter Lösung! Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Zitat:
  Schritt 1 Du hast deinen Google Chrome in der Developer Version installiert. Das wird häufig durch Malware verursacht. Dazu sieht es so aus, als würdest du ihn eh fast nie benutzen und er ist sowieso veraltet. Also bitte deinstallieren - falls du ihn aus irgend einem Grund wieder benötigst, kannst du ihn natürlich wieder neu runterladen. Drücke dazu gleichzeitig  + X und öffne Programme und Funktionen und deinstalliere:
Lass während der Deinstallation alle Nutzerdaten von Chrome entfernen! Schritt 2 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter closeprocesses:
Task: {2C1C563B-B454-4062-89A3-CC0BBDD4551D} - System32\Tasks\StPrsSW => C:\Users\Users\AppData\Roaming\StPrsSW\stprss.exe [2015-01-19] ()
C:\Users\Users\AppData\Roaming\StPrsSW
Task: {CCC80F2C-01F7-4339-BA5E-997CB6FBE22C} - System32\Tasks\SMupdate1 => Rundll32.exe ,Command701 update1 <==== ACHTUNG
Task: {43EEA08C-56C5-4C34-8E77-7DD163CCC9C1} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe ,Command701 update2 <==== ACHTUNG
Task: {AFD7DEA9-01C6-4948-A753-E71C183612E7} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe ,Command701 update3 <==== ACHTUNG
Task: {7DCEFE3B-71ED-466D-A9C6-D63E07ACD31E} - System32\Tasks\avaxvavya => C:\Users\UpdatusUser\AppData\Local\avaxvavya\avaxvavya.exe <==== ACHTUNG
Task: {C0A254F2-9541-4EFE-B9AB-20E3CB5A15AB} - System32\Tasks\avaxvbxvgx => C:\Users\UpdatusUser\AppData\Local\avaxvbxvgx\avaxvbxvgx.exe <==== ACHTUNG
C:\Users\UpdatusUser\AppData\Local\avaxvbxvgx
C:\Users\UpdatusUser\AppData\Local\avaxvavya
Task: {CDB4093D-5CEE-4031-ABD9-8CC7100B4893} - System32\Tasks\{6D382CF6-6DC9-4099-A3F7-3282A7DFA184} => pcalua.exe -a C:\Users\Users\Pictures\installcasino.exe -d C:\Users\Users\Pictures
C:\Users\Users\Pictures\installcasino.exe
Task: {FDA9D8D6-0B84-4A8C-B4FC-0726F91B9243} - \EPUpdater -> Keine Datei <==== ACHTUNG
AlternateDataStreams: C:\ProgramData\Temp:373E1720
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\Run: [Only-search] => C:\Users\Users\AppData\Local\onlysearch\onlysearch\1.3.15.4\onlysearch.exe
C:\Users\Users\AppData\Local\onlysearch
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ensureXpScr.bat [2013-06-07] ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60502;https=127.0.0.1:60502
removeproxy:
Tcpip\..\Interfaces\{83E2D362-8275-4B99-9FBF-97D752721744}: [DhcpNameServer] 40.22.1.201 40.22.1.203
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
S2 a090c46f; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\SystemsUp\SystemsUp.dll",serv
c:\Program Files (x86)\SystemsUp
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 3 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 4 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 5 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Scan Bitte poste in deiner nächsten Antwort also:
__________________ --> Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter Geändert von burningice (02.10.2015 um 17:20 Uhr) |
|
02.10.2015, 20:15
| #7 |
| | Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter hii endlich fertig..! :S Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-09-2015
durchgeführt von Users (2015-10-02 19:10:10) Run:1
Gestartet von C:\Users\Users\Desktop
Geladene Profile: Users (Verfügbare Profile: Users)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
closeprocesses:
Task: {2C1C563B-B454-4062-89A3-CC0BBDD4551D} - System32\Tasks\StPrsSW => C:\Users\Users\AppData\Roaming\StPrsSW\stprss.exe [2015-01-19] ()
C:\Users\Users\AppData\Roaming\StPrsSW
Task: {CCC80F2C-01F7-4339-BA5E-997CB6FBE22C} - System32\Tasks\SMupdate1 => Rundll32.exe ,Command701 update1 <==== ACHTUNG
Task: {43EEA08C-56C5-4C34-8E77-7DD163CCC9C1} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe ,Command701 update2 <==== ACHTUNG
Task: {AFD7DEA9-01C6-4948-A753-E71C183612E7} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe ,Command701 update3 <==== ACHTUNG
Task: {7DCEFE3B-71ED-466D-A9C6-D63E07ACD31E} - System32\Tasks\avaxvavya => C:\Users\UpdatusUser\AppData\Local\avaxvavya\avaxvavya.exe <==== ACHTUNG
Task: {C0A254F2-9541-4EFE-B9AB-20E3CB5A15AB} - System32\Tasks\avaxvbxvgx => C:\Users\UpdatusUser\AppData\Local\avaxvbxvgx\avaxvbxvgx.exe <==== ACHTUNG
C:\Users\UpdatusUser\AppData\Local\avaxvbxvgx
C:\Users\UpdatusUser\AppData\Local\avaxvavya
Task: {CDB4093D-5CEE-4031-ABD9-8CC7100B4893} - System32\Tasks\{6D382CF6-6DC9-4099-A3F7-3282A7DFA184} => pcalua.exe -a C:\Users\Users\Pictures\installcasino.exe -d C:\Users\Users\Pictures
C:\Users\Users\Pictures\installcasino.exe
Task: {FDA9D8D6-0B84-4A8C-B4FC-0726F91B9243} - \EPUpdater -> Keine Datei <==== ACHTUNG
AlternateDataStreams: C:\ProgramData\Temp:373E1720
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\Run: [Only-search] => C:\Users\Users\AppData\Local\onlysearch\onlysearch\1.3.15.4\onlysearch.exe
C:\Users\Users\AppData\Local\onlysearch
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ensureXpScr.bat [2013-06-07] ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60502;https=127.0.0.1:60502
removeproxy:
Tcpip\..\Interfaces\{83E2D362-8275-4B99-9FBF-97D752721744}: [DhcpNameServer] 40.22.1.201 40.22.1.203
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
S2 a090c46f; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\SystemsUp\SystemsUp.dll",serv
c:\Program Files (x86)\SystemsUp
emptytemp:
*****************
Prozess erfolgreich geschlossen.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C1C563B-B454-4062-89A3-CC0BBDD4551D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C1C563B-B454-4062-89A3-CC0BBDD4551D}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\StPrsSW => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StPrsSW" => Schlüssel erfolgreich entfernt
C:\Users\Users\AppData\Roaming\StPrsSW => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CCC80F2C-01F7-4339-BA5E-997CB6FBE22C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCC80F2C-01F7-4339-BA5E-997CB6FBE22C}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\SMupdate1 => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMupdate1" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{43EEA08C-56C5-4C34-8E77-7DD163CCC9C1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43EEA08C-56C5-4C34-8E77-7DD163CCC9C1}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AFD7DEA9-01C6-4948-A753-E71C183612E7}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFD7DEA9-01C6-4948-A753-E71C183612E7}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMupdate3" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DCEFE3B-71ED-466D-A9C6-D63E07ACD31E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DCEFE3B-71ED-466D-A9C6-D63E07ACD31E}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\avaxvavya => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avaxvavya" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0A254F2-9541-4EFE-B9AB-20E3CB5A15AB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0A254F2-9541-4EFE-B9AB-20E3CB5A15AB}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\avaxvbxvgx => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avaxvbxvgx" => Schlüssel erfolgreich entfernt
C:\Users\UpdatusUser\AppData\Local\avaxvbxvgx => erfolgreich verschoben
C:\Users\UpdatusUser\AppData\Local\avaxvavya => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CDB4093D-5CEE-4031-ABD9-8CC7100B4893}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDB4093D-5CEE-4031-ABD9-8CC7100B4893}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{6D382CF6-6DC9-4099-A3F7-3282A7DFA184} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6D382CF6-6DC9-4099-A3F7-3282A7DFA184}" => Schlüssel erfolgreich entfernt
C:\Users\Users\Pictures\installcasino.exe => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDA9D8D6-0B84-4A8C-B4FC-0726F91B9243}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDA9D8D6-0B84-4A8C-B4FC-0726F91B9243}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater" => Schlüssel erfolgreich entfernt
C:\ProgramData\Temp => ":373E1720" ADS erfolgreich entfernt.
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Only-search => Wert erfolgreich entfernt
"C:\Users\Users\AppData\Local\onlysearch" => Datei/Ordner nicht gefunden.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ensureXpScr.bat => erfolgreich verschoben
"HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Wert erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wert erfolgreich entfernt
========= RemoveProxy: =========
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{83E2D362-8275-4B99-9FBF-97D752721744}\\DhcpNameServer => Wert erfolgreich entfernt
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel nicht gefunden.
a090c46f => Dienst erfolgreich entfernt
c:\Program Files (x86)\SystemsUp => erfolgreich verschoben
EmptyTemp: => 4.8 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 19:11:26 ====
Code:
ATTFilter # AdwCleaner v5.009 - Bericht erstellt am 02/10/2015 um 19:30:20
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-30.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Users - CILLIVANILLI
# Gestartet von : C:\Users\Users\Desktop\AdwCleaner_5.009.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst Gelöscht : iSafeKrnlMon
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec
[-] Ordner Gelöscht : C:\Program Files (x86)\LuCkySShopupper
[-] Ordner Gelöscht : C:\Program Files (x86)\RuoyalCooupOn
[-] Ordner Gelöscht : C:\Program Files (x86)\SalesCheaCkerr
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\ParetoLogic
[-] Ordner Gelöscht : C:\ProgramData\Fighters
[-] Ordner Gelöscht : C:\ProgramData\CouponFactory
[-] Ordner Gelöscht : C:\ProgramData\14705146259891875208
[-] Ordner Gelöscht : C:\ProgramData\cc132c9cb704ed88
[-] Ordner Gelöscht : C:\Users\Users\AppData\Roaming\BabSolution
[-] Ordner Gelöscht : C:\Users\Users\AppData\Roaming\DriverCure
[-] Ordner Gelöscht : C:\Users\Users\AppData\Roaming\FirefoxToolbar
[-] Ordner Gelöscht : C:\Users\Users\AppData\Roaming\ParetoLogic
[-] Ordner Gelöscht : C:\Users\Users\AppData\Roaming\WebExtend
[-] Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Users\AppData\Roaming\LiveSupport.exe_log.txt
[-] Datei Gelöscht : C:\Users\Users\AppData\Roaming\regsvr32.exe_log.txt
[-] Datei Gelöscht : C:\Users\Users\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk
[-] Datei Gelöscht : C:\Users\Users\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Goodgame Empire.lnk
[-] Datei Gelöscht : C:\Users\Users\AppData\Roaming\Mozilla\Firefox\Profiles\a7t4eu8f.default\user.js
[-] Datei Gelöscht : C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
[-] Datei Gelöscht : C:\WINDOWS\Sysnative\log\iSafeKrnlCall.log
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : AutoUpdate Allplan 2015
[-] Task Gelöscht : AutoUpdate Allplan 2015
[-] Task Gelöscht : Adobe Flash Player Updater
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\iedll.dll
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pfddf94d2_7b86_4391_8eec_55c969e22056_.Pfddf94d2_7b86_4391_8eec_55c969e22056_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pfddf94d2_7b86_4391_8eec_55c969e22056_.Pfddf94d2_7b86_4391_8eec_55c969e22056_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\52063b1b-f493-5c74-913e-f37bb7146849
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{fddf94d2-7b86-4391-8eec-55c969e22056}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{89310413-97E0-4F09-AA75-390A7F4D4918}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fddf94d2-7b86-4391-8eec-55c969e22056}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fddf94d2-7b86-4391-8eec-55c969e22056}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{fddf94d2-7b86-4391-8eec-55c969e22056}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fddf94d2-7b86-4391-8eec-55c969e22056}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{fddf94d2-7b86-4391-8eec-55c969e22056}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{fddf94d2-7b86-4391-8eec-55c969e22056}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fddf94d2-7b86-4391-8eec-55c969e22056}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Avg Secure Update
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
[-] Schlüssel Gelöscht : HKCU\Software\ParetoLogic
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\Appscion
[-] Schlüssel Gelöscht : HKCU\Software\Avg Secure Update
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SiteSee
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Avg Secure Update
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\BABSOLUTION
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Optimizer Pro
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ParetoLogic
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Softonic
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Appscion
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Avg Secure Update
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\YTDownloader
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
***** [ Internetbrowser ] *****
[-] [C:\Users\Users\AppData\Roaming\Mozilla\Firefox\Profiles\a7t4eu8f.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "default-search.net");
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9310 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.10.2015 Suchlaufzeit: 19:43 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.06.03.03 Rootkit-Datenbank: v2015.09.22.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Users Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 424018 Abgelaufene Zeit: 39 Min., 2 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 130 PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11F37D19-B94F-4B46-A3FC-C6AB2F5A94A8}, In Quarantäne, [c38c2a8cd5b5171f67ae47377f86e21e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{12EF3B50-1696-48D5-8B86-9E7C97105A36}, In Quarantäne, [e16eeec8b6d4ca6ce531bbc3c243a45c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{133E24C0-CF68-4096-8F69-ABE1977FA9A0}, In Quarantäne, [81ce06b0c8c2ef47a3725d2111f4bf41], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1679276F-4C34-4E47-BB4C-DC9A5A53A727}, In Quarantäne, [e46b7a3c692166d064b2b5c9957036ca], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{16C5F9A8-52F4-4886-B78A-133FA37BF56B}, In Quarantäne, [4d026551e9a101355abb205e4bba5ea2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{171650C2-71C5-4FD2-A1D4-9BAF31771291}, In Quarantäne, [dc73486ee4a667cfef2786f850b552ae], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{18266A5C-3E64-4A2A-A285-BF72E24056D0}, In Quarantäne, [da752492365455e18c898cf2966f6b95], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1865E627-6103-4022-B6D9-C7A7B9955268}, In Quarantäne, [57f8fcba593137ff9c79532b45c041bf], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19369172-1331-4B4B-BA3C-BAA75EB46AC5}, In Quarantäne, [63ece9cd2a60181efb1a740a8e771ce4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19407409-E979-4251-AB98-BF5E1293D4F9}, In Quarantäne, [6de2d5e1583294a255c07e00f5108080], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19575508-890F-4652-916F-D26A198B35D9}, In Quarantäne, [0b44c5f1c1c90036cd49fd81679ebb45], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1B0C30D3-F439-4A5F-B3D5-1F47EB9A867B}, In Quarantäne, [73dcd2e4a3e7e65052c4df9fb154619f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1ECC54AC-85DD-479A-8B5D-39DC4694BED9}, In Quarantäne, [d17e2690f298cf6744d267177a8baa56], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1F846BC6-D7CC-4946-9A61-E1AA8E6654CE}, In Quarantäne, [85ca4e6847438fa7888ed0ae8481b54b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20FA9E61-478A-4B7E-9D1B-EBC55D131B68}, In Quarantäne, [72dd5b5b7614f145ba5b6a14e42116ea], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{25A701F9-653B-498A-9ACC-5C538A47B5E4}, In Quarantäne, [1e319c1abbcf8aac57bfcab410f59769], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{273B0DEC-944F-4E24-A359-704DCDF82CB5}, In Quarantäne, [dc73179f2367f93d66af96e891741ee2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2C69428B-E364-4C9E-9486-9BE0A29A82AF}, In Quarantäne, [7ad52294aae05fd7b660eb938e77ec14], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2D4C5F29-5298-4A66-A4CB-541BEC67BEE4}, In Quarantäne, [3619d4e2f199ef471ef85925b64f9d63], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2E1C4B38-3643-428F-99DF-BCBD6FB64916}, In Quarantäne, [77d8caec90fabe7825f13f3f57ae9f61], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ECB8AC5-6DD1-401A-9AD8-944175B9EABE}, In Quarantäne, [0946d2e48ffb8fa758bd205e1fe61ce4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{30EBF920-6D51-4046-B1FC-8712F792CCC2}, In Quarantäne, [97b80caa87033ef89b7bdf9f39cc6e92], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31A19EE9-BDA6-45FB-AB63-8C2E4B9F736C}, In Quarantäne, [80cf14a2a3e7f541e234d5a96e97e61a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36FBF70A-FDE9-4D4B-B2EB-916E1D4BCB2B}, In Quarantäne, [c68912a40981af8744d1512d9174b749], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AAF5036-7BDC-475C-8064-7072DFDB923C}, In Quarantäne, [4609dbdb96f43ff7f81da3db0afb6b95], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3DA626D6-FAB7-42C6-A5D6-79809D967DC3}, In Quarantäne, [08477541fb8ff83e51c5aed0957058a8], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E3EE82D-4E1D-4470-87A0-ADD214DC9DE9}, In Quarantäne, [ec638036e4a675c1d14557271ee7f10f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40381478-C60E-4323-AA79-6EBBE9A6B7EC}, In Quarantäne, [9cb3eccaabdf66d06ca9c4baf31250b0], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40660010-9886-480C-9D1B-C128C72575F1}, In Quarantäne, [cf80c1f5fb8fd75f72a44a347095db25], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42AF10D4-3C92-4AED-95E8-C96762BB58C5}, In Quarantäne, [004f8b2b3a50ab8b5eb785f96f96619f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42DCFC56-11FA-4E71-B699-E71C46822B81}, In Quarantäne, [e26d387ebccecb6bdb3be39b0ff623dd], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4306255D-C98D-468E-B426-6E79FAFD4A95}, In Quarantäne, [f8579c1ae1a904328492c9b541c4ad53], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4455D4E8-1712-451B-A3C4-317CAA40E683}, In Quarantäne, [e768efc7cdbdd75ff3233f3faa5b9868], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4470498F-4BF8-4E10-9EF6-175043A526FB}, In Quarantäne, [85ca5a5c7713e452a670aed0db2a0cf4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{459C29D1-F48F-4E6B-BECC-8447EB20B88D}, In Quarantäne, [74db9b1b02882e088e88e09e38cd38c8], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{468D2492-A13A-4ABB-B3C2-5AF9736182F9}, In Quarantäne, [d778b303b9d149ed6da879050500c040], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4ADBF9B8-B995-4C9B-95DA-E33A2ABCBC41}, In Quarantäne, [5bf4a610dbafd066ba5c5b230ef71ae6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4FF4CAD1-3E1C-4D56-904E-50822439D862}, In Quarantäne, [2e21dbdb0d7d350151c4dba336cf0000], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{512E8D8A-8104-4A31-81D7-7D3BB22EFBF9}, In Quarantäne, [d17e8531701a0531cd497a0407fe9070], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{51C22DE9-B678-448B-AEE3-D6D94EF4F67C}, In Quarantäne, [4b0410a6c1c90630f02518669471b947], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{52117C6D-8D36-4BBA-A7CE-B4F7819A9D5D}, In Quarantäne, [26299c1aa7e370c6ca4b601e01045da3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53A069A3-955B-49B2-9AD1-6E72277D7EA9}, In Quarantäne, [222d4b6b4743f73fe134b0ce9f66c43c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53A14A09-7CBC-4AA5-85F7-E381D39C1499}, In Quarantäne, [f659288e5832a294ee282a549f66a957], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56AF2571-C149-483E-A94B-69665DF29234}, In Quarantäne, [54fb2a8c286269cdc254c8b6c5403ec2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56EE9026-8224-467B-B634-C36118708A40}, In Quarantäne, [c887783e04868aac5eb8ceb07a8be41c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59779C23-D154-477E-8FEA-F8C833FF1084}, In Quarantäne, [53fc8f276228989ee03668168c79a65a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E816B6E-6D58-49C5-9C40-869A8345BEB6}, In Quarantäne, [c887872f7b0f87af55c12e5025e07d83], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EE630D7-F015-4CA7-94DD-F9B599212BE5}, In Quarantäne, [064982347c0ecd691104ceb01aebc23e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6075E29B-6FAA-44F4-A2E4-E5D6E02EC673}, In Quarantäne, [8bc45b5bb7d32115a670f38bf312629e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{61F2AEE1-7AA3-41DC-8A25-81AC1E61DD9A}, In Quarantäne, [1b34bcfabfcb3bfb8690d2acf70e758b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{638DFF55-9B11-4C99-BE82-D092171B9450}, In Quarantäne, [99b601b58208c274c74e7707e61f11ef], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{65A4A3FB-68F4-4416-8C32-9C884589EFF5}, In Quarantäne, [1e314670d6b4b581f71e4b33867ff20e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6AF91F86-F1B8-445A-9DA7-18B55FFAD69C}, In Quarantäne, [3916f5c126642214070e84fa44c1c43c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CFB110B-BEC3-4616-91E6-4786953670C7}, In Quarantäne, [d37cefc7761453e3080dc8b616ef6b95], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E6CA953-8EA8-466D-B01E-744F2674B7A7}, In Quarantäne, [75dabbfb8dfd72c411043a44ae5749b7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E6EFC07-E4A5-40C1-9D34-EBF279CE1860}, In Quarantäne, [fd52a214385277bfc452c3bbc73e07f9], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F65ECD0-3AD5-4104-88D7-134047B1374A}, In Quarantäne, [53fc179fcfbb2a0c9a7b1b63a75e04fc], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BF5B4B9-7E45-43AA-BF36-7F77CB66DD48}, In Quarantäne, [0e412f87791143f331e4c8b6d03556aa], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C105E72-A1C9-4AD0-B743-8792CB134E63}, In Quarantäne, [c9867640ed9d10266fa64a3409fc6f91], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7CD049DB-AC78-47D2-B0A4-D23B2019C129}, In Quarantäne, [c8870babf5952f07100689f556af8a76], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{80411ED2-5D54-4DCB-9EDA-C66A1BC0B9C5}, In Quarantäne, [2b24f2c41377290dc353542aca3bd030], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8300BFFA-DDB4-43C2-A6A4-5D46D6B76135}, In Quarantäne, [0b44674f8307dc5a45d1d9a5976e9a66], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8CBACD0E-8A15-42E4-BA6F-594EA3FB6C25}, In Quarantäne, [dd72bef87515261041d5cdb121e419e7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D63F289-C423-440F-8575-653DC0B22E95}, In Quarantäne, [a7a8179f8a0076c075a0a1ddb94c3ec2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FCC8649-D502-4523-9CC6-D9DB58E5328A}, In Quarantäne, [0e41773f1a70280e4dc9c1bda06521df], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FFE96BD-57D3-4861-A379-1749684E4EE5}, In Quarantäne, [96b9c4f21179270f6da9f18deb1ac13f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{90D23FAE-89A6-451F-ACE7-1C31F5588ECE}, In Quarantäne, [4e01e0d6b0da8caa0b0bd0aec93c14ec], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9175D344-EDE2-4EA9-8D63-20DB9985201C}, In Quarantäne, [0d422096dfabd36360b63d4107fed12f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{922C7440-65DC-4E08-B198-1379CBA2D7A5}, In Quarantäne, [3f1090261c6e00367a9c3d41788d04fc], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{93ED7251-9A55-4BF3-BEA3-6783388D3581}, In Quarantäne, [ada2edc9dbafb38321f5b6c8cd3828d8], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94296722-3AA0-4AC5-B196-B532543E8DC9}, In Quarantäne, [da752f87a8e22b0b40d5710d46bf21df], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95F25221-3CF0-4223-B0EA-6FB46FBF5F44}, In Quarantäne, [123dc3f3602ab581bf575c229d68e61a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{975FA31F-C228-4D64-B1F0-E65EF2822CDC}, In Quarantäne, [4906575f2664142225f01b637e87eb15], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98918FD7-FB2E-4C35-83C1-E649A0D4C88E}, In Quarantäne, [a6a9dfd71a7090a69d787fffcf364eb2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98DDF27F-590E-4254-9A52-6D8B15F7C8C4}, In Quarantäne, [6fe07640afdb0c2a5fb7542a9c694eb2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9A0752C4-998F-4D36-98F5-EEDD13F16DB0}, In Quarantäne, [113e3482bfcb96a01ff7bac45baaba46], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9ADD3A97-E69A-45C9-AEC1-F5BC4C262BC3}, In Quarantäne, [e56a43730684e94d5fb65d211aebb848], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B436CD0-462F-4082-BA5B-9A7F807840E6}, In Quarantäne, [9bb4c4f26228270fde37047a95703dc3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D929B5D-75AE-4FC8-A41E-9FFEFD4AC18F}, In Quarantäne, [53fcb501a0eab284997c1c62b74eaf51], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A0CC5ADB-BEBF-4EE4-8A26-736FDAEDFD4E}, In Quarantäne, [153aae083e4cb284001694ea55b0659b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A11735CC-6C2D-45F5-BBF6-2D13A8E48F66}, In Quarantäne, [bc936254503a69cdd541c8b60bfae21e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2132B35-C928-465B-86B8-9BE725C68512}, In Quarantäne, [8cc360562763979fff16166816ef35cb], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A8BE5303-E853-4840-A123-D1DB9AFCA8B5}, In Quarantäne, [8cc38e288a009e9830e52e50e02553ad], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AAA992AE-A034-499D-A89F-CDF452EF25B6}, In Quarantäne, [4a0509ad0a8034022ce9e797a461c23e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC346D0E-993B-4846-9711-1347E2FC1640}, In Quarantäne, [88c714a266244beb987ecfaf35d00ef2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD766F9A-4032-494F-96C5-506E9278C4EB}, In Quarantäne, [222d6254a8e2063027ee730b14f1768a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ADE98941-EA7A-4453-8530-64612BC6893D}, In Quarantäne, [a8a771458ffbb284df36fd81f70e1ee2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AEEAADDD-2D30-456A-A616-2855CC32C8DF}, In Quarantäne, [6ce3a80ecebcd462bd59ccb2788dfc04], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B152AA36-7DF7-4ACF-994C-91655C8BA5E3}, In Quarantäne, [ca853b7b3a502b0b130297e7887d817f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3EDB532-DD85-4286-BA64-8371D3CD6E59}, In Quarantäne, [9ab52591cdbd76c07c996f0fcd38d22e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BABCA3DC-2352-4BF0-8784-24631D5C3759}, In Quarantäne, [bb94eacc7911320400151f5fae5713ed], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BF82E43C-FA59-48A4-9A64-17241B1977BF}, In Quarantäne, [c986ddd9711943f3888e7608da2b31cf], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C1264A46-8CA6-4EB8-A85B-EC6A93C35843}, In Quarantäne, [b699e6d0f694171fa0755628b154b54b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C2BDB8B3-96E4-49F4-92A2-F1E43F8AA972}, In Quarantäne, [57f872444c3e90a6d046453990758a76], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C31758ED-2C7D-43E9-AFB6-A2B736477887}, In Quarantäne, [014e4571a7e354e251c4fc8272934ab6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5FFDA39-7501-429C-89F9-2BEC7D795D82}, In Quarantäne, [b49bb9fdbbcf1e1865b198e6b94c1de3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8014A0A-926D-4F2A-AF52-CE934070AAC6}, In Quarantäne, [94bb6a4c6b1fd165c74fbbc334d1e020], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CAFC3503-1E8D-49D5-BD2F-FDA0E760A8B2}, In Quarantäne, [d57ae5d1f199e551de37522cc144768a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CFC9C3F5-F6D6-421E-A268-81C332B74677}, In Quarantäne, [4807e9cd1e6c1b1bd145f18d6a9b59a7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D3CA02B2-F160-4390-8552-C3A36A875668}, In Quarantäne, [5ff0d3e3107ab87ef4215e2059ac0df3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D501D8BE-584B-413A-A677-D2C38C156D6A}, In Quarantäne, [2f20298d4446171f3dd8cab455b034cc], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D554D2FF-C47F-40EF-957F-A7EEAE70571F}, In Quarantäne, [6ee1eaccbad056e0b164bec0d233a15f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D6F6D5F3-21B2-4E6B-B2FF-57E0DB2F82DF}, In Quarantäne, [e56a11a53c4ec274c352d8a6877eb34d], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D86CFA50-A71D-463B-AB84-147669B47813}, In Quarantäne, [2f206452a4e6fb3b8096166806ffcb35], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9397D17-E208-4915-AD16-CC66A7C5F8EA}, In Quarantäne, [fe515d592d5db87e72a38cf2cd383bc5], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DBA983CB-BB3A-4A21-BAEC-1C943F349EFA}, In Quarantäne, [a1ae3e7888023006a96d314da065ed13], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC8B69FC-877A-4413-965F-B1E0BE158053}, In Quarantäne, [e7683482e5a506308e88aed061a40000], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD2F2236-BC9E-44D1-92E5-28BAC1C435AF}, In Quarantäne, [f45b4d6997f375c1799c6a14af56b64a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD83328B-68F6-49EA-83E3-343E402836F9}, In Quarantäne, [212e12a46129c67015017a048b7a6799], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E098FE75-98FD-41BB-B386-4D6823FB3494}, In Quarantäne, [d27df2c401895bdb5db8c0be887d6799], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E144EC02-4E94-4B88-B3F0-5BF1C34AEB6E}, In Quarantäne, [fe51b7ffc1c98aac2de9f985be4722de], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E327CEF6-93F4-437F-9179-EFBEA338FAC4}, In Quarantäne, [e66951657911db5b1bfbfa84ab5a4ab6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E4955B15-39AD-4BC3-A969-D81F724BE5FE}, In Quarantäne, [400fad09cfbbd264789ea2dca2634fb1], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E60C83F8-18C5-44E8-B41A-7C6033D5824F}, In Quarantäne, [9eb1f2c466249a9c2ceab0ce3dc8d32d], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E690DC33-CE7C-4C1A-A6A2-668B163C7024}, In Quarantäne, [fc534c6a93f7bf774cc90876f2139070], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E7C51047-13B2-4624-B17D-8F638A95CC20}, In Quarantäne, [2d221c9a1377b6803fd6a4da3cc929d7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E94414C5-8939-45B7-B690-A9CEC1897FE8}, In Quarantäne, [e86746707f0b3600b75eabd3a56056aa], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB00475C-ABD3-4FBD-9FE9-39F2482A2F1C}, In Quarantäne, [1936fdb9b7d30432cd487fff34d1e917], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EBB30523-778A-4E3E-BE42-FFEE1A28DE86}, In Quarantäne, [1639278f1674ed491204ed9129dc12ee], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EC27B153-D0F4-40F6-A552-B33C934ABBF2}, In Quarantäne, [aba425910f7bd36371a4542a13f2bc44], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F39190ED-6880-489A-BEC1-D9C1314B3BDE}, In Quarantäne, [99b69d195832f93d32e4037b08fd728e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F5F420EE-8473-4A24-AF6B-C89671118B18}, In Quarantäne, [cd829b1b0f7b46f059bd5925e42144bc], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F7638ACF-25E5-4217-B64D-498F939F2AE6}, In Quarantäne, [bc938d293258f244b85da3db08fd847c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9131D2A-2D63-4B6C-AC2B-285C598D498C}, In Quarantäne, [8bc45c5a49416cca43d387f7ec19857b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F931E649-2379-4B81-8B7A-92D4F380F142}, In Quarantäne, [61ee6a4c513979bd70a599e544c19b65], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9D916E2-B9CA-4153-918E-36209BF6AADE}, In Quarantäne, [2827e2d4cac0e74f30e5691539cc5da3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA95D5A2-4702-4474-9310-B3D13D613A37}, In Quarantäne, [b798a0166426c76f9f76700e729323dd], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FCD8E2F0-6112-4BB6-8799-59F5D79C4D61}, In Quarantäne, [3b14833354361224c550314d7f86ca36], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FD3C1CA1-6651-4F9E-BE50-84BFF2E1A67B}, In Quarantäne, [df701b9b3d4d1026f91db8c60cf96b95], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FFEC86F0-ACC8-4078-A8EB-625BC940C53F}, In Quarantäne, [3e11278f2f5b4aec43d29fdf887d6f91], Registrierungswerte: 130 PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11F37D19-B94F-4B46-A3FC-C6AB2F5A94A8}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [c38c2a8cd5b5171f67ae47377f86e21e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{12EF3B50-1696-48D5-8B86-9E7C97105A36}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e16eeec8b6d4ca6ce531bbc3c243a45c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{133E24C0-CF68-4096-8F69-ABE1977FA9A0}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [81ce06b0c8c2ef47a3725d2111f4bf41] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1679276F-4C34-4E47-BB4C-DC9A5A53A727}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e46b7a3c692166d064b2b5c9957036ca] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{16C5F9A8-52F4-4886-B78A-133FA37BF56B}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [4d026551e9a101355abb205e4bba5ea2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{171650C2-71C5-4FD2-A1D4-9BAF31771291}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [dc73486ee4a667cfef2786f850b552ae] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{18266A5C-3E64-4A2A-A285-BF72E24056D0}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [da752492365455e18c898cf2966f6b95] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1865E627-6103-4022-B6D9-C7A7B9955268}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [57f8fcba593137ff9c79532b45c041bf] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19369172-1331-4B4B-BA3C-BAA75EB46AC5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [63ece9cd2a60181efb1a740a8e771ce4] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19407409-E979-4251-AB98-BF5E1293D4F9}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [6de2d5e1583294a255c07e00f5108080] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19575508-890F-4652-916F-D26A198B35D9}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [0b44c5f1c1c90036cd49fd81679ebb45] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1B0C30D3-F439-4A5F-B3D5-1F47EB9A867B}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [73dcd2e4a3e7e65052c4df9fb154619f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1ECC54AC-85DD-479A-8B5D-39DC4694BED9}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [d17e2690f298cf6744d267177a8baa56] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1F846BC6-D7CC-4946-9A61-E1AA8E6654CE}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [85ca4e6847438fa7888ed0ae8481b54b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20FA9E61-478A-4B7E-9D1B-EBC55D131B68}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [72dd5b5b7614f145ba5b6a14e42116ea] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{25A701F9-653B-498A-9ACC-5C538A47B5E4}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [1e319c1abbcf8aac57bfcab410f59769] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{273B0DEC-944F-4E24-A359-704DCDF82CB5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [dc73179f2367f93d66af96e891741ee2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2C69428B-E364-4C9E-9486-9BE0A29A82AF}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [7ad52294aae05fd7b660eb938e77ec14] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2D4C5F29-5298-4A66-A4CB-541BEC67BEE4}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [3619d4e2f199ef471ef85925b64f9d63] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2E1C4B38-3643-428F-99DF-BCBD6FB64916}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [77d8caec90fabe7825f13f3f57ae9f61] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ECB8AC5-6DD1-401A-9AD8-944175B9EABE}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [0946d2e48ffb8fa758bd205e1fe61ce4] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{30EBF920-6D51-4046-B1FC-8712F792CCC2}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [97b80caa87033ef89b7bdf9f39cc6e92] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31A19EE9-BDA6-45FB-AB63-8C2E4B9F736C}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [80cf14a2a3e7f541e234d5a96e97e61a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36FBF70A-FDE9-4D4B-B2EB-916E1D4BCB2B}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [c68912a40981af8744d1512d9174b749] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AAF5036-7BDC-475C-8064-7072DFDB923C}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [4609dbdb96f43ff7f81da3db0afb6b95] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3DA626D6-FAB7-42C6-A5D6-79809D967DC3}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [08477541fb8ff83e51c5aed0957058a8] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E3EE82D-4E1D-4470-87A0-ADD214DC9DE9}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [ec638036e4a675c1d14557271ee7f10f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40381478-C60E-4323-AA79-6EBBE9A6B7EC}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [9cb3eccaabdf66d06ca9c4baf31250b0] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40660010-9886-480C-9D1B-C128C72575F1}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [cf80c1f5fb8fd75f72a44a347095db25] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42AF10D4-3C92-4AED-95E8-C96762BB58C5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [004f8b2b3a50ab8b5eb785f96f96619f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42DCFC56-11FA-4E71-B699-E71C46822B81}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e26d387ebccecb6bdb3be39b0ff623dd] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4306255D-C98D-468E-B426-6E79FAFD4A95}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [f8579c1ae1a904328492c9b541c4ad53] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4455D4E8-1712-451B-A3C4-317CAA40E683}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e768efc7cdbdd75ff3233f3faa5b9868] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4470498F-4BF8-4E10-9EF6-175043A526FB}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [85ca5a5c7713e452a670aed0db2a0cf4] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{459C29D1-F48F-4E6B-BECC-8447EB20B88D}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [74db9b1b02882e088e88e09e38cd38c8] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{468D2492-A13A-4ABB-B3C2-5AF9736182F9}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [d778b303b9d149ed6da879050500c040] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4ADBF9B8-B995-4C9B-95DA-E33A2ABCBC41}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [5bf4a610dbafd066ba5c5b230ef71ae6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4FF4CAD1-3E1C-4D56-904E-50822439D862}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [2e21dbdb0d7d350151c4dba336cf0000] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{512E8D8A-8104-4A31-81D7-7D3BB22EFBF9}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [d17e8531701a0531cd497a0407fe9070] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{51C22DE9-B678-448B-AEE3-D6D94EF4F67C}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [4b0410a6c1c90630f02518669471b947] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{52117C6D-8D36-4BBA-A7CE-B4F7819A9D5D}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [26299c1aa7e370c6ca4b601e01045da3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53A069A3-955B-49B2-9AD1-6E72277D7EA9}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [222d4b6b4743f73fe134b0ce9f66c43c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53A14A09-7CBC-4AA5-85F7-E381D39C1499}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [f659288e5832a294ee282a549f66a957] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56AF2571-C149-483E-A94B-69665DF29234}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [54fb2a8c286269cdc254c8b6c5403ec2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56EE9026-8224-467B-B634-C36118708A40}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [c887783e04868aac5eb8ceb07a8be41c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59779C23-D154-477E-8FEA-F8C833FF1084}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [53fc8f276228989ee03668168c79a65a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E816B6E-6D58-49C5-9C40-869A8345BEB6}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [c887872f7b0f87af55c12e5025e07d83] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EE630D7-F015-4CA7-94DD-F9B599212BE5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [064982347c0ecd691104ceb01aebc23e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6075E29B-6FAA-44F4-A2E4-E5D6E02EC673}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [8bc45b5bb7d32115a670f38bf312629e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{61F2AEE1-7AA3-41DC-8A25-81AC1E61DD9A}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [1b34bcfabfcb3bfb8690d2acf70e758b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{638DFF55-9B11-4C99-BE82-D092171B9450}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [99b601b58208c274c74e7707e61f11ef] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{65A4A3FB-68F4-4416-8C32-9C884589EFF5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [1e314670d6b4b581f71e4b33867ff20e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6AF91F86-F1B8-445A-9DA7-18B55FFAD69C}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [3916f5c126642214070e84fa44c1c43c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CFB110B-BEC3-4616-91E6-4786953670C7}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [d37cefc7761453e3080dc8b616ef6b95] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E6CA953-8EA8-466D-B01E-744F2674B7A7}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [75dabbfb8dfd72c411043a44ae5749b7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E6EFC07-E4A5-40C1-9D34-EBF279CE1860}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [fd52a214385277bfc452c3bbc73e07f9] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F65ECD0-3AD5-4104-88D7-134047B1374A}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [53fc179fcfbb2a0c9a7b1b63a75e04fc] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BF5B4B9-7E45-43AA-BF36-7F77CB66DD48}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [0e412f87791143f331e4c8b6d03556aa] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C105E72-A1C9-4AD0-B743-8792CB134E63}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [c9867640ed9d10266fa64a3409fc6f91] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7CD049DB-AC78-47D2-B0A4-D23B2019C129}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [c8870babf5952f07100689f556af8a76] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{80411ED2-5D54-4DCB-9EDA-C66A1BC0B9C5}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [2b24f2c41377290dc353542aca3bd030] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8300BFFA-DDB4-43C2-A6A4-5D46D6B76135}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [0b44674f8307dc5a45d1d9a5976e9a66] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8CBACD0E-8A15-42E4-BA6F-594EA3FB6C25}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [dd72bef87515261041d5cdb121e419e7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D63F289-C423-440F-8575-653DC0B22E95}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [a7a8179f8a0076c075a0a1ddb94c3ec2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FCC8649-D502-4523-9CC6-D9DB58E5328A}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [0e41773f1a70280e4dc9c1bda06521df] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FFE96BD-57D3-4861-A379-1749684E4EE5}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [96b9c4f21179270f6da9f18deb1ac13f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{90D23FAE-89A6-451F-ACE7-1C31F5588ECE}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [4e01e0d6b0da8caa0b0bd0aec93c14ec] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9175D344-EDE2-4EA9-8D63-20DB9985201C}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [0d422096dfabd36360b63d4107fed12f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{922C7440-65DC-4E08-B198-1379CBA2D7A5}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [3f1090261c6e00367a9c3d41788d04fc] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{93ED7251-9A55-4BF3-BEA3-6783388D3581}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [ada2edc9dbafb38321f5b6c8cd3828d8] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94296722-3AA0-4AC5-B196-B532543E8DC9}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [da752f87a8e22b0b40d5710d46bf21df] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95F25221-3CF0-4223-B0EA-6FB46FBF5F44}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [123dc3f3602ab581bf575c229d68e61a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{975FA31F-C228-4D64-B1F0-E65EF2822CDC}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [4906575f2664142225f01b637e87eb15] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98918FD7-FB2E-4C35-83C1-E649A0D4C88E}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [a6a9dfd71a7090a69d787fffcf364eb2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98DDF27F-590E-4254-9A52-6D8B15F7C8C4}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [6fe07640afdb0c2a5fb7542a9c694eb2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9A0752C4-998F-4D36-98F5-EEDD13F16DB0}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [113e3482bfcb96a01ff7bac45baaba46] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9ADD3A97-E69A-45C9-AEC1-F5BC4C262BC3}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [e56a43730684e94d5fb65d211aebb848] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B436CD0-462F-4082-BA5B-9A7F807840E6}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [9bb4c4f26228270fde37047a95703dc3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D929B5D-75AE-4FC8-A41E-9FFEFD4AC18F}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [53fcb501a0eab284997c1c62b74eaf51] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A0CC5ADB-BEBF-4EE4-8A26-736FDAEDFD4E}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [153aae083e4cb284001694ea55b0659b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A11735CC-6C2D-45F5-BBF6-2D13A8E48F66}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [bc936254503a69cdd541c8b60bfae21e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2132B35-C928-465B-86B8-9BE725C68512}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [8cc360562763979fff16166816ef35cb] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A8BE5303-E853-4840-A123-D1DB9AFCA8B5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [8cc38e288a009e9830e52e50e02553ad] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AAA992AE-A034-499D-A89F-CDF452EF25B6}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [4a0509ad0a8034022ce9e797a461c23e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC346D0E-993B-4846-9711-1347E2FC1640}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [88c714a266244beb987ecfaf35d00ef2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD766F9A-4032-494F-96C5-506E9278C4EB}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [222d6254a8e2063027ee730b14f1768a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ADE98941-EA7A-4453-8530-64612BC6893D}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [a8a771458ffbb284df36fd81f70e1ee2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AEEAADDD-2D30-456A-A616-2855CC32C8DF}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [6ce3a80ecebcd462bd59ccb2788dfc04] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B152AA36-7DF7-4ACF-994C-91655C8BA5E3}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [ca853b7b3a502b0b130297e7887d817f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3EDB532-DD85-4286-BA64-8371D3CD6E59}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [9ab52591cdbd76c07c996f0fcd38d22e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BABCA3DC-2352-4BF0-8784-24631D5C3759}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [bb94eacc7911320400151f5fae5713ed] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BF82E43C-FA59-48A4-9A64-17241B1977BF}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [c986ddd9711943f3888e7608da2b31cf] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C1264A46-8CA6-4EB8-A85B-EC6A93C35843}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [b699e6d0f694171fa0755628b154b54b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C2BDB8B3-96E4-49F4-92A2-F1E43F8AA972}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [57f872444c3e90a6d046453990758a76] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C31758ED-2C7D-43E9-AFB6-A2B736477887}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [014e4571a7e354e251c4fc8272934ab6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5FFDA39-7501-429C-89F9-2BEC7D795D82}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [b49bb9fdbbcf1e1865b198e6b94c1de3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8014A0A-926D-4F2A-AF52-CE934070AAC6}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [94bb6a4c6b1fd165c74fbbc334d1e020] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CAFC3503-1E8D-49D5-BD2F-FDA0E760A8B2}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [d57ae5d1f199e551de37522cc144768a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CFC9C3F5-F6D6-421E-A268-81C332B74677}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [4807e9cd1e6c1b1bd145f18d6a9b59a7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D3CA02B2-F160-4390-8552-C3A36A875668}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [5ff0d3e3107ab87ef4215e2059ac0df3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D501D8BE-584B-413A-A677-D2C38C156D6A}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [2f20298d4446171f3dd8cab455b034cc] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D554D2FF-C47F-40EF-957F-A7EEAE70571F}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [6ee1eaccbad056e0b164bec0d233a15f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D6F6D5F3-21B2-4E6B-B2FF-57E0DB2F82DF}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [e56a11a53c4ec274c352d8a6877eb34d] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D86CFA50-A71D-463B-AB84-147669B47813}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [2f206452a4e6fb3b8096166806ffcb35] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9397D17-E208-4915-AD16-CC66A7C5F8EA}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [fe515d592d5db87e72a38cf2cd383bc5] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DBA983CB-BB3A-4A21-BAEC-1C943F349EFA}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [a1ae3e7888023006a96d314da065ed13] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC8B69FC-877A-4413-965F-B1E0BE158053}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e7683482e5a506308e88aed061a40000] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD2F2236-BC9E-44D1-92E5-28BAC1C435AF}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [f45b4d6997f375c1799c6a14af56b64a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD83328B-68F6-49EA-83E3-343E402836F9}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [212e12a46129c67015017a048b7a6799] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E098FE75-98FD-41BB-B386-4D6823FB3494}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [d27df2c401895bdb5db8c0be887d6799] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E144EC02-4E94-4B88-B3F0-5BF1C34AEB6E}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [fe51b7ffc1c98aac2de9f985be4722de] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E327CEF6-93F4-437F-9179-EFBEA338FAC4}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e66951657911db5b1bfbfa84ab5a4ab6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E4955B15-39AD-4BC3-A969-D81F724BE5FE}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [400fad09cfbbd264789ea2dca2634fb1] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E60C83F8-18C5-44E8-B41A-7C6033D5824F}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [9eb1f2c466249a9c2ceab0ce3dc8d32d] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E690DC33-CE7C-4C1A-A6A2-668B163C7024}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [fc534c6a93f7bf774cc90876f2139070] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E7C51047-13B2-4624-B17D-8F638A95CC20}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [2d221c9a1377b6803fd6a4da3cc929d7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E94414C5-8939-45B7-B690-A9CEC1897FE8}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [e86746707f0b3600b75eabd3a56056aa] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB00475C-ABD3-4FBD-9FE9-39F2482A2F1C}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [1936fdb9b7d30432cd487fff34d1e917] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EBB30523-778A-4E3E-BE42-FFEE1A28DE86}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [1639278f1674ed491204ed9129dc12ee] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EC27B153-D0F4-40F6-A552-B33C934ABBF2}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [aba425910f7bd36371a4542a13f2bc44] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F39190ED-6880-489A-BEC1-D9C1314B3BDE}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [99b69d195832f93d32e4037b08fd728e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F5F420EE-8473-4A24-AF6B-C89671118B18}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [cd829b1b0f7b46f059bd5925e42144bc] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F7638ACF-25E5-4217-B64D-498F939F2AE6}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [bc938d293258f244b85da3db08fd847c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9131D2A-2D63-4B6C-AC2B-285C598D498C}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [8bc45c5a49416cca43d387f7ec19857b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F931E649-2379-4B81-8B7A-92D4F380F142}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [61ee6a4c513979bd70a599e544c19b65] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9D916E2-B9CA-4153-918E-36209BF6AADE}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [2827e2d4cac0e74f30e5691539cc5da3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA95D5A2-4702-4474-9310-B3D13D613A37}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [b798a0166426c76f9f76700e729323dd] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FCD8E2F0-6112-4BB6-8799-59F5D79C4D61}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [3b14833354361224c550314d7f86ca36] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FD3C1CA1-6651-4F9E-BE50-84BFF2E1A67B}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [df701b9b3d4d1026f91db8c60cf96b95] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FFEC86F0-ACC8-4078-A8EB-625BC940C53F}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [3e11278f2f5b4aec43d29fdf887d6f91] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 3 PUP.Optional.BeautifyForTrello.A, C:\Program Files (x86)\Beautify for Trello, In Quarantäne, [53fc397da0eac27472261a5b0ef7fb05], PUP.Optional.OptimizerPro.A, C:\Users\Users\Documents\Optimizer Pro, In Quarantäne, [62ed872f8ffbd95d6026f68aeb1a9769], PUP.Optional.SearchProtect.A, C:\Users\UpdatusUser\AppData\Local\avaxvyyvyf, In Quarantäne, [72dd585e8307300617359b43887b8a76], Dateien: 2 PUP.Optional.BeautifyForTrello.A, C:\Program Files (x86)\Beautify for Trello\Beautify for Trello.dat, In Quarantäne, [53fc397da0eac27472261a5b0ef7fb05], PUP.Optional.OptimizerPro.A, C:\Users\Users\Documents\Optimizer Pro\CookiesException.txt, In Quarantäne, [62ed872f8ffbd95d6026f68aeb1a9769], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
02.10.2015, 20:16
| #8 |
| | Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher ParameterCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.10.2015 Suchlaufzeit: 19:43 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.06.03.03 Rootkit-Datenbank: v2015.09.22.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Users Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 424018 Abgelaufene Zeit: 39 Min., 2 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 130 PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11F37D19-B94F-4B46-A3FC-C6AB2F5A94A8}, In Quarantäne, [c38c2a8cd5b5171f67ae47377f86e21e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{12EF3B50-1696-48D5-8B86-9E7C97105A36}, In Quarantäne, [e16eeec8b6d4ca6ce531bbc3c243a45c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{133E24C0-CF68-4096-8F69-ABE1977FA9A0}, In Quarantäne, [81ce06b0c8c2ef47a3725d2111f4bf41], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1679276F-4C34-4E47-BB4C-DC9A5A53A727}, In Quarantäne, [e46b7a3c692166d064b2b5c9957036ca], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{16C5F9A8-52F4-4886-B78A-133FA37BF56B}, In Quarantäne, [4d026551e9a101355abb205e4bba5ea2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{171650C2-71C5-4FD2-A1D4-9BAF31771291}, In Quarantäne, [dc73486ee4a667cfef2786f850b552ae], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{18266A5C-3E64-4A2A-A285-BF72E24056D0}, In Quarantäne, [da752492365455e18c898cf2966f6b95], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1865E627-6103-4022-B6D9-C7A7B9955268}, In Quarantäne, [57f8fcba593137ff9c79532b45c041bf], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19369172-1331-4B4B-BA3C-BAA75EB46AC5}, In Quarantäne, [63ece9cd2a60181efb1a740a8e771ce4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19407409-E979-4251-AB98-BF5E1293D4F9}, In Quarantäne, [6de2d5e1583294a255c07e00f5108080], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19575508-890F-4652-916F-D26A198B35D9}, In Quarantäne, [0b44c5f1c1c90036cd49fd81679ebb45], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1B0C30D3-F439-4A5F-B3D5-1F47EB9A867B}, In Quarantäne, [73dcd2e4a3e7e65052c4df9fb154619f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1ECC54AC-85DD-479A-8B5D-39DC4694BED9}, In Quarantäne, [d17e2690f298cf6744d267177a8baa56], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1F846BC6-D7CC-4946-9A61-E1AA8E6654CE}, In Quarantäne, [85ca4e6847438fa7888ed0ae8481b54b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20FA9E61-478A-4B7E-9D1B-EBC55D131B68}, In Quarantäne, [72dd5b5b7614f145ba5b6a14e42116ea], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{25A701F9-653B-498A-9ACC-5C538A47B5E4}, In Quarantäne, [1e319c1abbcf8aac57bfcab410f59769], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{273B0DEC-944F-4E24-A359-704DCDF82CB5}, In Quarantäne, [dc73179f2367f93d66af96e891741ee2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2C69428B-E364-4C9E-9486-9BE0A29A82AF}, In Quarantäne, [7ad52294aae05fd7b660eb938e77ec14], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2D4C5F29-5298-4A66-A4CB-541BEC67BEE4}, In Quarantäne, [3619d4e2f199ef471ef85925b64f9d63], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2E1C4B38-3643-428F-99DF-BCBD6FB64916}, In Quarantäne, [77d8caec90fabe7825f13f3f57ae9f61], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ECB8AC5-6DD1-401A-9AD8-944175B9EABE}, In Quarantäne, [0946d2e48ffb8fa758bd205e1fe61ce4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{30EBF920-6D51-4046-B1FC-8712F792CCC2}, In Quarantäne, [97b80caa87033ef89b7bdf9f39cc6e92], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31A19EE9-BDA6-45FB-AB63-8C2E4B9F736C}, In Quarantäne, [80cf14a2a3e7f541e234d5a96e97e61a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36FBF70A-FDE9-4D4B-B2EB-916E1D4BCB2B}, In Quarantäne, [c68912a40981af8744d1512d9174b749], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AAF5036-7BDC-475C-8064-7072DFDB923C}, In Quarantäne, [4609dbdb96f43ff7f81da3db0afb6b95], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3DA626D6-FAB7-42C6-A5D6-79809D967DC3}, In Quarantäne, [08477541fb8ff83e51c5aed0957058a8], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E3EE82D-4E1D-4470-87A0-ADD214DC9DE9}, In Quarantäne, [ec638036e4a675c1d14557271ee7f10f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40381478-C60E-4323-AA79-6EBBE9A6B7EC}, In Quarantäne, [9cb3eccaabdf66d06ca9c4baf31250b0], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40660010-9886-480C-9D1B-C128C72575F1}, In Quarantäne, [cf80c1f5fb8fd75f72a44a347095db25], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42AF10D4-3C92-4AED-95E8-C96762BB58C5}, In Quarantäne, [004f8b2b3a50ab8b5eb785f96f96619f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42DCFC56-11FA-4E71-B699-E71C46822B81}, In Quarantäne, [e26d387ebccecb6bdb3be39b0ff623dd], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4306255D-C98D-468E-B426-6E79FAFD4A95}, In Quarantäne, [f8579c1ae1a904328492c9b541c4ad53], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4455D4E8-1712-451B-A3C4-317CAA40E683}, In Quarantäne, [e768efc7cdbdd75ff3233f3faa5b9868], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4470498F-4BF8-4E10-9EF6-175043A526FB}, In Quarantäne, [85ca5a5c7713e452a670aed0db2a0cf4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{459C29D1-F48F-4E6B-BECC-8447EB20B88D}, In Quarantäne, [74db9b1b02882e088e88e09e38cd38c8], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{468D2492-A13A-4ABB-B3C2-5AF9736182F9}, In Quarantäne, [d778b303b9d149ed6da879050500c040], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4ADBF9B8-B995-4C9B-95DA-E33A2ABCBC41}, In Quarantäne, [5bf4a610dbafd066ba5c5b230ef71ae6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4FF4CAD1-3E1C-4D56-904E-50822439D862}, In Quarantäne, [2e21dbdb0d7d350151c4dba336cf0000], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{512E8D8A-8104-4A31-81D7-7D3BB22EFBF9}, In Quarantäne, [d17e8531701a0531cd497a0407fe9070], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{51C22DE9-B678-448B-AEE3-D6D94EF4F67C}, In Quarantäne, [4b0410a6c1c90630f02518669471b947], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{52117C6D-8D36-4BBA-A7CE-B4F7819A9D5D}, In Quarantäne, [26299c1aa7e370c6ca4b601e01045da3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53A069A3-955B-49B2-9AD1-6E72277D7EA9}, In Quarantäne, [222d4b6b4743f73fe134b0ce9f66c43c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53A14A09-7CBC-4AA5-85F7-E381D39C1499}, In Quarantäne, [f659288e5832a294ee282a549f66a957], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56AF2571-C149-483E-A94B-69665DF29234}, In Quarantäne, [54fb2a8c286269cdc254c8b6c5403ec2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56EE9026-8224-467B-B634-C36118708A40}, In Quarantäne, [c887783e04868aac5eb8ceb07a8be41c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59779C23-D154-477E-8FEA-F8C833FF1084}, In Quarantäne, [53fc8f276228989ee03668168c79a65a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E816B6E-6D58-49C5-9C40-869A8345BEB6}, In Quarantäne, [c887872f7b0f87af55c12e5025e07d83], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EE630D7-F015-4CA7-94DD-F9B599212BE5}, In Quarantäne, [064982347c0ecd691104ceb01aebc23e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6075E29B-6FAA-44F4-A2E4-E5D6E02EC673}, In Quarantäne, [8bc45b5bb7d32115a670f38bf312629e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{61F2AEE1-7AA3-41DC-8A25-81AC1E61DD9A}, In Quarantäne, [1b34bcfabfcb3bfb8690d2acf70e758b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{638DFF55-9B11-4C99-BE82-D092171B9450}, In Quarantäne, [99b601b58208c274c74e7707e61f11ef], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{65A4A3FB-68F4-4416-8C32-9C884589EFF5}, In Quarantäne, [1e314670d6b4b581f71e4b33867ff20e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6AF91F86-F1B8-445A-9DA7-18B55FFAD69C}, In Quarantäne, [3916f5c126642214070e84fa44c1c43c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CFB110B-BEC3-4616-91E6-4786953670C7}, In Quarantäne, [d37cefc7761453e3080dc8b616ef6b95], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E6CA953-8EA8-466D-B01E-744F2674B7A7}, In Quarantäne, [75dabbfb8dfd72c411043a44ae5749b7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E6EFC07-E4A5-40C1-9D34-EBF279CE1860}, In Quarantäne, [fd52a214385277bfc452c3bbc73e07f9], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F65ECD0-3AD5-4104-88D7-134047B1374A}, In Quarantäne, [53fc179fcfbb2a0c9a7b1b63a75e04fc], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BF5B4B9-7E45-43AA-BF36-7F77CB66DD48}, In Quarantäne, [0e412f87791143f331e4c8b6d03556aa], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C105E72-A1C9-4AD0-B743-8792CB134E63}, In Quarantäne, [c9867640ed9d10266fa64a3409fc6f91], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7CD049DB-AC78-47D2-B0A4-D23B2019C129}, In Quarantäne, [c8870babf5952f07100689f556af8a76], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{80411ED2-5D54-4DCB-9EDA-C66A1BC0B9C5}, In Quarantäne, [2b24f2c41377290dc353542aca3bd030], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8300BFFA-DDB4-43C2-A6A4-5D46D6B76135}, In Quarantäne, [0b44674f8307dc5a45d1d9a5976e9a66], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8CBACD0E-8A15-42E4-BA6F-594EA3FB6C25}, In Quarantäne, [dd72bef87515261041d5cdb121e419e7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D63F289-C423-440F-8575-653DC0B22E95}, In Quarantäne, [a7a8179f8a0076c075a0a1ddb94c3ec2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FCC8649-D502-4523-9CC6-D9DB58E5328A}, In Quarantäne, [0e41773f1a70280e4dc9c1bda06521df], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FFE96BD-57D3-4861-A379-1749684E4EE5}, In Quarantäne, [96b9c4f21179270f6da9f18deb1ac13f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{90D23FAE-89A6-451F-ACE7-1C31F5588ECE}, In Quarantäne, [4e01e0d6b0da8caa0b0bd0aec93c14ec], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9175D344-EDE2-4EA9-8D63-20DB9985201C}, In Quarantäne, [0d422096dfabd36360b63d4107fed12f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{922C7440-65DC-4E08-B198-1379CBA2D7A5}, In Quarantäne, [3f1090261c6e00367a9c3d41788d04fc], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{93ED7251-9A55-4BF3-BEA3-6783388D3581}, In Quarantäne, [ada2edc9dbafb38321f5b6c8cd3828d8], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94296722-3AA0-4AC5-B196-B532543E8DC9}, In Quarantäne, [da752f87a8e22b0b40d5710d46bf21df], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95F25221-3CF0-4223-B0EA-6FB46FBF5F44}, In Quarantäne, [123dc3f3602ab581bf575c229d68e61a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{975FA31F-C228-4D64-B1F0-E65EF2822CDC}, In Quarantäne, [4906575f2664142225f01b637e87eb15], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98918FD7-FB2E-4C35-83C1-E649A0D4C88E}, In Quarantäne, [a6a9dfd71a7090a69d787fffcf364eb2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98DDF27F-590E-4254-9A52-6D8B15F7C8C4}, In Quarantäne, [6fe07640afdb0c2a5fb7542a9c694eb2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9A0752C4-998F-4D36-98F5-EEDD13F16DB0}, In Quarantäne, [113e3482bfcb96a01ff7bac45baaba46], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9ADD3A97-E69A-45C9-AEC1-F5BC4C262BC3}, In Quarantäne, [e56a43730684e94d5fb65d211aebb848], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B436CD0-462F-4082-BA5B-9A7F807840E6}, In Quarantäne, [9bb4c4f26228270fde37047a95703dc3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D929B5D-75AE-4FC8-A41E-9FFEFD4AC18F}, In Quarantäne, [53fcb501a0eab284997c1c62b74eaf51], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A0CC5ADB-BEBF-4EE4-8A26-736FDAEDFD4E}, In Quarantäne, [153aae083e4cb284001694ea55b0659b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A11735CC-6C2D-45F5-BBF6-2D13A8E48F66}, In Quarantäne, [bc936254503a69cdd541c8b60bfae21e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2132B35-C928-465B-86B8-9BE725C68512}, In Quarantäne, [8cc360562763979fff16166816ef35cb], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A8BE5303-E853-4840-A123-D1DB9AFCA8B5}, In Quarantäne, [8cc38e288a009e9830e52e50e02553ad], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AAA992AE-A034-499D-A89F-CDF452EF25B6}, In Quarantäne, [4a0509ad0a8034022ce9e797a461c23e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC346D0E-993B-4846-9711-1347E2FC1640}, In Quarantäne, [88c714a266244beb987ecfaf35d00ef2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD766F9A-4032-494F-96C5-506E9278C4EB}, In Quarantäne, [222d6254a8e2063027ee730b14f1768a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ADE98941-EA7A-4453-8530-64612BC6893D}, In Quarantäne, [a8a771458ffbb284df36fd81f70e1ee2], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AEEAADDD-2D30-456A-A616-2855CC32C8DF}, In Quarantäne, [6ce3a80ecebcd462bd59ccb2788dfc04], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B152AA36-7DF7-4ACF-994C-91655C8BA5E3}, In Quarantäne, [ca853b7b3a502b0b130297e7887d817f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3EDB532-DD85-4286-BA64-8371D3CD6E59}, In Quarantäne, [9ab52591cdbd76c07c996f0fcd38d22e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BABCA3DC-2352-4BF0-8784-24631D5C3759}, In Quarantäne, [bb94eacc7911320400151f5fae5713ed], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BF82E43C-FA59-48A4-9A64-17241B1977BF}, In Quarantäne, [c986ddd9711943f3888e7608da2b31cf], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C1264A46-8CA6-4EB8-A85B-EC6A93C35843}, In Quarantäne, [b699e6d0f694171fa0755628b154b54b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C2BDB8B3-96E4-49F4-92A2-F1E43F8AA972}, In Quarantäne, [57f872444c3e90a6d046453990758a76], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C31758ED-2C7D-43E9-AFB6-A2B736477887}, In Quarantäne, [014e4571a7e354e251c4fc8272934ab6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5FFDA39-7501-429C-89F9-2BEC7D795D82}, In Quarantäne, [b49bb9fdbbcf1e1865b198e6b94c1de3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8014A0A-926D-4F2A-AF52-CE934070AAC6}, In Quarantäne, [94bb6a4c6b1fd165c74fbbc334d1e020], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CAFC3503-1E8D-49D5-BD2F-FDA0E760A8B2}, In Quarantäne, [d57ae5d1f199e551de37522cc144768a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CFC9C3F5-F6D6-421E-A268-81C332B74677}, In Quarantäne, [4807e9cd1e6c1b1bd145f18d6a9b59a7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D3CA02B2-F160-4390-8552-C3A36A875668}, In Quarantäne, [5ff0d3e3107ab87ef4215e2059ac0df3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D501D8BE-584B-413A-A677-D2C38C156D6A}, In Quarantäne, [2f20298d4446171f3dd8cab455b034cc], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D554D2FF-C47F-40EF-957F-A7EEAE70571F}, In Quarantäne, [6ee1eaccbad056e0b164bec0d233a15f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D6F6D5F3-21B2-4E6B-B2FF-57E0DB2F82DF}, In Quarantäne, [e56a11a53c4ec274c352d8a6877eb34d], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D86CFA50-A71D-463B-AB84-147669B47813}, In Quarantäne, [2f206452a4e6fb3b8096166806ffcb35], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9397D17-E208-4915-AD16-CC66A7C5F8EA}, In Quarantäne, [fe515d592d5db87e72a38cf2cd383bc5], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DBA983CB-BB3A-4A21-BAEC-1C943F349EFA}, In Quarantäne, [a1ae3e7888023006a96d314da065ed13], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC8B69FC-877A-4413-965F-B1E0BE158053}, In Quarantäne, [e7683482e5a506308e88aed061a40000], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD2F2236-BC9E-44D1-92E5-28BAC1C435AF}, In Quarantäne, [f45b4d6997f375c1799c6a14af56b64a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD83328B-68F6-49EA-83E3-343E402836F9}, In Quarantäne, [212e12a46129c67015017a048b7a6799], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E098FE75-98FD-41BB-B386-4D6823FB3494}, In Quarantäne, [d27df2c401895bdb5db8c0be887d6799], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E144EC02-4E94-4B88-B3F0-5BF1C34AEB6E}, In Quarantäne, [fe51b7ffc1c98aac2de9f985be4722de], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E327CEF6-93F4-437F-9179-EFBEA338FAC4}, In Quarantäne, [e66951657911db5b1bfbfa84ab5a4ab6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E4955B15-39AD-4BC3-A969-D81F724BE5FE}, In Quarantäne, [400fad09cfbbd264789ea2dca2634fb1], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E60C83F8-18C5-44E8-B41A-7C6033D5824F}, In Quarantäne, [9eb1f2c466249a9c2ceab0ce3dc8d32d], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E690DC33-CE7C-4C1A-A6A2-668B163C7024}, In Quarantäne, [fc534c6a93f7bf774cc90876f2139070], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E7C51047-13B2-4624-B17D-8F638A95CC20}, In Quarantäne, [2d221c9a1377b6803fd6a4da3cc929d7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E94414C5-8939-45B7-B690-A9CEC1897FE8}, In Quarantäne, [e86746707f0b3600b75eabd3a56056aa], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB00475C-ABD3-4FBD-9FE9-39F2482A2F1C}, In Quarantäne, [1936fdb9b7d30432cd487fff34d1e917], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EBB30523-778A-4E3E-BE42-FFEE1A28DE86}, In Quarantäne, [1639278f1674ed491204ed9129dc12ee], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EC27B153-D0F4-40F6-A552-B33C934ABBF2}, In Quarantäne, [aba425910f7bd36371a4542a13f2bc44], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F39190ED-6880-489A-BEC1-D9C1314B3BDE}, In Quarantäne, [99b69d195832f93d32e4037b08fd728e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F5F420EE-8473-4A24-AF6B-C89671118B18}, In Quarantäne, [cd829b1b0f7b46f059bd5925e42144bc], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F7638ACF-25E5-4217-B64D-498F939F2AE6}, In Quarantäne, [bc938d293258f244b85da3db08fd847c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9131D2A-2D63-4B6C-AC2B-285C598D498C}, In Quarantäne, [8bc45c5a49416cca43d387f7ec19857b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F931E649-2379-4B81-8B7A-92D4F380F142}, In Quarantäne, [61ee6a4c513979bd70a599e544c19b65], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9D916E2-B9CA-4153-918E-36209BF6AADE}, In Quarantäne, [2827e2d4cac0e74f30e5691539cc5da3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA95D5A2-4702-4474-9310-B3D13D613A37}, In Quarantäne, [b798a0166426c76f9f76700e729323dd], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FCD8E2F0-6112-4BB6-8799-59F5D79C4D61}, In Quarantäne, [3b14833354361224c550314d7f86ca36], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FD3C1CA1-6651-4F9E-BE50-84BFF2E1A67B}, In Quarantäne, [df701b9b3d4d1026f91db8c60cf96b95], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FFEC86F0-ACC8-4078-A8EB-625BC940C53F}, In Quarantäne, [3e11278f2f5b4aec43d29fdf887d6f91], Registrierungswerte: 130 PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11F37D19-B94F-4B46-A3FC-C6AB2F5A94A8}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [c38c2a8cd5b5171f67ae47377f86e21e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{12EF3B50-1696-48D5-8B86-9E7C97105A36}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e16eeec8b6d4ca6ce531bbc3c243a45c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{133E24C0-CF68-4096-8F69-ABE1977FA9A0}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [81ce06b0c8c2ef47a3725d2111f4bf41] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1679276F-4C34-4E47-BB4C-DC9A5A53A727}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e46b7a3c692166d064b2b5c9957036ca] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{16C5F9A8-52F4-4886-B78A-133FA37BF56B}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [4d026551e9a101355abb205e4bba5ea2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{171650C2-71C5-4FD2-A1D4-9BAF31771291}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [dc73486ee4a667cfef2786f850b552ae] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{18266A5C-3E64-4A2A-A285-BF72E24056D0}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [da752492365455e18c898cf2966f6b95] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1865E627-6103-4022-B6D9-C7A7B9955268}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [57f8fcba593137ff9c79532b45c041bf] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19369172-1331-4B4B-BA3C-BAA75EB46AC5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [63ece9cd2a60181efb1a740a8e771ce4] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19407409-E979-4251-AB98-BF5E1293D4F9}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [6de2d5e1583294a255c07e00f5108080] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19575508-890F-4652-916F-D26A198B35D9}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [0b44c5f1c1c90036cd49fd81679ebb45] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1B0C30D3-F439-4A5F-B3D5-1F47EB9A867B}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [73dcd2e4a3e7e65052c4df9fb154619f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1ECC54AC-85DD-479A-8B5D-39DC4694BED9}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [d17e2690f298cf6744d267177a8baa56] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1F846BC6-D7CC-4946-9A61-E1AA8E6654CE}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [85ca4e6847438fa7888ed0ae8481b54b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20FA9E61-478A-4B7E-9D1B-EBC55D131B68}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [72dd5b5b7614f145ba5b6a14e42116ea] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{25A701F9-653B-498A-9ACC-5C538A47B5E4}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [1e319c1abbcf8aac57bfcab410f59769] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{273B0DEC-944F-4E24-A359-704DCDF82CB5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [dc73179f2367f93d66af96e891741ee2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2C69428B-E364-4C9E-9486-9BE0A29A82AF}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [7ad52294aae05fd7b660eb938e77ec14] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2D4C5F29-5298-4A66-A4CB-541BEC67BEE4}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [3619d4e2f199ef471ef85925b64f9d63] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2E1C4B38-3643-428F-99DF-BCBD6FB64916}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [77d8caec90fabe7825f13f3f57ae9f61] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ECB8AC5-6DD1-401A-9AD8-944175B9EABE}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [0946d2e48ffb8fa758bd205e1fe61ce4] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{30EBF920-6D51-4046-B1FC-8712F792CCC2}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [97b80caa87033ef89b7bdf9f39cc6e92] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31A19EE9-BDA6-45FB-AB63-8C2E4B9F736C}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [80cf14a2a3e7f541e234d5a96e97e61a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36FBF70A-FDE9-4D4B-B2EB-916E1D4BCB2B}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [c68912a40981af8744d1512d9174b749] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AAF5036-7BDC-475C-8064-7072DFDB923C}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [4609dbdb96f43ff7f81da3db0afb6b95] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3DA626D6-FAB7-42C6-A5D6-79809D967DC3}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [08477541fb8ff83e51c5aed0957058a8] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E3EE82D-4E1D-4470-87A0-ADD214DC9DE9}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [ec638036e4a675c1d14557271ee7f10f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40381478-C60E-4323-AA79-6EBBE9A6B7EC}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [9cb3eccaabdf66d06ca9c4baf31250b0] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40660010-9886-480C-9D1B-C128C72575F1}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [cf80c1f5fb8fd75f72a44a347095db25] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42AF10D4-3C92-4AED-95E8-C96762BB58C5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [004f8b2b3a50ab8b5eb785f96f96619f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42DCFC56-11FA-4E71-B699-E71C46822B81}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e26d387ebccecb6bdb3be39b0ff623dd] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4306255D-C98D-468E-B426-6E79FAFD4A95}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [f8579c1ae1a904328492c9b541c4ad53] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4455D4E8-1712-451B-A3C4-317CAA40E683}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e768efc7cdbdd75ff3233f3faa5b9868] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4470498F-4BF8-4E10-9EF6-175043A526FB}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [85ca5a5c7713e452a670aed0db2a0cf4] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{459C29D1-F48F-4E6B-BECC-8447EB20B88D}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [74db9b1b02882e088e88e09e38cd38c8] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{468D2492-A13A-4ABB-B3C2-5AF9736182F9}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [d778b303b9d149ed6da879050500c040] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4ADBF9B8-B995-4C9B-95DA-E33A2ABCBC41}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [5bf4a610dbafd066ba5c5b230ef71ae6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4FF4CAD1-3E1C-4D56-904E-50822439D862}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [2e21dbdb0d7d350151c4dba336cf0000] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{512E8D8A-8104-4A31-81D7-7D3BB22EFBF9}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [d17e8531701a0531cd497a0407fe9070] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{51C22DE9-B678-448B-AEE3-D6D94EF4F67C}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [4b0410a6c1c90630f02518669471b947] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{52117C6D-8D36-4BBA-A7CE-B4F7819A9D5D}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [26299c1aa7e370c6ca4b601e01045da3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53A069A3-955B-49B2-9AD1-6E72277D7EA9}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [222d4b6b4743f73fe134b0ce9f66c43c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53A14A09-7CBC-4AA5-85F7-E381D39C1499}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [f659288e5832a294ee282a549f66a957] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56AF2571-C149-483E-A94B-69665DF29234}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [54fb2a8c286269cdc254c8b6c5403ec2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56EE9026-8224-467B-B634-C36118708A40}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [c887783e04868aac5eb8ceb07a8be41c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59779C23-D154-477E-8FEA-F8C833FF1084}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [53fc8f276228989ee03668168c79a65a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E816B6E-6D58-49C5-9C40-869A8345BEB6}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [c887872f7b0f87af55c12e5025e07d83] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EE630D7-F015-4CA7-94DD-F9B599212BE5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [064982347c0ecd691104ceb01aebc23e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6075E29B-6FAA-44F4-A2E4-E5D6E02EC673}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [8bc45b5bb7d32115a670f38bf312629e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{61F2AEE1-7AA3-41DC-8A25-81AC1E61DD9A}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [1b34bcfabfcb3bfb8690d2acf70e758b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{638DFF55-9B11-4C99-BE82-D092171B9450}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [99b601b58208c274c74e7707e61f11ef] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{65A4A3FB-68F4-4416-8C32-9C884589EFF5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [1e314670d6b4b581f71e4b33867ff20e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6AF91F86-F1B8-445A-9DA7-18B55FFAD69C}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [3916f5c126642214070e84fa44c1c43c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CFB110B-BEC3-4616-91E6-4786953670C7}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [d37cefc7761453e3080dc8b616ef6b95] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E6CA953-8EA8-466D-B01E-744F2674B7A7}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [75dabbfb8dfd72c411043a44ae5749b7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E6EFC07-E4A5-40C1-9D34-EBF279CE1860}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [fd52a214385277bfc452c3bbc73e07f9] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F65ECD0-3AD5-4104-88D7-134047B1374A}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [53fc179fcfbb2a0c9a7b1b63a75e04fc] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BF5B4B9-7E45-43AA-BF36-7F77CB66DD48}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [0e412f87791143f331e4c8b6d03556aa] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C105E72-A1C9-4AD0-B743-8792CB134E63}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [c9867640ed9d10266fa64a3409fc6f91] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7CD049DB-AC78-47D2-B0A4-D23B2019C129}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [c8870babf5952f07100689f556af8a76] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{80411ED2-5D54-4DCB-9EDA-C66A1BC0B9C5}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [2b24f2c41377290dc353542aca3bd030] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8300BFFA-DDB4-43C2-A6A4-5D46D6B76135}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [0b44674f8307dc5a45d1d9a5976e9a66] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8CBACD0E-8A15-42E4-BA6F-594EA3FB6C25}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [dd72bef87515261041d5cdb121e419e7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D63F289-C423-440F-8575-653DC0B22E95}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [a7a8179f8a0076c075a0a1ddb94c3ec2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FCC8649-D502-4523-9CC6-D9DB58E5328A}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [0e41773f1a70280e4dc9c1bda06521df] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FFE96BD-57D3-4861-A379-1749684E4EE5}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [96b9c4f21179270f6da9f18deb1ac13f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{90D23FAE-89A6-451F-ACE7-1C31F5588ECE}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [4e01e0d6b0da8caa0b0bd0aec93c14ec] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9175D344-EDE2-4EA9-8D63-20DB9985201C}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [0d422096dfabd36360b63d4107fed12f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{922C7440-65DC-4E08-B198-1379CBA2D7A5}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [3f1090261c6e00367a9c3d41788d04fc] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{93ED7251-9A55-4BF3-BEA3-6783388D3581}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [ada2edc9dbafb38321f5b6c8cd3828d8] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94296722-3AA0-4AC5-B196-B532543E8DC9}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [da752f87a8e22b0b40d5710d46bf21df] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95F25221-3CF0-4223-B0EA-6FB46FBF5F44}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [123dc3f3602ab581bf575c229d68e61a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{975FA31F-C228-4D64-B1F0-E65EF2822CDC}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [4906575f2664142225f01b637e87eb15] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98918FD7-FB2E-4C35-83C1-E649A0D4C88E}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [a6a9dfd71a7090a69d787fffcf364eb2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98DDF27F-590E-4254-9A52-6D8B15F7C8C4}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [6fe07640afdb0c2a5fb7542a9c694eb2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9A0752C4-998F-4D36-98F5-EEDD13F16DB0}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [113e3482bfcb96a01ff7bac45baaba46] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9ADD3A97-E69A-45C9-AEC1-F5BC4C262BC3}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [e56a43730684e94d5fb65d211aebb848] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B436CD0-462F-4082-BA5B-9A7F807840E6}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [9bb4c4f26228270fde37047a95703dc3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D929B5D-75AE-4FC8-A41E-9FFEFD4AC18F}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [53fcb501a0eab284997c1c62b74eaf51] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A0CC5ADB-BEBF-4EE4-8A26-736FDAEDFD4E}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [153aae083e4cb284001694ea55b0659b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A11735CC-6C2D-45F5-BBF6-2D13A8E48F66}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [bc936254503a69cdd541c8b60bfae21e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2132B35-C928-465B-86B8-9BE725C68512}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [8cc360562763979fff16166816ef35cb] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A8BE5303-E853-4840-A123-D1DB9AFCA8B5}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [8cc38e288a009e9830e52e50e02553ad] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AAA992AE-A034-499D-A89F-CDF452EF25B6}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [4a0509ad0a8034022ce9e797a461c23e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC346D0E-993B-4846-9711-1347E2FC1640}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [88c714a266244beb987ecfaf35d00ef2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD766F9A-4032-494F-96C5-506E9278C4EB}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [222d6254a8e2063027ee730b14f1768a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ADE98941-EA7A-4453-8530-64612BC6893D}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [a8a771458ffbb284df36fd81f70e1ee2] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AEEAADDD-2D30-456A-A616-2855CC32C8DF}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [6ce3a80ecebcd462bd59ccb2788dfc04] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B152AA36-7DF7-4ACF-994C-91655C8BA5E3}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [ca853b7b3a502b0b130297e7887d817f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3EDB532-DD85-4286-BA64-8371D3CD6E59}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [9ab52591cdbd76c07c996f0fcd38d22e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BABCA3DC-2352-4BF0-8784-24631D5C3759}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [bb94eacc7911320400151f5fae5713ed] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BF82E43C-FA59-48A4-9A64-17241B1977BF}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [c986ddd9711943f3888e7608da2b31cf] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C1264A46-8CA6-4EB8-A85B-EC6A93C35843}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [b699e6d0f694171fa0755628b154b54b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C2BDB8B3-96E4-49F4-92A2-F1E43F8AA972}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [57f872444c3e90a6d046453990758a76] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C31758ED-2C7D-43E9-AFB6-A2B736477887}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [014e4571a7e354e251c4fc8272934ab6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5FFDA39-7501-429C-89F9-2BEC7D795D82}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [b49bb9fdbbcf1e1865b198e6b94c1de3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8014A0A-926D-4F2A-AF52-CE934070AAC6}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [94bb6a4c6b1fd165c74fbbc334d1e020] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CAFC3503-1E8D-49D5-BD2F-FDA0E760A8B2}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [d57ae5d1f199e551de37522cc144768a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CFC9C3F5-F6D6-421E-A268-81C332B74677}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [4807e9cd1e6c1b1bd145f18d6a9b59a7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D3CA02B2-F160-4390-8552-C3A36A875668}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [5ff0d3e3107ab87ef4215e2059ac0df3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D501D8BE-584B-413A-A677-D2C38C156D6A}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [2f20298d4446171f3dd8cab455b034cc] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D554D2FF-C47F-40EF-957F-A7EEAE70571F}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [6ee1eaccbad056e0b164bec0d233a15f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D6F6D5F3-21B2-4E6B-B2FF-57E0DB2F82DF}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [e56a11a53c4ec274c352d8a6877eb34d] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D86CFA50-A71D-463B-AB84-147669B47813}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [2f206452a4e6fb3b8096166806ffcb35] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9397D17-E208-4915-AD16-CC66A7C5F8EA}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [fe515d592d5db87e72a38cf2cd383bc5] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DBA983CB-BB3A-4A21-BAEC-1C943F349EFA}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [a1ae3e7888023006a96d314da065ed13] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC8B69FC-877A-4413-965F-B1E0BE158053}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e7683482e5a506308e88aed061a40000] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD2F2236-BC9E-44D1-92E5-28BAC1C435AF}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [f45b4d6997f375c1799c6a14af56b64a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD83328B-68F6-49EA-83E3-343E402836F9}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [212e12a46129c67015017a048b7a6799] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E098FE75-98FD-41BB-B386-4D6823FB3494}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [d27df2c401895bdb5db8c0be887d6799] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E144EC02-4E94-4B88-B3F0-5BF1C34AEB6E}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [fe51b7ffc1c98aac2de9f985be4722de] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E327CEF6-93F4-437F-9179-EFBEA338FAC4}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [e66951657911db5b1bfbfa84ab5a4ab6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E4955B15-39AD-4BC3-A969-D81F724BE5FE}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [400fad09cfbbd264789ea2dca2634fb1] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E60C83F8-18C5-44E8-B41A-7C6033D5824F}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [9eb1f2c466249a9c2ceab0ce3dc8d32d] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E690DC33-CE7C-4C1A-A6A2-668B163C7024}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [fc534c6a93f7bf774cc90876f2139070] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E7C51047-13B2-4624-B17D-8F638A95CC20}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [2d221c9a1377b6803fd6a4da3cc929d7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E94414C5-8939-45B7-B690-A9CEC1897FE8}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [e86746707f0b3600b75eabd3a56056aa] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB00475C-ABD3-4FBD-9FE9-39F2482A2F1C}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [1936fdb9b7d30432cd487fff34d1e917] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EBB30523-778A-4E3E-BE42-FFEE1A28DE86}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [1639278f1674ed491204ed9129dc12ee] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EC27B153-D0F4-40F6-A552-B33C934ABBF2}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [aba425910f7bd36371a4542a13f2bc44] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F39190ED-6880-489A-BEC1-D9C1314B3BDE}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [99b69d195832f93d32e4037b08fd728e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F5F420EE-8473-4A24-AF6B-C89671118B18}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [cd829b1b0f7b46f059bd5925e42144bc] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F7638ACF-25E5-4217-B64D-498F939F2AE6}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [bc938d293258f244b85da3db08fd847c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9131D2A-2D63-4B6C-AC2B-285C598D498C}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [8bc45c5a49416cca43d387f7ec19857b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F931E649-2379-4B81-8B7A-92D4F380F142}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [61ee6a4c513979bd70a599e544c19b65] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9D916E2-B9CA-4153-918E-36209BF6AADE}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [2827e2d4cac0e74f30e5691539cc5da3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA95D5A2-4702-4474-9310-B3D13D613A37}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [b798a0166426c76f9f76700e729323dd] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FCD8E2F0-6112-4BB6-8799-59F5D79C4D61}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [3b14833354361224c550314d7f86ca36] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FD3C1CA1-6651-4F9E-BE50-84BFF2E1A67B}|AppName, iWebar-enabler.exe-codedownloader.exe, In Quarantäne, [df701b9b3d4d1026f91db8c60cf96b95] PUP.Optional.CrossRider.A, HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FFEC86F0-ACC8-4078-A8EB-625BC940C53F}|AppName, iWebar-enabler.exe-buttonutil.exe, In Quarantäne, [3e11278f2f5b4aec43d29fdf887d6f91] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 3 PUP.Optional.BeautifyForTrello.A, C:\Program Files (x86)\Beautify for Trello, In Quarantäne, [53fc397da0eac27472261a5b0ef7fb05], PUP.Optional.OptimizerPro.A, C:\Users\Users\Documents\Optimizer Pro, In Quarantäne, [62ed872f8ffbd95d6026f68aeb1a9769], PUP.Optional.SearchProtect.A, C:\Users\UpdatusUser\AppData\Local\avaxvyyvyf, In Quarantäne, [72dd585e8307300617359b43887b8a76], Dateien: 2 PUP.Optional.BeautifyForTrello.A, C:\Program Files (x86)\Beautify for Trello\Beautify for Trello.dat, In Quarantäne, [53fc397da0eac27472261a5b0ef7fb05], PUP.Optional.OptimizerPro.A, C:\Users\Users\Documents\Optimizer Pro\CookiesException.txt, In Quarantäne, [62ed872f8ffbd95d6026f68aeb1a9769], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
02.10.2015, 20:22
| #9 |
| | Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter [CODE] FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015 durchgeführt von Users (Administrator) auf CILLIVANILLI (02-10-2015 20:26:36) Gestartet von C:\Users\Users\Desktop Geladene Profile: Users (Verfügbare Profile: Users) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Nemetschek Allplan Systems GmbH) C:\Program Files\Nemetschek\AllplanUpdateLauncher 2015\AllplanUpdateLauncher.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamresearch.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-28] (Synaptics Incorporated) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation) HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\Run: [FreeVideoDownloader] => C:\Program Files (x86)\33download.com\Free Video Downloader\FreeVideoDownloader.exe HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation) AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [185632 2015-09-06] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164192 2015-09-06] (NVIDIA Corporation) AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164192 2015-09-06] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{B9B84E17-2E36-4EA7-A782-B1B85CCE0E18}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4 HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4 SearchScopes: HKLM -> {2DAE3666-9192-4129-A7A7-B9C31D092CEA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = SearchScopes: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2015-09-25] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-09-25] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2015-09-25] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2015-09-25] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-09-25] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Users\AppData\Roaming\Mozilla\Firefox\Profiles\a7t4eu8f.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-09-25] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-09-25] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2015-09-25] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Extension: Lightbeam - C:\Users\Users\AppData\Roaming\Mozilla\Firefox\Profiles\a7t4eu8f.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-08-23] FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-30] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-30] (Adobe Systems) [Datei ist nicht signiert] R2 AllplanUpdateLauncher 2015; C:\Program Files\Nemetschek\AllplanUpdateLauncher 2015\AllplanUpdateLauncher.exe [16680 2014-10-30] (Nemetschek Allplan Systems GmbH) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2836056 2015-09-09] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation) R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert] R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67224 2014-06-17] (Robert McNeel & Associates) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S2 HPSLPSVC; C:\Users\Users\AppData\Local\Temp\7zS5411\hpslpsvc64.dll [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-22] (Qualcomm Atheros Communications, Inc.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20912 2012-10-26] (AVG Technologies CZ, s.r.o.) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-02] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-28] (Synaptics Incorporated) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-02 20:25 - 2015-10-02 20:25 - 00068416 _____ C:\Users\Users\Desktop\mbam.txt 2015-10-02 19:42 - 2015-10-02 19:43 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-10-02 19:42 - 2015-10-02 19:42 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-10-02 19:42 - 2015-10-02 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-10-02 19:41 - 2015-10-02 19:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-10-02 19:41 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-10-02 19:41 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-10-02 19:41 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-10-02 19:34 - 2015-10-02 19:36 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Users\Desktop\mbam-setup-2.1.8.1057.exe 2015-10-02 19:33 - 2015-10-02 19:33 - 00009469 _____ C:\Users\Users\Desktop\AdwCleaner[C1].txt 2015-10-02 19:29 - 2015-10-02 19:30 - 00000000 ____D C:\AdwCleaner 2015-10-02 19:10 - 2015-10-02 19:11 - 01670656 _____ C:\Users\Users\Desktop\AdwCleaner_5.009.exe 2015-10-02 07:00 - 2015-10-02 20:26 - 00020718 _____ C:\Users\Users\Desktop\FRST.txt 2015-10-02 07:00 - 2015-10-02 20:26 - 00000000 ____D C:\FRST 2015-10-02 07:00 - 2015-10-02 07:00 - 02192384 _____ (Farbar) C:\Users\Users\Desktop\FRST64.exe 2015-10-01 22:08 - 2015-10-01 22:08 - 00000000 ____D C:\WINDOWS\SysWOW64\NV 2015-10-01 22:08 - 2015-10-01 22:08 - 00000000 ____D C:\WINDOWS\system32\NV 2015-10-01 21:35 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2015-10-01 21:35 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2015-10-01 21:33 - 2015-10-01 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-10-01 21:32 - 2015-10-01 21:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-10-01 21:32 - 2015-08-10 20:15 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2015-10-01 21:32 - 2015-08-10 20:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2015-10-01 21:32 - 2015-08-10 20:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2015-10-01 21:32 - 2015-08-10 19:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2015-10-01 21:32 - 2015-08-10 18:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2015-10-01 21:32 - 2015-08-10 18:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2015-10-01 21:32 - 2015-08-07 23:41 - 07460168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-10-01 21:32 - 2015-08-07 23:40 - 01736520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-10-01 21:32 - 2015-08-07 23:40 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-10-01 21:32 - 2015-08-07 23:40 - 01134752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2015-10-01 21:32 - 2015-08-07 23:40 - 00686960 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2015-10-01 21:32 - 2015-08-07 23:40 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2015-10-01 21:32 - 2015-08-07 16:13 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2015-10-01 21:32 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2015-10-01 21:32 - 2015-08-06 18:47 - 04710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2015-10-01 21:32 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2015-10-01 21:32 - 2015-08-06 18:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2015-10-01 21:32 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2015-10-01 21:32 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2015-10-01 21:32 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll 2015-10-01 21:32 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll 2015-10-01 21:32 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2015-10-01 21:31 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2015-10-01 21:31 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2015-10-01 21:31 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2015-10-01 21:31 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2015-10-01 21:31 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2015-10-01 21:31 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-10-01 21:31 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-10-01 21:31 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-10-01 21:31 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2015-10-01 21:31 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2015-10-01 21:31 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-10-01 21:31 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-10-01 21:31 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2015-10-01 21:31 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2015-10-01 21:31 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2015-10-01 21:31 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2015-10-01 21:31 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys 2015-10-01 21:31 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2015-10-01 21:31 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp 2015-10-01 21:31 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll 2015-10-01 21:31 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll 2015-10-01 21:31 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll 2015-10-01 21:31 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp 2015-10-01 21:31 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll 2015-10-01 21:31 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll 2015-10-01 21:31 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll 2015-10-01 21:31 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2015-10-01 21:31 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2015-10-01 21:31 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2015-10-01 21:31 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2015-10-01 21:31 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2015-10-01 21:31 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-10-01 21:31 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-10-01 21:31 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL 2015-10-01 21:31 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL 2015-10-01 21:31 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2015-10-01 21:31 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2015-10-01 21:31 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2015-10-01 21:31 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2015-10-01 21:31 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL 2015-10-01 21:31 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL 2015-10-01 21:31 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2015-10-01 21:31 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2015-10-01 21:31 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2015-10-01 21:31 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2015-10-01 21:31 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll 2015-10-01 21:31 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll 2015-10-01 21:31 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2015-10-01 21:31 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2015-10-01 21:31 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2015-10-01 21:31 - 2014-10-29 05:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2015-10-01 21:31 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2015-10-01 21:31 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2015-10-01 21:31 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll 2015-10-01 21:31 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll 2015-10-01 21:31 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll 2015-10-01 21:31 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll 2015-10-01 21:31 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll 2015-10-01 21:31 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2015-10-01 21:31 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll 2015-10-01 21:31 - 2014-10-17 06:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2015-10-01 21:31 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2015-10-01 21:30 - 2015-07-16 20:58 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll 2015-10-01 20:28 - 2014-02-08 20:34 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll 2015-10-01 20:28 - 2014-02-08 20:34 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll 2015-10-01 20:22 - 2015-10-01 20:39 - 00000000 ____D C:\Users\Users\Documents\PASSFOTO 2015-10-01 20:20 - 2015-10-01 20:20 - 00000000 ____D C:\Users\Users\Desktop\DRUCKEN 2015-10-01 18:38 - 2015-10-01 18:38 - 00000000 ____D C:\Users\Users\AppData\Roaming\Nemetschek 2015-09-26 09:07 - 2015-09-26 09:07 - 00000000 ____D C:\Users\Users\AppData\Local\Nemetschek_Allplan_System 2015-09-25 20:05 - 2015-10-01 22:07 - 00003104 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3447733779-4191765115-1278922627-1002 2015-09-25 20:05 - 2015-09-25 20:05 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2015-09-25 20:05 - 2015-07-17 15:51 - 00984448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:51 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00901264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-09-25 20:05 - 2015-07-17 15:47 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-09-25 19:57 - 2015-09-25 19:57 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2015-09-25 19:57 - 2015-09-25 19:57 - 00002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2015-09-25 19:57 - 2015-09-25 19:57 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2015-09-25 19:57 - 2015-09-25 19:57 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2015-09-25 19:57 - 2015-09-25 19:57 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2015-09-25 19:57 - 2015-09-25 19:57 - 00002434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2015-09-25 19:57 - 2015-09-25 19:57 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2015-09-25 19:57 - 2015-09-25 19:57 - 00002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2015-09-25 19:57 - 2015-09-25 19:57 - 00002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2015-09-25 19:57 - 2015-09-25 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2015-09-25 19:56 - 2015-09-25 19:56 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-09-24 18:41 - 2015-09-24 18:41 - 00327920 _____ C:\Users\Users\Documents\Dokument.ndw 2015-09-24 18:41 - 2015-09-24 18:41 - 00000000 ____D C:\Users\Users\Documents\Allplan 2015-09-24 18:30 - 2015-09-24 18:30 - 00001907 _____ C:\Users\Public\Desktop\Allmenu 2015.lnk 2015-09-24 18:30 - 2015-09-24 18:30 - 00001900 _____ C:\Users\Public\Desktop\Allplan 2015.lnk 2015-09-24 18:30 - 2015-09-24 18:30 - 00000000 ____D C:\Users\Users\Documents\Nemetschek 2015-09-24 18:27 - 2015-10-02 19:10 - 00000646 _____ C:\WINDOWS\Tasks\WebContent AutoUpdate 2015.job 2015-09-24 18:27 - 2015-09-25 10:07 - 00000000 ____D C:\Users\Users\AppData\Local\Nemetschek 2015-09-24 18:27 - 2015-09-24 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nemetschek 2015-09-24 18:27 - 2015-09-24 18:27 - 00003634 _____ C:\WINDOWS\System32\Tasks\WebContent AutoUpdate 2015 2015-09-24 18:05 - 2015-09-24 18:05 - 00000000 ____D C:\WINDOWS\Crystal 2015-09-24 18:05 - 2014-10-07 10:30 - 05350912 _____ (Seagate Software, Inc.) C:\WINDOWS\SysWOW64\crpe32.dll 2015-09-24 18:05 - 2014-10-07 10:30 - 00679424 _____ (Seagate Software, Inc.) C:\WINDOWS\SysWOW64\cr2c70de.dll 2015-09-24 18:05 - 2014-10-07 10:30 - 00413184 _____ (Seagate Software, Inc) C:\WINDOWS\SysWOW64\cpeaut32.dll 2015-09-24 18:05 - 2014-10-07 10:30 - 00183296 _____ (Seagate Software, Information Management Group, Inc.) C:\WINDOWS\SysWOW64\crpaig32.dll 2015-09-24 18:05 - 2014-10-07 10:30 - 00171520 _____ (Seagate Software, Inc) C:\WINDOWS\SysWOW64\P2smon.dll 2015-09-24 18:05 - 2014-10-07 10:30 - 00018944 _____ ( ) C:\WINDOWS\SysWOW64\implode.dll 2015-09-24 18:05 - 2014-10-07 10:29 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll 2015-09-24 18:05 - 2014-10-07 10:29 - 01047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll 2015-09-24 18:05 - 2014-10-07 10:29 - 00244232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX 2015-09-24 18:05 - 2014-10-07 10:29 - 00224016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX 2015-09-24 18:05 - 2014-10-07 10:29 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Comdlg32.ocx 2015-09-24 18:05 - 2014-10-07 10:29 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstdfmt.dll 2015-09-24 18:05 - 2014-10-07 10:29 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Atl71.dll 2015-09-24 18:05 - 2014-10-07 10:29 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL 2015-09-24 18:05 - 2014-10-07 10:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL 2015-09-24 18:05 - 2014-10-07 10:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL 2015-09-24 18:05 - 2014-10-07 10:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL 2015-09-24 18:05 - 2014-10-07 10:29 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL 2015-09-24 18:05 - 2014-10-07 10:29 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL 2015-09-24 18:03 - 2015-09-24 18:27 - 00000000 ____D C:\ProgramData\Nemetschek 2015-09-24 18:03 - 2015-09-24 18:27 - 00000000 ____D C:\Program Files\Nemetschek 2015-09-24 18:03 - 2015-09-24 18:03 - 00000000 ____D C:\Daten 2015-09-24 17:59 - 2015-09-24 17:59 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2015-09-24 17:59 - 2015-09-24 17:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2015-09-24 17:59 - 2015-09-24 17:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2015-09-19 13:03 - 2015-10-01 20:24 - 00000000 ____D C:\Users\Users\Desktop\FH GREENBUILDING WS15-16 2015-09-18 18:15 - 2015-09-18 18:15 - 00000000 ___HD C:\ProgramData\CanonBJ 2015-09-18 18:15 - 2014-03-18 05:00 - 00406016 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMCB.DLL 2015-09-15 15:55 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-09-15 15:55 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-09-15 15:55 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-09-15 15:55 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-09-15 15:55 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-09-15 15:55 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-09-15 15:55 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2015-09-15 15:55 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2015-09-15 15:55 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-09-15 15:55 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-09-15 15:55 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-09-15 15:55 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-09-15 15:55 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2015-09-15 15:55 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-09-15 15:45 - 2015-09-15 15:45 - 00009171 _____ C:\Users\Users\Documents\FH Campus Wien - Datenblatt für Studierende.htm 2015-09-15 15:45 - 2015-09-15 15:45 - 00000000 ____D C:\Users\Users\Documents\FH Campus Wien - Datenblatt für Studierende-Dateien 2015-09-12 17:56 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-09-12 17:56 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-09-12 17:56 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-09-12 17:56 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-09-12 17:56 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-09-12 17:56 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-09-12 17:56 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-09-12 17:56 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-09-12 17:56 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-09-12 17:56 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-09-12 17:56 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-09-12 17:56 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-09-12 17:55 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-09-12 17:55 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-12 17:55 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-12 17:55 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-12 17:55 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-09-12 17:55 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-12 17:55 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-12 17:55 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-12 17:55 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-12 17:55 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-12 17:55 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-09-12 17:55 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-12 17:55 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-12 17:55 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-09-12 17:55 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-09-12 17:55 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-09-12 17:55 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-12 17:55 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-09-12 17:55 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-09-12 17:55 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-09-12 17:55 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-09-12 17:55 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-09-12 17:55 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-09-12 17:55 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-09-12 17:55 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-12 17:55 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-09-12 17:55 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-09-12 17:55 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-09-12 17:55 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-09-12 17:55 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-09-12 17:55 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-09-12 17:55 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-09-12 17:55 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-09-12 17:55 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-09-12 17:55 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2015-09-12 17:55 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2015-09-12 17:55 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2015-09-12 17:55 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2015-09-12 17:55 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe 2015-09-12 17:55 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-12 17:55 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe 2015-09-12 17:55 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe 2015-09-12 17:55 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll 2015-09-12 17:55 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll 2015-09-12 17:55 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-12 17:55 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-12 17:55 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-12 17:55 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-12 17:55 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-12 17:55 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-12 17:55 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-09-12 17:55 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-12 17:55 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe 2015-09-09 23:55 - 2015-09-09 23:55 - 00627288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll 2015-09-09 23:55 - 2015-09-09 23:55 - 00430264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll 2015-09-09 23:55 - 2015-09-09 23:55 - 00381128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll 2015-09-09 23:55 - 2015-09-09 23:55 - 00325232 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll 2015-09-09 23:55 - 2015-09-09 23:55 - 00257736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll 2015-09-09 23:55 - 2015-09-09 23:55 - 00235632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll 2015-09-09 23:55 - 2015-09-09 23:55 - 00080984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll 2015-09-09 23:55 - 2015-09-09 23:55 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll 2015-09-06 06:31 - 2015-09-06 06:31 - 17625848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2015-09-06 06:31 - 2015-09-06 06:31 - 15139256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-09-06 06:30 - 2015-09-06 06:30 - 00948832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-09-06 06:29 - 2015-09-06 06:29 - 30496400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-09-06 06:29 - 2015-09-06 06:29 - 16160424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-09-06 06:29 - 2015-09-06 06:29 - 13277448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-09-06 06:29 - 2015-09-06 06:29 - 00040080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys 2015-09-06 06:28 - 2015-09-06 06:28 - 22959248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-09-06 06:28 - 2015-09-06 06:28 - 11063440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-09-06 06:28 - 2015-09-06 06:28 - 00164192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-09-06 06:28 - 2015-09-06 06:28 - 00159376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-09-06 06:28 - 2015-09-06 06:28 - 00137424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-09-06 06:27 - 2015-09-06 06:27 - 01069896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-09-06 06:27 - 2015-09-06 06:27 - 01061520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-09-06 06:27 - 2015-09-06 06:27 - 00991888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-09-06 06:26 - 2015-09-06 06:26 - 15902640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-09-06 06:26 - 2015-09-06 06:26 - 12886592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2015-09-06 06:26 - 2015-09-06 06:26 - 01906832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435382.dll 2015-09-06 06:26 - 2015-09-06 06:26 - 01566536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435382.dll 2015-09-06 06:26 - 2015-09-06 06:26 - 00985232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-09-06 06:25 - 2015-09-06 06:25 - 14512608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-09-06 06:25 - 2015-09-06 06:25 - 11846744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-09-06 06:25 - 2015-09-06 06:25 - 02943800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-09-06 06:25 - 2015-09-06 06:25 - 02611000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-09-06 06:20 - 2015-09-06 06:20 - 42740536 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-09-06 06:20 - 2015-09-06 06:20 - 37759104 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-09-06 06:19 - 2015-09-06 06:19 - 03017608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2015-09-06 04:44 - 2015-09-06 04:44 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-02 20:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-10-02 20:25 - 2014-10-11 16:32 - 01983209 _____ C:\WINDOWS\WindowsUpdate.log 2015-10-02 20:24 - 2013-05-31 04:35 - 00000000 ____D C:\Users\Users\AppData\Local\Packages 2015-10-02 20:23 - 2013-05-31 04:42 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3447733779-4191765115-1278922627-1002 2015-10-02 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-10-02 19:34 - 2014-10-12 01:29 - 00000000 ____D C:\Users\Users\OneDrive 2015-10-02 19:32 - 2013-08-22 16:46 - 00355765 _____ C:\WINDOWS\setupact.log 2015-10-02 19:31 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-10-02 19:31 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2015-10-02 19:30 - 2015-03-02 16:00 - 00000000 ____D C:\WINDOWS\system32\log 2015-10-02 19:24 - 2013-11-14 22:28 - 00004116 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-10-02 19:24 - 2013-11-14 22:28 - 00003880 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-10-02 19:24 - 2013-11-14 22:28 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-02 19:24 - 2013-11-14 22:28 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-02 19:13 - 2014-09-23 23:06 - 00159508 _____ C:\WINDOWS\PFRO.log 2015-10-02 19:05 - 2015-03-06 12:11 - 00000000 __SHD C:\Users\Users\AppData\Local\EmieUserList 2015-10-02 19:05 - 2015-03-06 12:11 - 00000000 __SHD C:\Users\Users\AppData\Local\EmieSiteList 2015-10-02 19:05 - 2015-03-06 12:11 - 00000000 __SHD C:\Users\Users\AppData\Local\EmieBrowserModeList 2015-10-02 19:05 - 2013-10-17 18:55 - 00000000 ____D C:\Users\Users\AppData\Local\Google 2015-10-02 19:05 - 2013-10-17 18:55 - 00000000 ____D C:\Program Files (x86)\Google 2015-10-02 08:55 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2015-10-01 22:08 - 2014-11-13 11:04 - 00000000 ____D C:\Users\Users\AppData\Local\NVIDIA Corporation 2015-10-01 22:06 - 2014-09-24 08:17 - 01984420 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-10-01 22:06 - 2014-09-24 07:43 - 00843606 _____ C:\WINDOWS\system32\perfh007.dat 2015-10-01 22:06 - 2014-09-24 07:43 - 00192300 _____ C:\WINDOWS\system32\perfc007.dat 2015-10-01 22:03 - 2014-10-12 01:23 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-10-01 22:00 - 2015-04-13 13:44 - 00000342 _____ C:\WINDOWS\Tasks\HPCeeScheduleForUsers.job 2015-10-01 22:00 - 2012-12-28 04:20 - 00000000 ____D C:\ProgramData\NVIDIA 2015-10-01 21:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2015-10-01 21:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2015-10-01 21:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup 2015-10-01 21:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2015-10-01 21:52 - 2014-10-11 16:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-10-01 21:36 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-01 21:32 - 2014-09-18 20:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-10-01 20:41 - 2013-08-19 19:50 - 00000000 ____D C:\Users\Users\Documents\Dokumente 2015-10-01 20:40 - 2010-06-25 14:32 - 00000000 ____D C:\Users\Users\Documents\MusicMAMAhandy 2015-10-01 20:39 - 2015-09-01 16:03 - 00000000 ____D C:\Users\Users\Documents\samsung 2015-10-01 20:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-10-01 20:35 - 2012-12-28 04:26 - 00000000 ____D C:\Program Files\Bonjour 2015-10-01 20:34 - 2013-12-20 22:28 - 00000000 ____D C:\Users\Users\AppData\Local\Boss Media 2015-10-01 20:34 - 2013-12-20 22:28 - 00000000 ____D C:\ProgramData\Boss Media 2015-10-01 20:33 - 2012-10-27 17:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-10-01 20:31 - 2013-05-31 12:53 - 00000000 ____D C:\Users\Users\AppData\Local\CyberLink 2015-10-01 20:31 - 2012-10-27 17:23 - 00000000 ____D C:\Program Files (x86)\CyberLink 2015-10-01 20:26 - 2014-10-11 14:08 - 00000000 ____D C:\Users\Users\Documents\NDU MMC UNI 2015-10-01 18:40 - 2015-03-06 12:11 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BCA760A7-DCF5-48E8-B7CE-42201E846A60} 2015-09-30 17:51 - 2014-10-30 12:28 - 00360448 ___SH C:\Users\Users\Desktop\Thumbs.db 2015-09-30 17:48 - 2013-05-31 12:53 - 00000000 ____D C:\Users\Users\Documents\Youcam 2015-09-27 16:30 - 2015-07-05 18:30 - 00000000 ____D C:\Program Files\Microsoft Office 2015-09-27 16:26 - 2013-08-31 19:05 - 00000179 _____ C:\WINDOWS\SysWOW64\DOErrors.log 2015-09-25 20:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-09-15 16:25 - 2013-08-19 20:15 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-15 15:41 - 2013-08-22 16:44 - 00543840 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-15 03:18 - 2015-03-12 19:49 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-09-15 03:18 - 2015-03-12 19:49 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-12 18:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-09-12 18:17 - 2014-09-24 08:00 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-06 06:28 - 2013-10-27 09:04 - 00185632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-09-06 06:19 - 2013-10-27 09:03 - 03415688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2015-09-06 05:45 - 2013-10-27 09:04 - 01110768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-09-02 20:15 - 2013-05-31 04:37 - 00000000 ____D C:\Users\Users\AppData\Local\Hewlett-Packard 2015-09-02 20:15 - 2012-10-27 17:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard 2015-09-02 19:52 - 2012-10-27 17:34 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2015-09-02 13:02 - 2015-03-02 23:21 - 00103936 ___SH C:\Users\Users\Downloads\Thumbs.db ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-10 12:31 - 2015-04-15 11:43 - 0000020 _____ () C:\Users\Users\AppData\Roaming\appdataFr3.bin 2014-07-05 02:13 - 2014-07-05 02:13 - 0000838 _____ () C:\Users\Users\AppData\Local\recently-used.xbel 2013-05-31 04:38 - 2013-05-31 04:38 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\TEMP\DSETUP.dll C:\Users\TEMP\dsetup32.dll C:\Users\TEMP\DXSETUP.exe Einige Dateien in TEMP: ==================== C:\Users\Users\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-02 20:23 ==================== Ende von FRST.txt ============================ Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-09-2015
durchgeführt von Users (2015-10-02 20:27:20)
Gestartet von C:\Users\Users\Desktop
Windows 8.1 (X64) (2014-10-11 23:22:57)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3447733779-4191765115-1278922627-500 - Administrator - Disabled)
Gast (S-1-5-21-3447733779-4191765115-1278922627-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3447733779-4191765115-1278922627-1004 - Limited - Enabled)
Users (S-1-5-21-3447733779-4191765115-1278922627-1002 - Administrator - Enabled) => C:\Users\Users
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
General Runtime Files for Allplan 2015-1-6 (x32 Version: 1.8.1.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Allplan 2015-1-6 x64 (Version: 1.5.0.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Nemetschek Softlock 2006 (x32 Version: 1.4.0.0 - Nemetschek) Hidden
General Runtime Files for Nemetschek Softlock 2006 64 (Version: 1.3.0.0 - Nemetschek) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{2DEDBE5B-D538-43F3-83A7-B037D6B51A89}) (Version: 4.2.8.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{5AAB470B-88CE-4158-AEF1-EB8DAB4CDFCF}) (Version: 1.2.1.0 - Hewlett-Packard)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.9.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.4229.1024 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{A047101C-A3AE-4FAD-802F-01C965079F66}) (Version: 11.1.3010.3 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Nemetschek Allplan 2015 (HKLM-x32\...\{2D6C562A-839E-4D16-903C-A5987EB61948}) (Version: 2015.0 - Nemetschek Allplan Systems GmbH)
Nemetschek SoftLock 2006 (HKLM-x32\...\{7262D0C8-41CC-4F75-8383-A6C7C61D7FC6}) (Version: 1.26.55 - Nemetschek)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.4229.1024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4229.1024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.4229.1024 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
ReconstructMe 2.1.348 (HKLM-x32\...\{50A45D0E-60B2-4D96-9A57-B2A5E9711B67}) (Version: 2.1.348 - Profactor GmbH)
Rhinoceros 5 (64-bit) (HKLM\...\{820B0C99-172C-4A1D-B598-5E37C540800A}) (Version: 5.9.40617.14345 - Robert McNeel & Associates)
Rhinoceros 5 (HKLM-x32\...\{1D8C9866-FBD3-448F-8F3D-BEF271931C14}) (Version: 5.9.40617.14345 - Robert McNeel & Associates)
Rhinoceros 5 Help Media (HKLM-x32\...\{E42CF82B-C897-4E9D-B8C4-DE63FF0A28D7}) (Version: 5.7.31022.19295 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (de-DE) (HKLM-x32\...\{DE557CCE-B72F-4375-8156-E2F61840C215}) (Version: 5.7.31022.19295 - Robert McNeel & Associates)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WinRAR 5.20 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.4 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Users\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3447733779-4191765115-1278922627-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
01-10-2015 20:29:57 Konfiguriert PhotoDirector
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05C48943-A4C7-494C-82A9-1D9374CE1E8B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {1CEFD840-AB51-46D2-B60A-749063D3F39B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-12] (CyberLink)
Task: {39BD4B3B-180B-424A-81A2-276209C534B4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {3B8AFC15-68D7-42F2-82E3-4BF91023C2AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {402F50E3-3D6F-4DC0-8574-FE035A62AB56} - System32\Tasks\WebContent AutoUpdate 2015 => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2014-10-30] (Nemetschek Allplan Systems GmbH)
Task: {5942FCB4-776B-4511-AE64-62219068BBC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-09-25] (Microsoft Corporation)
Task: {6369C258-4AE0-467B-BB63-12AF4F35B723} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-09-09] (Microsoft Corporation)
Task: {7132D491-E062-473D-8F90-BE7412C7055E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {772E2B49-3099-4D4E-B6F6-CE31B8CA70A6} - System32\Tasks\HPCeeScheduleForUsers => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {9DBF8E72-6960-4779-B269-41B3DA3CC66E} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3447733779-4191765115-1278922627-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {9E3437B8-A47A-4E77-BF1C-27E11F9FA907} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {A3C204F6-2709-4B68-84EA-9EEC6B5BE573} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {AA06AF42-B26D-40AB-A4E2-5F0F51D89BB4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {AA85F292-8EB6-482B-B570-4CB4188B555B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-09-08] (Hewlett-Packard)
Task: {B366219A-459D-4D32-B671-551E01046685} - System32\Tasks\{B75C3B33-5133-4F65-A9F8-F4CCAD445232} => pcalua.exe -a "C:\Program Files (x86)\ParetoLogic\PCHA\uninstall.exe"
Task: {B538DA68-4D82-4C5C-9932-C98229E37114} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-09-09] (Microsoft Corporation)
Task: {C37B62BD-320B-4F40-B7B5-85AD2774839C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {F401A95C-9983-4577-A77E-D265EAAD2D87} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-09-08] (Hewlett-Packard)
Task: {FBA4A076-E241-4E96-8300-D21C1B796A24} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-09-25] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForUsers.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\WebContent AutoUpdate 2015.job => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe…/f C:\Daten\Nemetschek\Allplan\Std\AllplanUpdate.inf /one http:/autoupdate.allplan.com/Updates/Allplan/MyPlan/2015/WebContent.upd
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-27 09:03 - 2015-09-06 06:26 - 00020624 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-12-28 04:19 - 2015-08-07 02:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-25 19:45 - 2015-09-09 22:33 - 00162880 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00120224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00048544 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2015-09-06 06:26 - 2015-09-06 06:26 - 00022144 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-12-28 04:22 - 2013-08-31 19:22 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Users\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Users\Documents\Psychotherapie.eml:OECustomProperty
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Users\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "ensureXpScr.bat"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\StartupApproved\Run: => "Badoo Desktop"
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\StartupApproved\Run: => "AVG-Secure-Search-Update_0814av"
HKU\S-1-5-21-3447733779-4191765115-1278922627-1002\...\StartupApproved\Run: => "Speech Recognition"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{402DDAFF-1B49-4851-A3FB-78FE575C0280}] => (Allow) LPort=52000
FirewallRules: [UDP Query User{E42BB864-483C-4448-AC39-E6B082C0BA03}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [TCP Query User{4059AFED-004B-4B14-89F4-598D5ADEBB72}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{B4789BA1-9289-4EE0-BB06-200D6D9B3885}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [TCP Query User{4042EE88-8273-4A22-B4CA-D9B66D11C9E2}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{D01E7074-5F57-4ED9-B83E-718D612DB2F0}C:\users\users\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\users\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E8057C1F-A4E6-419A-A208-A3FDD991230E}C:\users\users\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\users\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8101A3B1-DF6B-48D6-A3FD-29B37C02C5AB}] => (Allow) C:\Program Files\avgemca.exe
FirewallRules: [{C7798981-EA7B-4730-ACA6-2C38EF73307E}] => (Allow) C:\Program Files\avgemca.exe
FirewallRules: [{E0C2730F-6106-4FC4-BF09-13507652AB37}] => (Allow) C:\Program Files\avgdiagex.exe
FirewallRules: [{E4E0DC7C-6C77-4DC3-AFA7-C5BB63503D5C}] => (Allow) C:\Program Files\avgdiagex.exe
FirewallRules: [{C903C2B9-3B3C-464E-A745-AB8C0BE4B21D}] => (Allow) C:\Program Files\avgnsa.exe
FirewallRules: [{C2BD14DD-8DBB-4BB4-B1EA-38A8F5C4284E}] => (Allow) C:\Program Files\avgnsa.exe
FirewallRules: [UDP Query User{E0EB152A-A8A1-452B-98CE-C4490A51F8A7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{98964D68-BEA1-4156-B5AB-EAE8F70915B5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E6AEB5D0-2E02-4440-8ED0-445D4D0A1C34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C09ABD54-4795-4311-B217-64B759AAC999}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{42F423E3-CDCF-46E2-9C78-973113ACE8D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B64DFFEA-CA20-4C9F-9D59-0624C9DFBA79}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E953F6F-235E-45BA-8D09-98BF3E28BAFF}] => (Allow) C:\Program Files\avgemca.exe
FirewallRules: [{4E798BB2-8C5B-4A8F-A181-4C53E66C7169}] => (Allow) C:\Program Files\avgemca.exe
FirewallRules: [{03E389A6-1DE0-4C9D-B5F5-E4073874C0BC}] => (Allow) C:\Program Files\avgdiagex.exe
FirewallRules: [{8A1AE224-8FD9-4E14-BBD3-A4DF0EE06C65}] => (Allow) C:\Program Files\avgdiagex.exe
FirewallRules: [{C9F134DC-CEB6-4F0B-A5A7-E9A404FA8B2F}] => (Allow) C:\Program Files\avgnsa.exe
FirewallRules: [{BDC6C4EF-F58A-4534-9719-FF4A3D8D427F}] => (Allow) C:\Program Files\avgnsa.exe
FirewallRules: [UDP Query User{44D48EAE-8C13-4235-B0F1-C99DF10743B8}C:\users\users\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\users\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{72121E1D-2705-4AD5-9001-08FEFABEFA9B}C:\users\users\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\users\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{0F5CAFA1-6DFF-4887-BB18-13C8B1D51756}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8C503A77-4C78-4227-96CA-C74FE451FA14}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7788C1B5-700B-45FE-A808-62591A916190}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{512B21FA-6800-42DF-80AC-215321062E1F}] => (Allow) C:\Users\Users\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BC9BDC14-9689-4AC5-8974-967A58E93021}] => (Allow) C:\Users\Users\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{71C1ADED-CEAD-40E4-96D9-C327E3227E7D}] => (Allow) C:\Program Files\avgmfapx.exe
FirewallRules: [{06AB2545-3038-4613-A34D-9B0B90ECD7AF}] => (Allow) C:\Program Files\avgmfapx.exe
FirewallRules: [{564ED369-CBD0-4660-8FF7-75C57D145E36}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{AEE9AE26-4986-48F9-BEFF-D88E6E9601B4}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{5393A771-643C-4D13-8399-785862928802}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{FAC8A741-9335-499C-BD72-89EEB7E1F26F}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{F1148F5E-633C-475B-A62B-52A10E88B862}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{F52665D3-09A7-4684-80EE-B0CC22C4D865}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{C27AEC41-1CB2-4A3B-8D82-D903935C2AB9}] => (Allow) LPort=1900
FirewallRules: [{1E9D910C-A211-4D37-9307-CFF8EE2E8432}] => (Allow) LPort=2869
FirewallRules: [{51D66EC0-9BFD-46E4-BD29-183F04753815}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4E14E79F-D8A8-4610-A98E-6C753EF8D690}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FCB4CC8B-9FFA-4E90-BD66-A7BF93F9F164}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS5364\HPDiagnosticCoreUI.exe
FirewallRules: [{31DBE879-7211-42A2-9897-FA68B7BA2A7A}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS5364\HPDiagnosticCoreUI.exe
FirewallRules: [{E03ADB5C-9698-49DF-A6C2-D944E876F606}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS5411\hppiw.exe
FirewallRules: [{5546EDC0-EF3D-4B81-94FF-FA4F6C1B27F5}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS5411\hppiw.exe
FirewallRules: [{76EC47E5-38C5-48C9-B111-13773C72AEAA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F72C1516-237B-4313-A915-6A19756FFB85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B4814E82-7850-479C-A64E-907D50272413}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1E0A4BB7-AD22-4506-98CB-9BB9A114147A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4E46CEFE-9B1A-4368-B85F-1C415C534D47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C1E161AF-6D0A-4320-BEF7-51370BCBC829}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1BA88C12-2147-43D1-8E05-D0DF22148E25}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{8289F4FF-2CD9-4709-B026-029426F7A058}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{52F2146D-CF80-45F6-AA3D-979D1A12BB2D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D25F243B-3B30-462C-82F8-4AEF0D21AE66}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F77DE390-3EBC-4D75-B408-7F03AC075A4F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{9DDAEDBB-64AA-4315-8FCF-60EA73A224AB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{8A08AE00-E4DF-432B-87CE-A2D92F05F5A0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{844E80AB-D671-484A-A95D-C4D775DC1475}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS57BE\HPDiagnosticCoreUI.exe
FirewallRules: [{2AC1368F-31DF-4D76-B6A0-158F6989CDCF}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS57BE\HPDiagnosticCoreUI.exe
FirewallRules: [{027DCDC3-47B8-4D32-A460-C3FA5284FD5E}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS580A\HPDiagnosticCoreUI.exe
FirewallRules: [{206CEED4-3FA7-4DD6-AC30-72B57F32F014}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS580A\HPDiagnosticCoreUI.exe
FirewallRules: [{409CCDD3-F40C-4395-A6C6-CD16B35AFBD0}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS748F\hppiw.exe
FirewallRules: [{CEAF1563-8AD3-46A5-86D1-D506AB56C620}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS748F\hppiw.exe
FirewallRules: [{E3DA3DCB-9F62-4D00-B212-638A5FE63F26}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS332B\HPDiagnosticCoreUI.exe
FirewallRules: [{53FB456B-504A-4B78-85F0-50A93DA6963C}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS332B\HPDiagnosticCoreUI.exe
FirewallRules: [{643740E6-73C7-463A-A4BB-F16704BDA9AA}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS36DF\hppiw.exe
FirewallRules: [{C59D3DF1-F303-4772-8B8A-563891DC1142}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS36DF\hppiw.exe
FirewallRules: [{70FC0154-B22A-4C1C-88F3-3178B3FFD7B7}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS4E6F\HPDiagnosticCoreUI.exe
FirewallRules: [{56644EFC-CEA7-4EA6-B72B-3685E2C2CAF6}] => (Allow) C:\Users\Users\AppData\Local\Temp\7zS4E6F\HPDiagnosticCoreUI.exe
FirewallRules: [{6F552B24-0D51-40CC-96FD-74F86E0C3931}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{7093F432-1E5D-405D-AFCA-8D89A9722429}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5F9D5442-07B9-43E5-9B09-7DDC2DB397FF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{89FAF7D8-3D01-4A7A-B5AE-43C54C04C6BF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{47B2C729-5C42-4118-8260-71A24AB58268}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4C3880A8-C306-4230-9807-D71D7A60BFB7}] => (Allow) C:\Users\Users\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{5DE42881-BF39-474D-8E76-7F6A09ED9F71}] => (Allow) LPort=53000
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/02/2015 07:34:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.5.9.1002, Zeitstempel: 0x5065e128
Name des fehlerhaften Moduls: IAStorUtil.ni.dll, Version: 11.5.9.1002, Zeitstempel: 0x5065e124
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002f3fd
ID des fehlerhaften Prozesses: 0x978
Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0
Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1
Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2
Berichtskennung: IAStorDataMgrSvc.exe3
Vollständiger Name des fehlerhaften Pakets: IAStorDataMgrSvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IAStorDataMgrSvc.exe5
Error: (10/02/2015 07:34:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (10/02/2015 07:16:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.5.9.1002, Zeitstempel: 0x5065e128
Name des fehlerhaften Moduls: IAStorUtil.ni.dll, Version: 11.5.9.1002, Zeitstempel: 0x5065e124
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002f3fd
ID des fehlerhaften Prozesses: 0x898
Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0
Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1
Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2
Berichtskennung: IAStorDataMgrSvc.exe3
Vollständiger Name des fehlerhaften Pakets: IAStorDataMgrSvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IAStorDataMgrSvc.exe5
Error: (10/02/2015 07:16:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (10/01/2015 10:04:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.5.9.1002, Zeitstempel: 0x5065e128
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x069f5895
ID des fehlerhaften Prozesses: 0x7b4
Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0
Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1
Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2
Berichtskennung: IAStorDataMgrSvc.exe3
Vollständiger Name des fehlerhaften Pakets: IAStorDataMgrSvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IAStorDataMgrSvc.exe5
Error: (10/01/2015 10:04:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (10/01/2015 09:39:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.17904, Zeitstempel: 0x557b0ffa
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000082cfbe
ID des fehlerhaften Prozesses: 0x1470
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5
Error: (10/01/2015 06:38:03 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (09/29/2015 06:50:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 36063453
Error: (09/29/2015 06:50:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 36063453
Systemfehler:
=============
Error: (10/02/2015 08:05:52 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 1203.
Error: (10/02/2015 07:34:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/02/2015 07:34:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (10/02/2015 07:30:50 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (10/02/2015 07:30:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/02/2015 07:30:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/02/2015 07:30:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/02/2015 07:30:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/02/2015 07:30:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/02/2015 07:30:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2014-11-13 14:19:23.283
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 14:19:23.173
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 10:37:48.797
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 10:37:48.687
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 10:34:17.698
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 10:34:17.574
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 10:06:50.617
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 10:06:50.507
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 09:30:29.739
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-11-13 09:30:29.645
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8084.27 MB
Verfügbarer physikalischer RAM: 5855.16 MB
Summe virtueller Speicher: 9364.27 MB
Verfügbarer virtueller Speicher: 7132.3 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:678.25 GB) (Free:510.63 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (RECOVERY) (Fixed) (Total:19.17 GB) (Free:2.4 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: BBC99B85)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
03.10.2015, 11:54
| #10 | |
| /// Malwareteam | Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter [gelöst] Schritt 1 Zitat:
Im Anschluss führe bitte einen neuen Bedrohungssuchlauf durch. Schritt 2 Lade Dir bitte von hier  Emsisoft Emergency Kit herunter.
Frage Okay, hast du jetzt immer noch irgendwelche Probleme mit deinem Rechner? Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
03.10.2015, 15:10
| #11 |
| /// Malwareteam | Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter [gelöst] Weil du mir auf PM geschrieben hast, dass dein Allplan nicht mehr geht, versuche mal im Anschluss an die Schritte oben das hier: Schritt 1
Startet das Programm nach einem Neustart wieder richtig? |
|
03.10.2015, 17:45
| #12 |
| | Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter [gelöst] Hallo! Malwarebytes Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 03.10.2015 Suchlaufzeit: 18:05 Protokolldatei: Malwarebytes.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.10.03.03 Rootkit-Datenbank: v2015.10.02.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Users Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 427334 Abgelaufene Zeit: 31 Min., 2 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Emsisoft Emergency Kit - Version 10.0
Letztes Update: N/A
Benutzerkonto: CILLIVANILLI\Users
Scan-Einstellungen:
Scan-Methode: Malware-Scan
Objekte: Rootkits, Speicher, Traces, Dateien
PUPs-Erkennung: An
Archiv-Scan: Aus
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan-Beginn: 03.10.2015 17:59:23
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFCTRL.ANIGIF Gefunden: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG.ANIGIFPPG Gefunden: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG.ANIGIFPPG.1 Gefunden: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG2.ANIGIFPPG2 Gefunden: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG2.ANIGIFPPG2.1 Gefunden: Application.Toolbar (A)
Key: HKEY_USERS\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\PTECH Gefunden: Adware.Win32.Etugi (A)
Key: HKEY_USERS\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\JOYLAND CASINO Gefunden: Application.Win32.CasOnline (A)
Key: HKEY_USERS\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\CLASSES\RTG.PRISM Gefunden: Application.Win32.CasOnline (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\RTG.PRISM Gefunden: Application.Win32.CasOnline (A)
Key: HKEY_USERS\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\SMARTBAR Gefunden: Application.InstallAd (A)
Gescannt: 77617
Gefunden 10
Scan-Ende: 03.10.2015 18:07:51
Scan-Zeit: 0:08:28
Key: HKEY_USERS\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\SMARTBAR Quarantäne Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\RTG.PRISM Quarantäne Application.Win32.CasOnline (A)
Key: HKEY_USERS\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\CLASSES\RTG.PRISM Quarantäne Application.Win32.CasOnline (A)
Key: HKEY_USERS\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\JOYLAND CASINO Quarantäne Application.Win32.CasOnline (A)
Key: HKEY_USERS\S-1-5-21-3447733779-4191765115-1278922627-1002\SOFTWARE\PTECH Quarantäne Adware.Win32.Etugi (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG2.ANIGIFPPG2.1 Quarantäne Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG2.ANIGIFPPG2 Quarantäne Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG.ANIGIFPPG.1 Quarantäne Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG.ANIGIFPPG Quarantäne Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFCTRL.ANIGIF Quarantäne Application.Toolbar (A)
Quarantäne 10
 Beim Start von Windows kommt keine Fehlermeldungen mehr, und Allplan ist auch wieder funktionstüchtig!   |
|
04.10.2015, 11:16
| #13 |
| /// Malwareteam | Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter [gelöst] okay perfekt viel Erfolg im Studium  Die Logs von deinem Rechner sehen jetzt für mich sauber aus: Herzlichen Glückwunsch - du bist Clean Zum Schluss müssen wir noch etwas aufräumen und ich gebe dir ein paar Hinweise mit auf den Weg: Entfernen der verwendeten Tools Die Reihenfolge ist hier entscheidend.
Malwarebytes Anti-Malware und  ESET kannst du als Ergänzung zu deiner bestehenden Antivirus-Lösung auf dem Computer belassen und deinen Computer damit regelmäßig scannen. Persönliche Empfehlungen Aktiviere unbedingt die automatischen Updates von Windows und stelle auch sicher, dass diese regelmäßig installiert werden. Verwende immer ein Antivirenprogramm und stelle sicher, dass es sich regelmäßig aktualisiert (sollte Standard sein). Meine Empfehlungen dazu:
Aktiviere immer eine Firewall - die in Windows integrierte reicht dazu vollkommen aus. Verwende nach Möglichkeit nicht den Internet Explorer oder unter Windows 10 den Browser Edge, da diese Browser wegen ihrer großen Verbreitung sehr häufig Ziel von Angriffen sind. Trotzdem achte darauf, dass auch dieser Browser durch die Windows Updates aktuell gehalten wird. Meine Empfehlungen dazu:
Dazu gibt es einige praktische Add-ons:
Halte immer deine Plug-ins und Software aktuell, am wichtigsten ist:
Du kannst dir  Malwarebytes Anti-Exploit installieren. Es schützt gegen viele aktuelle Sicherheitslücken und erhöht so deine Sicherheit. Tipps, um dein System sicherer zu machen Pass auf, wenn du dir Software aus dem Internet herunterlädst! Viele Portale im Internet wie Chip, Softonic und Sourceforge versuchen häufig, dir Adware oder sonstige Downloader mit unerwünschten Programmen unterzujubeln. Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal, wie von FilePony.de. Lese dir dazu auch folgenden Artikel durch: CHIP-Installer - was ist das? - Anleitungen Selbst wenn du ein Programm von einer seriösen Quelle heruntergeladen hast, ist das keine Garantie, dass dein Programm nicht doch versucht, unerwünschte Änderungen an deinem Computer vorzunehmen. So versuchen immer mehr Programme, durch modifizierte Installationsroutinen unerwünschte Programme mit auf deinen PC zu schleusen. Das klappt leider auch häufig, weil viele Anwender nicht lesen, was auf dem Bildschirm steht und stattdessen schnell durchklicken. Deshalb: Wenn du ein Programm installierst, wähle immer die benutzerdefinierte Installation und schaue, was du da gerade eigentlich alles mit einem Klick auf "Ok" oder "Weiter" abnickst - entferne entsprechend die Haken bei Dingen, die du nicht möchtest. Wer lesen kann, ist klar im Vorteil! Ein Tool, welches dich dabei gut unterstützen kann, ist:  Unchecky. Dieses überwacht im Hintergrund Installationsprozesse und hakt automatisch nervige Adwarekomponenten wie Toolbars ab. Falls man etwas übersieht, warnt noch ein Pop-up, bevor man fortfahren kann.Benutze keine Optimizer, Cleaner oder sonstige SpeedUp Wunder, da diese Tools fast nie einen auch nur messbaren Performancegewinn bringen. Du kannst jedoch regelmäßig auf deinem PC die Datenträgerbereinigung ausführen, so gewinnst du belegten Speicherplatz zurück. Ändere regelmäßig deine Passwörter! Zudem musst du sichere Passwörter benutzen, das bedeutet: mindestens 8 Zeichen, Groß- und Kleinbuchstaben und Sonderzeichen. Ganz wichtig: benutze pro Account ein anderes Passwort! Tipp: Benutze einen Spruch, den du dir leicht merken kannst, als Hilfe für ein Passwort! Zum Beispiel: Der Himmel ist blau und wenn es regnet?-grau ==> DHibuwer?-grau Unterstütze uns und empfiehl uns weiter Du kennst Freunde und Bekannte, die Probleme mit ihrem Computer haben? Schick sie doch zu uns auf das Trojaner Board, wir helfen gerne Wenn du uns mit einer Spende unterstützen möchtest, freuen wir uns sehr und dies kannst du hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html Herzlichen Dank dafür  Du möchtest Danke sagen oder hast Verbesserungsvorschläge - das kannst du hier machen Besuche und like unsere Facebook-Seite!  Danke für deine Mitarbeit und alles Gute! Bitte gib mir Bescheid, wenn du das alles gelesen hast und du keine weiteren Fragen mehr hast, damit ich dieses Thema aus meinen Abos löschen kann.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
04.10.2015, 20:41
| #14 |
| | Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter [gelöst] super!! vielen Dank für die rasche Hilfe und die Informationen! hihi ja auch dafür !! und ich werde eure Seite ganz bestimmt weiterempfehlen!!  Liebe Grüße! |
|
| Themen zu Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter |
| anhang, arten, beim starten, bitte um hilfe, dateien, dll, dll problem, ebook, erschein, erscheint, falscher, fehlerhafte, fehlermeldung, hilfe, hilfe!, löschen, nicht löschen, notebook, problem, rundll, screenshots, starte, starten, win, win 8.1 |
Google Chrome
Mozilla Firefox
Web Of Trust
Flash Player
Java
PDF Reader
Linear-Darstellung
